last executing test programs:

8.536478177s ago: executing program 2 (id=2081):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x98, '\x00', 0x0, @xdp}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000100)=r0, 0x120)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x22, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb}, 0x100000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891e, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x6, 0x21, &(0x7f0000001540), 0x20)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
close(r2)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000004)
recvmsg(0xffffffffffffffff, 0x0, 0x21)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x1, 0x10000, 0x1, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x127)
close(r3)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[{0x18, 0x110, 0xe, 'i'}], 0x18}, 0x0)

7.959061553s ago: executing program 2 (id=2083):
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000080)="1c0000006d0081044e81f782db1f4cb9041c1d0800fe007c05e8fe55", 0x1c}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000400000000000000fcffff0185000000bc0000001801000020646c2400000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000f000000850000000600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x0, 0xfe5a, 0x0, &(0x7f0000000200)="32087d1c9cb361397a127acf6646", 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xf4e, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000340)={r1, r2}, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0fff100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x20800000, 0x0, 0x4b, 0x0, 0x0, 0x0)

7.474507077s ago: executing program 3 (id=2085):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x1, &(0x7f00000001c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x1a, &(0x7f00000002c0)=""/26, 0x41100, 0x28, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) (fail_nth: 2)

6.507769003s ago: executing program 1 (id=2088):
r0 = socket$kcm(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}, 0xc00, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0xfe0d, 0x0, &(0x7f00000001c0)="259a53f271a76d2608004c6588a80a3888ca2f15138d8c387cb76f5520d4aaeb8d000bf7e1902c6187c56fe8532e32d06932eac5", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000002c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x80}, 0x40811)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000008400000006"], 0x28}, 0x41)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90424fc600d00032309000100ff3582c137153e370248018002000000d1bd", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000035000b63717a3c4a01d8985b0808aa78", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
recvmsg$kcm(r3, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x102)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006110480000000000710425000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000440)=0x3, 0x12)
gettid()
setsockopt$sock_attach_bpf(r0, 0x29, 0x10, 0x0, 0x1300)

5.86671361s ago: executing program 1 (id=2091):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1, 0x1000000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1, 0x100007, 0x4, 0x21, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
r1 = socket$kcm(0xa, 0x2, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x4000})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080)) (fail_nth: 2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'wlan0\x00', @multicast})
openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x14, &(0x7f0000000440), 0x3d)
syz_clone(0x100000, &(0x7f0000000900), 0x0, &(0x7f0000000940), 0x0, &(0x7f00000009c0)="a743f803bb505783eaca0a8888eabc1971f3ebb7c232c68a30a9df8ae330f4cdfc8c3b9e950f038bf0")

5.50130275s ago: executing program 3 (id=2092):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1, 0x1000000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1, 0x100007, 0x4, 0x21, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
r1 = socket$kcm(0xa, 0x2, 0x0)
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x4000})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'wlan0\x00', @multicast})
openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x14, &(0x7f0000000440), 0x3d)
syz_clone(0x100000, &(0x7f0000000900), 0x0, &(0x7f0000000940), 0x0, &(0x7f00000009c0)="a743f803bb505783eaca0a8888eabc1971f3ebb7c232c68a30a9df8ae330f4cdfc8c3b9e950f038bf0")

5.106468491s ago: executing program 0 (id=2094):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) (rerun: 64)
close(r3) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) (async, rerun: 64)
close(0x3) (rerun: 64)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200000100000085000000a000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}) (async, rerun: 64)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (rerun: 64)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4) (async)
sendmsg$unix(r7, &(0x7f00000006c0)={0x0, 0x41, 0x0}, 0x10) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')

4.78126642s ago: executing program 0 (id=2095):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x1, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x800000}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0a00000008000000010000004000000042000000", @ANYRES32, @ANYBLOB="00000000f3ffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x21, 0x2, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xa}, 0x100c, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x3}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYRES8, @ANYBLOB="3eca", @ANYRES8], 0x9a)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000340)=r1, 0x4)
openat$cgroup_ro(r1, &(0x7f0000000640)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x70cb0}], 0xc}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0x922000000001, 0x106)

3.978287332s ago: executing program 3 (id=2096):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="2e0000003b000511d25a80698c6394090124fc602f6e35401000058025581d00d1bd00000000001900", 0x29}], 0x1, 0x0, 0x0, 0x39c}, 0xc004)

3.837132515s ago: executing program 3 (id=2097):
socket$kcm(0x2, 0x1, 0x84)
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg(r0, &(0x7f0000001180)={&(0x7f0000000080)=@qipcrtr={0x2a, 0x4, 0x4000}, 0x80, 0x0, 0x0, &(0x7f0000000b40)=[{0x10, 0x1, 0x8}], 0x10}, 0xc0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x6, 0x804, 0x0, 0x7}, {0x10400002, 0x2, 0x0, 0x5}], 0x10, 0xfffffffd}, 0x94)
socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10, 0x0}, 0x40)
r1 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x10, &(0x7f0000000000), 0xc)

3.836308395s ago: executing program 1 (id=2105):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="2e0000003b000511d25a80698c6394090124fc602f6e35401000058025581d00d1bd00000000001900", 0x29}], 0x1, 0x0, 0x0, 0x39c}, 0xc004)

3.713833909s ago: executing program 1 (id=2098):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4a046)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300a8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, r1, 0x0)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x1}, 0x1205, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, r1, 0x1)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000080), 0x8}, 0x100904, 0x401, 0x25, 0x4, 0x1000, 0x200, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113bd0000000000bfa000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000007000000150600001be60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0xfffffffffffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x1f, 0x15, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000005000000040000000000000e035795bab3786953fc000000000000000000613000"], 0x0, 0x2d, 0x0, 0x0, 0x9}, 0x28)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)

3.6805257s ago: executing program 0 (id=2099):
r0 = socket$kcm(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}, 0xc00, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0xfe0d, 0x0, &(0x7f00000001c0)="259a53f271a76d2608004c6588a80a3888ca2f15138d8c387cb76f5520d4aaeb8d000bf7e1902c6187c56fe8532e32d06932eac5", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000002c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x80}, 0x40811)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000008400000006"], 0x28}, 0x41)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90424fc600d00032309000100ff3582c137153e370248018002000000d1bd", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000035000b63717a3c4a01d8985b0808aa78", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
recvmsg$kcm(r3, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x102)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006110480000000000710425000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000440)=0x3, 0x12)
gettid()
setsockopt$sock_attach_bpf(r0, 0x29, 0x10, 0x0, 0x1300)

3.642518921s ago: executing program 3 (id=2100):
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0xf6fc, 0xfffffffffffffffe}, 0x0, 0x0, 0xc2ba, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x14, &(0x7f0000000440)=[{&(0x7f0000000280)="d8000000140081054e81f782db44b9040a1d08020a000000040000a118000200fe80000000000e1208000f0100a10401a80016eaa4000640feffffffffffffffb94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c817bd6c496ddffaa2795edb1e61e0100000000000000cb090000001fb791643a5ee4001b14547df36745d6d930dfe1d9d322fe7c9fd68775730d96a4683f5aeb4edbb57a5025ccca9e00158c89ed6cb4d1ac95e7765e04c2360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b4", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="d5b440aeabaea6a78de1dc67869abc299d62164fa6e99ba566c0bea0c57a4d8f37a418db196f854db9445f9009017c2fcb0493f9fb08fa5dcba8e5456a3d95ff98e97686db6cd6e209ceea01735bb88cb523789a770e0f02bff0de07b328f2f8d81cf7568a93e5a260aa82e45038abce54ddf0c55e7bbaf13c2211e7959a49181237259e20d7fd50fd900f9739f5fe2e4176a01dc35014535b36ca20cb2071a042e2315bc28481860a8d8270d0644763c6a9c8b12820e8f03653b548f34798c3481f7b22c81616bb9e2065955c00fe2a763eb2135027502804cc2345a2956f28d751dc2bdeed8dce", @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12506, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x8}, 0x7602, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r7 = openat$cgroup_type(r6, &(0x7f0000000300), 0x2, 0x0)
write$cgroup_type(r7, &(0x7f0000000280), 0x9)
r8 = openat$cgroup_procs(r6, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r10, &(0x7f0000003780)={0x0, 0x3000000, &(0x7f0000000080)=[{&(0x7f0000000040)="0202000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000004c0)={r5, r4}, 0xc)
write$cgroup_pid(r8, &(0x7f0000000080), 0x12)
r11 = openat$cgroup_ro(r9, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r11, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r13 = openat$cgroup_procs(r12, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r13, &(0x7f00000001c0), 0x12)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000380)={0x1, 0x80, 0xd, 0x0, 0x4, 0xa, 0x0, 0x5, 0xa800, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x7ff, 0x5}, 0x10, 0x41, 0xd16, 0x0, 0x7fff, 0x1e, 0x800, 0x0, 0x19, 0x0, 0x100})

