last executing test programs:

9m37.777750943s ago: executing program 3 (id=528):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x28}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x7, 0x0, 0x0, 0x0, 0xd, 0x8442a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0xa, 0x1, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079102800000000007b0a00ff00"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r0, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xfffffe01, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x5, 0x106, 0x40, 0x40, 0x41}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r1}, 0x38)
openat$tun(0xffffffffffffff9c, 0x0, 0x80002, 0x0)

9m36.791994005s ago: executing program 3 (id=534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

9m36.553985685s ago: executing program 3 (id=536):
r0 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

9m36.402285262s ago: executing program 3 (id=538):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001080)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7602, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffc}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x83508, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0xec1, 0x200, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x800, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6, 0xb5, 0xfd, 0x8001}]})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8941, &(0x7f0000000080))

9m36.182881991s ago: executing program 3 (id=540):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000380)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r2, &(0x7f0000000640)}, 0x20)

9m33.766820236s ago: executing program 3 (id=546):
r0 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

9m33.467859269s ago: executing program 32 (id=546):
r0 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

8m43.974633116s ago: executing program 4 (id=891):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f00000002c0)='cpuset.mems\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x95}}}, &(0x7f0000000200)='GPL\x00', 0x2, 0x1007, &(0x7f0000000440)=""/4103, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xb}, 0x24)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xf, 0x4, 0x4, 0x7}, 0x48)
write$cgroup_subtree(r3, &(0x7f0000000380)={[{0x0, 'rdma'}]}, 0x6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20129, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xf}, 0x806, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

8m43.122369993s ago: executing program 4 (id=897):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000700)={r1}, 0xc)

8m39.536444827s ago: executing program 4 (id=899):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0xe, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xc50e}}, &(0x7f0000000080)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20029, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xf}, 0x806, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff003, 0x66, 0x7f, 0x1}, 0x48)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x40, r0}, 0x38)

8m39.397551123s ago: executing program 4 (id=903):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2040, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
mkdir(&(0x7f0000000280)='./file\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x6, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000000100)="61df7105a7814ce4e1bbbc43de04", 0x0, 0x2f00, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)

8m38.634115037s ago: executing program 4 (id=908):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x9, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.current\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="190000000400000004000000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r0, &(0x7f00000001c0), 0x0}, 0x20)

8m38.022546843s ago: executing program 4 (id=911):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000700)={r1}, 0xc)

8m37.671926738s ago: executing program 33 (id=911):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000700)={r1}, 0xc)

3.041722089s ago: executing program 2 (id=4537):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x3}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x2}, @array={0x0, 0x0, 0x0, 0xa, 0x3, {0x0, 0x2000000}}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)

2.965598102s ago: executing program 0 (id=4540):
r0 = socket$kcm(0x28, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x28, 0x2, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c188006ac0f000300", 0x2e}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

2.917704154s ago: executing program 2 (id=4541):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x2}, @array={0x0, 0x0, 0x0, 0xa, 0x3, {0x0, 0x2000000}}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)

2.830802818s ago: executing program 0 (id=4542):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x4}, 0x24, 0x0, 0x0, 0x0, 0x0, 0x617, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000917900000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r1}, 0x18)

2.737222232s ago: executing program 2 (id=4545):
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x9}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='memory.stat\x00', 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0xb701, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000950000000000000000"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r3}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000f000"/28], 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000240)='cpuset.memory_spread_page\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x96, 0x0, 0x3}, 0x28)
r6 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, 0x0, 0x0, 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r7, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0xd, 0x0}}, 0x10)
write$cgroup_int(r5, &(0x7f00000003c0)=0x1000, 0x12)
mkdirat$cgroup(r4, &(0x7f0000000040)='syz1\x00', 0x1ff)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r9 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311fe1f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f0000000040)=r8, 0x4)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x51, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033c0000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)

2.663037485s ago: executing program 0 (id=4546):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000a00)=""/254, 0xfe}, {&(0x7f0000000f00)=""/188, 0xbc}, {&(0x7f0000000780)=""/238, 0xee}, {&(0x7f0000000fc0)=""/4077, 0xfed}, {&(0x7f0000000480)=""/222, 0xde}, {&(0x7f0000000940)=""/167, 0xa7}, {&(0x7f0000000700)=""/108, 0x6c}], 0x7}, 0x40012100)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x80, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000003c0)=[0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000400)=[0x0], &(0x7f0000000440)=[0x0, 0x0], 0x0, 0xfa, &(0x7f0000000480), 0x0, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0x85, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000980), 0x4)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x3, 0x10)
socket$kcm(0xa, 0x922000000003, 0x11)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000800)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00e}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@o_path={&(0x7f00000006c0)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c40)={0x18, 0x12, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xb2}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@jmp={0x5, 0x1, 0x6, 0x5, 0x8, 0xfffffffffffffff0, 0x8}, @generic={0x6, 0xc, 0xb, 0x3, 0x7fffffff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x7, 0xe5, &(0x7f0000000240)=""/229, 0x40f00, 0x8, '\x00', r3, 0x0, r4, 0x8, &(0x7f00000009c0)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000b80)=[r0, r8, r0, 0xffffffffffffffff, r0, r0, r0, r9, r0, r0], &(0x7f0000000bc0)=[{0x3, 0x3, 0xf, 0x4}, {0x2, 0x2, 0x0, 0x8}, {0x4, 0x1, 0xd, 0xb}, {0x1, 0x4, 0x9}, {0x3, 0x5, 0x2, 0x8}], 0x10, 0x7}, 0x94)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000001d00)=@qipcrtr, 0x80, 0x0}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000740)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x80, 0x0}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00400020208000200030001ef04000500ea0000000052ca404294ff0051f60a84c9f4d4938037e786a6d00010003e1eb23b978532b5c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004080)

2.244963443s ago: executing program 2 (id=4548):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x100, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = getpid()
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r3, 0x0, r2, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
r6 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000005c0)=r6, 0x12)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000040)=0xffffffffffff3654)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110e22fff6)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r9, 0x4004743d, 0x110e22fff6)
close(r8)
write$cgroup_pid(r5, &(0x7f0000000000), 0x2a979d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x80ffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)

2.243166583s ago: executing program 0 (id=4556):
r0 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000ac0)={&(0x7f00000005c0)={0x2, 0x4e24, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000840)="9c", 0x1}], 0x1}, 0x10)
close(0x3)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@enum={0x3}, @struct={0x8, 0x1, 0x0, 0x4, 0x0, 0xfffffff5, [{0x4, 0x1}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x5f, 0x30, 0x2e, 0x30, 0x2e]}}, 0x0, 0x46, 0x0, 0x9, 0x6}, 0x28)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x29, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)="5c00000013006bec9e3be35c6e17aa31076b87511d0000007ea60864160af3653c000cc004000202080003000300000007002100eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000200ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.10171875s ago: executing program 5 (id=4550):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xaf}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r0}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r2, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd8b, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="180200d20ec89f3100000000efffffff850000002700000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300003f000000850000007b00000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x1f, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x3, 0x0, 0x0, 0x976b3b1ac2ba65c1, 0x1, 0x8, 0x10}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ldst={0x0, 0x3, 0x3, 0x5, 0x2, 0xffffffffffffffff, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x0, 0xb, 0x4, 0xb, 0x50, 0x8}, @generic={0xf, 0x0, 0x3, 0x1d, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @generic={0x52, 0x9, 0x7, 0xe, 0xffff1849}]}, 0xffffffffffffffff, 0x7ff, 0x0, 0x0, 0x41000, 0x48, '\x00', r3, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x0, 0x10, 0x2, 0x6}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000240)=[r5], &(0x7f00000003c0)=[{0x4, 0x3, 0xe, 0xb}, {0x0, 0x5, 0x9, 0x7}, {0x5, 0x4, 0x7, 0x9}, {0x1, 0x1, 0xe, 0x7}], 0x10, 0x3}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000d00)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r6}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8)
ioctl$PERF_EVENT_IOC_REFRESH(r4, 0x2402, 0xca56)
ioctl$SIOCSIFHWADDR(r8, 0x541b, &(0x7f0000000180)={'veth0_virt_wifi\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}})
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000600)=r5, 0x4)

1.984188995s ago: executing program 5 (id=4551):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x500, &(0x7f0000001a80)=[{&(0x7f0000000840)=""/4085, 0xff5}, {&(0x7f0000003700)=""/4074, 0xfea}, {&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000140)=""/153, 0x99}, {&(0x7f0000001880)=""/134, 0x86}], 0x6}, 0x20)

1.916523497s ago: executing program 1 (id=4552):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000840)=""/4085, 0xff5}, {&(0x7f0000003700)=""/4074, 0xfea}, {&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000001880)=""/134, 0x86}, {&(0x7f0000001940)=""/215, 0xd7}], 0x6}, 0x20) (fail_nth: 4)

1.823020662s ago: executing program 5 (id=4553):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x2}, @array={0x0, 0x0, 0x0, 0xa, 0x3, {0x0, 0x2000000}}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)

1.816838552s ago: executing program 1 (id=4554):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x4}, 0x24, 0x0, 0x0, 0x0, 0x0, 0x617, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000917900000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r1}, 0x18)

1.692285057s ago: executing program 1 (id=4555):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x4}, 0x24, 0x0, 0x0, 0x0, 0x0, 0x617, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000917900000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
close(r0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r1}, 0x18)

1.672570358s ago: executing program 5 (id=4557):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000a00)=""/254, 0xfe}, {&(0x7f0000000f00)=""/188, 0xbc}, {&(0x7f0000000780)=""/238, 0xee}, {&(0x7f0000000fc0)=""/4077, 0xfed}, {&(0x7f0000000480)=""/222, 0xde}, {&(0x7f0000000940)=""/167, 0xa7}, {&(0x7f0000000700)=""/108, 0x6c}], 0x7}, 0x40012100)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x80, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000003c0)=[0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000400)=[0x0], &(0x7f0000000440)=[0x0, 0x0], 0x0, 0xfa, &(0x7f0000000480), 0x0, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0x85, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000980), 0x4)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x10, 0x3, 0x10)
socket$kcm(0xa, 0x922000000003, 0x11)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000800)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00e}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@o_path={&(0x7f00000006c0)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c40)={0x18, 0x12, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xb2}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@jmp={0x5, 0x1, 0x6, 0x5, 0x8, 0xfffffffffffffff0, 0x8}, @generic={0x6, 0xc, 0xb, 0x3, 0x7fffffff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x7, 0xe5, &(0x7f0000000240)=""/229, 0x40f00, 0x8, '\x00', r3, 0x0, r4, 0x8, &(0x7f00000009c0)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000b80)=[r0, r8, r0, 0xffffffffffffffff, r0, r0, r0, r9, r0, r0], &(0x7f0000000bc0)=[{0x3, 0x3, 0xf, 0x4}, {0x2, 0x2, 0x0, 0x8}, {0x4, 0x1, 0xd, 0xb}, {0x1, 0x4, 0x9}, {0x3, 0x5, 0x2, 0x8}], 0x10, 0x7}, 0x94)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000001d00)=@qipcrtr, 0x80, 0x0}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000740)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x80, 0x0}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00400020208000200030001ef04000500ea0000000052ca404294ff0051f60a84c9f4d4938037e786a6d00010003e1eb23b978532b5c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004080)

1.410770079s ago: executing program 5 (id=4558):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1313f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000001240)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
sendmsg$inet(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)='7', 0x1}], 0x1}, 0x40488c4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="b897eb", 0x3}], 0x1, 0x0, 0x0, 0x10000000}, 0x41)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r1, 0x4010744d, &(0x7f0000000180))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18010000070000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x42}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

1.330900413s ago: executing program 1 (id=4559):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x4}, 0x24, 0x0, 0x0, 0x0, 0x0, 0x617, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000917900000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r1}, 0x18)

1.326971603s ago: executing program 0 (id=4560):
r0 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000ac0)={&(0x7f00000005c0)={0x2, 0x4e24, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000840)="9c", 0x1}], 0x1}, 0x10)
close(0x3)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@enum={0x3}, @struct={0x8, 0x1, 0x0, 0x4, 0x0, 0xfffffff5, [{0x4, 0x1}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x5f, 0x30, 0x2e, 0x30, 0x2e]}}, 0x0, 0x46, 0x0, 0x9, 0x6}, 0x28)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x1, 0x106)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x29, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)="5c00000013006bec9e3be35c6e17aa31076b87511d0000007ea60864160af3653c000cc004000202080003000300000007002100eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000200ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.244411467s ago: executing program 2 (id=4561):
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0xfffffff2, <r0=>0x0}, 0x8)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040)={r0}, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@cgroup=<r2=>0xffffffffffffffff, 0x1, 0x0, 0x40, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000200), 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@fallback=r1, r1, 0x1a, 0x2002, r1, @value=r4, @void, @void, @void, r3}, 0x20)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r4, 0x0, 0xa, &(0x7f0000000240)='-\'[]\\{{%{\x00'}, 0x30)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={&(0x7f00000002c0)="a92be9b4c31329d9e26f9fb785a958b44df93fb7c5e30ac05500ad94b71ce3241509dfe2892cce00ad2cab90f3d04b4a19536dd419066f6554e419dbfe0f52e3312f618d4a5d1665c6e9c2be8715498e5c8c0d1b2f07620d551d7d9fcfb61171f2f32e69f4949f883a1c9b97ccfa416713b366ff20531344388939333c4146c1d9b0e713a7219e4c5b8146003e6777ad9209e796b60478238015b157683fa23ff5b6eb876de3966018d301", &(0x7f0000000380)=""/105, &(0x7f0000000400)="422ebf6fb1812d2dbf54806a9a9dc029b3be3267303b63f115fcbfe51efcd5d002aa688c4e481c71a60278ba87f69854f791bc8c867f0bf42bd89571da81b549308cdc9dc3e8252c4a8c81554f0234b5179ea7fee1b328e2dca3127e6f475b4fd27f8fa82fd89caee3d2802d0e5effe5652a8c3345df7a3cf42dee1e2799863d7d4295463b9054329f64206bd3bcaa939e80408f5b38", &(0x7f00000004c0)="e00e637c53f60aa45b016c8417b5d3cd27a34803e16ea4bf87c03c686c597d79e69b39f59b6c030901342d68ffc10bf135bd261054c8de8beae9c1942dd9516e079ca1a32fbdfc5fae58443a231c12de33ce8f4fec25080f4b5df24e44437354327f980a8dfbc0a63e8bfb89595a5284cf4b56c4fc4f0146966f1a2fed2717ba1d50e0d2d226396ca5d4525ce9a29e36a5557009831035972b9b351b4fd950bf2d1765ea79b093cfc9fbe38aa0e938a344204631aadf59a1323a86c65ab869839b131002af4fd7b590b39dcf660a656051fcc7", 0xffff, r5}, 0x38)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f0000000680), &(0x7f00000006c0)=r1}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000900)={0x88a00000, <r7=>0x0}, 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x8, 0xb, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x5}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @alu={0x7, 0x0, 0x8, 0x8, 0x4, 0x40, 0x4}, @map_fd={0x18, 0x7, 0x1, 0x0, r5}]}, &(0x7f00000007c0)='syzkaller\x00', 0x80000000, 0x93, &(0x7f0000000800)=""/147, 0x41100, 0x48, '\x00', 0x0, @fallback=0x26, r1, 0x8, &(0x7f00000008c0)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, r7, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000940)=[{0x3, 0x2, 0x1, 0x9}, {0x4, 0x1, 0x6}, {0x0, 0x4, 0xe, 0x1}, {0x3, 0x4, 0xe, 0x6}], 0x10, 0x1ff}, 0x94)
syz_clone(0x800, &(0x7f0000000a40)="5e281b4a569e79ad82ffea9105495f597dcd0f73b72d79e5bfc646820839d567e2d0aed913488c2df7d1177f89f0233d9b1f5c1c85acab42ac9a600a9ced51074bf007c494b8ee8ffcc1e58f0b857ac387190dbb2357b3c632a90cbf2565791f31e4f1b2242181aea0e402ea15a50a52c037d43c3e8c85135187cf0b87b9f77bd1d92f0c42940ee4d880d4fd45a86a3a55cd7cd08ec4b790409fd36f5024ca69d8fcad0952c2feb5b785b270b5490666c9d2a750e361291328ca57bebdb555556e314fffd0f3f50ea46e617cc6fe026d1672017cc1c5c4cc2c9515d141ff000e9e71dc17e3f07bfff54b331a64483d", 0xef, &(0x7f0000000b40), &(0x7f0000000b80), &(0x7f0000000bc0)="9d3bcc10dc97a4324938cc27a3e5fea51799c3e65d59a0cc1554c6d0ddddbf3f3da0da519faafd0c855d6974efdac834e73bdac68777f6ae657f8778ae0b92070421e6444a11828d62767a843904cc4ad307d539b506087c56fbf141394573c52fdebe9a838322d2edf87d301e27031491c012979e10f2bed450dfde748d7e53a31823b7581c64f1d825d929ecd2cb4a2b5a29cbab7d97d273cd70baa945fedf5d30ee9f0b6c2cab1ec5f5612bfd12a0b5c5a77478f8b5ed8c7e066a1717cc9c0b685856bde1f419ef0c80e5e0b48c658a9feeb393320b7a461e58415c62b9c6bdd3faa3bc68476512aef7e54749c921de")
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000cc0)=r7, 0x4)
r10 = socket$kcm(0x29, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000e00)={@fallback=<r11=>r6, 0x14, 0x0, 0x9, &(0x7f0000000d00)=[0x0], 0x1, 0x0, &(0x7f0000000d40)=[0x0, 0x0], &(0x7f0000000d80)=[0x0, 0x0], &(0x7f0000000dc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r12=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000e40)={@fallback=r8, r1, 0x31, 0x20, 0x0, @void, @void, @void, @value=r0, r12}, 0x20)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x1a, 0x4, &(0x7f0000000e80)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}], &(0x7f0000000ec0)='GPL\x00', 0x8, 0xa6, &(0x7f0000000f00)=""/166, 0x41000, 0x24, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, &(0x7f0000000fc0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001000)={0x3, 0xe, 0x401, 0x1}, 0x10, r7, 0xffffffffffffffff, 0x3, &(0x7f0000001040)=[r5, r5, r11, r11], &(0x7f0000001080)=[{0x4, 0x1, 0x10}, {0x0, 0x5, 0x2}, {0x1, 0x3, 0x3, 0xb}], 0x10, 0x1}, 0x94)
r14 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000011c0)=@generic={&(0x7f0000001180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001500)={r1, 0xe0, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r15=>0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000001280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000012c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xb, &(0x7f0000001300)=[{}, {}], 0x10, 0x10, &(0x7f0000001340), &(0x7f0000001380), 0x8, 0xcc, 0x8, 0x8, &(0x7f00000013c0)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000001200)={@ifindex=r15, r13, 0x2e, 0x4, r14, @void, @value=r1, @void, @void, r12}, 0x20)
ioctl$TUNSETFILTEREBPF(r11, 0x800454e1, &(0x7f0000001540)=r1)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001600)={{r5}, &(0x7f0000001580), &(0x7f00000015c0)='%pB    \x00'}, 0x20)
r16 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001640)={0x1b, 0x0, 0x0, 0x1, 0x0, r5, 0x0, '\x00', r15, r9, 0x5, 0x4, 0x4}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001900)=@bpf_lsm={0x1d, 0x17, &(0x7f00000016c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc658, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r16}}, {}, [@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001780)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41100, 0x40, '\x00', r15, 0x1b, r9, 0x8, &(0x7f00000017c0)={0x0, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000001800)=[r11, r11], &(0x7f0000001840)=[{0x1, 0x3, 0x9, 0x9}, {0x3, 0x2, 0xb, 0x9}, {0x1, 0x4, 0x8, 0x9}, {0x4, 0x2, 0x10, 0x4}, {0x5, 0x2, 0x2, 0x4}, {0x1, 0x5, 0xe, 0x9}, {0x0, 0x3, 0xf, 0xb}, {0x5, 0x1, 0x3, 0x3}, {0x2, 0x4, 0xd, 0x3}], 0x10, 0x6c}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000001a00)=@generic={&(0x7f00000019c0)='./file0\x00'}, 0x18)
sendmsg$inet(r10, &(0x7f0000001dc0)={&(0x7f0000001a40)={0x2, 0x4e20, @empty}, 0x10, &(0x7f0000001c80)=[{&(0x7f0000001a80)="b4782d535696ad3118d0eada9b7cc2e4845cef3c675f56342a01bba9c97ab421456d8b8e1b3e612cead3aae1b3fd7c7ab7d953099ec2f1b2f577f704c715a2b6305957cd190fa062a645d9deb0062e7f4c4d11bf624d889147bb30b5369611d8855865177da444013c0e423f35a79293c6c25e709665a60e146f0c9ee018340d99d37887f462ee7ccbf233f0a49afb926f26dd4842907c52c414a11c293cfdc622115c6a2186917b4129567a21025d1b2511a61a5ebf972287018a1754a1b15633e064993a9d3494e852a8f0a8f5ad45941ef27ce027f9575c3bc6ad58660d28a4924597e3cc41efb2", 0xe9}, {&(0x7f0000001b80)="0665ac517fbdc70d2748beab65cc36bc2dd652db068177d81c27eaa0f4ee93236448c7c700a0acfa08921f1b4ef45143279f7a1e1c2cc216ab546ffb9de7733ea73fe19d1a1cf11af53a49ef593a92dac5ab96e7340bfc647f6a197f371fd8f75be59ed179bf719d3ec6d56d6f6e95903cc56cfe649f7f3cc433595019fcda343eeb1cf30f6d1fa3a9779c9a98eebc724204bd8910bdd35e0602cbe8204e87956ca072494287a34e69c7292f530fa82a34d30653f98e8dbe3b1700af2780f6097fc9c402fc5cd8ee55b96045cf92afe80a5a4f6930de3b155efe083d79645c4b81", 0xe1}], 0x2, &(0x7f0000001cc0)=[@ip_retopts={{0xd8, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @noop, @cipso={0x86, 0x28, 0xffffffffffffffff, [{0x0, 0x10, "5400463c902a3bd3cb5e6c498840"}, {0x0, 0xc, "00bdcb909df0e705f6b1"}, {0x7, 0x6, "e59f0997"}]}, @timestamp_prespec={0x44, 0x4c, 0xb1, 0x3, 0x6, [{@loopback, 0x8}, {@broadcast, 0xc221}, {@local, 0xa192}, {@multicast2, 0x1}, {@rand_addr=0x64010100, 0x2}, {@empty, 0x7fff}, {@remote, 0x4}, {@private=0xa010102, 0x4}, {@broadcast, 0x9}]}, @ssrr={0x89, 0x17, 0x18, [@empty, @multicast1, @private=0xa010101, @broadcast, @rand_addr=0x64010101]}, @end, @rr={0x7, 0x23, 0x25, [@multicast2, @empty, @empty, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @multicast2, @broadcast]}, @timestamp_prespec={0x44, 0x14, 0xaa, 0x3, 0x6, [{@remote, 0x101}, {@private=0xa010102, 0x8}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r15, @dev={0xac, 0x14, 0x14, 0xe}, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0xf8}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000001e00)={[{0x2d, 'freezer'}, {0x2d, 'cpuacct'}]}, 0x12)
sendmsg$inet(r10, &(0x7f0000001fc0)={&(0x7f0000001e40)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000001f80)=[{&(0x7f0000001e80)="95158f05147ab17743d91314fde2cfdf27e99201cbece3df8e4e81c8a0ccbe113a53a20e2f668cd107b864504d65023c4584c4d7e5a3da0532cadcbf45d9f2efdae6d0f3f6a11b5a530647e28f9d70d0871dc71e1d6a873c0b16056cc4134de39190277e53b5f1752bf9fdc1011c941b06a6b38060c847dc3a78ece1380fae3448e0cf61143693833277993f0abe2a1e9d60b8f2204712236613c244458c7318bc84b1b87a051dcd2f35528b108314e94c26fed3ffed55d446ed2e6a341a6fdcd600f9900bb0233cbc72cd54bc7582b078dc2c52b4f9f5a207c0868b3567f1f3473b52aa251e8b385220d314", 0xec}], 0x1}, 0x20000000)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000002000)={0xffffffffffffffff, 0x2}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=@base={0x0, 0x3, 0x40000000, 0xd41, 0x10014, r17, 0x6, '\x00', r15, r9, 0x3, 0x2, 0x3, 0x0, @void, @value, @value=r11}, 0x50)