3.391437007s ago: executing program 0 (id=2101):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb010097000000000000000cffffffea13260000000000000000000005000604000000016100"], 0x0, 0x27, 0x0, 0x1, 0xfffffffa}, 0x28) (async)
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x6, 0x21, &(0x7f0000001540), 0x20) (async)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x5, 0xa, 0x0, 0x2, 0xfffffffffffffff0}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0xc}, 0x94) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0) (async)
unlink(&(0x7f00000000c0)='./cgroup/cgroup.procs\x00') (async)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x8101000000000002}, 0x5, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x8, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_bp={0x0, 0x3fec331ef9a134d7}, 0x0, 0x8, 0x43a1bd78, 0x9, 0x8, 0x6, 0xfffd, 0x0, 0x80, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x11, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0xa0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='.\x00\x00\x007'], 0x20) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r1, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x10, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8cffffffffffffff}, 0x3b35}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) (async)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000001140)={&(0x7f0000001300)=@in6={0xa, 0x4e22, 0x2, @mcast2={0xff, 0x5}, 0x11}, 0x80, 0x0}, 0x24000844)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

3.231930232s ago: executing program 2 (id=2102):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10, 0x0}, 0x40)
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x10, &(0x7f0000000000), 0xc)

2.504463572s ago: executing program 2 (id=2103):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@base={0x5, 0x4, 0x4, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33a2d912}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
perf_event_open$cgroup(&(0x7f0000000000)={0x5, 0x80, 0xb3, 0x3, 0x6, 0x49, 0x0, 0x2, 0x2001, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7, 0x4, @perf_config_ext={0x8, 0x1}, 0x1410, 0x401, 0x0, 0x5, 0x1b, 0xffff0001, 0x2, 0x0, 0x4, 0x0, 0x727}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8916, &(0x7f0000000000)={'wlan1\x00', @random="0200ff7fffff"})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f0081"], 0x48)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000080)='mem\x00\x10\x00\x00\x00\x00\x00\x00I\xa2l')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x84)
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000080)={r6})
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r5)

1.319603654s ago: executing program 0 (id=2104):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4a046)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300a8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, r1, 0x0)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x1}, 0x1205, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, r1, 0x1)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000080), 0x8}, 0x100904, 0x401, 0x25, 0x4, 0x1000, 0x200, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113bd0000000000bfa000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000007000000150600001be60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0xfffffffffffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x1f, 0x15, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000005000000040000000000000e035795bab3786953fc000000000000000000613000"], 0x0, 0x2d, 0x0, 0x0, 0x9}, 0x28)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)

1.274659925s ago: executing program 1 (id=2106):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4a046)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300a8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, r1, 0x0)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x1}, 0x1205, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, r1, 0x1)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000080), 0x8}, 0x100904, 0x401, 0x25, 0x4, 0x1000, 0x200, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113bd0000000000bfa000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000007000000150600001be60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0xfffffffffffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x1f, 0x15, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0xa, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000005000000040000000000000e035795bab3786953fc000000000000000000613000"], 0x0, 0x2d, 0x0, 0x0, 0x9}, 0x28)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)

111.147167ms ago: executing program 2 (id=2107):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="2e0000003b000511d25a80698c6394090124fc602f6e35401000058025581d00d1bd00000000001900000000", 0x2c}], 0x1, 0x0, 0x0, 0x39c}, 0xc004)

62.342948ms ago: executing program 2 (id=2108):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x1, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x800000}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0a00000008000000010000004000000042000000", @ANYRES32, @ANYBLOB="00000000f3ffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x21, 0x2, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xa}, 0x100c, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x3}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYRES8, @ANYBLOB="3eca", @ANYRES8], 0x9a)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000340)=r1, 0x4)
openat$cgroup_ro(r1, &(0x7f0000000640)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x70cb0}], 0xc}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0x922000000001, 0x106)

50.872079ms ago: executing program 3 (id=2109):
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0xf6fc, 0xfffffffffffffffe}, 0x0, 0x0, 0xc2ba, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x14, &(0x7f0000000440)=[{&(0x7f0000000280)="d8000000140081054e81f782db44b9040a1d08020a000000040000a118000200fe80000000000e1208000f0100a10401a80016eaa4000640feffffffffffffffb94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c817bd6c496ddffaa2795edb1e61e0100000000000000cb090000001fb791643a5ee4001b14547df36745d6d930dfe1d9d322fe7c9fd68775730d96a4683f5aeb4edbb57a5025ccca9e00158c89ed6cb4d1ac95e7765e04c2360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b4", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="d5b440aeabaea6a78de1dc67869abc299d62164fa6e99ba566c0bea0c57a4d8f37a418db196f854db9445f9009017c2fcb0493f9fb08fa5dcba8e5456a3d95ff98e97686db6cd6e209ceea01735bb88cb523789a770e0f02bff0de07b328f2f8d81cf7568a93e5a260aa82e45038abce54ddf0c55e7bbaf13c2211e7959a49181237259e20d7fd50fd900f9739f5fe2e4176a01dc35014535b36ca20cb2071a042e2315bc28481860a8d8270d0644763c6a9c8b12820e8f03653b548f34798c3481f7b22c81616bb9e2065955c00fe2a763eb2135027502804cc2345a2956f28d751dc2bdeed8dce", @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12506, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x8}, 0x7602, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f0000000300), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)
r5 = openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r5, &(0x7f0000000080), 0x12)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000200)=0x1, 0x12) (fail_nth: 2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)

44.549228ms ago: executing program 0 (id=2110):
r0 = socket$kcm(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}, 0xc00, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0xfe0d, 0x0, &(0x7f00000001c0)="259a53f271a76d2608004c6588a80a3888ca2f15138d8c387cb76f5520d4aaeb8d000bf7e1902c6187c56fe8532e32d06932eac5", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000002c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x80}, 0x40811)
r2 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000008400000006"], 0x28}, 0x41)
r3 = socket$kcm(0x10, 0x3, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90424fc600d00032309000100ff3582c137153e370248018002000000d1bd", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000035000b63717a3c4a01d8985b0808aa78", 0x14}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
recvmsg$kcm(r3, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x102)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006110480000000000710425000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000440)=0x3, 0x12)
gettid()
setsockopt$sock_attach_bpf(r0, 0x29, 0x10, 0x0, 0x1300)

0s ago: executing program 1 (id=2111):
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000080)="1c0000006d0081044e81f782db1f4cb9041c1d0800fe007c05e8fe55", 0x1c}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000400000000000000fcffff0185000000bc0000001801000020646c2400000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000f000000850000000600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x0, 0xfe5a, 0x0, &(0x7f0000000200)="32087d1c9cb361397a127acf6646", 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xf4e, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000340)={r1, r2}, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0fff100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$kcm(r0, &(0x7f00000008c0)={&(0x7f0000000380)=@phonet={0x23, 0x7f, 0x4b, 0x6}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000480)="f0ccc7c952609e39f3c93949526e4d9e41660485ddf0accf966cc47b2cbc94d82f76df9f307b3b956e82b797de7a9d4b06971e0c5ba815c18416a3cc53d01bc17175f94b96888b5583e8fb589e21a93b526b1434cbd9fa9ca02d43f3e9897bf024c81ca58be74e929730e9321966cc98a527ea8737ee85714e628c4518a1cf957f8f8c42bac53586b7dedacbf90046392a05edc59535ee53d568c30f189cc20d4b3ee089e194cefeb12b0f5ff7976ea9518403e4f98efb3506698b0338a26037e524549bab73ae85a1c286356311a8c9424855a66ee90c09ad7452e134db8ccf21e9466f9f31eea7191bbd", 0xeb}], 0x1, &(0x7f0000000740)=[{0xc8, 0x104, 0xd7, "5d265e64643dbd4d55d667aad4597f980dd2a2f102c7a465307184ff4c6ea5f94a75476242fceaf8c2da4f3d7f3f0939e510c0d167818afd5759f78ba042401bff5fb1c31374461406cc08e076875169d10dd7d07bd716e09372f6cbe032c040171bd602447ec64c2fa90a64e7b4a0f8c6860801bde6b34da9f01e496b9164de88f3d38abcdbaa836501f1b8d5d8e569e32a0ebf1dac2109b051707e75e8c771f5bcd80ae9b32a5aed8181e8edd541d84248be32ebc48d95"}, {0xa0, 0x101, 0x6, "8d6bf01dfbac36fd5dfb94b710c07c25386251f8087d41c1fd23f3535cca00b314c05b09a0a4acadcb6430418bc19f167e9d1733333dea7e5e4859991fc27b3c9eaf659b055a30ade2df0de9ccd58b77f415c4bd3c11b3b363b5237e12e97eb6ddd2731d3f0ef18d6390cb987728b20016d2d21b2247e668d574d1259ab280053a02f34986c5f7b7ceb23d53bb63e2"}], 0x168}, 0x4010)

kernel console output (not intermixed with test programs):