1.194871979s ago: executing program 1 (id=4562):
r0 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000ac0)={&(0x7f00000005c0)={0x2, 0x4e24, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000840)="9c", 0x1}], 0x1}, 0x10)
close(0x3)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@enum={0x3}, @struct={0x8, 0x1, 0x0, 0x4, 0x0, 0xfffffff5, [{0x4, 0x1}]}]}, {0x0, [0x30, 0x61, 0x5f, 0x5f, 0x30, 0x2e, 0x30, 0x2e]}}, 0x0, 0x46, 0x0, 0x9, 0x6}, 0x28)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x1, 0x106)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x29, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)="5c00000013006bec9e3be35c6e17aa31076b87511d0000007ea60864160af3653c000cc004000202080003000300000007002100eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000200ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.027199006s ago: executing program 2 (id=4563):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
r1 = perf_event_open$cgroup(&(0x7f0000000200)={0x4, 0x80, 0x7, 0xff, 0x80, 0x4, 0x0, 0x10001, 0x10001, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6c, 0x2, @perf_bp={&(0x7f0000000040), 0xd}, 0x108, 0xd, 0x3, 0x3, 0x3, 0x100, 0xffff, 0x0, 0x7ff, 0x0, 0xb7}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff5b, &(0x7f0000000180)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f90224fc6028000e000a73e300053582c137153e370248018000f01700d1bd", 0x33fe0}, {&(0x7f00000000c0)="e65966d9188ad11c012b2b38e5b00bc32907f017da962d06fe5aedef2e9220d4f9cdc48bfa555f3a02197a06246ef88735d933ca7aa32166c0f169455365b3d0e25e2384ec85eb0dc60de5f5eafcbbb7163bd36ea1cb3d8f30b0bae3ae2c434a991afb2369e33b33f11c393b88b2296923b775053bd19596e8cc6953d7984f021ac62f3315c748e2070c322aa5f7bb6f23b79d5dcf67d6d944a57f1c098fd31ced16dbee99df3587371789ac2701ee296eb48c047980d330dd39b74b"}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='contention_begin\x00', r2}, 0x18)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3d, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
socketpair(0x15, 0x800, 0x265, &(0x7f0000000000))
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000840)=""/4085, 0xff5}, {&(0x7f0000003700)=""/4074, 0xfea}, {&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000140)=""/153, 0x99}, {&(0x7f0000001880)=""/134, 0x86}], 0x6}, 0x20)

829.681264ms ago: executing program 34 (id=4563):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
r1 = perf_event_open$cgroup(&(0x7f0000000200)={0x4, 0x80, 0x7, 0xff, 0x80, 0x4, 0x0, 0x10001, 0x10001, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6c, 0x2, @perf_bp={&(0x7f0000000040), 0xd}, 0x108, 0xd, 0x3, 0x3, 0x3, 0x100, 0xffff, 0x0, 0x7ff, 0x0, 0xb7}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff5b, &(0x7f0000000180)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f90224fc6028000e000a73e300053582c137153e370248018000f01700d1bd", 0x33fe0}, {&(0x7f00000000c0)="e65966d9188ad11c012b2b38e5b00bc32907f017da962d06fe5aedef2e9220d4f9cdc48bfa555f3a02197a06246ef88735d933ca7aa32166c0f169455365b3d0e25e2384ec85eb0dc60de5f5eafcbbb7163bd36ea1cb3d8f30b0bae3ae2c434a991afb2369e33b33f11c393b88b2296923b775053bd19596e8cc6953d7984f021ac62f3315c748e2070c322aa5f7bb6f23b79d5dcf67d6d944a57f1c098fd31ced16dbee99df3587371789ac2701ee296eb48c047980d330dd39b74b"}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='contention_begin\x00', r2}, 0x18)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3d, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
socketpair(0x15, 0x800, 0x265, &(0x7f0000000000))
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000840)=""/4085, 0xff5}, {&(0x7f0000003700)=""/4074, 0xfea}, {&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000140)=""/153, 0x99}, {&(0x7f0000001880)=""/134, 0x86}], 0x6}, 0x20)

562.569596ms ago: executing program 1 (id=4565):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x3}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

561.843797ms ago: executing program 35 (id=4565):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x3}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

1.721ms ago: executing program 0 (id=4566):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000040), 0x2)
sendmsg$inet(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f00000001c0)="92", 0x1}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x40000, 0x0}, 0x0)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x1, @loopback}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000300)="e4d5", 0x2}], 0x1}, 0x4000)

0s ago: executing program 5 (id=4567):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x8, 0x4}, 0x24, 0x0, 0x0, 0x0, 0x0, 0x617, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000917900000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
close(r0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r1}, 0x18)

kernel console output (not intermixed with test programs):

uld impact the performance. Setting the MTU to 1560 would solve the problem.
[  817.157609][T14656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  817.278888][T14656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  817.299712][T14656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  817.327757][T14656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  817.491806][T14717] netlink: 'syz.5.3270': attribute type 10 has an invalid length.
[  817.635948][T14717] 8021q: adding VLAN 0 to HW filter on device batadv0
[  817.739880][T14717] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  817.802789][T14656] hsr_slave_0: entered promiscuous mode
[  817.813568][T14656] hsr_slave_1: entered promiscuous mode
[  817.820172][T14656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  817.827796][T14656] Cannot create hsr debugfs directory
[  818.907357][ T5850] hsr_slave_0: left promiscuous mode
[  818.958281][ T5850] hsr_slave_1: left promiscuous mode
[  818.976506][ T5850] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  818.985327][ T5850] batman_adv: batadv0: Removing interface: batadv_slave_0
[  819.001585][ T5850] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  819.019194][ T5850] batman_adv: batadv0: Removing interface: batadv_slave_1
[  819.037687][ T5850] bridge_slave_1: left allmulticast mode
[  819.049488][ T5850] bridge_slave_1: left promiscuous mode
[  819.055531][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.071308][ T5850] 
€Â: left allmulticast mode
[  819.079451][ T5850] 
€Â: left promiscuous mode
[  819.084498][ T5850] bridge0: port 1(
€Â) entered disabled state
[  819.127454][ T5850] veth1_macvtap: left promiscuous mode
[  819.139594][ T5850] veth0_macvtap: left promiscuous mode
[  819.145464][ T5850] veth1_vlan: left promiscuous mode
[  819.152832][ T5850] veth0_vlan: left promiscuous mode
[  819.172814][ T5833] Bluetooth: hci1: command tx timeout
[  819.802019][ T5850] team0 (unregistering): Port device team_slave_1 removed
[  819.852409][ T5850] team0 (unregistering): Port device team_slave_0 removed
[  819.904747][ T5850] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  819.914302][ T5850] bond_slave_1 (unregistering): left promiscuous mode
[  819.963659][ T5850] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  819.972999][ T5850] bond_slave_0 (unregistering): left promiscuous mode
[  820.203969][ T5850] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  820.213369][ T5850] batadv0 (unregistering): left promiscuous mode
[  820.537558][ T5850] bond0 (unregistering): Released all slaves
[  821.251650][ T5833] Bluetooth: hci1: command tx timeout
[  821.674054][T14656] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  821.694873][T14656] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  821.720421][T14656] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  821.742987][T14656] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  822.037973][T14656] 8021q: adding VLAN 0 to HW filter on device bond0
[  822.133702][T14656] 8021q: adding VLAN 0 to HW filter on device team0
[  822.164981][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  822.172288][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  822.217790][T10938] bridge0: port 2(bridge_slave_1) entered blocking state
[  822.225115][T10938] bridge0: port 2(bridge_slave_1) entered forwarding state
[  823.116562][T14656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  823.313037][T14656] veth0_vlan: entered promiscuous mode
[  823.335576][T14656] veth1_vlan: entered promiscuous mode
[  823.417900][T14656] veth0_macvtap: entered promiscuous mode
[  823.438095][T14656] veth1_macvtap: entered promiscuous mode
[  823.491931][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.534929][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.585085][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.596686][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.611662][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.624034][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.643085][T14656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  823.665024][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  823.690694][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.709128][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  823.741352][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.779148][T14656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  823.817563][T14656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.829823][T14656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  823.845125][T14833] netlink: 'syz.5.3294': attribute type 10 has an invalid length.
[  823.967420][T14656] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  823.981854][T14656] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  823.991711][T14656] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  824.002670][T14656] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  824.029317][T14837] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  824.059925][T14837] batman_adv: batadv0: Removing interface: batadv_slave_0
[  824.081489][T14837] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  824.091945][T14837] batman_adv: batadv0: Removing interface: batadv_slave_1
[  824.157150][T14837] bond0: (slave batadv0): Releasing backup interface
[  824.177514][T14841] netlink: 'syz.2.3293': attribute type 10 has an invalid length.
[  824.349138][ T5850] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.357038][ T5850] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  824.421207][T14845] netlink: 'syz.2.3297': attribute type 10 has an invalid length.
[  824.439676][ T5850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  824.448127][ T5850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  824.593579][T14850] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  824.626551][T14850] batman_adv: batadv0: Removing interface: batadv_slave_0
[  824.698030][T14850] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  824.729277][T14850] batman_adv: batadv0: Removing interface: batadv_slave_1
[  824.833281][T14850] bond0: (slave batadv0): Releasing backup interface
[  824.841838][T14850] batadv0 (unregistering): left promiscuous mode
[  824.863880][T14854] netlink: 'syz.5.3301': attribute type 10 has an invalid length.
[  826.549189][T14869] netlink: 'syz.5.3304': attribute type 10 has an invalid length.
[  833.641506][T14925] netlink: 'syz.0.3326': attribute type 10 has an invalid length.
[  833.987667][T14925] 8021q: adding VLAN 0 to HW filter on device batadv0
[  834.006838][T14925] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  834.555702][T14945] netlink: 'syz.1.3334': attribute type 10 has an invalid length.
[  835.181943][T14960] netlink: 'syz.2.3338': attribute type 10 has an invalid length.
[  836.121053][T14986] netlink: 'syz.2.3350': attribute type 10 has an invalid length.
[  837.342991][ T5104] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  837.361235][ T5104] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  837.370091][ T5104] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  837.380637][ T5104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  837.388645][ T5104] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  837.397151][ T5104] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  837.853372][ T5850] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  838.116696][ T5850] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  838.492578][ T5850] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  838.546036][T15005] chnl_net:caif_netlink_parms(): no params data found
[  838.721328][ T5850] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  838.957779][T15005] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.971838][T15005] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.979843][T15005] bridge_slave_0: entered allmulticast mode
[  838.988303][T15005] bridge_slave_0: entered promiscuous mode
[  839.032079][T15005] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.041805][T15005] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.050021][T15005] bridge_slave_1: entered allmulticast mode
[  839.057549][T15005] bridge_slave_1: entered promiscuous mode
[  839.241441][T15005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  839.302133][T15005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  839.444548][T15005] team0: Port device team_slave_0 added
[  839.481812][ T5833] Bluetooth: hci2: command tx timeout
[  839.493890][T15005] team0: Port device team_slave_1 added
[  839.670382][T15005] batman_adv: batadv0: Adding interface: batadv_slave_0
[  839.697208][T15005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  839.741476][T15005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  839.755128][T15058] netlink: 'syz.5.3376': attribute type 10 has an invalid length.
[  839.849416][T15005] batman_adv: batadv0: Adding interface: batadv_slave_1
[  839.858431][T15005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  839.892166][T15005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  840.648373][T15005] hsr_slave_0: entered promiscuous mode
[  840.709790][T15005] hsr_slave_1: entered promiscuous mode
[  840.750275][T15005] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  840.757929][T15005] Cannot create hsr debugfs directory
[  840.849867][ T5850] GPL: port 1(erspan0) entered disabled state
[  840.883887][ T5850] erspan0 (unregistering): left allmulticast mode
[  840.900542][ T5850] erspan0 (unregistering): left promiscuous mode
[  840.919160][ T5850] GPL: port 1(erspan0) entered disabled state
[  841.559276][ T5833] Bluetooth: hci2: command tx timeout
[  841.673460][T15100] netlink: 'syz.0.3387': attribute type 10 has an invalid length.
[  842.440251][ T5850] hsr_slave_0: left promiscuous mode
[  842.470292][ T5850] hsr_slave_1: left promiscuous mode
[  842.485994][ T5850] bridge_slave_1: left allmulticast mode
[  842.509627][ T5850] bridge_slave_1: left promiscuous mode
[  842.515602][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[  842.555368][ T5850] 
€Â: left allmulticast mode
[  842.589215][ T5850] 
€Â: left promiscuous mode
[  842.614542][ T5850] bridge0: port 1(
€Â) entered disabled state
[  842.810194][ T5850] veth1_macvtap: left promiscuous mode
[  842.831980][ T5850] veth0_macvtap: left promiscuous mode
[  842.854906][ T5850] veth1_vlan: left promiscuous mode
[  842.862199][ T5850] veth0_vlan: left promiscuous mode
[  843.640148][ T5833] Bluetooth: hci2: command tx timeout
[  844.033224][ T5850] team0 (unregistering): Port device team_slave_1 removed
[  844.091127][ T5850] team0 (unregistering): Port device team_slave_0 removed
[  844.147009][ T5850] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  844.156229][ T5850] bond_slave_1 (unregistering): left promiscuous mode
[  844.215118][ T5850] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  844.226716][ T5850] bond_slave_0 (unregistering): left promiscuous mode
[  844.765286][ T5850] bond0 (unregistering): Released all slaves
[  845.338449][T15160] netlink: 'syz.1.3400': attribute type 10 has an invalid length.
[  845.727083][ T5833] Bluetooth: hci2: command tx timeout
[  846.039451][T15005] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  846.088658][T15005] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  846.125248][T15005] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  846.161220][T15005] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  846.520746][T15005] 8021q: adding VLAN 0 to HW filter on device bond0
[  846.583807][T15005] 8021q: adding VLAN 0 to HW filter on device team0
[  846.615931][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.623216][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  846.668899][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.676109][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  846.884969][T15005] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  847.454264][T15220] netlink: 'syz.1.3414': attribute type 10 has an invalid length.
[  847.695588][T15005] 8021q: adding VLAN 0 to HW filter on device batadv0
[  847.846793][T15005] veth0_vlan: entered promiscuous mode
[  847.902536][T15005] veth1_vlan: entered promiscuous mode
[  848.001947][T15005] veth0_macvtap: entered promiscuous mode
[  848.024350][T15005] veth1_macvtap: entered promiscuous mode
[  848.085984][T15005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  848.111492][T15005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.156746][T15005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  848.193285][T15005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.242271][T15005] batman_adv: batadv0: Interface activated: batadv_slave_0
[  848.322641][T15005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  848.345728][T15005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.356369][T15005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  848.384343][T15005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  848.411308][T15005] batman_adv: batadv0: Interface activated: batadv_slave_1
[  848.461085][T15005] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  848.508238][T15005] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  848.536597][T15005] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  848.570899][T15005] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  848.777389][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  848.795768][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  848.904092][ T5850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  848.912459][T15249] netlink: 'syz.1.3421': attribute type 10 has an invalid length.
[  848.931402][ T5850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  849.821260][T15273] netlink: 'syz.5.3425': attribute type 10 has an invalid length.
[  850.304554][T15279] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3427'.
[  851.021060][T15304] netlink: 'syz.2.3438': attribute type 10 has an invalid length.
[  851.108929][T15304] 8021q: adding VLAN 0 to HW filter on device batadv0
[  851.118265][T15304] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  851.290721][T15301] bond0: entered promiscuous mode
[  851.296596][T15301] bond_slave_0: entered promiscuous mode
[  851.321426][T15301] bond_slave_1: entered promiscuous mode
[  851.329609][T15301] batadv0: entered promiscuous mode
[  851.848512][T15302] netlink: 'syz.5.3437': attribute type 10 has an invalid length.
[  852.020831][T15314] netlink: 'syz.5.3443': attribute type 10 has an invalid length.
[  852.049686][T15314] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3443'.
[  852.844431][T15339] netlink: 'syz.1.3451': attribute type 10 has an invalid length.
[  854.266032][T15366] netlink: 'syz.1.3464': attribute type 10 has an invalid length.
[  855.614461][T15399] netlink: 'syz.2.3477': attribute type 10 has an invalid length.
[  859.313818][T15415] netlink: 'syz.1.3490': attribute type 10 has an invalid length.
[  859.793472][T15424] netlink: 'syz.0.3486': attribute type 10 has an invalid length.
[  859.831789][T15424] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3486'.
[  861.201437][T15446] netlink: 'syz.0.3496': attribute type 10 has an invalid length.
[  861.303454][T15446] bond0: entered promiscuous mode
[  861.320890][T15446] bond_slave_0: entered promiscuous mode
[  861.328955][T15446] bond_slave_1: entered promiscuous mode
[  861.338425][T15446] batadv0: entered promiscuous mode
[  861.464524][T15451] netlink: 'syz.5.3499': attribute type 10 has an invalid length.
[  861.496278][T15451] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3499'.
[  863.384602][T15481] netlink: 'syz.0.3511': attribute type 10 has an invalid length.
[  865.070933][T15515] netlink: 'syz.0.3524': attribute type 10 has an invalid length.
[  866.522822][T15560] netlink: 'syz.5.3546': attribute type 10 has an invalid length.
[  866.549542][T15560] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3546'.
[  867.381324][T15580] netlink: 'syz.5.3556': attribute type 10 has an invalid length.
[  867.506055][T15580] bond0: entered promiscuous mode
[  867.513151][T15580] bond_slave_0: entered promiscuous mode
[  867.530082][T15580] bond_slave_1: entered promiscuous mode
[  867.772447][T15590] netlink: 'syz.2.3560': attribute type 10 has an invalid length.
[  867.799592][T15590] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3560'.
[  868.294644][T15610] netlink: 'syz.0.3577': attribute type 10 has an invalid length.
[  868.340359][T15610] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3577'.
[  869.217620][T15620] netlink: 'syz.0.3573': attribute type 10 has an invalid length.
[  869.259234][T15620] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3573'.
[  869.307031][T15622] netlink: 'syz.1.3574': attribute type 10 has an invalid length.
[  869.814038][T15635] netlink: 'syz.1.3580': attribute type 10 has an invalid length.
[  869.846696][T15635] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3580'.
[  870.630528][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  870.636965][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  870.677270][T15653] netlink: 'syz.1.3586': attribute type 10 has an invalid length.
[  870.794741][T15653] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3586'.
[  871.174904][T15667] netlink: 'syz.2.3591': attribute type 10 has an invalid length.
[  871.498664][T15674] netlink: 'syz.2.3592': attribute type 10 has an invalid length.
[  871.669349][T15674] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3592'.
[  873.002266][T15703] netlink: 'syz.0.3607': attribute type 10 has an invalid length.
[  873.029309][T15703] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3607'.
[  873.308835][T15710] netlink: 'syz.5.3610': attribute type 10 has an invalid length.
[  873.349313][T15710] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3610'.
[  874.089391][T15728] netlink: 'syz.0.3619': attribute type 10 has an invalid length.
[  874.110574][T15728] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3619'.
[  878.841352][T15815] netlink: 'syz.1.3653': attribute type 10 has an invalid length.
[  878.849587][T15815] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3653'.
[  882.565148][T15914] netlink: 'syz.2.3699': attribute type 10 has an invalid length.
[  884.082771][T15945] netlink: 'syz.5.3711': attribute type 21 has an invalid length.
[  884.100811][T15945] netlink: 'syz.5.3711': attribute type 13 has an invalid length.
[  884.109785][T15945] netlink: 216 bytes leftover after parsing attributes in process `syz.5.3711'.
[  884.141507][T15950] netlink: 'syz.1.3712': attribute type 10 has an invalid length.
[  885.267394][T15979] netlink: 'syz.1.3726': attribute type 10 has an invalid length.
[  885.299821][T15977] netlink: 'syz.0.3727': attribute type 10 has an invalid length.
[  885.779073][T15990] netlink: 'syz.5.3730': attribute type 10 has an invalid length.
[  886.319401][T16006] netlink: 'syz.0.3740': attribute type 10 has an invalid length.
[  886.556106][T16005] GPL: port 1(erspan0) entered blocking state
[  886.563557][T16005] GPL: port 1(erspan0) entered disabled state
[  886.606497][T16005] erspan0: entered allmulticast mode
[  886.628416][T16005] erspan0: entered promiscuous mode
[  886.685940][T16010] netlink: 'syz.1.3741': attribute type 10 has an invalid length.
[  887.247993][T16020] netlink: 'syz.5.3743': attribute type 25 has an invalid length.
[  887.266759][T16020] netlink: 'syz.5.3743': attribute type 1 has an invalid length.
[  887.295965][T16020] bridge0: port 1(bridge_slave_0) entered learning state
[  888.815405][T16048] GPL: port 1(erspan0) entered blocking state
[  888.821893][T16048] GPL: port 1(erspan0) entered disabled state
[  888.828382][T16048] erspan0: entered allmulticast mode
[  888.835525][T16048] erspan0: entered promiscuous mode
[  889.472843][T16078] validate_nla: 2 callbacks suppressed
[  889.472864][T16078] netlink: 'syz.1.3765': attribute type 21 has an invalid length.
[  889.517649][T16078] netlink: 'syz.1.3765': attribute type 13 has an invalid length.
[  889.543117][T16078] netlink: 216 bytes leftover after parsing attributes in process `syz.1.3765'.
[  890.375375][T16088] GPL: port 1(erspan0) entered blocking state
[  890.384597][T16088] GPL: port 1(erspan0) entered disabled state
[  890.401482][T16088] erspan0: entered allmulticast mode
[  890.411794][T16088] erspan0: entered promiscuous mode
[  891.593679][T16124] FAULT_INJECTION: forcing a failure.
[  891.593679][T16124] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  891.661671][T16124] CPU: 1 PID: 16124 Comm: syz.5.3784 Not tainted syzkaller #0
[  891.669252][T16124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  891.679394][T16124] Call Trace:
[  891.682776][T16124]  <TASK>
[  891.685756][T16124]  dump_stack_lvl+0x16c/0x230
[  891.690504][T16124]  ? show_regs_print_info+0x20/0x20
[  891.695759][T16124]  ? load_image+0x3b0/0x3b0
[  891.700365][T16124]  ? __might_fault+0xaa/0x120
[  891.705097][T16124]  ? __lock_acquire+0x7c80/0x7c80
[  891.710193][T16124]  ? perf_trace_lock_acquire+0x32a/0x3e0
[  891.715898][T16124]  should_fail_ex+0x39d/0x4d0
[  891.720735][T16124]  _copy_from_user+0x2f/0xe0
[  891.725417][T16124]  ___sys_sendmsg+0x159/0x290
[  891.730171][T16124]  ? __sys_sendmsg+0x270/0x270
[  891.735074][T16124]  ? __lock_acquire+0x7c80/0x7c80
[  891.740305][T16124]  __se_sys_sendmsg+0x1a5/0x270
[  891.745215][T16124]  ? __x64_sys_sendmsg+0x80/0x80
[  891.750251][T16124]  ? lockdep_hardirqs_on+0x98/0x150
[  891.755506][T16124]  do_syscall_64+0x55/0xb0
[  891.759978][T16124]  ? clear_bhb_loop+0x40/0x90
[  891.764715][T16124]  ? clear_bhb_loop+0x40/0x90
[  891.769472][T16124]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  891.775408][T16124] RIP: 0033:0x7f10e558f749
[  891.779869][T16124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.799562][T16124] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  891.808023][T16124] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  891.816036][T16124] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  891.824062][T16124] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  891.832089][T16124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  891.840121][T16124] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  891.848442][T16124]  </TASK>