0
[  272.411530][ T8172]  ? __lock_acquire+0x7d40/0x7d40
[  272.416619][ T8172]  should_fail_ex+0x39d/0x4d0
[  272.421373][ T8172]  should_failslab+0x9/0x20
[  272.426027][ T8172]  slab_pre_alloc_hook+0x59/0x310
[  272.431122][ T8172]  ? __get_vm_area_node+0x125/0x370
[  272.436382][ T8172]  __kmem_cache_alloc_node+0x53/0x250
[  272.441863][ T8172]  ? trace_call_bpf+0xc3/0x6c0
[  272.446693][ T8172]  ? __get_vm_area_node+0x125/0x370
[  272.451955][ T8172]  kmalloc_node_trace+0x26/0xe0
[  272.456965][ T8172]  __get_vm_area_node+0x125/0x370
[  272.462072][ T8172]  __vmalloc_node_range+0x36e/0x1330
[  272.467465][ T8172]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  272.473113][ T8172]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  272.478987][ T8172]  ? lock_chain_count+0x20/0x20
[  272.483903][ T8172]  ? free_vm_area+0x50/0x50
[  272.488453][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.494668][ T8172]  ? lockdep_hardirqs_on+0x98/0x150
[  272.499925][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.506147][ T8172]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  272.511752][ T8172]  __vmalloc+0x7a/0x90
[  272.515887][ T8172]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  272.521491][ T8172]  bpf_prog_alloc_no_stats+0x47/0x440
[  272.526915][ T8172]  ? bpf_prog_alloc+0x2b/0x1a0
[  272.531748][ T8172]  bpf_prog_alloc+0x3d/0x1a0
[  272.536399][ T8172]  bpf_prog_load+0x6eb/0x1670
[  272.541124][ T8172]  ? perf_trace_preemptirq_template+0x269/0x330
[  272.547474][ T8172]  ? map_freeze+0x420/0x420
[  272.552039][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.558246][ T8172]  ? lockdep_hardirqs_on+0x98/0x150
[  272.563542][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.569834][ T8172]  __sys_bpf+0x5ba/0x890
[  272.574145][ T8172]  ? bpf_link_show_fdinfo+0x390/0x390
[  272.579594][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.585848][ T8172]  __x64_sys_bpf+0x7c/0x90
[  272.590338][ T8172]  do_syscall_64+0x55/0xa0
[  272.594824][ T8172]  ? clear_bhb_loop+0x40/0x90
[  272.599667][ T8172]  ? clear_bhb_loop+0x40/0x90
[  272.604404][ T8172]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  272.610335][ T8172] RIP: 0033:0x7f84ce19cdd9
[  272.614791][ T8172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  272.634459][ T8172] RSP: 002b:00007f84cefa4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  272.642934][ T8172] RAX: ffffffffffffffda RBX: 00007f84ce415fa0 RCX: 00007f84ce19cdd9
[  272.651001][ T8172] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  272.659018][ T8172] RBP: 00007f84cefa4090 R08: 0000000000000000 R09: 0000000000000000
[  272.667032][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.675118][ T8172] R13: 00007f84ce416038 R14: 00007f84ce415fa0 R15: 00007ffdb289fb48
[  272.683345][ T8172]  </TASK>
[  272.683431][ T8167] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.851'.
[  272.761208][ T8172] warn_alloc: 1 callbacks suppressed
[  272.761250][ T8172] syz.0.852: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  272.835831][ T8172] CPU: 0 PID: 8172 Comm: syz.0.852 Not tainted syzkaller #0
[  272.843227][ T8172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  272.853341][ T8172] Call Trace:
[  272.856672][ T8172]  <TASK>
[  272.859644][ T8172]  dump_stack_lvl+0x18c/0x250
[  272.864395][ T8172]  ? show_regs_print_info+0x20/0x20
[  272.869669][ T8172]  ? load_image+0x420/0x420
[  272.874287][ T8172]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  272.880943][ T8172]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  272.887526][ T8172]  warn_alloc+0x246/0x340
[  272.891922][ T8172]  ? __get_vm_area_node+0x125/0x370
[  272.897272][ T8172]  ? zone_watermark_ok_safe+0x230/0x230
[  272.902884][ T8172]  ? rcu_is_watching+0x15/0xb0
[  272.907723][ T8172]  ? __get_vm_area_node+0x356/0x370
[  272.913002][ T8172]  __vmalloc_node_range+0x393/0x1330
[  272.918364][ T8172]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  272.924265][ T8172]  ? lock_chain_count+0x20/0x20
[  272.929178][ T8172]  ? free_vm_area+0x50/0x50
[  272.933774][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.939990][ T8172]  ? lockdep_hardirqs_on+0x98/0x150
[  272.945247][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  272.951463][ T8172]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  272.957114][ T8172]  __vmalloc+0x7a/0x90
[  272.961233][ T8172]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  272.966814][ T8172]  bpf_prog_alloc_no_stats+0x47/0x440
[  272.972226][ T8172]  ? bpf_prog_alloc+0x2b/0x1a0
[  272.977051][ T8172]  bpf_prog_alloc+0x3d/0x1a0
[  272.981791][ T8172]  bpf_prog_load+0x6eb/0x1670
[  272.986542][ T8172]  ? perf_trace_preemptirq_template+0x269/0x330
[  272.992843][ T8172]  ? map_freeze+0x420/0x420
[  272.997473][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  273.003668][ T8172]  ? lockdep_hardirqs_on+0x98/0x150
[  273.008910][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  273.015114][ T8172]  __sys_bpf+0x5ba/0x890
[  273.019408][ T8172]  ? bpf_link_show_fdinfo+0x390/0x390
[  273.024824][ T8172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  273.031032][ T8172]  __x64_sys_bpf+0x7c/0x90
[  273.035480][ T8172]  do_syscall_64+0x55/0xa0
[  273.039928][ T8172]  ? clear_bhb_loop+0x40/0x90
[  273.044645][ T8172]  ? clear_bhb_loop+0x40/0x90
[  273.049366][ T8172]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  273.055295][ T8172] RIP: 0033:0x7f84ce19cdd9
[  273.059754][ T8172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  273.079401][ T8172] RSP: 002b:00007f84cefa4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  273.088226][ T8172] RAX: ffffffffffffffda RBX: 00007f84ce415fa0 RCX: 00007f84ce19cdd9
[  273.096276][ T8172] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  273.104282][ T8172] RBP: 00007f84cefa4090 R08: 0000000000000000 R09: 0000000000000000
[  273.112370][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.120370][ T8172] R13: 00007f84ce416038 R14: 00007f84ce415fa0 R15: 00007ffdb289fb48
[  273.128391][ T8172]  </TASK>
[  273.141537][ T8172] Mem-Info:
[  273.145170][ T8172] active_anon:8874 inactive_anon:0 isolated_anon:0
[  273.145170][ T8172]  active_file:10924 inactive_file:40004 isolated_file:0
[  273.145170][ T8172]  unevictable:768 dirty:545 writeback:0
[  273.145170][ T8172]  slab_reclaimable:10117 slab_unreclaimable:92720
[  273.145170][ T8172]  mapped:25058 shmem:2043 pagetables:560
[  273.145170][ T8172]  sec_pagetables:0 bounce:0
[  273.145170][ T8172]  kernel_misc_reclaimable:0
[  273.145170][ T8172]  free:1346779 free_pcp:11096 free_cma:0
[  273.210026][ T8172] Node 0 active_anon:35496kB inactive_anon:0kB active_file:43696kB inactive_file:159812kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100232kB dirty:2180kB writeback:0kB shmem:6636kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11156kB pagetables:2240kB sec_pagetables:0kB all_unreclaimable? no
[  273.265390][ T8172] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  273.406237][ T8172] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  273.448501][ T8172] lowmem_reserve[]: 0 2521 2522 2522 2522
[  273.456348][ T8172] Node 0 DMA32 free:1479576kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:32568kB inactive_anon:0kB active_file:43696kB inactive_file:158992kB unevictable:1536kB writepending:1880kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:27352kB local_pcp:17420kB free_cma:0kB
[  273.509633][ T8172] lowmem_reserve[]: 0 0 0 0 0
[  273.515068][ T8172] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  273.553382][ T8172] lowmem_reserve[]: 0 0 0 0 0
[  273.558377][ T8172] Node 1 Normal free:3892116kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20288kB local_pcp:10720kB free_cma:0kB
[  273.589581][ T8172] lowmem_reserve[]: 0 0 0 0 0
[  273.631126][ T8172] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  273.731234][ T8172] Node 0 DMA32: 704*4kB (ME) 509*8kB (UME) 379*16kB (UM) 1000*32kB (UME) 421*64kB (UME) 33*128kB (UME) 16*256kB (UME) 8*512kB (UME) 4*1024kB (UME) 7*2048kB (UME) 336*4096kB (M) = 1479000kB
[  273.809579][ T8179] netlink: 'syz.1.856': attribute type 10 has an invalid length.
[  273.817797][ T8172] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  273.850591][ T8172] Node 1 Normal: 257*4kB (U) 56*8kB (UME) 27*16kB (UME) 45*32kB (UME) 16*64kB (UE) 7*128kB (UME) 1*256kB (E) 1*512kB (M) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3892116kB
[  273.868787][ T8172] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.878580][ T8172] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.888694][ T8172] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.899112][ T8172] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.910709][ T8172] 52296 total pagecache pages
[  273.920464][ T8172] 0 pages in swap cache
[  273.926348][ T8172] Free swap  = 124996kB
[  273.930689][ T8172] Total swap = 124996kB
[  273.943671][ T8172] 2097051 pages RAM
[  273.947695][ T8172] 0 pages HighMem/MovableOnly
[  273.955648][ T8172] 416927 pages reserved
[  273.960024][ T8172] 0 pages cma reserved
[  274.018120][ T8181] netlink: 160 bytes leftover after parsing attributes in process `syz.2.855'.
[  275.012106][ T8195] FAULT_INJECTION: forcing a failure.
[  275.012106][ T8195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.053300][ T8195] CPU: 1 PID: 8195 Comm: syz.3.859 Not tainted syzkaller #0
[  275.060775][ T8195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  275.071005][ T8195] Call Trace:
[  275.074346][ T8195]  <TASK>
[  275.077321][ T8195]  dump_stack_lvl+0x18c/0x250
[  275.082069][ T8195]  ? show_regs_print_info+0x20/0x20
[  275.087334][ T8195]  ? load_image+0x420/0x420
[  275.091898][ T8195]  ? __lock_acquire+0x7d40/0x7d40
[  275.096990][ T8195]  ? snprintf+0xe9/0x140
[  275.101299][ T8195]  should_fail_ex+0x39d/0x4d0
[  275.106041][ T8195]  _copy_to_user+0x2f/0xa0
[  275.110522][ T8195]  simple_read_from_buffer+0xe7/0x150
[  275.116007][ T8195]  proc_fail_nth_read+0x1e8/0x260
[  275.121102][ T8195]  ? proc_fault_inject_write+0x360/0x360
[  275.126799][ T8195]  ? fsnotify_perm+0x271/0x5e0
[  275.131661][ T8195]  ? proc_fault_inject_write+0x360/0x360
[  275.137479][ T8195]  vfs_read+0x28b/0x970
[  275.141712][ T8195]  ? kernel_read+0x1e0/0x1e0
[  275.146359][ T8195]  ? __fget_files+0x28/0x4b0
[  275.150998][ T8195]  ? __fget_files+0x28/0x4b0
[  275.155646][ T8195]  ? __fget_files+0x43d/0x4b0
[  275.160482][ T8195]  ? __fdget_pos+0x2a3/0x330
[  275.165128][ T8195]  ? ksys_read+0x75/0x260
[  275.169520][ T8195]  ksys_read+0x150/0x260
[  275.173833][ T8195]  ? vfs_write+0x990/0x990
[  275.178331][ T8195]  ? lockdep_hardirqs_on+0x98/0x150
[  275.183597][ T8195]  do_syscall_64+0x55/0xa0
[  275.188148][ T8195]  ? clear_bhb_loop+0x40/0x90
[  275.192878][ T8195]  ? clear_bhb_loop+0x40/0x90
[  275.197760][ T8195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  275.203710][ T8195] RIP: 0033:0x7f0e1d35d60e
[  275.208177][ T8195] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  275.228021][ T8195] RSP: 002b:00007f0e1e23efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  275.236603][ T8195] RAX: ffffffffffffffda RBX: 00007f0e1e23f6c0 RCX: 00007f0e1d35d60e
[  275.244637][ T8195] RDX: 000000000000000f RSI: 00007f0e1e23f0a0 RDI: 0000000000000015
[  275.252667][ T8195] RBP: 00007f0e1e23f090 R08: 0000000000000000 R09: 0000000000000000
[  275.260694][ T8195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.268730][ T8195] R13: 00007f0e1d616128 R14: 00007f0e1d616090 R15: 00007ffef4fda058
[  275.276799][ T8195]  </TASK>
[  275.296395][ T8194] netlink: 160 bytes leftover after parsing attributes in process `syz.0.861'.
[  276.566463][ T8209] netlink: 'syz.2.865': attribute type 10 has an invalid length.
[  276.724604][ T8213] FAULT_INJECTION: forcing a failure.
[  276.724604][ T8213] name failslab, interval 1, probability 0, space 0, times 0
[  276.737652][ T8213] CPU: 0 PID: 8213 Comm: syz.3.868 Not tainted syzkaller #0
[  276.745001][ T8213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  276.755118][ T8213] Call Trace:
[  276.758455][ T8213]  <TASK>
[  276.761448][ T8213]  dump_stack_lvl+0x18c/0x250
[  276.766195][ T8213]  ? show_regs_print_info+0x20/0x20
[  276.771474][ T8213]  ? load_image+0x420/0x420
[  276.776044][ T8213]  ? __might_sleep+0xe0/0xe0
[  276.780692][ T8213]  ? __lock_acquire+0x7d40/0x7d40
[  276.785780][ T8213]  should_fail_ex+0x39d/0x4d0
[  276.790533][ T8213]  should_failslab+0x9/0x20
[  276.795148][ T8213]  slab_pre_alloc_hook+0x59/0x310
[  276.800237][ T8213]  ? __lock_acquire+0x7d40/0x7d40
[  276.805349][ T8213]  kmem_cache_alloc_node+0x60/0x320
[  276.810598][ T8213]  ? __alloc_skb+0x103/0x2c0
[  276.815233][ T8213]  __alloc_skb+0x103/0x2c0
[  276.819692][ T8213]  netlink_sendmsg+0x66a/0xbf0
[  276.824517][ T8213]  ? netlink_getsockopt+0x590/0x590
[  276.829781][ T8213]  ? aa_sock_msg_perm+0x94/0x150
[  276.834814][ T8213]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  276.840143][ T8213]  ? security_socket_sendmsg+0x80/0xa0
[  276.845647][ T8213]  ? netlink_getsockopt+0x590/0x590
[  276.850895][ T8213]  ____sys_sendmsg+0x5ba/0x960
[  276.855794][ T8213]  ? __asan_memset+0x22/0x40
[  276.860534][ T8213]  ? __sys_sendmsg_sock+0x30/0x30
[  276.865607][ T8213]  ? __import_iovec+0x5f2/0x850
[  276.870527][ T8213]  ? import_iovec+0x73/0xa0
[  276.875082][ T8213]  ___sys_sendmsg+0x2a6/0x360
[  276.879886][ T8213]  ? get_pid_task+0x20/0x1e0
[  276.884615][ T8213]  ? __sys_sendmsg+0x2a0/0x2a0
[  276.889454][ T8213]  ? __lock_acquire+0x7d40/0x7d40
[  276.894724][ T8213]  __se_sys_sendmsg+0x1c2/0x2b0
[  276.899642][ T8213]  ? __x64_sys_sendmsg+0x80/0x80
[  276.904721][ T8213]  ? lockdep_hardirqs_on+0x98/0x150
[  276.909973][ T8213]  do_syscall_64+0x55/0xa0
[  276.914439][ T8213]  ? clear_bhb_loop+0x40/0x90
[  276.919203][ T8213]  ? clear_bhb_loop+0x40/0x90
[  276.924375][ T8213]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  276.930321][ T8213] RIP: 0033:0x7f0e1d39cdd9
[  276.934779][ T8213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.954531][ T8213] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.962993][ T8213] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  276.971008][ T8213] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  276.979213][ T8213] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  276.987222][ T8213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.995233][ T8213] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  277.003294][ T8213]  </TASK>
[  277.179093][ T8218] netlink: 160 bytes leftover after parsing attributes in process `syz.1.869'.
[  277.856038][ T8238] netlink: 'syz.3.875': attribute type 10 has an invalid length.
[  278.033046][ T8243] netlink: 'syz.3.877': attribute type 10 has an invalid length.
[  278.195783][ T8246] netlink: 'syz.3.880': attribute type 10 has an invalid length.
[  278.545095][ T8252] netlink: 'syz.3.881': attribute type 2 has an invalid length.
[  278.571508][ T8252] netlink: 'syz.3.881': attribute type 4 has an invalid length.
[  278.651194][ T8254] netlink: 160 bytes leftover after parsing attributes in process `syz.0.882'.
[  279.272856][ T8265] netlink: 'syz.1.886': attribute type 10 has an invalid length.
[  279.569396][ T8271] netlink: 'syz.1.889': attribute type 10 has an invalid length.
[  279.995192][ T8284] netlink: 'syz.0.893': attribute type 10 has an invalid length.
[  280.020759][ T8285] netlink: 160 bytes leftover after parsing attributes in process `syz.1.894'.
[  280.170651][ T8289] netlink: 'syz.3.897': attribute type 10 has an invalid length.
[  282.278226][ T8320] validate_nla: 1 callbacks suppressed
[  282.278250][ T8320] netlink: 'syz.3.906': attribute type 10 has an invalid length.
[  282.368354][ T8322] netlink: 'syz.1.907': attribute type 21 has an invalid length.
[  282.426731][ T8322] netlink: 'syz.1.907': attribute type 1 has an invalid length.
[  282.797199][ T8327] netlink: 160 bytes leftover after parsing attributes in process `syz.3.908'.
[  283.336150][ T8335] netlink: 'syz.0.911': attribute type 10 has an invalid length.
[  283.378702][ T8337] netlink: 'syz.3.912': attribute type 10 has an invalid length.
[  285.113036][ T8355] netlink: 'syz.1.918': attribute type 10 has an invalid length.
[  285.282146][ T8358] netlink: 'syz.2.919': attribute type 21 has an invalid length.
[  285.316029][ T8358] netlink: 'syz.2.919': attribute type 1 has an invalid length.
[  285.698955][ T8370] netlink: 'syz.2.923': attribute type 10 has an invalid length.
[  285.735873][ T8370] veth1_vlan: left allmulticast mode
[  286.428447][ T8379] netlink: 160 bytes leftover after parsing attributes in process `syz.0.925'.
[  286.483120][ T8382] netlink: 'syz.2.928': attribute type 21 has an invalid length.
[  287.021042][ T8392] FAULT_INJECTION: forcing a failure.
[  287.021042][ T8392] name failslab, interval 1, probability 0, space 0, times 0
[  287.107076][ T8392] CPU: 1 PID: 8392 Comm: syz.2.932 Not tainted syzkaller #0
[  287.114473][ T8392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  287.124677][ T8392] Call Trace:
[  287.128008][ T8392]  <TASK>
[  287.130983][ T8392]  dump_stack_lvl+0x18c/0x250