[  891.893912][T16127] netlink: 'syz.1.3785': attribute type 10 has an invalid length.
[  892.325657][T16137] netlink: 'syz.0.3798': attribute type 10 has an invalid length.
[  893.295670][T16165] netlink: 'syz.2.3802': attribute type 10 has an invalid length.
[  894.327293][T16184] netlink: 'syz.0.3812': attribute type 10 has an invalid length.
[  896.188341][T16222] netlink: 'syz.1.3823': attribute type 10 has an invalid length.
[  897.728072][T16254] netlink: 'syz.2.3838': attribute type 10 has an invalid length.
[  899.224110][T16285] netlink: 'syz.0.3851': attribute type 10 has an invalid length.
[  900.261253][T16308] netlink: 'syz.5.3861': attribute type 10 has an invalid length.
[  900.588938][T16312] netlink: 'syz.0.3860': attribute type 10 has an invalid length.
[  901.748265][T16344] netlink: 'syz.1.3873': attribute type 10 has an invalid length.
[  902.180080][T16346] netlink: 'syz.5.3875': attribute type 10 has an invalid length.
[  903.188528][T16374] netlink: 'syz.5.3885': attribute type 10 has an invalid length.
[  903.625764][T16380] netlink: 'syz.1.3888': attribute type 10 has an invalid length.
[  905.260433][T16408] netlink: 'syz.5.3903': attribute type 10 has an invalid length.
[  906.163640][T16421] netlink: 'syz.2.3906': attribute type 10 has an invalid length.
[  906.575990][T16437] FAULT_INJECTION: forcing a failure.
[  906.575990][T16437] name failslab, interval 1, probability 0, space 0, times 0
[  906.617016][T16437] CPU: 1 PID: 16437 Comm: syz.0.3913 Not tainted syzkaller #0
[  906.624575][T16437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  906.634741][T16437] Call Trace:
[  906.638143][T16437]  <TASK>
[  906.641111][T16437]  dump_stack_lvl+0x16c/0x230
[  906.645846][T16437]  ? show_regs_print_info+0x20/0x20
[  906.651101][T16437]  ? load_image+0x3b0/0x3b0
[  906.655663][T16437]  ? __might_sleep+0xe0/0xe0
[  906.660311][T16437]  ? __lock_acquire+0x7c80/0x7c80
[  906.665392][T16437]  should_fail_ex+0x39d/0x4d0
[  906.670135][T16437]  should_failslab+0x9/0x20
[  906.674777][T16437]  slab_pre_alloc_hook+0x59/0x310
[  906.679860][T16437]  ? bpf_raw_tp_link_attach+0x23a/0x560
[  906.685455][T16437]  __kmem_cache_alloc_node+0x53/0x260
[  906.690899][T16437]  ? bpf_raw_tp_link_attach+0x23a/0x560
[  906.696512][T16437]  kmalloc_trace+0x2a/0xe0
[  906.700996][T16437]  bpf_raw_tp_link_attach+0x23a/0x560
[  906.706435][T16437]  ? bpf_insn_prepare_dump+0x840/0x840
[  906.711987][T16437]  bpf_raw_tracepoint_open+0x197/0x210
[  906.717603][T16437]  __sys_bpf+0x364/0x800
[  906.721906][T16437]  ? bpf_link_show_fdinfo+0x350/0x350
[  906.727354][T16437]  ? lock_chain_count+0x20/0x20
[  906.732273][T16437]  __x64_sys_bpf+0x7c/0x90
[  906.736735][T16437]  do_syscall_64+0x55/0xb0
[  906.741210][T16437]  ? clear_bhb_loop+0x40/0x90
[  906.745935][T16437]  ? clear_bhb_loop+0x40/0x90
[  906.750681][T16437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  906.756634][T16437] RIP: 0033:0x7f347f98f749
[  906.761109][T16437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  906.780861][T16437] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  906.789326][T16437] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  906.797350][T16437] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000011
[  906.805378][T16437] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  906.813507][T16437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  906.821620][T16437] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  906.829640][T16437]  </TASK>
[  908.320530][T16448] netlink: 'syz.5.3917': attribute type 10 has an invalid length.
[  908.753627][T16460] netlink: 'syz.1.3928': attribute type 10 has an invalid length.
[  908.871759][T16462] netlink: 'syz.5.3922': attribute type 10 has an invalid length.
[  909.822114][T16480] netlink: 'syz.0.3931': attribute type 10 has an invalid length.
[  909.962231][T16478] netlink: 'syz.2.3930': attribute type 10 has an invalid length.
[  910.358841][T16488] netlink: 'syz.1.3933': attribute type 10 has an invalid length.
[  910.876722][T16504] netlink: 'syz.0.3942': attribute type 10 has an invalid length.
[  911.396271][T16511] netlink: 'syz.5.3945': attribute type 10 has an invalid length.
[  911.706960][T16523] netlink: 'syz.2.3950': attribute type 11 has an invalid length.
[  911.897655][T16533] netlink: 'syz.0.3954': attribute type 10 has an invalid length.
[  913.349475][T16553] netlink: 211 bytes leftover after parsing attributes in process `syz.1.3961'.
[  913.509351][T16552] sit0: entered allmulticast mode
[  913.845192][T16557] netlink: 'syz.0.3962': attribute type 10 has an invalid length.
[  913.886259][T16562] netlink: 'syz.1.3965': attribute type 10 has an invalid length.
[  915.673034][T16599] netlink: 'syz.0.3979': attribute type 10 has an invalid length.
[  918.995254][T16679] netlink: 'syz.5.4011': attribute type 10 has an invalid length.
[  919.011347][T16679] bond0: left promiscuous mode
[  919.016342][T16679] bond_slave_0: left promiscuous mode
[  919.027258][T16679] bond_slave_1: left promiscuous mode
[  919.083305][T16679] 8021q: adding VLAN 0 to HW filter on device bond0
[  919.115250][T16679] team0: Port device bond0 added
[  919.168154][T16690] FAULT_INJECTION: forcing a failure.
[  919.168154][T16690] name failslab, interval 1, probability 0, space 0, times 0
[  919.190318][T16690] CPU: 1 PID: 16690 Comm: syz.0.4013 Not tainted syzkaller #0
[  919.197867][T16690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  919.207980][T16690] Call Trace:
[  919.211312][T16690]  <TASK>
[  919.214289][T16690]  dump_stack_lvl+0x16c/0x230
[  919.219037][T16690]  ? show_regs_print_info+0x20/0x20
[  919.224303][T16690]  ? load_image+0x3b0/0x3b0
[  919.228869][T16690]  ? __might_sleep+0xe0/0xe0
[  919.233607][T16690]  ? __lock_acquire+0x7c80/0x7c80
[  919.238702][T16690]  should_fail_ex+0x39d/0x4d0
[  919.243459][T16690]  should_failslab+0x9/0x20
[  919.248131][T16690]  slab_pre_alloc_hook+0x59/0x310
[  919.253232][T16690]  ? kvmalloc_node+0x70/0x180
[  919.257988][T16690]  ? kvmalloc_node+0x70/0x180
[  919.262752][T16690]  __kmem_cache_alloc_node+0x53/0x260
[  919.268200][T16690]  ? kvmalloc_node+0x70/0x180
[  919.273003][T16690]  __kmalloc_node+0xa4/0x230
[  919.277674][T16690]  kvmalloc_node+0x70/0x180
[  919.282253][T16690]  bpf_test_run_xdp_live+0x180/0x1a20
[  919.287712][T16690]  ? 0xffffffffa0004240
[  919.291926][T16690]  ? bpf_dispatcher_change_prog+0xa76/0xcc0
[  919.297975][T16690]  ? __sys_bpf+0x440/0x800
[  919.302446][T16690]  ? __x64_sys_bpf+0x7c/0x90
[  919.307096][T16690]  ? do_syscall_64+0x55/0xb0
[  919.311754][T16690]  ? xdp_convert_md_to_buff+0x330/0x330
[  919.317384][T16690]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  919.323770][T16690]  ? _copy_from_user+0xa5/0xe0
[  919.328683][T16690]  ? bpf_test_init+0x134/0x150
[  919.333511][T16690]  ? xdp_convert_md_to_buff+0x5b/0x330
[  919.339029][T16690]  bpf_prog_test_run_xdp+0x76c/0xfa0
[  919.344410][T16690]  ? dev_put+0x80/0x80
[  919.348552][T16690]  ? dev_put+0x80/0x80
[  919.352678][T16690]  bpf_prog_test_run+0x321/0x390
[  919.357689][T16690]  __sys_bpf+0x440/0x800
[  919.362095][T16690]  ? bpf_link_show_fdinfo+0x350/0x350
[  919.367586][T16690]  ? lock_chain_count+0x20/0x20
[  919.372948][T16690]  __x64_sys_bpf+0x7c/0x90
[  919.377417][T16690]  do_syscall_64+0x55/0xb0
[  919.381894][T16690]  ? clear_bhb_loop+0x40/0x90
[  919.386631][T16690]  ? clear_bhb_loop+0x40/0x90
[  919.391380][T16690]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  919.397324][T16690] RIP: 0033:0x7f347f98f749
[  919.401792][T16690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  919.421732][T16690] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  919.430202][T16690] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  919.438225][T16690] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  919.446248][T16690] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  919.454270][T16690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  919.462382][T16690] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  919.470424][T16690]  </TASK>
[  919.596147][T16696] netlink: 'syz.1.4015': attribute type 21 has an invalid length.
[  919.643410][T16696] netlink: 'syz.1.4015': attribute type 1 has an invalid length.
[  919.674902][T16696] netlink: 16050 bytes leftover after parsing attributes in process `syz.1.4015'.
[  919.866226][T16707] netlink: 'syz.2.4020': attribute type 10 has an invalid length.
[  920.845382][T16729] netlink: 'syz.0.4030': attribute type 10 has an invalid length.
[  921.345183][T16745] netlink: 'syz.0.4038': attribute type 12 has an invalid length.
[  921.353341][T16745] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4038'.
[  922.276419][T16769] netlink: 'syz.0.4046': attribute type 10 has an invalid length.
[  922.830198][T16782] FAULT_INJECTION: forcing a failure.
[  922.830198][T16782] name failslab, interval 1, probability 0, space 0, times 0
[  922.869360][T16782] CPU: 1 PID: 16782 Comm: syz.5.4051 Not tainted syzkaller #0
[  922.876917][T16782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  922.887027][T16782] Call Trace:
[  922.890618][T16782]  <TASK>
[  922.893753][T16782]  dump_stack_lvl+0x16c/0x230
[  922.898516][T16782]  ? show_regs_print_info+0x20/0x20
[  922.903877][T16782]  ? load_image+0x3b0/0x3b0
[  922.908462][T16782]  ? __lock_acquire+0x7c80/0x7c80
[  922.913556][T16782]  should_fail_ex+0x39d/0x4d0
[  922.918317][T16782]  should_failslab+0x9/0x20
[  922.922897][T16782]  slab_pre_alloc_hook+0x59/0x310
[  922.927981][T16782]  ? sk_prot_alloc+0xe7/0x210
[  922.932722][T16782]  ? sk_prot_alloc+0xe7/0x210
[  922.937463][T16782]  __kmem_cache_alloc_node+0x53/0x260
[  922.942928][T16782]  ? sk_prot_alloc+0xe7/0x210
[  922.947667][T16782]  __kmalloc+0xa4/0x240
[  922.951901][T16782]  sk_prot_alloc+0xe7/0x210
[  922.956464][T16782]  ? sk_alloc+0x24/0x360
[  922.960768][T16782]  sk_alloc+0x3a/0x360
[  922.964889][T16782]  ? bpf_ctx_init+0x163/0x1a0
[  922.969610][T16782]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  922.975208][T16782]  bpf_prog_test_run_skb+0x39a/0x11c0
[  922.980634][T16782]  ? __fget_files+0x28/0x4d0
[  922.985303][T16782]  ? cpu_online+0x60/0x60
[  922.989694][T16782]  bpf_prog_test_run+0x321/0x390
[  922.994715][T16782]  __sys_bpf+0x440/0x800
[  922.999020][T16782]  ? bpf_link_show_fdinfo+0x350/0x350
[  923.004474][T16782]  ? lock_chain_count+0x20/0x20
[  923.009412][T16782]  __x64_sys_bpf+0x7c/0x90
[  923.013891][T16782]  do_syscall_64+0x55/0xb0
[  923.018462][T16782]  ? clear_bhb_loop+0x40/0x90
[  923.023195][T16782]  ? clear_bhb_loop+0x40/0x90
[  923.027911][T16782]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  923.033835][T16782] RIP: 0033:0x7f10e558f749
[  923.038369][T16782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  923.058004][T16782] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  923.066470][T16782] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  923.074656][T16782] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  923.082654][T16782] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  923.090649][T16782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  923.098659][T16782] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  923.106702][T16782]  </TASK>
[  923.137135][T16787] FAULT_INJECTION: forcing a failure.
[  923.137135][T16787] name failslab, interval 1, probability 0, space 0, times 0
[  923.156064][T16787] CPU: 1 PID: 16787 Comm: syz.2.4052 Not tainted syzkaller #0
[  923.163610][T16787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  923.173720][T16787] Call Trace:
[  923.177045][T16787]  <TASK>
[  923.180016][T16787]  dump_stack_lvl+0x16c/0x230
[  923.184756][T16787]  ? show_regs_print_info+0x20/0x20
[  923.190024][T16787]  ? load_image+0x3b0/0x3b0
[  923.194598][T16787]  should_fail_ex+0x39d/0x4d0
[  923.199345][T16787]  should_failslab+0x9/0x20
[  923.203924][T16787]  slab_pre_alloc_hook+0x59/0x310
[  923.209021][T16787]  kmem_cache_alloc+0x5a/0x2e0
[  923.213868][T16787]  ? dst_alloc+0x105/0x170
[  923.218347][T16787]  ? ipv6_sysctl_rtcache_flush+0xf0/0xf0
[  923.224159][T16787]  dst_alloc+0x105/0x170
[  923.228469][T16787]  ip6_rt_cache_alloc+0x39f/0x9c0
[  923.233670][T16787]  ? rt6_find_cached_rt+0x270/0x270
[  923.238918][T16787]  ? rt6_find_cached_rt+0x21d/0x270
[  923.244182][T16787]  ? ip6_pol_route+0x166/0x1160
[  923.249116][T16787]  ip6_pol_route+0xf3a/0x1160
[  923.253855][T16787]  ? ip6_pol_route+0x166/0x1160
[  923.258766][T16787]  ? trace_fib6_table_lookup+0x1c0/0x1c0
[  923.264478][T16787]  fib6_rule_lookup+0x1d7/0x510
[  923.269392][T16787]  ? skb_header_pointer+0x120/0x120
[  923.274734][T16787]  ? fib6_lookup+0x2c0/0x2c0
[  923.279375][T16787]  ? txopt_get+0x7b/0x3e0
[  923.283760][T16787]  ? perf_trace_lock+0xf7/0x380
[  923.288685][T16787]  ? read_lock_is_recursive+0x20/0x20
[  923.294115][T16787]  ? tomoyo_write_log2+0x250/0x910
[  923.299928][T16787]  ip6_route_output_flags+0x364/0x5d0
[  923.305359][T16787]  ? ip6_route_output_flags+0x2e/0x5d0
[  923.310885][T16787]  ip6_dst_lookup_tail+0x199/0x14a0
[  923.316182][T16787]  ? txopt_get+0x7b/0x3e0
[  923.320573][T16787]  ? __lock_acquire+0x7c80/0x7c80
[  923.325741][T16787]  ? ip6_dst_lookup+0x60/0x60
[  923.330481][T16787]  ? txopt_get+0x7b/0x3e0
[  923.334867][T16787]  ? txopt_get+0x7b/0x3e0
[  923.339254][T16787]  ? txopt_get+0x336/0x3e0
[  923.343823][T16787]  ? fl6_sock_lookup+0xd0/0xd0
[  923.348658][T16787]  ip6_dst_lookup_flow+0x48/0xe0
[  923.353749][T16787]  rawv6_sendmsg+0xd07/0x17f0
[  923.358513][T16787]  ? __might_sleep+0xe0/0xe0
[  923.363164][T16787]  ? compat_rawv6_ioctl+0x70/0x70
[  923.368267][T16787]  ? aa_sk_perm+0x7fc/0x930
[  923.372841][T16787]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  923.379426][T16787]  ? inet_send_prepare+0x260/0x260
[  923.384590][T16787]  ? inet_sendmsg+0x7c/0x2f0
[  923.389240][T16787]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  923.394593][T16787]  ? security_socket_sendmsg+0x80/0xa0
[  923.400202][T16787]  ? inet_send_prepare+0x260/0x260
[  923.405380][T16787]  ____sys_sendmsg+0x5bf/0x950
[  923.410319][T16787]  ? __asan_memset+0x22/0x40
[  923.415063][T16787]  ? __sys_sendmsg_sock+0x30/0x30
[  923.420164][T16787]  ? __import_iovec+0x5f2/0x860
[  923.425184][T16787]  ? import_iovec+0x73/0xa0
[  923.429779][T16787]  ___sys_sendmsg+0x220/0x290
[  923.434548][T16787]  ? __sys_sendmsg+0x270/0x270
[  923.439408][T16787]  ? __lock_acquire+0x7c80/0x7c80
[  923.444518][T16787]  __se_sys_sendmsg+0x1a5/0x270
[  923.449861][T16787]  ? perf_trace_preemptirq_template+0x281/0x340
[  923.456168][T16787]  ? __x64_sys_sendmsg+0x80/0x80
[  923.461193][T16787]  ? lockdep_hardirqs_on+0x98/0x150
[  923.466549][T16787]  do_syscall_64+0x55/0xb0
[  923.471040][T16787]  ? clear_bhb_loop+0x40/0x90
[  923.475766][T16787]  ? clear_bhb_loop+0x40/0x90
[  923.480580][T16787]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  923.486655][T16787] RIP: 0033:0x7f8eec18f749
[  923.491120][T16787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  923.510777][T16787] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  923.519242][T16787] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  923.527255][T16787] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  923.535285][T16787] RBP: 00007f8eea3f6090 R08: 0000000000000000 R09: 0000000000000000
[  923.543299][T16787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  923.551315][T16787] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  923.559355][T16787]  </TASK>
[  923.879209][ T5104] Bluetooth: hci4: command 0x0406 tx timeout
[  923.901447][T16797] netlink: 192440 bytes leftover after parsing attributes in process `syz.2.4058'.
[  923.930317][T16797] openvswitch: netlink: Key 9 has unexpected len 3064 expected 4
[  923.971267][T16797] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4058'.
[  923.993879][T16797] tc_dump_action: action bad kind
[  924.657675][T16821] FAULT_INJECTION: forcing a failure.
[  924.657675][T16821] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  924.675613][T16821] CPU: 1 PID: 16821 Comm: syz.2.4066 Not tainted syzkaller #0
[  924.683143][T16821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  924.693254][T16821] Call Trace:
[  924.696583][T16821]  <TASK>
[  924.699561][T16821]  dump_stack_lvl+0x16c/0x230
[  924.704298][T16821]  ? show_regs_print_info+0x20/0x20
[  924.709550][T16821]  ? load_image+0x3b0/0x3b0
[  924.714112][T16821]  ? __lock_acquire+0x7c80/0x7c80
[  924.719188][T16821]  ? mark_lock+0x94/0x320
[  924.723594][T16821]  should_fail_ex+0x39d/0x4d0
[  924.728338][T16821]  prepare_alloc_pages+0x1e2/0x5f0
[  924.733615][T16821]  __alloc_pages+0x127/0x460
[  924.738311][T16821]  ? zone_statistics+0x170/0x170
[  924.743317][T16821]  ? do_wp_page+0x826/0x3630
[  924.748052][T16821]  ? do_wp_page+0x1024/0x3630
[  924.752797][T16821]  __folio_alloc+0x10/0x20
[  924.757266][T16821]  vma_alloc_folio+0x47a/0x8f0
[  924.762090][T16821]  do_wp_page+0x128e/0x3630
[  924.766644][T16821]  ? folio_put+0xd0/0xd0
[  924.770913][T16821]  ? do_raw_spin_lock+0x121/0x2c0
[  924.775965][T16821]  ? __rwlock_init+0x150/0x150
[  924.780766][T16821]  ? handle_mm_fault+0xd1/0x4920
[  924.785730][T16821]  handle_mm_fault+0x12d4/0x4920
[  924.790696][T16821]  ? handle_mm_fault+0xd1/0x4920
[  924.795671][T16821]  ? numa_migrate_prep+0x350/0x350
[  924.800839][T16821]  ? lock_mm_and_find_vma+0x9c/0x300
[  924.806152][T16821]  do_user_addr_fault+0x738/0x12e0
[  924.811300][T16821]  exc_page_fault+0x67/0x110
[  924.816009][T16821]  asm_exc_page_fault+0x26/0x30
[  924.820885][T16821] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  924.826746][T16821] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  924.846378][T16821] RSP: 0018:ffffc90005327630 EFLAGS: 00050202
[  924.852473][T16821] RAX: ffffffff841ce901 RBX: 0000000000000e5c RCX: 0000000000000e5c
[  924.860481][T16821] RDX: 0000000000000000 RSI: ffff88807e7c4000 RDI: 0000200000004700
[  924.868489][T16821] RBP: ffffc900053277c0 R08: ffff88807e7c4e5b R09: 1ffff1100fcf89cb
[  924.876482][T16821] R10: dffffc0000000000 R11: ffffed100fcf89cc R12: 000020000000555c
[  924.884477][T16821] R13: ffffc90005327e40 R14: 0000200000004700 R15: ffff88807e7c4000
[  924.892484][T16821]  ? copyout+0x51/0x90
[  924.896587][T16821]  copyout+0x70/0x90
[  924.900513][T16821]  _copy_to_iter+0x432/0x10d0
[  924.905258][T16821]  ? iov_iter_init+0x1e0/0x1e0
[  924.910051][T16821]  ? __virt_addr_valid+0x18c/0x540
[  924.915213][T16821]  ? __virt_addr_valid+0x469/0x540
[  924.920371][T16821]  ? __phys_addr_symbol+0x2f/0x70
[  924.925436][T16821]  __skb_datagram_iter+0xdb/0x780
[  924.930525][T16821]  ? skb_copy_datagram_iter+0x200/0x200
[  924.936104][T16821]  skb_copy_datagram_iter+0xb1/0x200
[  924.941425][T16821]  netlink_recvmsg+0x2c5/0xdf0
[  924.946231][T16821]  ? netlink_sendmsg+0xbe0/0xbe0
[  924.951250][T16821]  ? aa_sk_perm+0x7fc/0x930
[  924.955813][T16821]  ? aa_af_perm+0x2b0/0x2b0
[  924.960360][T16821]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  924.965666][T16821]  ? security_socket_recvmsg+0x89/0xb0
[  924.971147][T16821]  ? netlink_sendmsg+0xbe0/0xbe0
[  924.976112][T16821]  ____sys_recvmsg+0x29e/0x5b0
[  924.981045][T16821]  ? __sys_recvmsg_sock+0x50/0x50
[  924.986115][T16821]  ? import_iovec+0x73/0xa0
[  924.990651][T16821]  ___sys_recvmsg+0x1b6/0x510
[  924.995369][T16821]  ? __sys_recvmsg+0x270/0x270
[  925.000185][T16821]  ? ksys_write+0x1c1/0x250
[  925.004775][T16821]  ? __fget_files+0x44a/0x4d0
[  925.009515][T16821]  __x64_sys_recvmsg+0x1f2/0x2c0
[  925.014512][T16821]  ? ___sys_recvmsg+0x510/0x510
[  925.019407][T16821]  ? lockdep_hardirqs_on+0x98/0x150
[  925.024630][T16821]  do_syscall_64+0x55/0xb0
[  925.029424][T16821]  ? clear_bhb_loop+0x40/0x90
[  925.034160][T16821]  ? clear_bhb_loop+0x40/0x90
[  925.038866][T16821]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  925.044776][T16821] RIP: 0033:0x7f8eec18f749
[  925.049227][T16821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  925.068896][T16821] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  925.077474][T16821] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  925.085489][T16821] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000003
[  925.093487][T16821] RBP: 00007f8eea3f6090 R08: 0000000000000000 R09: 0000000000000000
[  925.101477][T16821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  925.109482][T16821] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  925.117494][T16821]  </TASK>
[  925.350354][T16826] netlink: 'syz.0.4067': attribute type 5 has an invalid length.
[  925.366384][T16826] netlink: 176 bytes leftover after parsing attributes in process `syz.0.4067'.
[  925.447056][T16832] netlink: 'syz.1.4071': attribute type 21 has an invalid length.
[  926.425232][T16858] netlink: 'syz.1.4081': attribute type 12 has an invalid length.
[  926.464428][T16858] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4081'.
[  926.646385][T16863] FAULT_INJECTION: forcing a failure.
[  926.646385][T16863] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  926.691399][T16863] CPU: 0 PID: 16863 Comm: syz.5.4082 Not tainted syzkaller #0
[  926.698954][T16863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  926.709075][T16863] Call Trace:
[  926.712403][T16863]  <TASK>
[  926.715388][T16863]  dump_stack_lvl+0x16c/0x230
[  926.720140][T16863]  ? show_regs_print_info+0x20/0x20
[  926.725409][T16863]  ? load_image+0x3b0/0x3b0
[  926.729999][T16863]  ? __lock_acquire+0x7c80/0x7c80
[  926.735099][T16863]  ? mark_lock+0x94/0x320
[  926.739620][T16863]  should_fail_ex+0x39d/0x4d0
[  926.744376][T16863]  prepare_alloc_pages+0x1e2/0x5f0
[  926.749567][T16863]  __alloc_pages+0x127/0x460
[  926.754224][T16863]  ? zone_statistics+0x170/0x170
[  926.759237][T16863]  ? do_wp_page+0x826/0x3630
[  926.763896][T16863]  ? do_wp_page+0x1024/0x3630
[  926.768656][T16863]  __folio_alloc+0x10/0x20
[  926.773226][T16863]  vma_alloc_folio+0x47a/0x8f0
[  926.778094][T16863]  do_wp_page+0x128e/0x3630
[  926.782690][T16863]  ? folio_put+0xd0/0xd0
[  926.787011][T16863]  ? do_raw_spin_lock+0x121/0x2c0