[  287.135734][ T8392]  ? show_regs_print_info+0x20/0x20
[  287.141001][ T8392]  ? load_image+0x420/0x420
[  287.145593][ T8392]  ? __might_sleep+0xe0/0xe0
[  287.150258][ T8392]  ? __lock_acquire+0x7d40/0x7d40
[  287.155362][ T8392]  should_fail_ex+0x39d/0x4d0
[  287.160118][ T8392]  should_failslab+0x9/0x20
[  287.164680][ T8392]  slab_pre_alloc_hook+0x59/0x310
[  287.169791][ T8392]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  287.175400][ T8392]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  287.181002][ T8392]  __kmem_cache_alloc_node+0x53/0x250
[  287.186451][ T8392]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  287.192145][ T8392]  __kmalloc+0xa4/0x230
[  287.196372][ T8392]  bpf_prog_test_run_skb+0x238/0x12b0
[  287.201801][ T8392]  ? __fget_files+0x28/0x4b0
[  287.206457][ T8392]  ? __fget_files+0x28/0x4b0
[  287.211102][ T8392]  ? __fget_files+0x43d/0x4b0
[  287.215874][ T8392]  ? cpu_online+0x60/0x60
[  287.220371][ T8392]  bpf_prog_test_run+0x321/0x390
[  287.225373][ T8392]  __sys_bpf+0x49d/0x890
[  287.229667][ T8392]  ? bpf_link_show_fdinfo+0x390/0x390
[  287.235105][ T8392]  ? lock_chain_count+0x20/0x20
[  287.240135][ T8392]  __x64_sys_bpf+0x7c/0x90
[  287.244613][ T8392]  do_syscall_64+0x55/0xa0
[  287.249086][ T8392]  ? clear_bhb_loop+0x40/0x90
[  287.253827][ T8392]  ? clear_bhb_loop+0x40/0x90
[  287.258577][ T8392]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  287.264537][ T8392] RIP: 0033:0x7f30e719cdd9
[  287.269009][ T8392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  287.288712][ T8392] RSP: 002b:00007f30e7fdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  287.297191][ T8392] RAX: ffffffffffffffda RBX: 00007f30e7415fa0 RCX: 00007f30e719cdd9
[  287.305234][ T8392] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  287.313275][ T8392] RBP: 00007f30e7fdf090 R08: 0000000000000000 R09: 0000000000000000
[  287.321308][ T8392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.329432][ T8392] R13: 00007f30e7416038 R14: 00007f30e7415fa0 R15: 00007ffe7a528818
[  287.337487][ T8392]  </TASK>
[  288.213402][ T8412] netlink: 160 bytes leftover after parsing attributes in process `syz.1.940'.
[  288.242180][ T8413] validate_nla: 4 callbacks suppressed
[  288.242199][ T8413] netlink: 'syz.3.941': attribute type 10 has an invalid length.
[  288.342149][ T8415] netlink: 'syz.2.942': attribute type 21 has an invalid length.
[  288.350725][ T8415] netlink: 'syz.2.942': attribute type 1 has an invalid length.
[  288.573540][ T8419] netlink: 'syz.3.943': attribute type 21 has an invalid length.
[  288.628845][ T8419] netlink: 'syz.3.943': attribute type 1 has an invalid length.
[  289.352456][ T8430] netlink: 60 bytes leftover after parsing attributes in process `syz.3.947'.
[  289.379391][ T8430] netlink: 60 bytes leftover after parsing attributes in process `syz.3.947'.
[  289.399552][ T8430] netlink: 60 bytes leftover after parsing attributes in process `syz.3.947'.
[  289.442434][ T8430] netlink: 60 bytes leftover after parsing attributes in process `syz.3.947'.
[  289.787706][ T8441] netlink: 'syz.2.951': attribute type 10 has an invalid length.
[  289.940330][ T8444] netlink: 'syz.0.953': attribute type 21 has an invalid length.
[  289.954145][ T8446] netlink: 60 bytes leftover after parsing attributes in process `syz.2.954'.
[  289.963872][ T8446] netlink: 60 bytes leftover after parsing attributes in process `syz.2.954'.
[  289.964577][ T8444] netlink: 'syz.0.953': attribute type 1 has an invalid length.
[  289.988061][ T8446] netlink: 60 bytes leftover after parsing attributes in process `syz.2.954'.
[  290.004791][ T5783] Bluetooth: hci3: Dropping invalid advertising data
[  290.012953][ T5783] Bluetooth: hci3: Malformed LE Event: 0x02
[  290.019251][ T8446] netlink: 60 bytes leftover after parsing attributes in process `syz.2.954'.
[  290.526932][ T8459] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.959'.
[  291.345272][ T8466] netlink: 'syz.1.962': attribute type 10 has an invalid length.
[  291.739649][ T8476] netlink: 'syz.3.967': attribute type 21 has an invalid length.
[  292.891251][ T5783] Bluetooth: hci2: Dropping invalid advertising data
[  292.899246][ T5783] Bluetooth: hci2: Malformed LE Event: 0x02
[  293.308107][ T8506] validate_nla: 4 callbacks suppressed
[  293.308142][ T8506] netlink: 'syz.1.981': attribute type 21 has an invalid length.
[  293.370734][ T8506] netlink: 'syz.1.981': attribute type 1 has an invalid length.
[  293.379433][ T8511] netlink: 'syz.3.982': attribute type 10 has an invalid length.
[  294.597448][ T8523] netlink: 'syz.2.989': attribute type 21 has an invalid length.
[  294.628396][ T8523] netlink: 'syz.2.989': attribute type 1 has an invalid length.
[  294.891774][ T8531] netlink: 'syz.3.992': attribute type 10 has an invalid length.
[  294.933205][ T5772] Bluetooth: hci1: Dropping invalid advertising data
[  294.940321][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  295.115160][ T8537] netlink: 'syz.3.994': attribute type 21 has an invalid length.
[  295.128939][ T8537] netlink: 'syz.3.994': attribute type 1 has an invalid length.
[  296.028920][ T8562] netlink: 'syz.2.1003': attribute type 10 has an invalid length.
[  296.587083][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  296.600039][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  296.667592][ T8568] netlink: 'syz.3.1006': attribute type 21 has an invalid length.
[  298.353462][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  298.360310][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  298.403105][ T8606] validate_nla: 4 callbacks suppressed
[  298.403122][ T8606] netlink: 'syz.2.1018': attribute type 10 has an invalid length.
[  298.875701][ T8619] netlink: 'syz.3.1024': attribute type 10 has an invalid length.
[  299.471658][ T5772] Bluetooth: hci2: Dropping invalid advertising data
[  299.478490][ T5772] Bluetooth: hci2: Malformed LE Event: 0x02
[  299.500730][ T8630] netlink: 'syz.2.1027': attribute type 10 has an invalid length.
[  299.714967][ T8638] netlink: 'syz.3.1030': attribute type 10 has an invalid length.
[  300.653657][ T8649] netlink: 'syz.1.1034': attribute type 10 has an invalid length.
[  301.438948][ T8659] __nla_validate_parse: 4 callbacks suppressed
[  301.438965][ T8659] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1037'.
[  301.458377][ T8669] netlink: 'syz.1.1041': attribute type 10 has an invalid length.
[  301.685772][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  301.692774][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  301.915278][ T8677] netlink: 'syz.3.1044': attribute type 10 has an invalid length.
[  302.580446][ T8683] netlink: 'syz.0.1045': attribute type 10 has an invalid length.
[  302.765164][ T8689] FAULT_INJECTION: forcing a failure.
[  302.765164][ T8689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.784940][ T8689] CPU: 0 PID: 8689 Comm: syz.2.1048 Not tainted syzkaller #0
[  302.792431][ T8689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  302.802586][ T8689] Call Trace:
[  302.805912][ T8689]  <TASK>
[  302.808892][ T8689]  dump_stack_lvl+0x18c/0x250
[  302.813647][ T8689]  ? show_regs_print_info+0x20/0x20
[  302.818912][ T8689]  ? load_image+0x420/0x420
[  302.823478][ T8689]  ? __lock_acquire+0x7d40/0x7d40
[  302.828576][ T8689]  ? snprintf+0xe9/0x140
[  302.832905][ T8689]  should_fail_ex+0x39d/0x4d0
[  302.837660][ T8689]  _copy_to_user+0x2f/0xa0
[  302.842153][ T8689]  simple_read_from_buffer+0xe7/0x150
[  302.847607][ T8689]  proc_fail_nth_read+0x1e8/0x260
[  302.852697][ T8689]  ? proc_fault_inject_write+0x360/0x360
[  302.858392][ T8689]  ? fsnotify_perm+0x271/0x5e0
[  302.863226][ T8689]  ? proc_fault_inject_write+0x360/0x360
[  302.868936][ T8689]  vfs_read+0x28b/0x970
[  302.873177][ T8689]  ? kernel_read+0x1e0/0x1e0
[  302.877833][ T8689]  ? __fget_files+0x28/0x4b0
[  302.882496][ T8689]  ? __fget_files+0x28/0x4b0
[  302.887249][ T8689]  ? __fget_files+0x43d/0x4b0
[  302.892054][ T8689]  ? __fdget_pos+0x2a3/0x330
[  302.896742][ T8689]  ? ksys_read+0x75/0x260
[  302.901154][ T8689]  ksys_read+0x150/0x260
[  302.905483][ T8689]  ? vfs_write+0x990/0x990
[  302.909990][ T8689]  ? lockdep_hardirqs_on+0x98/0x150
[  302.915286][ T8689]  do_syscall_64+0x55/0xa0
[  302.919811][ T8689]  ? clear_bhb_loop+0x40/0x90
[  302.924599][ T8689]  ? clear_bhb_loop+0x40/0x90
[  302.929358][ T8689]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  302.935329][ T8689] RIP: 0033:0x7f30e715d60e
[  302.939816][ T8689] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  302.959606][ T8689] RSP: 002b:00007f30e7fbdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  302.968154][ T8689] RAX: ffffffffffffffda RBX: 00007f30e7fbe6c0 RCX: 00007f30e715d60e
[  302.976324][ T8689] RDX: 000000000000000f RSI: 00007f30e7fbe0a0 RDI: 0000000000000005
[  302.984360][ T8689] RBP: 00007f30e7fbe090 R08: 0000000000000000 R09: 0000000000000000
[  302.992381][ T8689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.000402][ T8689] R13: 00007f30e7416128 R14: 00007f30e7416090 R15: 00007ffe7a528818
[  303.008456][ T8689]  </TASK>
[  303.179236][ T8698] netlink: 'syz.2.1050': attribute type 10 has an invalid length.
[  303.216619][ T8699] netlink: 'syz.0.1058': attribute type 21 has an invalid length.
[  303.426771][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  303.433827][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  303.548407][ T8710] validate_nla: 1 callbacks suppressed
[  303.548447][ T8710] netlink: 'syz.0.1054': attribute type 10 has an invalid length.
[  304.017468][ T8719] netlink: 'syz.0.1057': attribute type 10 has an invalid length.
[  304.489148][ T8724] netlink: 'syz.2.1060': attribute type 10 has an invalid length.
[  304.498842][ T8724] team0: Device hsr_slave_0 is up. Set it down before adding it as a team port
[  304.792681][ T8729] netlink: 'syz.1.1062': attribute type 10 has an invalid length.
[  304.952782][ T5772] Bluetooth: hci2: Dropping invalid advertising data
[  304.959596][ T5772] Bluetooth: hci2: Malformed LE Event: 0x02
[  304.966540][ T8732] netlink: 'syz.3.1063': attribute type 21 has an invalid length.
[  304.979822][ T8732] netlink: 'syz.3.1063': attribute type 1 has an invalid length.
[  305.144054][ T8738] netlink: 'syz.1.1066': attribute type 10 has an invalid length.
[  306.420446][ T8759] netlink: 'syz.2.1072': attribute type 10 has an invalid length.
[  306.645291][ T8761] netlink: 'syz.0.1073': attribute type 10 has an invalid length.
[  306.935619][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  306.942884][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  306.989906][ T8769] netlink: 'syz.0.1076': attribute type 21 has an invalid length.
[  307.977651][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  307.984959][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  308.627668][ T8811] validate_nla: 9 callbacks suppressed
[  308.627707][ T8811] netlink: 'syz.1.1090': attribute type 10 has an invalid length.
[  308.649882][ T8811] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1090'.
[  308.660679][ T8811] netlink: 'syz.1.1090': attribute type 10 has an invalid length.
[  308.685042][ T8811] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1090'.
[  308.708680][ T8816] netlink: 'syz.0.1092': attribute type 10 has an invalid length.
[  309.378282][ T8830] netlink: 'syz.0.1098': attribute type 10 has an invalid length.
[  309.844950][ T8836] netlink: 'syz.0.1100': attribute type 21 has an invalid length.
[  309.890195][ T8836] netlink: 'syz.0.1100': attribute type 1 has an invalid length.
[  310.560631][ T8849] netlink: 'syz.2.1104': attribute type 10 has an invalid length.
[  310.893341][ T8857] netlink: 'syz.3.1108': attribute type 10 has an invalid length.
[  311.096590][ T8863] netlink: 'syz.0.1110': attribute type 21 has an invalid length.
[  311.106244][ T8863] netlink: 'syz.0.1110': attribute type 1 has an invalid length.
[  313.612201][ T8867] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1111'.
[  313.793657][ T8867] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  313.861570][ T8901] validate_nla: 2 callbacks suppressed
[  313.861616][ T8901] netlink: 'syz.2.1121': attribute type 21 has an invalid length.
[  313.909406][ T8901] netlink: 'syz.2.1121': attribute type 1 has an invalid length.
[  314.171763][ T8913] netlink: 'syz.3.1126': attribute type 10 has an invalid length.
[  314.192524][ T8913] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1126'.
[  314.226724][ T8913] netlink: 'syz.3.1126': attribute type 10 has an invalid length.
[  314.246721][ T8913] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1126'.
[  314.323378][ T8915] netlink: 'syz.0.1127': attribute type 10 has an invalid length.
[  314.721329][ T8922] netlink: 'syz.1.1128': attribute type 10 has an invalid length.
[  315.373414][ T5772] Bluetooth: hci1: Dropping invalid advertising data
[  315.380231][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  315.734293][ T8940] netlink: 'syz.0.1133': attribute type 21 has an invalid length.
[  315.743175][ T8940] netlink: 'syz.0.1133': attribute type 1 has an invalid length.
[  316.800626][ T8957] netlink: 'syz.3.1138': attribute type 10 has an invalid length.
[  317.126695][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  317.134514][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  317.252919][ T8963] netlink: 'syz.2.1141': attribute type 10 has an invalid length.
[  317.557514][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  317.566848][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  317.955061][ T8976] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1145'.
[  317.970507][ T8976] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1145'.
[  318.158424][ T8949] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1135'.
[  318.377678][ T8949] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  319.320559][ T5772] Bluetooth: hci3: unknown advertising packet type: 0x80
[  319.320609][ T5772] Bluetooth: hci3: unknown advertising packet type: 0xff
[  319.331335][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  319.494158][ T9004] validate_nla: 5 callbacks suppressed
[  319.494199][ T9004] netlink: 'syz.3.1154': attribute type 10 has an invalid length.
[  319.851431][ T9011] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1158'.
[  320.109105][ T9018] netlink: 'syz.3.1159': attribute type 10 has an invalid length.
[  320.626756][ T5772] Bluetooth: hci1: unknown advertising packet type: 0x80
[  320.626799][ T5772] Bluetooth: hci1: unknown advertising packet type: 0xff
[  320.634008][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  320.872436][ T9030] syzkaller0: entered promiscuous mode
[  320.878010][ T9030] syzkaller0: entered allmulticast mode
[  320.909549][ T9033] netlink: 'syz.3.1167': attribute type 10 has an invalid length.
[  321.493758][ T5772] Bluetooth: hci1: unknown advertising packet type: 0x80
[  321.493804][ T5772] Bluetooth: hci1: unknown advertising packet type: 0xff
[  321.502578][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  322.066355][ T9058] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1174'.
[  323.942995][ T9049] netlink: 'syz.0.1169': attribute type 10 has an invalid length.
[  324.052757][ T9073] netlink: 'syz.0.1180': attribute type 10 has an invalid length.
[  325.130448][ T9095] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1187'.
[  325.229409][ T9097] netlink: 'syz.1.1188': attribute type 10 has an invalid length.
[  325.770018][ T9106] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1192'.
[  325.792724][ T9108] netlink: 'syz.3.1193': attribute type 10 has an invalid length.
[  326.588765][ T9119] syzkaller0: entered promiscuous mode
[  326.596981][ T9119] syzkaller0: entered allmulticast mode
[  326.627482][ T9127] netlink: 'syz.3.1198': attribute type 10 has an invalid length.
[  327.925112][ T9138] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1203'.
[  329.597203][ T9150] netlink: 'syz.0.1206': attribute type 10 has an invalid length.
[  330.073867][ T9163] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1209'.
[  330.651335][ T9172] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1214'.
[  331.305277][ T9180] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1218'.
[  331.666922][ T9186] syzkaller0: entered promiscuous mode
[  331.674040][ T9186] syzkaller0: entered allmulticast mode
[  331.744044][ T9190] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1228'.
[  333.976362][ T9196] netlink: 'syz.2.1223': attribute type 21 has an invalid length.
[  333.989009][ T9196] netlink: 'syz.2.1223': attribute type 1 has an invalid length.
[  334.000535][ T9201] netlink: 'syz.0.1225': attribute type 21 has an invalid length.
[  334.030165][ T9201] netlink: 'syz.0.1225': attribute type 1 has an invalid length.
[  334.256359][ T9206] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1229'.
[  334.686972][ T9209] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1230'.
[  335.098948][ T9223] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1235'.
[  335.413749][ T9229] netlink: 'syz.3.1237': attribute type 21 has an invalid length.