[  926.792104][T16863]  ? __rwlock_init+0x150/0x150
[  926.796938][T16863]  ? handle_mm_fault+0xd1/0x4920
[  926.801940][T16863]  handle_mm_fault+0x12d4/0x4920
[  926.806948][T16863]  ? handle_mm_fault+0xd1/0x4920
[  926.811977][T16863]  ? numa_migrate_prep+0x350/0x350
[  926.817191][T16863]  ? lock_mm_and_find_vma+0x9c/0x300
[  926.822549][T16863]  do_user_addr_fault+0x738/0x12e0
[  926.827758][T16863]  exc_page_fault+0x67/0x110
[  926.832411][T16863]  asm_exc_page_fault+0x26/0x30
[  926.837322][T16863] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  926.843199][T16863] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  926.862951][T16863] RSP: 0018:ffffc900053276f0 EFLAGS: 00050206
[  926.869074][T16863] RAX: ffffffff841ce901 RBX: 00000000000101d0 RCX: 000000000000e5d0
[  926.877188][T16863] RDX: 0000000000000000 RSI: ffff888067b61ce8 RDI: 0000200000002000
[  926.885214][T16863] RBP: ffffc90005327878 R08: ffff888067b702b7 R09: 1ffff1100cf6e056
[  926.893239][T16863] R10: dffffc0000000000 R11: ffffed100cf6e057 R12: 00002000000105d0
[  926.901265][T16863] R13: ffffc90005327e40 R14: 0000200000000400 R15: ffff888067b600e8
[  926.909307][T16863]  ? copyout+0x51/0x90
[  926.913452][T16863]  copyout+0x70/0x90
[  926.917411][T16863]  _copy_to_iter+0x432/0x10d0
[  926.922179][T16863]  ? iov_iter_init+0x1e0/0x1e0
[  926.927007][T16863]  ? __virt_addr_valid+0x18c/0x540
[  926.932182][T16863]  ? __virt_addr_valid+0x469/0x540
[  926.937362][T16863]  ? __phys_addr_symbol+0x2f/0x70
[  926.942446][T16863]  ? __check_object_size+0x506/0xa30
[  926.947816][T16863]  __skb_datagram_iter+0xdb/0x780
[  926.952915][T16863]  ? tsk_importance+0x150/0x150
[  926.957829][T16863]  ? skb_copy_datagram_iter+0x200/0x200
[  926.963453][T16863]  skb_copy_datagram_iter+0xb1/0x200
[  926.968901][T16863]  tipc_recvstream+0x72b/0xe70
[  926.973761][T16863]  ? tipc_sendstream+0x70/0x70
[  926.978592][T16863]  ____sys_recvmsg+0x29e/0x5b0
[  926.983443][T16863]  ? __sys_recvmsg_sock+0x50/0x50
[  926.988554][T16863]  ? import_iovec+0x73/0xa0
[  926.993129][T16863]  ___sys_recvmsg+0x1b6/0x510
[  926.997867][T16863]  ? __sys_recvmsg+0x270/0x270
[  927.002891][T16863]  ? ksys_write+0x1c1/0x250
[  927.007515][T16863]  ? __fget_files+0x44a/0x4d0
[  927.012287][T16863]  __x64_sys_recvmsg+0x1f2/0x2c0
[  927.017288][T16863]  ? ___sys_recvmsg+0x510/0x510
[  927.022230][T16863]  ? lockdep_hardirqs_on+0x98/0x150
[  927.027602][T16863]  do_syscall_64+0x55/0xb0
[  927.032188][T16863]  ? clear_bhb_loop+0x40/0x90
[  927.036939][T16863]  ? clear_bhb_loop+0x40/0x90
[  927.041712][T16863]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  927.047791][T16863] RIP: 0033:0x7f10e558f749
[  927.052278][T16863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.071948][T16863] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  927.080436][T16863] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  927.088468][T16863] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000006
[  927.096497][T16863] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  927.104531][T16863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  927.112568][T16863] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  927.120639][T16863]  </TASK>
[  927.571178][T16875] netlink: 'syz.1.4084': attribute type 10 has an invalid length.
[  927.631595][T16879] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4085'.
[  928.268876][T16900] netlink: 'syz.5.4094': attribute type 12 has an invalid length.
[  928.289451][T16900] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4094'.
[  928.980026][T16912] netlink: 'syz.0.4098': attribute type 10 has an invalid length.
[  930.952174][T16947] FAULT_INJECTION: forcing a failure.
[  930.952174][T16947] name failslab, interval 1, probability 0, space 0, times 0
[  930.965461][T16947] CPU: 0 PID: 16947 Comm: syz.0.4113 Not tainted syzkaller #0
[  930.972983][T16947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  930.983105][T16947] Call Trace:
[  930.986432][T16947]  <TASK>
[  930.989406][T16947]  dump_stack_lvl+0x16c/0x230
[  930.994232][T16947]  ? show_regs_print_info+0x20/0x20
[  930.999482][T16947]  ? load_image+0x3b0/0x3b0
[  931.004051][T16947]  ? __might_sleep+0xe0/0xe0
[  931.008701][T16947]  ? __lock_acquire+0x7c80/0x7c80
[  931.013872][T16947]  should_fail_ex+0x39d/0x4d0
[  931.018623][T16947]  should_failslab+0x9/0x20
[  931.023182][T16947]  slab_pre_alloc_hook+0x59/0x310
[  931.028268][T16947]  ? __lock_acquire+0x7c80/0x7c80
[  931.033323][T16947]  kmem_cache_alloc+0x5a/0x2e0
[  931.038118][T16947]  ? security_file_alloc+0x34/0x120
[  931.043356][T16947]  security_file_alloc+0x34/0x120
[  931.048415][T16947]  init_file+0x94/0x1f0
[  931.052608][T16947]  alloc_empty_file+0xb7/0x1d0
[  931.057408][T16947]  path_openat+0x100/0x3190
[  931.061961][T16947]  ? perf_trace_lock+0xf7/0x380
[  931.066863][T16947]  ? __x64_sys_openat+0x139/0x160
[  931.071940][T16947]  ? verify_lock_unused+0x140/0x140
[  931.077170][T16947]  ? do_filp_open+0x3d0/0x3d0
[  931.082052][T16947]  ? perf_trace_lock+0xf7/0x380
[  931.086937][T16947]  ? trace_event_raw_event_lock+0x230/0x230
[  931.092870][T16947]  do_filp_open+0x1c5/0x3d0
[  931.097409][T16947]  ? vfs_tmpfile+0x490/0x490
[  931.102052][T16947]  ? _raw_spin_unlock+0x28/0x40
[  931.106943][T16947]  ? alloc_fd+0x58f/0x630
[  931.111322][T16947]  do_sys_openat2+0x12c/0x1c0
[  931.116028][T16947]  ? atomic_notifier_call_chain+0x16e/0x180
[  931.121951][T16947]  ? do_sys_open+0xe0/0xe0
[  931.126400][T16947]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  931.132411][T16947]  ? lock_chain_count+0x20/0x20
[  931.137297][T16947]  __x64_sys_openat+0x139/0x160
[  931.142177][T16947]  do_syscall_64+0x55/0xb0
[  931.146624][T16947]  ? clear_bhb_loop+0x40/0x90
[  931.151331][T16947]  ? clear_bhb_loop+0x40/0x90
[  931.156121][T16947]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  931.162051][T16947] RIP: 0033:0x7f347f98df90
[  931.166486][T16947] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  931.186119][T16947] RSP: 002b:00007f34807aef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  931.194567][T16947] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f347f98df90
[  931.202564][T16947] RDX: 0000000000000002 RSI: 00007f34807aefa0 RDI: 00000000ffffff9c
[  931.210582][T16947] RBP: 00007f34807aefa0 R08: 0000000000000000 R09: 0000000000000000
[  931.218578][T16947] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  931.226571][T16947] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  931.234671][T16947]  </TASK>
[  931.792896][T16961] FAULT_INJECTION: forcing a failure.
[  931.792896][T16961] name failslab, interval 1, probability 0, space 0, times 0
[  931.823825][T16961] CPU: 0 PID: 16961 Comm: syz.1.4121 Not tainted syzkaller #0
[  931.831422][T16961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  931.841562][T16961] Call Trace:
[  931.844891][T16961]  <TASK>
[  931.847862][T16961]  dump_stack_lvl+0x16c/0x230
[  931.852610][T16961]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.858822][T16961]  ? show_regs_print_info+0x20/0x20
[  931.864088][T16961]  ? load_image+0x3b0/0x3b0
[  931.868662][T16961]  should_fail_ex+0x39d/0x4d0
[  931.873404][T16961]  should_failslab+0x9/0x20
[  931.877973][T16961]  slab_pre_alloc_hook+0x59/0x310
[  931.883066][T16961]  ? __lock_acquire+0x7c80/0x7c80
[  931.888151][T16961]  kmem_cache_alloc+0x5a/0x2e0
[  931.892965][T16961]  ? security_file_alloc+0x34/0x120
[  931.898328][T16961]  security_file_alloc+0x34/0x120
[  931.903418][T16961]  init_file+0x94/0x1f0
[  931.907630][T16961]  alloc_empty_file+0xb7/0x1d0
[  931.912531][T16961]  path_openat+0x100/0x3190
[  931.917091][T16961]  ? mark_lock+0x94/0x320
[  931.921548][T16961]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  931.927607][T16961]  ? lock_chain_count+0x20/0x20
[  931.932603][T16961]  ? do_filp_open+0x3d0/0x3d0
[  931.937336][T16961]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.943543][T16961]  ? lockdep_hardirqs_on+0x98/0x150
[  931.948780][T16961]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.954978][T16961]  do_filp_open+0x1c5/0x3d0
[  931.959551][T16961]  ? vfs_tmpfile+0x490/0x490
[  931.964213][T16961]  ? _raw_spin_unlock+0x28/0x40
[  931.969103][T16961]  ? alloc_fd+0x58f/0x630
[  931.973488][T16961]  do_sys_openat2+0x12c/0x1c0
[  931.978215][T16961]  ? do_sys_open+0xe0/0xe0
[  931.982672][T16961]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  931.988872][T16961]  __x64_sys_openat+0x139/0x160
[  931.993769][T16961]  do_syscall_64+0x55/0xb0
[  931.998336][T16961]  ? clear_bhb_loop+0x40/0x90
[  932.003069][T16961]  ? clear_bhb_loop+0x40/0x90
[  932.007901][T16961]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  932.013837][T16961] RIP: 0033:0x7f92b218df90
[  932.018283][T16961] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  932.037944][T16961] RSP: 002b:00007f92b3093f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  932.046403][T16961] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f92b218df90
[  932.054420][T16961] RDX: 0000000000000002 RSI: 00007f92b3093fa0 RDI: 00000000ffffff9c
[  932.062520][T16961] RBP: 00007f92b3093fa0 R08: 0000000000000000 R09: 0000000000000000
[  932.070554][T16961] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  932.078574][T16961] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  932.086618][T16961]  </TASK>
[  932.205640][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  932.221432][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  933.358124][T16997] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4136'.
[  933.643057][T17007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4139'.
[  933.661922][T17007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4139'.
[  933.686242][T17007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4139'.
[  933.695883][T17007] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4139'.
[  933.871410][T17015] FAULT_INJECTION: forcing a failure.
[  933.871410][T17015] name failslab, interval 1, probability 0, space 0, times 0
[  933.895633][T17015] CPU: 0 PID: 17015 Comm: syz.0.4143 Not tainted syzkaller #0
[  933.903191][T17015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  933.913383][T17015] Call Trace:
[  933.916711][T17015]  <TASK>
[  933.919678][T17015]  dump_stack_lvl+0x16c/0x230
[  933.924415][T17015]  ? show_regs_print_info+0x20/0x20
[  933.929669][T17015]  ? load_image+0x3b0/0x3b0
[  933.934235][T17015]  ? __might_sleep+0xe0/0xe0
[  933.938882][T17015]  ? __lock_acquire+0x7c80/0x7c80
[  933.943968][T17015]  should_fail_ex+0x39d/0x4d0
[  933.948705][T17015]  should_failslab+0x9/0x20
[  933.953266][T17015]  slab_pre_alloc_hook+0x59/0x310
[  933.958357][T17015]  ? bpf_ctx_init+0xbd/0x1a0
[  933.962976][T17015]  ? bpf_ctx_init+0xbd/0x1a0
[  933.967578][T17015]  __kmem_cache_alloc_node+0x53/0x260
[  933.972974][T17015]  ? __lock_acquire+0x7c80/0x7c80
[  933.978032][T17015]  ? bpf_ctx_init+0xbd/0x1a0
[  933.982644][T17015]  __kmalloc+0xa4/0x240
[  933.986825][T17015]  bpf_ctx_init+0xbd/0x1a0
[  933.991257][T17015]  bpf_prog_test_run_skb+0x2ba/0x11c0
[  933.996641][T17015]  ? __fget_files+0x28/0x4d0
[  934.001252][T17015]  ? __fget_files+0x44a/0x4d0
[  934.005963][T17015]  ? cpu_online+0x60/0x60
[  934.010330][T17015]  bpf_prog_test_run+0x321/0x390
[  934.015320][T17015]  __sys_bpf+0x440/0x800
[  934.019635][T17015]  ? bpf_link_show_fdinfo+0x350/0x350
[  934.025042][T17015]  ? lock_chain_count+0x20/0x20
[  934.030006][T17015]  __x64_sys_bpf+0x7c/0x90
[  934.034438][T17015]  do_syscall_64+0x55/0xb0
[  934.038874][T17015]  ? clear_bhb_loop+0x40/0x90
[  934.043569][T17015]  ? clear_bhb_loop+0x40/0x90
[  934.048280][T17015]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  934.054235][T17015] RIP: 0033:0x7f347f98f749
[  934.058666][T17015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  934.078309][T17015] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  934.086757][T17015] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  934.094755][T17015] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  934.102751][T17015] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  934.110743][T17015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  934.118758][T17015] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  934.126762][T17015]  </TASK>
[  936.342317][T17057] FAULT_INJECTION: forcing a failure.
[  936.342317][T17057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  936.392234][T17057] CPU: 1 PID: 17057 Comm: syz.1.4159 Not tainted syzkaller #0
[  936.399783][T17057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  936.409886][T17057] Call Trace:
[  936.413225][T17057]  <TASK>
[  936.416198][T17057]  dump_stack_lvl+0x16c/0x230
[  936.420939][T17057]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  936.427156][T17057]  ? show_regs_print_info+0x20/0x20
[  936.432404][T17057]  ? load_image+0x3b0/0x3b0
[  936.436945][T17057]  should_fail_ex+0x39d/0x4d0
[  936.441653][T17057]  _copy_to_user+0x2f/0xa0
[  936.446092][T17057]  simple_read_from_buffer+0xe7/0x150
[  936.451514][T17057]  proc_fail_nth_read+0x1e3/0x250
[  936.456564][T17057]  ? proc_fault_inject_write+0x340/0x340
[  936.462228][T17057]  ? fsnotify_perm+0x271/0x5e0
[  936.467035][T17057]  ? proc_fault_inject_write+0x340/0x340
[  936.472694][T17057]  vfs_read+0x27e/0x920
[  936.476876][T17057]  ? kernel_read+0x1e0/0x1e0
[  936.481488][T17057]  ? __fget_files+0x28/0x4d0
[  936.486101][T17057]  ? __fget_files+0x44a/0x4d0
[  936.490804][T17057]  ? __fdget_pos+0x2a3/0x330
[  936.495412][T17057]  ? ksys_read+0x75/0x250
[  936.499763][T17057]  ksys_read+0x147/0x250
[  936.504032][T17057]  ? vfs_write+0x940/0x940
[  936.508470][T17057]  ? lockdep_hardirqs_on+0x98/0x150
[  936.513686][T17057]  do_syscall_64+0x55/0xb0
[  936.518125][T17057]  ? clear_bhb_loop+0x40/0x90
[  936.522821][T17057]  ? clear_bhb_loop+0x40/0x90
[  936.527520][T17057]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  936.533435][T17057] RIP: 0033:0x7f92b218e15c
[  936.537877][T17057] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  936.557525][T17057] RSP: 002b:00007f92b3094030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  936.566057][T17057] RAX: ffffffffffffffda RBX: 00007f92b23e5fa0 RCX: 00007f92b218e15c
[  936.574137][T17057] RDX: 000000000000000f RSI: 00007f92b30940a0 RDI: 0000000000000006
[  936.582221][T17057] RBP: 00007f92b3094090 R08: 0000000000000000 R09: 0000000000000000
[  936.590210][T17057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  936.598201][T17057] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  936.606209][T17057]  </TASK>
[  937.422395][T17068] FAULT_INJECTION: forcing a failure.
[  937.422395][T17068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  937.447046][T17068] CPU: 0 PID: 17068 Comm: syz.1.4164 Not tainted syzkaller #0
[  937.454604][T17068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  937.464703][T17068] Call Trace:
[  937.468189][T17068]  <TASK>
[  937.471148][T17068]  dump_stack_lvl+0x16c/0x230
[  937.475862][T17068]  ? show_regs_print_info+0x20/0x20
[  937.481148][T17068]  ? load_image+0x3b0/0x3b0
[  937.485696][T17068]  ? __might_fault+0xaa/0x120
[  937.490402][T17068]  ? __lock_acquire+0x7c80/0x7c80
[  937.495635][T17068]  should_fail_ex+0x39d/0x4d0
[  937.500353][T17068]  _copy_from_user+0x2f/0xe0
[  937.504968][T17068]  dev_ethtool+0xc5/0x1720
[  937.509419][T17068]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  937.515680][T17068]  ? __lock_acquire+0x7c80/0x7c80
[  937.520729][T17068]  ? full_name_hash+0x92/0xe0
[  937.525435][T17068]  ? dev_load+0x21/0x1f0
[  937.529788][T17068]  dev_ioctl+0x4ca/0x1170
[  937.534148][T17068]  sock_do_ioctl+0x226/0x2f0
[  937.538757][T17068]  ? sock_show_fdinfo+0xb0/0xb0
[  937.543639][T17068]  sock_ioctl+0x623/0x7a0
[  937.547998][T17068]  ? sock_poll+0x3d0/0x3d0
[  937.552474][T17068]  ? bpf_lsm_file_ioctl+0x9/0x10
[  937.557429][T17068]  ? security_file_ioctl+0x80/0xa0
[  937.562567][T17068]  ? sock_poll+0x3d0/0x3d0
[  937.567000][T17068]  __se_sys_ioctl+0xfd/0x170
[  937.571617][T17068]  do_syscall_64+0x55/0xb0
[  937.576057][T17068]  ? clear_bhb_loop+0x40/0x90
[  937.580754][T17068]  ? clear_bhb_loop+0x40/0x90
[  937.585452][T17068]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  937.591367][T17068] RIP: 0033:0x7f92b218f749
[  937.595804][T17068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  937.615453][T17068] RSP: 002b:00007f92b3094038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  937.623898][T17068] RAX: ffffffffffffffda RBX: 00007f92b23e5fa0 RCX: 00007f92b218f749
[  937.631888][T17068] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000035
[  937.639971][T17068] RBP: 00007f92b3094090 R08: 0000000000000000 R09: 0000000000000000
[  937.647978][T17068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  937.655998][T17068] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  937.664011][T17068]  </TASK>
[  938.847469][T17077] netlink: 'syz.5.4166': attribute type 2 has an invalid length.
[  938.869177][T17077] netlink: 'syz.5.4166': attribute type 8 has an invalid length.
[  938.877338][T17077] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4166'.
[  939.249423][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  940.026456][T17114] netlink: 'syz.0.4180': attribute type 10 has an invalid length.
[  940.034952][T17114] hsr_slave_0: left promiscuous mode
[  940.043920][T17114] hsr_slave_1: left promiscuous mode
[  940.968127][T17123] FAULT_INJECTION: forcing a failure.
[  940.968127][T17123] name failslab, interval 1, probability 0, space 0, times 0
[  941.021737][T17123] CPU: 1 PID: 17123 Comm: syz.5.4184 Not tainted syzkaller #0
[  941.029381][T17123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  941.039493][T17123] Call Trace:
[  941.042832][T17123]  <TASK>
[  941.045833][T17123]  dump_stack_lvl+0x16c/0x230
[  941.050679][T17123]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  941.056947][T17123]  ? show_regs_print_info+0x20/0x20
[  941.062180][T17123]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  941.068371][T17123]  should_fail_ex+0x39d/0x4d0
[  941.073178][T17123]  should_failslab+0x9/0x20
[  941.077738][T17123]  slab_pre_alloc_hook+0x59/0x310
[  941.082822][T17123]  ? lockdep_hardirqs_on+0x98/0x150
[  941.088057][T17123]  kmem_cache_alloc_lru+0x4d/0x2e0
[  941.093194][T17123]  ? sock_alloc_inode+0x28/0xc0
[  941.098082][T17123]  sock_alloc_inode+0x28/0xc0
[  941.102970][T17123]  ? sockfs_init_fs_context+0xb0/0xb0
[  941.108447][T17123]  new_inode_pseudo+0x63/0x1d0
[  941.113231][T17123]  __sock_create+0x12d/0x940
[  941.117846][T17123]  ? __asan_memset+0x22/0x40
[  941.122463][T17123]  udp_sock_create4+0xbf/0x4b0
[  941.127266][T17123]  ? erspan_exit_batch_net+0x30/0x30
[  941.132590][T17123]  rxrpc_lookup_local+0xccb/0x1550
[  941.137744][T17123]  ? rxrpc_local_dont_fragment+0x70/0x70
[  941.143420][T17123]  rxrpc_sendmsg+0x30a/0x5b0
[  941.148127][T17123]  ? rxrpc_getsockopt+0x150/0x150
[  941.153178][T17123]  ____sys_sendmsg+0x5bf/0x950
[  941.157975][T17123]  ? __sys_sendmsg_sock+0x30/0x30
[  941.163025][T17123]  ? __import_iovec+0x3fa/0x860
[  941.167941][T17123]  ? import_iovec+0x73/0xa0
[  941.172515][T17123]  ___sys_sendmsg+0x220/0x290
[  941.177235][T17123]  ? __sys_sendmsg+0x270/0x270
[  941.182077][T17123]  __se_sys_sendmsg+0x1a5/0x270
[  941.186994][T17123]  ? perf_trace_preemptirq_template+0x281/0x340
[  941.193275][T17123]  ? __x64_sys_sendmsg+0x80/0x80
[  941.198258][T17123]  ? lockdep_hardirqs_on+0x98/0x150
[  941.203476][T17123]  do_syscall_64+0x55/0xb0
[  941.207919][T17123]  ? clear_bhb_loop+0x40/0x90
[  941.212673][T17123]  ? clear_bhb_loop+0x40/0x90
[  941.217372][T17123]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  941.223289][T17123] RIP: 0033:0x7f10e558f749
[  941.227811][T17123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  941.247436][T17123] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  941.255952][T17123] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  941.263952][T17123] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  941.271944][T17123] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  941.279938][T17123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.287937][T17123] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  941.295980][T17123]  </TASK>
[  941.325180][T17123] socket: no more sockets
[  942.989661][T17159] netlink: 'syz.1.4194': attribute type 33 has an invalid length.
[  943.013003][T17159] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4194'.
[  944.642857][T17185] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4205'.
[  944.933360][T17192] FAULT_INJECTION: forcing a failure.
[  944.933360][T17192] name failslab, interval 1, probability 0, space 0, times 0
[  944.950938][T17192] CPU: 1 PID: 17192 Comm: syz.2.4207 Not tainted syzkaller #0
[  944.958503][T17192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  944.968625][T17192] Call Trace:
[  944.971950][T17192]  <TASK>
[  944.974911][T17192]  dump_stack_lvl+0x16c/0x230
[  944.979615][T17192]  ? show_regs_print_info+0x20/0x20
[  944.984915][T17192]  ? load_image+0x3b0/0x3b0
[  944.989436][T17192]  ? __might_sleep+0xe0/0xe0
[  944.994048][T17192]  ? __lock_acquire+0x7c80/0x7c80
[  944.999131][T17192]  should_fail_ex+0x39d/0x4d0
[  945.004056][T17192]  should_failslab+0x9/0x20
[  945.008591][T17192]  slab_pre_alloc_hook+0x59/0x310
[  945.013651][T17192]  kmem_cache_alloc_lru+0x4d/0x2e0
[  945.018801][T17192]  ? __d_alloc+0x31/0x730
[  945.023167][T17192]  __d_alloc+0x31/0x730
[  945.027460][T17192]  ? idr_preload_end+0xe4/0x200
[  945.032337][T17192]  d_alloc_pseudo+0x1d/0x70
[  945.036877][T17192]  alloc_file_pseudo+0xcc/0x200
[  945.041757][T17192]  ? alloc_empty_backing_file+0xe0/0xe0
[  945.047492][T17192]  ? __lock_acquire+0x7c80/0x7c80
[  945.052545][T17192]  ? __local_bh_enable_ip+0x12e/0x1c0
[  945.058037][T17192]  ? _local_bh_enable+0xa0/0xa0
[  945.062990][T17192]  anon_inode_getfile+0xc5/0x1a0
[  945.068086][T17192]  bpf_link_prime+0xa6/0x1d0
[  945.072750][T17192]  bpf_raw_tp_link_attach+0x33c/0x560
[  945.078312][T17192]  ? lock_chain_count+0x20/0x20
[  945.083213][T17192]  ? bpf_insn_prepare_dump+0x840/0x840
[  945.088731][T17192]  bpf_raw_tracepoint_open+0x197/0x210
[  945.094219][T17192]  __sys_bpf+0x364/0x800
[  945.098476][T17192]  ? bpf_link_show_fdinfo+0x350/0x350
[  945.103877][T17192]  ? lock_chain_count+0x20/0x20
[  945.108845][T17192]  __x64_sys_bpf+0x7c/0x90
[  945.113292][T17192]  do_syscall_64+0x55/0xb0
[  945.117729][T17192]  ? clear_bhb_loop+0x40/0x90
[  945.122428][T17192]  ? clear_bhb_loop+0x40/0x90
[  945.127139][T17192]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  945.133082][T17192] RIP: 0033:0x7f8eec18f749
[  945.137523][T17192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  945.157157][T17192] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  945.165683][T17192] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  945.173689][T17192] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000011
[  945.181701][T17192] RBP: 00007f8eea3f6090 R08: 0000000000000000 R09: 0000000000000000
[  945.189689][T17192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  945.197682][T17192] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  945.205713][T17192]  </TASK>
[  945.302225][T17185] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  945.428384][T17184] netlink: 'syz.0.4205': attribute type 10 has an invalid length.
[  945.616093][T17184] team0: Port device dummy0 added
[  945.643946][T17185] netlink: 'syz.0.4205': attribute type 10 has an invalid length.
[  945.727852][T17188] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4205'.
[  945.755248][T17185] team0: Port device dummy0 removed
[  945.775346][T17185] dummy0: entered promiscuous mode
[  945.781952][T17185] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  945.796809][T17200] netlink: 'syz.5.4209': attribute type 33 has an invalid length.
[  945.806544][T17200] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4209'.
[  945.836360][T17188] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4205'.
[  945.912911][T17184] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4205'.
[  945.937894][T17202] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4205'.
[  947.032106][T17223] FAULT_INJECTION: forcing a failure.
[  947.032106][T17223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  947.090321][T17223] CPU: 1 PID: 17223 Comm: syz.1.4220 Not tainted syzkaller #0
[  947.097966][T17223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  947.108069][T17223] Call Trace:
[  947.111460][T17223]  <TASK>
[  947.114408][T17223]  dump_stack_lvl+0x16c/0x230
[  947.119128][T17223]  ? show_regs_print_info+0x20/0x20
[  947.124750][T17223]  ? load_image+0x3b0/0x3b0
[  947.129300][T17223]  ? __lock_acquire+0x7c80/0x7c80
[  947.134365][T17223]  ? snprintf+0xdb/0x120
[  947.138658][T17223]  should_fail_ex+0x39d/0x4d0
[  947.143422][T17223]  _copy_to_user+0x2f/0xa0
[  947.147953][T17223]  simple_read_from_buffer+0xe7/0x150
[  947.153385][T17223]  proc_fail_nth_read+0x1e3/0x250
[  947.158432][T17223]  ? proc_fault_inject_write+0x340/0x340
[  947.164125][T17223]  ? fsnotify_perm+0x271/0x5e0
[  947.169178][T17223]  ? proc_fault_inject_write+0x340/0x340
[  947.174847][T17223]  vfs_read+0x27e/0x920
[  947.179216][T17223]  ? kernel_read+0x1e0/0x1e0
[  947.183844][T17223]  ? __fget_files+0x28/0x4d0
[  947.188455][T17223]  ? __fget_files+0x44a/0x4d0
[  947.193163][T17223]  ? __fdget_pos+0x2a3/0x330
[  947.197801][T17223]  ? ksys_read+0x75/0x250
[  947.202158][T17223]  ksys_read+0x147/0x250
[  947.206449][T17223]  ? vfs_write+0x940/0x940
[  947.210900][T17223]  ? lockdep_hardirqs_on+0x98/0x150
[  947.216149][T17223]  do_syscall_64+0x55/0xb0
[  947.220603][T17223]  ? clear_bhb_loop+0x40/0x90
[  947.225303][T17223]  ? clear_bhb_loop+0x40/0x90
[  947.230015][T17223]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  947.235932][T17223] RIP: 0033:0x7f92b218e15c
[  947.240367][T17223] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  947.259997][T17223] RSP: 002b:00007f92b3094030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  947.268548][T17223] RAX: ffffffffffffffda RBX: 00007f92b23e5fa0 RCX: 00007f92b218e15c
[  947.276573][T17223] RDX: 000000000000000f RSI: 00007f92b30940a0 RDI: 0000000000000008
[  947.284572][T17223] RBP: 00007f92b3094090 R08: 0000000000000000 R09: 0000000000000000
[  947.292912][T17223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.300998][T17223] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  947.309016][T17223]  </TASK>
[  947.693225][T17235] netlink: 'syz.0.4224': attribute type 33 has an invalid length.
[  947.742829][T17235] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4224'.
[  949.180591][T17247] FAULT_INJECTION: forcing a failure.
[  949.180591][T17247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  949.207308][T17247] CPU: 1 PID: 17247 Comm: syz.2.4229 Not tainted syzkaller #0
[  949.214881][T17247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  949.224989][T17247] Call Trace:
[  949.228388][T17247]  <TASK>
[  949.231359][T17247]  dump_stack_lvl+0x16c/0x230
[  949.236090][T17247]  ? show_regs_print_info+0x20/0x20
[  949.241425][T17247]  ? load_image+0x3b0/0x3b0
[  949.245989][T17247]  ? __lock_acquire+0x7c80/0x7c80
[  949.251059][T17247]  should_fail_ex+0x39d/0x4d0
[  949.255791][T17247]  _copy_from_user+0x2f/0xe0
[  949.260447][T17247]  __copy_msghdr+0x3bb/0x580
[  949.265092][T17247]  ___sys_sendmsg+0x1a6/0x290
[  949.270264][T17247]  ? __sys_sendmsg+0x270/0x270
[  949.275110][T17247]  ? __lock_acquire+0x7c80/0x7c80
[  949.280226][T17247]  __se_sys_sendmsg+0x1a5/0x270
[  949.285177][T17247]  ? __x64_sys_sendmsg+0x80/0x80
[  949.290208][T17247]  ? lockdep_hardirqs_on+0x98/0x150
[  949.295456][T17247]  do_syscall_64+0x55/0xb0
[  949.299921][T17247]  ? clear_bhb_loop+0x40/0x90
[  949.304637][T17247]  ? clear_bhb_loop+0x40/0x90
[  949.309350][T17247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  949.315290][T17247] RIP: 0033:0x7f8eec18f749
[  949.319825][T17247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  949.339482][T17247] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  949.347995][T17247] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  949.356122][T17247] RDX: 000000000000ff00 RSI: 0000200000001180 RDI: 0000000000000003
[  949.364152][T17247] RBP: 00007f8eea3f6090 R08: 0000000000000000 R09: 0000000000000000
[  949.372252][T17247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  949.380275][T17247] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  949.388305][T17247]  </TASK>
[  949.763902][T17255] can: request_module (can-proto-0) failed.
[  950.051461][T17271] netlink: 'syz.5.4239': attribute type 10 has an invalid length.
[  950.351384][T17280] netlink: 'syz.2.4238': attribute type 33 has an invalid length.
[  950.409756][T17280] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4238'.
[  951.447768][T17293] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4250'.
[  951.484237][T17293] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8
[  951.807086][T17306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  951.822855][T17306] batman_adv: batadv0: Removing interface: batadv_slave_0
[  951.850788][T17306] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  951.865755][T17306] batman_adv: batadv0: Removing interface: batadv_slave_1
[  951.915600][T17306] bond0: (slave batadv0): Releasing backup interface
[  951.923157][T17306] batadv0 (unregistering): left promiscuous mode
[  952.143304][T17319] netlink: 'syz.5.4262': attribute type 27 has an invalid length.
[  952.426327][T17329] netlink: 'syz.2.4266': attribute type 5 has an invalid length.
[  952.438107][T17329] netlink: 'syz.2.4266': attribute type 1 has an invalid length.
[  952.452941][T17329] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.4266'.
[  953.300856][T17349] netlink: 'syz.1.4273': attribute type 27 has an invalid length.
[  953.372066][T17351] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.383713][T17351] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.406449][T17351] bridge0: entered allmulticast mode
[  953.463318][T17352] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.470631][T17352] bridge0: port 2(bridge_slave_1) entered forwarding state
[  953.478235][T17352] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.478878][T17358] FAULT_INJECTION: forcing a failure.
[  953.478878][T17358] name failslab, interval 1, probability 0, space 0, times 0
[  953.485564][T17352] bridge0: port 1(bridge_slave_0) entered forwarding state
[  953.539377][T17358] CPU: 0 PID: 17358 Comm: syz.0.4276 Not tainted syzkaller #0
[  953.539645][T17352] bridge0: entered promiscuous mode
[  953.546921][T17358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  953.546936][T17358] Call Trace:
[  953.546945][T17358]  <TASK>
[  953.546954][T17358]  dump_stack_lvl+0x16c/0x230
[  953.573290][T17358]  ? show_regs_print_info+0x20/0x20
[  953.578551][T17358]  ? load_image+0x3b0/0x3b0
[  953.583147][T17358]  ? __lock_acquire+0x7c80/0x7c80
[  953.588203][T17358]  should_fail_ex+0x39d/0x4d0
[  953.592910][T17358]  should_failslab+0x9/0x20
[  953.597476][T17358]  slab_pre_alloc_hook+0x59/0x310
[  953.602567][T17358]  ? sk_prot_alloc+0xe7/0x210
[  953.607387][T17358]  ? sk_prot_alloc+0xe7/0x210
[  953.612211][T17358]  __kmem_cache_alloc_node+0x53/0x260
[  953.617636][T17358]  ? sk_prot_alloc+0xe7/0x210
[  953.622508][T17358]  __kmalloc+0xa4/0x240
[  953.626693][T17358]  sk_prot_alloc+0xe7/0x210
[  953.631241][T17358]  ? sk_alloc+0x24/0x360
[  953.635501][T17358]  sk_alloc+0x3a/0x360
[  953.639605][T17358]  ? bpf_ctx_init+0x163/0x1a0
[  953.644301][T17358]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  953.649868][T17358]  bpf_prog_test_run_skb+0x39a/0x11c0
[  953.655259][T17358]  ? __fget_files+0x28/0x4d0
[  953.659884][T17358]  ? cpu_online+0x60/0x60
[  953.664321][T17358]  bpf_prog_test_run+0x321/0x390
[  953.669281][T17358]  __sys_bpf+0x440/0x800
[  953.673568][T17358]  ? bpf_link_show_fdinfo+0x350/0x350
[  953.678993][T17358]  ? lock_chain_count+0x20/0x20
[  953.683877][T17358]  __x64_sys_bpf+0x7c/0x90
[  953.688307][T17358]  do_syscall_64+0x55/0xb0
[  953.692746][T17358]  ? clear_bhb_loop+0x40/0x90
[  953.697470][T17358]  ? clear_bhb_loop+0x40/0x90
[  953.702170][T17358]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  953.708088][T17358] RIP: 0033:0x7f347f98f749
[  953.712539][T17358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  953.732173][T17358] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  953.740698][T17358] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  953.748687][T17358] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  953.756710][T17358] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  953.764707][T17358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  953.772781][T17358] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  953.780797][T17358]  </TASK>
[  954.283999][T17360] netlink: 'syz.1.4277': attribute type 2 has an invalid length.
[  954.301388][T17360] netlink: 'syz.1.4277': attribute type 8 has an invalid length.
[  954.321399][T17360] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4277'.
[  954.950874][T17388] netlink: 'syz.2.4287': attribute type 27 has an invalid length.
[  955.458844][T17410] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  955.475868][T17410] batman_adv: batadv0: Removing interface: batadv_slave_0
[  955.530105][T17410] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  955.545772][T17410] batman_adv: batadv0: Removing interface: batadv_slave_1
[  955.602314][T17410] bond0: (slave batadv0): Releasing backup interface
[  955.626352][T17410] batadv0 (unregistering): left promiscuous mode
[  959.729803][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  961.454395][T17465] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  961.467987][T17465] batman_adv: batadv0: Removing interface: batadv_slave_0
[  961.476806][T17465] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  961.485050][T17465] batman_adv: batadv0: Removing interface: batadv_slave_1
[  961.504878][T17465] bond0: (slave batadv0): Releasing backup interface
[  961.513231][T17465] batadv0 (unregistering): left promiscuous mode
[  961.624957][T17472] netlink: 'syz.0.4317': attribute type 12 has an invalid length.
[  961.642795][T17472] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4317'.
[  961.752355][T17477] FAULT_INJECTION: forcing a failure.
[  961.752355][T17477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  961.855716][T17477] CPU: 0 PID: 17477 Comm: syz.2.4315 Not tainted syzkaller #0
[  961.863326][T17477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  961.873471][T17477] Call Trace:
[  961.876818][T17477]  <TASK>
[  961.879812][T17477]  dump_stack_lvl+0x16c/0x230
[  961.884889][T17477]  ? show_regs_print_info+0x20/0x20
[  961.890178][T17477]  ? load_image+0x3b0/0x3b0
[  961.894771][T17477]  ? __might_fault+0xaa/0x120
[  961.899520][T17477]  ? __lock_acquire+0x7c80/0x7c80
[  961.904720][T17477]  should_fail_ex+0x39d/0x4d0
[  961.909494][T17477]  _copy_from_iter+0x1d3/0x1290
[  961.914408][T17477]  ? __virt_addr_valid+0x18c/0x540
[  961.919606][T17477]  ? __lock_acquire+0x7c80/0x7c80
[  961.924728][T17477]  ? copyout_mc+0x70/0x70
[  961.929120][T17477]  ? __virt_addr_valid+0x18c/0x540
[  961.934310][T17477]  ? __virt_addr_valid+0x18c/0x540
[  961.939496][T17477]  ? __virt_addr_valid+0x469/0x540
[  961.944690][T17477]  ? __check_object_size+0x506/0xa30
[  961.950362][T17477]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  961.956180][T17477]  tun_get_user+0x1583/0x3bf0
[  961.960964][T17477]  ? aa_file_perm+0x120/0xec0
[  961.965798][T17477]  ? aa_file_perm+0x3e8/0xec0
[  961.970564][T17477]  ? rcu_read_unlock+0xa0/0xa0
[  961.975469][T17477]  ? tun_get+0x1c/0x2e0
[  961.979699][T17477]  ? __lock_acquire+0x7c80/0x7c80
[  961.984978][T17477]  ? tun_get+0x1c/0x2e0
[  961.989264][T17477]  tun_chr_write_iter+0x119/0x200
[  961.994393][T17477]  vfs_write+0x43b/0x940
[  961.998732][T17477]  ? file_end_write+0x250/0x250
[  962.003678][T17477]  ? __fget_files+0x44a/0x4d0
[  962.008459][T17477]  ? __fdget_pos+0x1d8/0x330
[  962.013197][T17477]  ? ksys_write+0x75/0x250
[  962.017833][T17477]  ksys_write+0x147/0x250
[  962.022247][T17477]  ? __ia32_sys_read+0x90/0x90
[  962.027110][T17477]  ? lockdep_hardirqs_on+0x98/0x150
[  962.032391][T17477]  do_syscall_64+0x55/0xb0
[  962.036998][T17477]  ? clear_bhb_loop+0x40/0x90
[  962.041789][T17477]  ? clear_bhb_loop+0x40/0x90
[  962.046746][T17477]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  962.052735][T17477] RIP: 0033:0x7f8eec18f749
[  962.057299][T17477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  962.076981][T17477] RSP: 002b:00007f8eea3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  962.085468][T17477] RAX: ffffffffffffffda RBX: 00007f8eec3e6090 RCX: 00007f8eec18f749
[  962.093490][T17477] RDX: 000000000000ffbf RSI: 0000200000000580 RDI: 0000000000000003
[  962.101570][T17477] RBP: 00007f8eea3d5090 R08: 0000000000000000 R09: 0000000000000000
[  962.109624][T17477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  962.117650][T17477] R13: 00007f8eec3e6128 R14: 00007f8eec3e6090 R15: 00007ffc31984ad8
[  962.125753][T17477]  </TASK>
[  963.156728][T17500] FAULT_INJECTION: forcing a failure.
[  963.156728][T17500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  963.170932][T17500] CPU: 0 PID: 17500 Comm: syz.1.4325 Not tainted syzkaller #0
[  963.178470][T17500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  963.188676][T17500] Call Trace:
[  963.192028][T17500]  <TASK>
[  963.195015][T17500]  dump_stack_lvl+0x16c/0x230
[  963.199847][T17500]  ? show_regs_print_info+0x20/0x20
[  963.205105][T17500]  ? load_image+0x3b0/0x3b0
[  963.209747][T17500]  ? __lock_acquire+0x7c80/0x7c80
[  963.214833][T17500]  ? snprintf+0xdb/0x120
[  963.219130][T17500]  should_fail_ex+0x39d/0x4d0
[  963.223883][T17500]  _copy_to_user+0x2f/0xa0
[  963.228357][T17500]  simple_read_from_buffer+0xe7/0x150
[  963.233908][T17500]  proc_fail_nth_read+0x1e3/0x250
[  963.239011][T17500]  ? proc_fault_inject_write+0x340/0x340
[  963.244716][T17500]  ? fsnotify_perm+0x271/0x5e0
[  963.249632][T17500]  ? proc_fault_inject_write+0x340/0x340
[  963.255504][T17500]  vfs_read+0x27e/0x920
[  963.259729][T17500]  ? kernel_read+0x1e0/0x1e0
[  963.264342][T17500]  ? __fget_files+0x28/0x4d0
[  963.269046][T17500]  ? __fget_files+0x44a/0x4d0
[  963.273779][T17500]  ? __fdget_pos+0x2a3/0x330
[  963.278383][T17500]  ? ksys_read+0x75/0x250
[  963.282750][T17500]  ksys_read+0x147/0x250
[  963.287019][T17500]  ? vfs_write+0x940/0x940
[  963.291457][T17500]  ? lockdep_hardirqs_on+0x98/0x150
[  963.296674][T17500]  do_syscall_64+0x55/0xb0
[  963.301115][T17500]  ? clear_bhb_loop+0x40/0x90
[  963.305803][T17500]  ? clear_bhb_loop+0x40/0x90
[  963.310512][T17500]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  963.316418][T17500] RIP: 0033:0x7f92b218e15c
[  963.320847][T17500] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  963.340479][T17500] RSP: 002b:00007f92b3094030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  963.348935][T17500] RAX: ffffffffffffffda RBX: 00007f92b23e5fa0 RCX: 00007f92b218e15c
[  963.356935][T17500] RDX: 000000000000000f RSI: 00007f92b30940a0 RDI: 0000000000000008
[  963.364925][T17500] RBP: 00007f92b3094090 R08: 0000000000000000 R09: 0000000000000000
[  963.372913][T17500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  963.380910][T17500] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  963.388925][T17500]  </TASK>
[  965.023482][T17488] netlink: 14 bytes leftover after parsing attributes in process `syz.5.4321'.
[  965.486444][T17513] netlink: 'syz.1.4330': attribute type 21 has an invalid length.
[  965.621020][T17513] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4330'.
[  967.032443][T17555] netlink: 21 bytes leftover after parsing attributes in process `syz.1.4347'.
[  967.091338][T17555] ksmbd: Unknown IPC event: 0, ignore.
[  967.250506][T17559] FAULT_INJECTION: forcing a failure.
[  967.250506][T17559] name failslab, interval 1, probability 0, space 0, times 0
[  967.280773][T17559] CPU: 0 PID: 17559 Comm: syz.0.4349 Not tainted syzkaller #0
[  967.288348][T17559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  967.298493][T17559] Call Trace:
[  967.301801][T17559]  <TASK>
[  967.304840][T17559]  dump_stack_lvl+0x16c/0x230
[  967.309549][T17559]  ? show_regs_print_info+0x20/0x20
[  967.314773][T17559]  ? load_image+0x3b0/0x3b0
[  967.319300][T17559]  ? __might_sleep+0xe0/0xe0
[  967.323922][T17559]  ? __lock_acquire+0x7c80/0x7c80
[  967.328971][T17559]  ? lock_chain_count+0x20/0x20
[  967.333856][T17559]  should_fail_ex+0x39d/0x4d0
[  967.338592][T17559]  should_failslab+0x9/0x20
[  967.343118][T17559]  slab_pre_alloc_hook+0x59/0x310
[  967.348174][T17559]  kmem_cache_alloc_node+0x60/0x330
[  967.353403][T17559]  ? __alloc_skb+0x108/0x2c0
[  967.358025][T17559]  __alloc_skb+0x108/0x2c0
[  967.362481][T17559]  netlink_sendmsg+0x65b/0xbe0
[  967.367272][T17559]  ? lockdep_hardirqs_on+0x98/0x150
[  967.372491][T17559]  ? netlink_getsockopt+0x580/0x580
[  967.377741][T17559]  ? bpf_lsm_socket_accept+0x10/0x10
[  967.383050][T17559]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  967.388355][T17559]  ? security_socket_sendmsg+0x80/0xa0
[  967.393837][T17559]  ? netlink_getsockopt+0x580/0x580
[  967.399073][T17559]  ____sys_sendmsg+0x5bf/0x950
[  967.403874][T17559]  ? lockdep_hardirqs_on+0x98/0x150
[  967.409088][T17559]  ? __sys_sendmsg_sock+0x30/0x30
[  967.414143][T17559]  ? ___sys_sendmsg+0x206/0x290
[  967.419030][T17559]  ___sys_sendmsg+0x220/0x290
[  967.423731][T17559]  ? __sys_sendmsg+0x270/0x270
[  967.428524][T17559]  ? perf_trace_preemptirq_template+0x281/0x340
[  967.434820][T17559]  __se_sys_sendmsg+0x1a5/0x270
[  967.439701][T17559]  ? __x64_sys_sendmsg+0x80/0x80
[  967.444677][T17559]  do_syscall_64+0x55/0xb0
[  967.449120][T17559]  ? clear_bhb_loop+0x40/0x90
[  967.453819][T17559]  ? clear_bhb_loop+0x40/0x90
[  967.458524][T17559]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  967.464458][T17559] RIP: 0033:0x7f347f98f749
[  967.468890][T17559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  967.488540][T17559] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  967.497004][T17559] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  967.505018][T17559] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000009
[  967.513010][T17559] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  967.521028][T17559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  967.529020][T17559] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  967.537026][T17559]  </TASK>
[  967.709558][T17570] netlink: 1010 bytes leftover after parsing attributes in process `syz.5.4352'.
[  967.719478][T17570] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  968.955470][T17589] FAULT_INJECTION: forcing a failure.
[  968.955470][T17589] name failslab, interval 1, probability 0, space 0, times 0
[  968.992764][T17589] CPU: 0 PID: 17589 Comm: syz.2.4359 Not tainted syzkaller #0
[  969.000468][T17589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  969.010577][T17589] Call Trace:
[  969.013910][T17589]  <TASK>
[  969.016890][T17589]  dump_stack_lvl+0x16c/0x230
[  969.021630][T17589]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  969.027845][T17589]  ? show_regs_print_info+0x20/0x20
[  969.033107][T17589]  ? load_image+0x3b0/0x3b0
[  969.037685][T17589]  should_fail_ex+0x39d/0x4d0
[  969.042422][T17589]  should_failslab+0x9/0x20
[  969.046962][T17589]  slab_pre_alloc_hook+0x59/0x310
[  969.052063][T17589]  ? __lock_acquire+0x7c80/0x7c80
[  969.057119][T17589]  kmem_cache_alloc_node+0x60/0x330
[  969.062372][T17589]  ? __alloc_skb+0x108/0x2c0
[  969.067009][T17589]  __alloc_skb+0x108/0x2c0
[  969.071573][T17589]  netlink_sendmsg+0x65b/0xbe0
[  969.076380][T17589]  ? netlink_getsockopt+0x580/0x580
[  969.081692][T17589]  ? aa_sock_msg_perm+0x94/0x150
[  969.086674][T17589]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  969.091987][T17589]  ? security_socket_sendmsg+0x80/0xa0
[  969.097559][T17589]  ? netlink_getsockopt+0x580/0x580
[  969.102793][T17589]  ____sys_sendmsg+0x5bf/0x950
[  969.107595][T17589]  ? __asan_memset+0x22/0x40
[  969.112214][T17589]  ? __sys_sendmsg_sock+0x30/0x30
[  969.117289][T17589]  ? __import_iovec+0x5f2/0x860
[  969.122178][T17589]  ? import_iovec+0x73/0xa0
[  969.126725][T17589]  ___sys_sendmsg+0x220/0x290
[  969.131522][T17589]  ? __sys_sendmsg+0x270/0x270
[  969.136584][T17589]  __se_sys_sendmsg+0x1a5/0x270
[  969.141486][T17589]  ? __x64_sys_sendmsg+0x80/0x80
[  969.146481][T17589]  ? syscall_enter_from_user_mode+0x2e/0x80
[  969.152440][T17589]  do_syscall_64+0x55/0xb0
[  969.156882][T17589]  ? clear_bhb_loop+0x40/0x90
[  969.161604][T17589]  ? clear_bhb_loop+0x40/0x90
[  969.166307][T17589]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  969.172312][T17589] RIP: 0033:0x7f8eec18f749
[  969.176747][T17589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  969.196376][T17589] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  969.204813][T17589] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  969.212806][T17589] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[  969.220793][T17589] RBP: 00007f8eea3f6090 R08: 0000000000000000 R09: 0000000000000000
[  969.228899][T17589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  969.236945][T17589] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  969.244989][T17589]  </TASK>
[  969.781048][T17596] netlink: 'syz.2.4360': attribute type 33 has an invalid length.
[  969.790245][T17596] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4360'.
[  970.086828][T17601] netlink: 'syz.1.4361': attribute type 10 has an invalid length.
[  970.106462][T17601] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4361'.
[  970.169551][T17601] bridge0: port 3(team0) entered blocking state
[  970.197455][T17601] bridge0: port 3(team0) entered disabled state
[  970.206547][T17601] team0: entered allmulticast mode
[  970.215958][T17601] team_slave_0: entered allmulticast mode
[  970.222702][T17601] team_slave_1: entered allmulticast mode
[  970.252340][T17601] team0: entered promiscuous mode
[  970.258011][T17601] team_slave_0: entered promiscuous mode
[  970.291047][T17601] team_slave_1: entered promiscuous mode
[  970.308447][T17601] bridge0: port 3(team0) entered blocking state
[  970.315997][T17601] bridge0: port 3(team0) entered forwarding state
[  970.342045][T17608] FAULT_INJECTION: forcing a failure.
[  970.342045][T17608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  970.356033][T17608] CPU: 0 PID: 17608 Comm: syz.0.4364 Not tainted syzkaller #0
[  970.363572][T17608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  970.373685][T17608] Call Trace:
[  970.377019][T17608]  <TASK>
[  970.380098][T17608]  dump_stack_lvl+0x16c/0x230
[  970.384944][T17608]  ? show_regs_print_info+0x20/0x20
[  970.390218][T17608]  ? load_image+0x3b0/0x3b0
[  970.394781][T17608]  ? __lock_acquire+0x7c80/0x7c80
[  970.399840][T17608]  should_fail_ex+0x39d/0x4d0
[  970.404555][T17608]  _copy_from_user+0x2f/0xe0
[  970.409170][T17608]  __copy_msghdr+0x3bb/0x580
[  970.413792][T17608]  ___sys_sendmsg+0x1a6/0x290
[  970.418502][T17608]  ? __sys_sendmsg+0x270/0x270
[  970.423314][T17608]  ? __lock_acquire+0x7c80/0x7c80
[  970.428406][T17608]  __se_sys_sendmsg+0x1a5/0x270
[  970.433290][T17608]  ? __x64_sys_sendmsg+0x80/0x80
[  970.438266][T17608]  ? lockdep_hardirqs_on+0x98/0x150
[  970.443491][T17608]  do_syscall_64+0x55/0xb0
[  970.447942][T17608]  ? clear_bhb_loop+0x40/0x90
[  970.452640][T17608]  ? clear_bhb_loop+0x40/0x90
[  970.457333][T17608]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  970.463245][T17608] RIP: 0033:0x7f347f98f749
[  970.467697][T17608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.487546][T17608] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  970.496078][T17608] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  970.504072][T17608] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  970.512070][T17608] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  970.520060][T17608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.528254][T17608] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  970.536347][T17608]  </TASK>
[  970.908852][T17621] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4367'.
[  973.734327][T17640] tun0: tun_chr_ioctl cmd 1074025677
[  973.761396][T17640] tun0: linktype set to 776
[  973.844623][T17645] netlink: 'syz.0.4376': attribute type 33 has an invalid length.
[  973.879260][T17645] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4376'.
[  974.479229][T17661] netlink: 'syz.2.4383': attribute type 29 has an invalid length.
[  974.586448][T17661] netlink: 'syz.2.4383': attribute type 29 has an invalid length.
[  974.620143][T17663] netlink: 'syz.2.4383': attribute type 29 has an invalid length.
[  974.817061][T17667] netlink: 'syz.0.4384': attribute type 29 has an invalid length.
[  974.846175][T17667] netlink: 'syz.0.4384': attribute type 29 has an invalid length.
[  974.914979][T17670] FAULT_INJECTION: forcing a failure.
[  974.914979][T17670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  974.951691][T17670] CPU: 0 PID: 17670 Comm: syz.0.4384 Not tainted syzkaller #0
[  974.959248][T17670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  974.969351][T17670] Call Trace:
[  974.972673][T17670]  <TASK>
[  974.975645][T17670]  dump_stack_lvl+0x16c/0x230
[  974.980390][T17670]  ? show_regs_print_info+0x20/0x20
[  974.985653][T17670]  ? load_image+0x3b0/0x3b0
[  974.990220][T17670]  ? __might_fault+0xaa/0x120
[  974.994962][T17670]  ? __lock_acquire+0x7c80/0x7c80
[  975.000057][T17670]  should_fail_ex+0x39d/0x4d0
[  975.005269][T17670]  _copy_from_user+0x2f/0xe0
[  975.010013][T17670]  ___sys_recvmsg+0x12f/0x510
[  975.014742][T17670]  ? __sys_recvmsg+0x270/0x270
[  975.019589][T17670]  ? ksys_write+0x1c1/0x250
[  975.024175][T17670]  ? __fget_files+0x44a/0x4d0
[  975.028946][T17670]  __x64_sys_recvmsg+0x1f2/0x2c0
[  975.034043][T17670]  ? ___sys_recvmsg+0x510/0x510
[  975.038976][T17670]  ? lockdep_hardirqs_on+0x98/0x150
[  975.044240][T17670]  do_syscall_64+0x55/0xb0
[  975.048818][T17670]  ? clear_bhb_loop+0x40/0x90
[  975.053561][T17670]  ? clear_bhb_loop+0x40/0x90
[  975.058312][T17670]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  975.064285][T17670] RIP: 0033:0x7f347f98f749
[  975.068795][T17670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  975.088520][T17670] RSP: 002b:00007f348078e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  975.096989][T17670] RAX: ffffffffffffffda RBX: 00007f347fbe6090 RCX: 00007f347f98f749
[  975.104995][T17670] RDX: 0000000040012100 RSI: 0000200000000640 RDI: 0000000000000003
[  975.113055][T17670] RBP: 00007f348078e090 R08: 0000000000000000 R09: 0000000000000000
[  975.121054][T17670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  975.129051][T17670] R13: 00007f347fbe6128 R14: 00007f347fbe6090 R15: 00007fffc35c0e88
[  975.137151][T17670]  </TASK>
[  975.597752][T17688] netpci0: tun_chr_ioctl cmd 2147767519
[  976.529043][T17700] netlink: 'syz.0.4394': attribute type 33 has an invalid length.
[  976.537053][T17700] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4394'.
[  976.670511][T17704] netlink: 'syz.2.4397': attribute type 10 has an invalid length.
[  976.733956][T17704] team0: Port device wlan1 added
[  977.544507][T17725] netlink: 'syz.0.4413': attribute type 33 has an invalid length.
[  977.565026][T17725] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4413'.
[  977.695415][T17728] FAULT_INJECTION: forcing a failure.
[  977.695415][T17728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  977.711542][T17728] CPU: 0 PID: 17728 Comm: syz.5.4407 Not tainted syzkaller #0
[  977.719182][T17728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  977.729385][T17728] Call Trace:
[  977.732705][T17728]  <TASK>
[  977.735778][T17728]  dump_stack_lvl+0x16c/0x230
[  977.740529][T17728]  ? show_regs_print_info+0x20/0x20
[  977.745895][T17728]  ? load_image+0x3b0/0x3b0
[  977.750465][T17728]  ? __might_fault+0xaa/0x120
[  977.755196][T17728]  ? __lock_acquire+0x7c80/0x7c80
[  977.760288][T17728]  ? perf_trace_lock+0xf7/0x380
[  977.765303][T17728]  should_fail_ex+0x39d/0x4d0
[  977.770057][T17728]  _copy_from_user+0x2f/0xe0
[  977.774727][T17728]  ___sys_sendmsg+0x159/0x290
[  977.779511][T17728]  ? __sys_sendmsg+0x270/0x270
[  977.784382][T17728]  ? __lock_acquire+0x7c80/0x7c80
[  977.789515][T17728]  __se_sys_sendmsg+0x1a5/0x270
[  977.794453][T17728]  ? __x64_sys_sendmsg+0x80/0x80
[  977.799503][T17728]  ? lockdep_hardirqs_on+0x98/0x150
[  977.804771][T17728]  do_syscall_64+0x55/0xb0
[  977.809264][T17728]  ? clear_bhb_loop+0x40/0x90
[  977.814011][T17728]  ? clear_bhb_loop+0x40/0x90
[  977.818771][T17728]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  977.824742][T17728] RIP: 0033:0x7f10e558f749
[  977.829228][T17728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  977.849500][T17728] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  977.857981][T17728] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  977.866028][T17728] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000004
[  977.874118][T17728] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  977.882114][T17728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  977.890216][T17728] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  977.898234][T17728]  </TASK>
[  978.630054][T17756] FAULT_INJECTION: forcing a failure.
[  978.630054][T17756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  978.679724][T17756] CPU: 1 PID: 17756 Comm: syz.5.4419 Not tainted syzkaller #0
[  978.687270][T17756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  978.697382][T17756] Call Trace:
[  978.700709][T17756]  <TASK>
[  978.703690][T17756]  dump_stack_lvl+0x16c/0x230
[  978.708429][T17756]  ? show_regs_print_info+0x20/0x20
[  978.713701][T17756]  ? load_image+0x3b0/0x3b0
[  978.718264][T17756]  ? __might_fault+0xaa/0x120
[  978.723002][T17756]  ? __lock_acquire+0x7c80/0x7c80
[  978.728080][T17756]  should_fail_ex+0x39d/0x4d0
[  978.732829][T17756]  _copy_from_user+0x2f/0xe0
[  978.737482][T17756]  ___sys_sendmsg+0x159/0x290
[  978.742241][T17756]  ? __sys_sendmsg+0x270/0x270
[  978.747113][T17756]  ? __lock_acquire+0x7c80/0x7c80
[  978.752248][T17756]  __se_sys_sendmsg+0x1a5/0x270
[  978.757187][T17756]  ? __x64_sys_sendmsg+0x80/0x80
[  978.762220][T17756]  ? lockdep_hardirqs_on+0x98/0x150
[  978.767490][T17756]  do_syscall_64+0x55/0xb0
[  978.771972][T17756]  ? clear_bhb_loop+0x40/0x90
[  978.776763][T17756]  ? clear_bhb_loop+0x40/0x90
[  978.781503][T17756]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  978.787461][T17756] RIP: 0033:0x7f10e558f749
[  978.791931][T17756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.811600][T17756] RSP: 002b:00007f10e64ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  978.820153][T17756] RAX: ffffffffffffffda RBX: 00007f10e57e5fa0 RCX: 00007f10e558f749
[  978.828271][T17756] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000003
[  978.836281][T17756] RBP: 00007f10e64ec090 R08: 0000000000000000 R09: 0000000000000000
[  978.844452][T17756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  978.852475][T17756] R13: 00007f10e57e6038 R14: 00007f10e57e5fa0 R15: 00007fff9484a428
[  978.860490][T17756]  </TASK>
[  979.058211][T17768] netlink: 'syz.5.4423': attribute type 33 has an invalid length.
[  979.079254][T17768] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4423'.
[  979.081298][T17770] FAULT_INJECTION: forcing a failure.
[  979.081298][T17770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  979.110865][T17770] CPU: 0 PID: 17770 Comm: syz.0.4426 Not tainted syzkaller #0
[  979.118415][T17770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  979.128777][T17770] Call Trace:
[  979.132109][T17770]  <TASK>
[  979.135090][T17770]  dump_stack_lvl+0x16c/0x230
[  979.139847][T17770]  ? show_regs_print_info+0x20/0x20
[  979.145118][T17770]  ? load_image+0x3b0/0x3b0
[  979.149699][T17770]  ? __might_fault+0xaa/0x120
[  979.154510][T17770]  ? __lock_acquire+0x7c80/0x7c80
[  979.159596][T17770]  should_fail_ex+0x39d/0x4d0
[  979.164347][T17770]  _copy_from_user+0x2f/0xe0
[  979.168999][T17770]  __sys_bpf+0x1e9/0x800
[  979.173319][T17770]  ? bpf_link_show_fdinfo+0x350/0x350
[  979.178766][T17770]  ? lock_chain_count+0x20/0x20
[  979.183677][T17770]  __x64_sys_bpf+0x7c/0x90
[  979.188159][T17770]  do_syscall_64+0x55/0xb0
[  979.192646][T17770]  ? clear_bhb_loop+0x40/0x90
[  979.197388][T17770]  ? clear_bhb_loop+0x40/0x90
[  979.202134][T17770]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  979.208101][T17770] RIP: 0033:0x7f347f98f749
[  979.212575][T17770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  979.232240][T17770] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  979.240718][T17770] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  979.248754][T17770] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  979.256870][T17770] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  979.264894][T17770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  979.273013][T17770] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  979.281092][T17770]  </TASK>
[  980.326350][T17801] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4438'.
[  980.351488][T17801] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  980.377886][T17801] CPU: 1 PID: 17801 Comm: syz.2.4438 Not tainted syzkaller #0
[  980.385445][T17801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  980.395562][T17801] Call Trace:
[  980.398879][T17801]  <TASK>
[  980.401954][T17801]  dump_stack_lvl+0x16c/0x230
[  980.406692][T17801]  ? show_regs_print_info+0x20/0x20
[  980.412042][T17801]  ? load_image+0x3b0/0x3b0
[  980.416620][T17801]  sysfs_warn_dup+0x8e/0xa0
[  980.421187][T17801]  sysfs_do_create_link_sd+0xc0/0x110
[  980.426605][T17801]  device_add_class_symlinks+0x1cf/0x240
[  980.432281][T17801]  device_add+0x507/0xc20
[  980.436674][T17801]  wiphy_register+0x1e74/0x2c00
[  980.441574][T17801]  ? cfg80211_event_work+0x40/0x40
[  980.446719][T17801]  ? minstrel_ht_alloc+0x88a/0x990
[  980.451872][T17801]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  980.457975][T17801]  ieee80211_register_hw+0x2de8/0x3b10
[  980.463485][T17801]  ? ieee80211_register_hw+0xed1/0x3b10
[  980.469163][T17801]  ? ieee80211_tasklet_handler+0x20/0x20
[  980.474915][T17801]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  980.480869][T17801]  ? __debug_object_init+0xe8/0x430
[  980.486145][T17801]  ? __asan_memset+0x22/0x40
[  980.490800][T17801]  ? __hrtimer_init+0x186/0x270
[  980.495696][T17801]  mac80211_hwsim_new_radio+0x2a00/0x4cf0
[  980.501483][T17801]  ? mac80211_hwsim_free+0x220/0x220
[  980.506815][T17801]  ? rcu_is_watching+0x15/0xb0
[  980.511659][T17801]  ? kstrndup+0xbd/0x140
[  980.515977][T17801]  hwsim_new_radio_nl+0xd78/0x19d0
[  980.521128][T17801]  ? __nla_validate+0x50/0x50
[  980.525852][T17801]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  980.532219][T17801]  ? __nla_parse+0x40/0x50
[  980.536707][T17801]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  980.543085][T17801]  genl_family_rcv_msg_doit+0x209/0x2f0
[  980.548678][T17801]  ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0
[  980.554614][T17801]  ? bpf_lsm_capable+0x9/0x10
[  980.559326][T17801]  ? security_capable+0x89/0xb0
[  980.564210][T17801]  genl_rcv_msg+0x60b/0x790
[  980.568751][T17801]  ? genl_bind+0x360/0x360
[  980.573195][T17801]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  980.579590][T17801]  ? ref_tracker_free+0x634/0x7d0
[  980.584650][T17801]  netlink_rcv_skb+0x216/0x480
[  980.589470][T17801]  ? genl_bind+0x360/0x360
[  980.593919][T17801]  ? netlink_ack+0x1110/0x1110
[  980.598721][T17801]  ? __lock_acquire+0x7c80/0x7c80
[  980.603793][T17801]  ? down_read+0x1ac/0x2e0
[  980.608273][T17801]  genl_rcv+0x28/0x40
[  980.612298][T17801]  netlink_unicast+0x751/0x8d0
[  980.617129][T17801]  netlink_sendmsg+0x8c1/0xbe0
[  980.621958][T17801]  ? netlink_getsockopt+0x580/0x580
[  980.627204][T17801]  ? aa_sock_msg_perm+0x94/0x150
[  980.632178][T17801]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  980.637575][T17801]  ? security_socket_sendmsg+0x80/0xa0
[  980.643055][T17801]  ? netlink_getsockopt+0x580/0x580
[  980.648320][T17801]  ____sys_sendmsg+0x5bf/0x950
[  980.653128][T17801]  ? __asan_memset+0x22/0x40
[  980.657755][T17801]  ? __sys_sendmsg_sock+0x30/0x30
[  980.662819][T17801]  ? __import_iovec+0x5f2/0x860
[  980.667713][T17801]  ? import_iovec+0x73/0xa0
[  980.672258][T17801]  ___sys_sendmsg+0x220/0x290
[  980.676973][T17801]  ? __sys_sendmsg+0x270/0x270
[  980.681833][T17801]  __se_sys_sendmsg+0x1a5/0x270
[  980.686727][T17801]  ? __x64_sys_sendmsg+0x80/0x80
[  980.691711][T17801]  ? lockdep_hardirqs_on+0x98/0x150
[  980.696934][T17801]  do_syscall_64+0x55/0xb0
[  980.701380][T17801]  ? clear_bhb_loop+0x40/0x90
[  980.706083][T17801]  ? clear_bhb_loop+0x40/0x90
[  980.710816][T17801]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  980.716737][T17801] RIP: 0033:0x7f8eec18f749
[  980.721183][T17801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.740829][T17801] RSP: 002b:00007f8eea3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  980.749288][T17801] RAX: ffffffffffffffda RBX: 00007f8eec3e5fa0 RCX: 00007f8eec18f749
[  980.757287][T17801] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  980.765277][T17801] RBP: 00007f8eec213f91 R08: 0000000000000000 R09: 0000000000000000
[  980.773273][T17801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  980.781264][T17801] R13: 00007f8eec3e6038 R14: 00007f8eec3e5fa0 R15: 00007ffc31984ad8
[  980.789387][T17801]  </TASK>
[  980.869890][T17804] netlink: 'syz.1.4440': attribute type 33 has an invalid length.
[  980.878619][T17804] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4440'.
[  980.942719][T17799] netlink: 'syz.5.4436': attribute type 12 has an invalid length.
[  980.950871][T17799] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4436'.
[  981.030857][T17799] netlink: 'syz.5.4436': attribute type 1 has an invalid length.
[  981.041595][T17799] netlink: 193500 bytes leftover after parsing attributes in process `syz.5.4436'.
[  981.347173][T17814] Ÿë
: port 1(syz_tun) entered blocking state
[  981.360653][T17814] Ÿë
: port 1(syz_tun) entered disabled state
[  981.367019][T17814] syz_tun: entered allmulticast mode
[  981.402406][T17814] syz_tun: entered promiscuous mode
[  982.058798][T17834] FAULT_INJECTION: forcing a failure.
[  982.058798][T17834] name failslab, interval 1, probability 0, space 0, times 0
[  982.119843][T17834] CPU: 0 PID: 17834 Comm: syz.0.4451 Not tainted syzkaller #0
[  982.127397][T17834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  982.137592][T17834] Call Trace:
[  982.140919][T17834]  <TASK>
[  982.143944][T17834]  dump_stack_lvl+0x16c/0x230
[  982.148899][T17834]  ? show_regs_print_info+0x20/0x20
[  982.154169][T17834]  ? load_image+0x3b0/0x3b0
[  982.158744][T17834]  ? __lock_acquire+0x7c80/0x7c80
[  982.163854][T17834]  should_fail_ex+0x39d/0x4d0
[  982.168601][T17834]  should_failslab+0x9/0x20
[  982.173165][T17834]  slab_pre_alloc_hook+0x59/0x310
[  982.178264][T17834]  ? sk_prot_alloc+0xe7/0x210
[  982.183044][T17834]  ? sk_prot_alloc+0xe7/0x210
[  982.187796][T17834]  __kmem_cache_alloc_node+0x53/0x260
[  982.193256][T17834]  ? sk_prot_alloc+0xe7/0x210
[  982.198003][T17834]  __kmalloc+0xa4/0x240
[  982.202243][T17834]  sk_prot_alloc+0xe7/0x210
[  982.206811][T17834]  ? sk_alloc+0x24/0x360
[  982.211124][T17834]  sk_alloc+0x3a/0x360
[  982.215251][T17834]  ? bpf_ctx_init+0x163/0x1a0
[  982.220240][T17834]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  982.225850][T17834]  bpf_prog_test_run_skb+0x39a/0x11c0
[  982.231383][T17834]  ? __fget_files+0x28/0x4d0
[  982.236042][T17834]  ? cpu_online+0x60/0x60
[  982.240418][T17834]  bpf_prog_test_run+0x321/0x390
[  982.245384][T17834]  __sys_bpf+0x440/0x800
[  982.249650][T17834]  ? bpf_link_show_fdinfo+0x350/0x350
[  982.255053][T17834]  ? lock_chain_count+0x20/0x20
[  982.259933][T17834]  __x64_sys_bpf+0x7c/0x90
[  982.264367][T17834]  do_syscall_64+0x55/0xb0
[  982.268805][T17834]  ? clear_bhb_loop+0x40/0x90
[  982.273513][T17834]  ? clear_bhb_loop+0x40/0x90
[  982.278210][T17834]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  982.284146][T17834] RIP: 0033:0x7f347f98f749
[  982.288577][T17834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  982.308209][T17834] RSP: 002b:00007f34807af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  982.316642][T17834] RAX: ffffffffffffffda RBX: 00007f347fbe5fa0 RCX: 00007f347f98f749
[  982.324652][T17834] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  982.332683][T17834] RBP: 00007f34807af090 R08: 0000000000000000 R09: 0000000000000000
[  982.340677][T17834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  982.348690][T17834] R13: 00007f347fbe6038 R14: 00007f347fbe5fa0 R15: 00007fffc35c0e88
[  982.356709][T17834]  </TASK>
[  982.537162][T17836] netlink: 'syz.2.4453': attribute type 12 has an invalid length.
[  982.554728][T17836] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4453'.
[  982.638705][T17836] netlink: 'syz.2.4453': attribute type 1 has an invalid length.
[  982.650640][T17846] netlink: 'syz.5.4455': attribute type 33 has an invalid length.
[  982.664508][T17836] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.4453'.
[  982.675337][T17846] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4455'.
[  983.819864][T17877] FAULT_INJECTION: forcing a failure.
[  983.819864][T17877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  983.849112][T17877] CPU: 0 PID: 17877 Comm: syz.1.4468 Not tainted syzkaller #0
[  983.856667][T17877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  983.866784][T17877] Call Trace:
[  983.870094][T17877]  <TASK>
[  983.873081][T17877]  dump_stack_lvl+0x16c/0x230
[  983.877819][T17877]  ? show_regs_print_info+0x20/0x20
[  983.883055][T17877]  ? load_image+0x3b0/0x3b0
[  983.887589][T17877]  ? __might_fault+0xaa/0x120
[  983.892301][T17877]  ? __lock_acquire+0x7c80/0x7c80
[  983.897394][T17877]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  983.903415][T17877]  should_fail_ex+0x39d/0x4d0
[  983.908142][T17877]  _copy_from_user+0x2f/0xe0
[  983.912774][T17877]  dev_ethtool+0xc5/0x1720
[  983.917224][T17877]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  983.923488][T17877]  ? __lock_acquire+0x7c80/0x7c80
[  983.928539][T17877]  ? __might_fault+0xaa/0x120
[  983.933234][T17877]  ? full_name_hash+0x92/0xe0
[  983.937948][T17877]  ? dev_load+0x21/0x1f0
[  983.942223][T17877]  dev_ioctl+0x4ca/0x1170
[  983.946615][T17877]  sock_do_ioctl+0x226/0x2f0
[  983.951274][T17877]  ? sock_show_fdinfo+0xb0/0xb0
[  983.956163][T17877]  sock_ioctl+0x623/0x7a0
[  983.960518][T17877]  ? sock_poll+0x3d0/0x3d0
[  983.964964][T17877]  ? bpf_lsm_file_ioctl+0x9/0x10
[  983.969958][T17877]  ? security_file_ioctl+0x80/0xa0
[  983.975098][T17877]  ? sock_poll+0x3d0/0x3d0
[  983.979530][T17877]  __se_sys_ioctl+0xfd/0x170
[  983.984238][T17877]  do_syscall_64+0x55/0xb0
[  983.988718][T17877]  ? clear_bhb_loop+0x40/0x90
[  983.993422][T17877]  ? clear_bhb_loop+0x40/0x90
[  983.998125][T17877]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  984.004042][T17877] RIP: 0033:0x7f92b218f749
[  984.008476][T17877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  984.028225][T17877] RSP: 002b:00007f92b3094038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  984.036664][T17877] RAX: ffffffffffffffda RBX: 00007f92b23e5fa0 RCX: 00007f92b218f749
[  984.044741][T17877] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000011
[  984.052753][T17877] RBP: 00007f92b3094090 R08: 0000000000000000 R09: 0000000000000000
[  984.060761][T17877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  984.068840][T17877] R13: 00007f92b23e6038 R14: 00007f92b23e5fa0 R15: 00007ffe030d9548
[  984.076879][T17877]  </TASK>
[  984.500814][T17889] netlink: 'syz.1.4470': attribute type 12 has an invalid length.
[  984.523525][T17889] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4470'.
[  984.613311][T17889] netlink: 'syz.1.4470': attribute type 1 has an invalid length.
[  984.622683][T17889] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.4470'.
[  985.082333][T17905] netlink: 'syz.5.4477': attribute type 33 has an invalid length.
[  985.111988][T17905] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4477'.
[  985.246966][T17907] Ÿë
: port 1(syz_tun) entered blocking state
[  985.262591][T17907] Ÿë
: port 1(syz_tun) entered disabled state
[  985.276133][T17907] syz_tun: entered allmulticast mode
[  985.297680][T17907] syz_tun: entered promiscuous mode
[  986.971067][T17941] netlink: 'syz.5.4489': attribute type 33 has an invalid length.
[  986.989579][T17941] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4489'.
[  987.755158][T17956] netlink: 'syz.2.4494': attribute type 33 has an invalid length.
[  987.764062][T17956] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4494'.
[  988.088265][T17967] netlink: 'syz.0.4499': attribute type 10 has an invalid length.
[  988.105667][T17967] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4499'.
[  988.116077][T17967] ipvlan1: entered promiscuous mode
[  988.122257][T17967] ipvlan1: entered allmulticast mode
[  988.128061][T17967] veth0_vlan: entered allmulticast mode
[  988.140490][T17967] bridge0: port 3(ipvlan1) entered blocking state
[  988.148706][T17967] bridge0: port 3(ipvlan1) entered disabled state
[  988.161684][T17967] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  989.229971][T17985] netlink: 'syz.0.4504': attribute type 33 has an invalid length.
[  989.249588][T17985] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4504'.
[  989.550299][T17994] can: request_module (can-proto-4) failed.
[  989.735798][T18005] netlink: 'syz.5.4512': attribute type 33 has an invalid length.
[  989.759747][T18005] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4512'.
[  993.489916][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  993.496688][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  994.235363][T18049] netlink: 'syz.2.4526': attribute type 33 has an invalid length.
[  994.245048][T18049] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4526'.
[  995.037864][T18053] netlink: 'syz.1.4538': attribute type 10 has an invalid length.
[  995.078011][T18053] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4538'.
[  995.088274][T18053] ipvlan1: entered promiscuous mode
[  995.096274][T18053] ipvlan1: entered allmulticast mode
[  995.102729][T18053] veth0_vlan: entered allmulticast mode
[  995.121405][T18053] bridge0: port 4(ipvlan1) entered blocking state
[  995.142257][T18053] bridge0: port 4(ipvlan1) entered disabled state
[  995.172991][T18053] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  995.970260][T18086] netlink: 'syz.1.4543': attribute type 33 has an invalid length.
[  995.987204][T18086] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4543'.
[  996.220298][T18087] netlink: 'syz.2.4545': attribute type 10 has an invalid length.
[  996.228669][T18087] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4545'.
[  996.241403][T18087] ipvlan1: entered promiscuous mode
[  996.246895][T18087] ipvlan1: entered allmulticast mode
[  996.253320][T18087] veth0_vlan: entered allmulticast mode
[  996.264655][T18087] bridge0: port 3(ipvlan1) entered blocking state
[  996.275392][T18087] bridge0: port 3(ipvlan1) entered disabled state
[  996.292983][T18087] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  996.591818][T18101] netlink: 'syz.0.4556': attribute type 33 has an invalid length.
[  996.601664][T18101] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4556'.
[  997.543582][T15005] syz_tun (unregistering): left promiscuous mode
[  997.554599][T15005] Ÿë
: port 1(syz_tun) entered disabled state
[  997.577265][T18130] netlink: 'syz.0.4560': attribute type 33 has an invalid length.
[  997.589290][T18130] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4560'.
[  997.698759][T10942] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.851318][T10942] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.939000][T10942] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.026763][T10942] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.531177][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  998.541787][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  998.550724][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  998.561117][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  998.571726][ T5833] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  998.579614][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  999.192847][T10942] erspan0 (unregistering): left allmulticast mode
[  999.209134][T10942] erspan0 (unregistering): left promiscuous mode
[  999.216046][T10942] GPL: port 1(erspan0) entered disabled state
[  999.229852][ T5104] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  999.242042][ T5104] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  999.251763][ T5104] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  999.264536][ T5104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  999.273614][ T5104] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  999.283167][ T5104] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  999.451887][T18144] chnl_net:caif_netlink_parms(): no params data found
[  999.626477][T10942] 
[  999.628917][T10942] ======================================================
[  999.636058][T10942] WARNING: possible circular locking dependency detected
[  999.643135][T10942] syzkaller #0 Not tainted
[  999.647582][T10942] ------------------------------------------------------
[  999.654643][T10942] kworker/u4:17/10942 is trying to acquire lock:
[  999.661004][T10942] ffff88807e378d00 (team->team_lock_key#12){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  999.670738][T10942] 
[  999.670738][T10942] but task is already holding lock:
[  999.678136][T10942] ffff88806b480768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  999.688656][T10942] 
[  999.688656][T10942] which lock already depends on the new lock.
[  999.688656][T10942] 
[  999.699098][T10942] 
[  999.699098][T10942] the existing dependency chain (in reverse order) is:
[  999.708144][T10942] 
[  999.708144][T10942] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  999.715927][T10942]        __mutex_lock+0x129/0xcc0
[  999.721001][T10942]        ieee80211_open+0x144/0x200
[  999.726256][T10942]        __dev_open+0x2bc/0x430
[  999.731152][T10942]        dev_open+0xab/0x170
[  999.735881][T10942]        team_add_slave+0xae7/0x2660
[  999.741211][T10942]        do_setlink+0xe14/0x3fb0
[  999.746188][T10942]        rtnl_newlink+0x175b/0x2020
[  999.751496][T10942]        rtnetlink_rcv_msg+0x7c7/0xf10
[  999.757005][T10942]        netlink_rcv_skb+0x216/0x480
[  999.762338][T10942]        netlink_unicast+0x751/0x8d0
[  999.767672][T10942]        netlink_sendmsg+0x8c1/0xbe0
[  999.773188][T10942]        ____sys_sendmsg+0x5bf/0x950
[  999.778530][T10942]        ___sys_sendmsg+0x220/0x290
[  999.783877][T10942]        __se_sys_sendmsg+0x1a5/0x270
[  999.789304][T10942]        do_syscall_64+0x55/0xb0
[  999.794301][T10942]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  999.800769][T10942] 
[  999.800769][T10942] -> #0 (team->team_lock_key#12){+.+.}-{3:3}:
[  999.809131][T10942]        __lock_acquire+0x2ddb/0x7c80
[  999.814561][T10942]        lock_acquire+0x197/0x410
[  999.819624][T10942]        __mutex_lock+0x129/0xcc0
[  999.824700][T10942]        team_del_slave+0x32/0x1c0
[  999.829860][T10942]        team_device_event+0x28d/0xa20
[  999.835369][T10942]        notifier_call_chain+0x197/0x390
[  999.841079][T10942]        unregister_netdevice_many_notify+0xf36/0x1810
[  999.847986][T10942]        unregister_netdevice_queue+0x324/0x360
[  999.854281][T10942]        _cfg80211_unregister_wdev+0x16b/0x580
[  999.860700][T10942]        ieee80211_remove_interfaces+0x496/0x680
[  999.867130][T10942]        ieee80211_unregister_hw+0x5d/0x2a0
[  999.873079][T10942]        mac80211_hwsim_del_radio+0x274/0x450
[  999.879190][T10942]        hwsim_exit_net+0x585/0x640
[  999.884436][T10942]        cleanup_net+0x6f4/0xb90
[  999.889422][T10942]        process_scheduled_works+0xa45/0x15b0
[  999.895539][T10942]        worker_thread+0xa55/0xfc0
[  999.900697][T10942]        kthread+0x2fa/0x390
[  999.905337][T10942]        ret_from_fork+0x48/0x80
[  999.910333][T10942]        ret_from_fork_asm+0x11/0x20
[  999.915660][T10942] 
[  999.915660][T10942] other info that might help us debug this:
[  999.915660][T10942] 
[  999.925924][T10942]  Possible unsafe locking scenario:
[  999.925924][T10942] 
[  999.933412][T10942]        CPU0                    CPU1
[  999.938805][T10942]        ----                    ----
[  999.944198][T10942]   lock(&rdev->wiphy.mtx);
[  999.948740][T10942]                                lock(team->team_lock_key#12);
[  999.956337][T10942]                                lock(&rdev->wiphy.mtx);
[  999.963394][T10942]   lock(team->team_lock_key#12);
[  999.968456][T10942] 
[  999.968456][T10942]  *** DEADLOCK ***
[  999.968456][T10942] 
[  999.976699][T10942] 5 locks held by kworker/u4:17/10942:
[  999.982166][T10942]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  999.993112][T10942]  #1: ffffc9000d9bfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1000.003673][T10942]  #2: ffffffff8dfaf8d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[ 1000.013088][T10942]  #3: ffffffff8dfbc708 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[ 1000.023022][T10942]  #4: ffff88806b480768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[ 1000.033837][T10942] 
[ 1000.033837][T10942] stack backtrace:
[ 1000.039733][T10942] CPU: 1 PID: 10942 Comm: kworker/u4:17 Not tainted syzkaller #0
[ 1000.047477][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1000.057544][T10942] Workqueue: netns cleanup_net
[ 1000.062419][T10942] Call Trace:
[ 1000.065706][T10942]  <TASK>
[ 1000.068647][T10942]  dump_stack_lvl+0x16c/0x230
[ 1000.073345][T10942]  ? load_image+0x3b0/0x3b0
[ 1000.077883][T10942]  ? show_regs_print_info+0x20/0x20
[ 1000.083101][T10942]  ? print_circular_bug+0x12b/0x1a0
[ 1000.088312][T10942]  check_noncircular+0x2bd/0x3c0
[ 1000.093259][T10942]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1000.098467][T10942]  ? lockdep_lock+0xe0/0x220
[ 1000.103063][T10942]  ? __lock_acquire+0x1334/0x7c80
[ 1000.108092][T10942]  ? _find_first_zero_bit+0xd3/0x100
[ 1000.113406][T10942]  __lock_acquire+0x2ddb/0x7c80
[ 1000.118312][T10942]  ? verify_lock_unused+0x140/0x140
[ 1000.123521][T10942]  ? verify_lock_unused+0x140/0x140
[ 1000.128732][T10942]  lock_acquire+0x197/0x410
[ 1000.133240][T10942]  ? team_del_slave+0x32/0x1c0
[ 1000.138015][T10942]  ? __might_sleep+0xe0/0xe0
[ 1000.142617][T10942]  ? read_lock_is_recursive+0x20/0x20
[ 1000.147994][T10942]  __mutex_lock+0x129/0xcc0
[ 1000.152508][T10942]  ? team_del_slave+0x32/0x1c0
[ 1000.157285][T10942]  ? __lock_acquire+0x7c80/0x7c80
[ 1000.162320][T10942]  ? rcu_is_watching+0x15/0xb0
[ 1000.167110][T10942]  ? trace_contention_end+0x39/0xe0
[ 1000.172320][T10942]  ? __mutex_lock+0x304/0xcc0
[ 1000.177007][T10942]  ? team_del_slave+0x32/0x1c0
[ 1000.181806][T10942]  ? mutex_lock_nested+0x20/0x20
[ 1000.186763][T10942]  ? bond_netdev_event+0xe1/0xef0
[ 1000.191792][T10942]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 1000.197431][T10942]  ? bond_ipsec_offload_ok+0x410/0x410
[ 1000.202893][T10942]  team_del_slave+0x32/0x1c0
[ 1000.207485][T10942]  team_device_event+0x28d/0xa20
[ 1000.212427][T10942]  notifier_call_chain+0x197/0x390
[ 1000.217547][T10942]  unregister_netdevice_many_notify+0xf36/0x1810
[ 1000.223904][T10942]  ? lock_chain_count+0x20/0x20
[ 1000.228761][T10942]  ? unregister_netdevice_many+0x20/0x20
[ 1000.234406][T10942]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1000.240312][T10942]  ? __lock_acquire+0x7c80/0x7c80
[ 1000.245358][T10942]  unregister_netdevice_queue+0x324/0x360
[ 1000.251108][T10942]  ? list_netdevice+0x730/0x730
[ 1000.255968][T10942]  ? kernfs_remove_by_name_ns+0x117/0x150
[ 1000.261692][T10942]  _cfg80211_unregister_wdev+0x16b/0x580
[ 1000.267341][T10942]  ieee80211_remove_interfaces+0x496/0x680
[ 1000.273167][T10942]  ? ieee80211_do_stop+0x1db0/0x1db0
[ 1000.278477][T10942]  ? rcu_is_watching+0x15/0xb0
[ 1000.283252][T10942]  ieee80211_unregister_hw+0x5d/0x2a0
[ 1000.288641][T10942]  mac80211_hwsim_del_radio+0x274/0x450
[ 1000.294196][T10942]  ? rhashtable_remove_fast+0xbf0/0xbf0
[ 1000.299765][T10942]  hwsim_exit_net+0x585/0x640
[ 1000.304465][T10942]  ? hwsim_init_net+0x90/0x90
[ 1000.309146][T10942]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[ 1000.314956][T10942]  cleanup_net+0x6f4/0xb90
[ 1000.319379][T10942]  ? ops_free_list+0x3b0/0x3b0
[ 1000.324165][T10942]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1000.329394][T10942]  ? process_scheduled_works+0x957/0x15b0
[ 1000.335123][T10942]  ? process_scheduled_works+0x957/0x15b0
[ 1000.340846][T10942]  process_scheduled_works+0xa45/0x15b0
[ 1000.346405][T10942]  ? assign_work+0x400/0x400
[ 1000.351003][T10942]  ? assign_work+0x39e/0x400
[ 1000.355605][T10942]  worker_thread+0xa55/0xfc0
[ 1000.360206][T10942]  kthread+0x2fa/0x390
[ 1000.364283][T10942]  ? pr_cont_work+0x560/0x560
[ 1000.368981][T10942]  ? kthread_blkcg+0xd0/0xd0
[ 1000.373584][T10942]  ret_from_fork+0x48/0x80
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1000.378012][T10942]  ? kthread_blkcg+0xd0/0xd0
[ 1000.382607][T10942]  ret_from_fork_asm+0x11/0x20
[ 1000.387382][T10942]  </TASK>
[ 1000.396212][T10942] team0: Port device wlan1 removed
[ 1000.699075][ T5104] Bluetooth: hci0: command tx timeout
[ 1001.025321][T14656] syz_tun (unregistering): left allmulticast mode
[ 1001.032399][T14656] syz_tun (unregistering): left promiscuous mode
[ 1001.038833][T14656] Ÿë
: port 1(syz_tun) entered disabled state
[ 1001.228704][T10942] hsr_slave_0: left promiscuous mode
[ 1001.242384][T10942] hsr_slave_1: left promiscuous mode
[ 1001.259346][T10942] bridge_slave_1: left allmulticast mode
[ 1001.265076][T10942] bridge_slave_1: left promiscuous mode
[ 1001.285177][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1001.295378][T10942] bridge_slave_0: left allmulticast mode
[ 1001.309663][T10942] bridge_slave_0: left promiscuous mode
[ 1001.315551][T10942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1001.334299][T10942] veth1_macvtap: left promiscuous mode
[ 1001.349346][T10942] veth0_macvtap: left promiscuous mode
[ 1001.355047][T10942] veth1_vlan: left promiscuous mode
[ 1001.379118][T10942] veth0_vlan: left promiscuous mode
[ 1001.785116][T10942] team0 (unregistering): Port device team_slave_1 removed
[ 1001.817492][T10942] team0 (unregistering): Port device team_slave_0 removed
[ 1001.852102][T10942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1001.861097][T10942] bond_slave_1 (unregistering): left promiscuous mode
[ 1001.897374][T10942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1001.907254][T10942] bond_slave_0 (unregistering): left promiscuous mode
[ 1002.128520][T10942] bond0 (unregistering): Released all slaves
[ 1002.532011][T10942] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.618227][T10942] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.676931][T10942] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.728874][T10942] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.893045][T10942] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.957042][T10942] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.027026][T10942] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.096854][T10942] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.221693][T10942] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.277044][T10942] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.346523][T10942] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1003.408647][T10942] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1004.308539][T10942] erspan0 (unregistering): left allmulticast mode
[ 1004.315132][T10942] erspan0 (unregistering): left promiscuous mode
[ 1004.322519][T10942] GPL: port 1(erspan0) entered disabled state
[ 1004.342566][T10942] erspan0 (unregistering): left allmulticast mode
[ 1004.349092][T10942] erspan0 (unregistering): left promiscuous mode
[ 1004.355527][T10942] GPL: port 1(erspan0) entered disabled state
[ 1005.013985][T10942] bridge_slave_1: left allmulticast mode
[ 1005.020398][T10942] bridge_slave_1: left promiscuous mode
[ 1005.026183][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.035872][T10942] bridge_slave_0: left allmulticast mode
[ 1005.042031][T10942] bridge_slave_0: left promiscuous mode
[ 1005.047809][T10942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.068538][T10942] hsr_slave_0: left promiscuous mode
[ 1005.075922][T10942] hsr_slave_1: left promiscuous mode
[ 1005.082611][T10942] bridge_slave_1: left allmulticast mode
[ 1005.088395][T10942] bridge_slave_1: left promiscuous mode
[ 1005.094549][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.104048][T10942] bridge_slave_0: left allmulticast mode
[ 1005.110312][T10942] bridge_slave_0: left promiscuous mode
[ 1005.116130][T10942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.130611][T10942] hsr_slave_0: left promiscuous mode
[ 1005.136496][T10942] hsr_slave_1: left promiscuous mode
[ 1005.142871][T10942] team0: left allmulticast mode
[ 1005.147767][T10942] team_slave_0: left allmulticast mode
[ 1005.153308][T10942] team_slave_1: left allmulticast mode
[ 1005.158896][T10942] team0: left promiscuous mode
[ 1005.163732][T10942] team_slave_0: left promiscuous mode
[ 1005.169313][T10942] team_slave_1: left promiscuous mode
[ 1005.175007][T10942] bridge0: port 3(team0) entered disabled state
[ 1005.183470][T10942] bridge_slave_1: left allmulticast mode
[ 1005.189254][T10942] bridge_slave_1: left promiscuous mode
[ 1005.194946][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.204731][T10942] bridge_slave_0: left allmulticast mode
[ 1005.210601][T10942] bridge_slave_0: left promiscuous mode
[ 1005.216383][T10942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.229585][T10942] veth1_macvtap: left promiscuous mode
[ 1005.235222][T10942] veth0_macvtap: left promiscuous mode
[ 1005.241222][T10942] veth1_vlan: left promiscuous mode
[ 1005.246519][T10942] veth0_vlan: left promiscuous mode
[ 1005.252961][T10942] veth1_macvtap: left promiscuous mode
[ 1005.258489][T10942] veth0_macvtap: left promiscuous mode
[ 1005.264090][T10942] veth1_vlan: left promiscuous mode
[ 1005.269421][T10942] veth0_vlan: left promiscuous mode
[ 1005.275746][T10942] veth1_macvtap: left promiscuous mode
[ 1005.281724][T10942] veth0_macvtap: left promiscuous mode
[ 1005.287303][T10942] veth1_vlan: left allmulticast mode
[ 1005.292701][T10942] veth1_vlan: left promiscuous mode
[ 1005.297986][T10942] veth0_vlan: left promiscuous mode
[ 1005.525151][T10942] bond0 (unregistering): Released all slaves
[ 1005.745825][T10942] team0 (unregistering): Port device team_slave_1 removed
[ 1005.758849][T10942] team0 (unregistering): Port device team_slave_0 removed
[ 1005.796009][T10942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1005.806364][T10942] bond_slave_1 (unregistering): left promiscuous mode
[ 1005.833539][T10942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1005.842811][T10942] bond_slave_0 (unregistering): left promiscuous mode
[ 1005.904137][T10942] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1005.912763][T10942] dummy0 (unregistering): left promiscuous mode
[ 1006.060857][T10942] bond0 (unregistering): Released all slaves
[ 1006.297980][T10942] team0 (unregistering): Port device team_slave_1 removed
[ 1006.329450][T10942] team0 (unregistering): Port device team_slave_0 removed
[ 1006.363262][T10942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1006.378275][T10942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1006.439012][T10942] team0 (unregistering): Port device bond0 removed
[ 1006.581854][T10942] bond0 (unregistering): Released all slaves
[ 1006.872816][T10942] team0 (unregistering): Port device team_slave_1 removed
[ 1006.889424][T10942] team0 (unregistering): Port device team_slave_0 removed
[ 1006.919687][T10942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1006.928470][T10942] bond_slave_1 (unregistering): left promiscuous mode
[ 1006.959693][T10942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1006.968752][T10942] bond_slave_0 (unregistering): left promiscuous mode
[ 1007.169302][T10942] bond0 (unregistering): Released all slaves