[  335.431435][ T9229] netlink: 'syz.3.1237': attribute type 1 has an invalid length.
[  335.578860][ T9234] netlink: 'syz.0.1238': attribute type 21 has an invalid length.
[  335.607597][ T9234] netlink: 'syz.0.1238': attribute type 1 has an invalid length.
[  336.146756][ T9247] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1245'.
[  336.395363][ T9251] syzkaller0: entered promiscuous mode
[  336.401278][ T9251] syzkaller0: entered allmulticast mode
[  336.697657][ T9254] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1247'.
[  339.014472][ T9257] netlink: 'syz.0.1248': attribute type 21 has an invalid length.
[  339.030207][ T9257] netlink: 'syz.0.1248': attribute type 1 has an invalid length.
[  339.039883][ T9266] netlink: 'syz.1.1251': attribute type 10 has an invalid length.
[  339.263184][ T9276] netlink: 'syz.3.1254': attribute type 10 has an invalid length.
[  340.166517][ T9293] netlink: 'syz.3.1260': attribute type 21 has an invalid length.
[  340.179798][ T9293] netlink: 'syz.3.1260': attribute type 1 has an invalid length.
[  340.368649][ T9297] syzkaller0: entered promiscuous mode
[  340.374367][ T9297] syzkaller0: entered allmulticast mode
[  340.638696][ T9303] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1262'.
[  341.001205][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  341.008180][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  342.607497][ T9304] netlink: 'syz.2.1263': attribute type 10 has an invalid length.
[  342.635495][ T9312] netlink: 'syz.1.1265': attribute type 10 has an invalid length.
[  342.827353][ T9314] netlink: 'syz.2.1266': attribute type 10 has an invalid length.
[  342.990765][ T9320] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1269'.
[  343.814157][ T9317] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1267'.
[  343.916779][ T9331] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1272'.
[  344.081336][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  344.088233][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  344.227143][ T9338] syzkaller0: entered promiscuous mode
[  344.240602][ T9338] syzkaller0: entered allmulticast mode
[  344.422860][ T9342] netlink: 'syz.3.1276': attribute type 10 has an invalid length.
[  345.415296][ T5772] Bluetooth: hci1: Dropping invalid advertising data
[  345.422793][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  345.543679][ T9362] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1285'.
[  346.878545][ T9350] netlink: 'syz.0.1280': attribute type 21 has an invalid length.
[  346.886772][ T9350] netlink: 'syz.0.1280': attribute type 1 has an invalid length.
[  346.998274][ T9365] netlink: 'syz.0.1286': attribute type 10 has an invalid length.
[  347.141666][ T9367] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1287'.
[  347.515195][ T9374] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1290'.
[  348.000667][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  348.007656][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  348.225418][ T9387] syzkaller0: entered promiscuous mode
[  348.252413][ T9387] syzkaller0: entered allmulticast mode
[  348.462900][ T9389] netlink: 'syz.3.1294': attribute type 21 has an invalid length.
[  348.472296][ T9389] netlink: 'syz.3.1294': attribute type 1 has an invalid length.
[  349.707811][ T9402] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1299'.
[  350.782129][ T9408] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1300'.
[  351.116601][ T9415] netlink: 'syz.2.1303': attribute type 21 has an invalid length.
[  351.151245][ T9415] netlink: 'syz.2.1303': attribute type 1 has an invalid length.
[  351.382101][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  351.388944][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  351.620433][ T9427] netlink: 'syz.2.1306': attribute type 21 has an invalid length.
[  351.675531][ T9427] netlink: 'syz.2.1306': attribute type 1 has an invalid length.
[  351.702370][ T9429] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1308'.
[  352.175134][ T9436] syzkaller0: entered promiscuous mode
[  352.180676][ T9436] syzkaller0: entered allmulticast mode
[  352.275338][ T9433] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1310'.
[  354.792827][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  354.799749][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  355.285019][ T9463] netlink: 'syz.0.1321': attribute type 21 has an invalid length.
[  355.313816][ T9463] netlink: 'syz.0.1321': attribute type 1 has an invalid length.
[  355.455925][ T9468] netlink: 'syz.2.1323': attribute type 10 has an invalid length.
[  355.839623][ T9475] syzkaller0: entered promiscuous mode
[  355.845373][ T9475] syzkaller0: entered allmulticast mode
[  358.466139][ T9488] netlink: 'syz.0.1330': attribute type 10 has an invalid length.
[  358.478259][ T9496] netlink: 'syz.1.1332': attribute type 10 has an invalid length.
[  358.588579][ T9498] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1333'.
[  358.642248][ T9498] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.1333'.
[  358.667951][ T9498] tc_dump_action: action bad kind
[  358.945192][ T9508] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1337'.
[  359.964365][ T9520] netlink: 'syz.2.1342': attribute type 10 has an invalid length.
[  360.159182][ T9524] syzkaller0: entered promiscuous mode
[  360.187207][ T9524] syzkaller0: entered allmulticast mode
[  362.633156][ T9536] netlink: 'syz.1.1347': attribute type 10 has an invalid length.
[  362.641351][ T9546] netlink: 'syz.2.1350': attribute type 10 has an invalid length.
[  362.655065][ T9552] netlink: 'syz.0.1352': attribute type 10 has an invalid length.
[  362.849706][ T9560] netlink: 'syz.0.1363': attribute type 10 has an invalid length.
[  362.890485][ T9556] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1353'.
[  364.073606][ T9582] netlink: 'syz.0.1362': attribute type 10 has an invalid length.
[  364.101706][ T9581] netlink: 'syz.3.1361': attribute type 10 has an invalid length.
[  364.555696][ T9592] netlink: 'syz.1.1366': attribute type 10 has an invalid length.
[  364.824563][ T9596] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1368'.
[  365.518295][ T9613] netlink: 'syz.1.1375': attribute type 10 has an invalid length.
[  365.830329][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  365.837299][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  366.693810][ T9627] netlink: 'syz.2.1378': attribute type 10 has an invalid length.
[  367.402071][ T9638] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1382'.
[  367.955634][ T9649] netlink: 'syz.0.1385': attribute type 10 has an invalid length.
[  369.111929][ T9671] netlink: 'syz.0.1395': attribute type 10 has an invalid length.
[  369.388871][ T9675] netlink: 'syz.3.1396': attribute type 10 has an invalid length.
[  369.739570][ T9681] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1398'.
[  370.891617][ T9703] netlink: 'syz.2.1405': attribute type 10 has an invalid length.
[  371.043391][ T9707] netlink: 'syz.1.1406': attribute type 10 has an invalid length.
[  371.292107][ T9710] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1407'.
[  371.920319][ T9717] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1410'.
[  372.920294][ T9748] netlink: 'syz.3.1417': attribute type 10 has an invalid length.
[  373.174376][ T9752] netlink: 'syz.0.1419': attribute type 10 has an invalid length.
[  374.111695][ T9765] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.1423'.
[  374.230476][ T9771] netlink: 'syz.3.1423': attribute type 21 has an invalid length.
[  374.257758][ T9771] netlink: 'syz.3.1423': attribute type 12 has an invalid length.
[  374.301101][ T9771] netlink: 'syz.3.1423': attribute type 13 has an invalid length.
[  374.312595][ T9771] netlink: 'syz.3.1423': attribute type 14 has an invalid length.
[  374.320507][ T9771] netlink: 'syz.3.1423': attribute type 15 has an invalid length.
[  374.395684][ T9771] netlink: 'syz.3.1423': attribute type 16 has an invalid length.
[  374.411018][ T9771] netlink: 12918 bytes leftover after parsing attributes in process `syz.3.1423'.
[  374.787485][ T9776] netlink: 'syz.0.1426': attribute type 10 has an invalid length.
[  375.128709][ T9785] netlink: 'syz.3.1430': attribute type 10 has an invalid length.
[  375.567420][ T9783] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1428'.
[  376.096751][ T9790] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1431'.
[  376.400988][ T9796] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1432'.
[  377.500871][ T9819] netlink: 'syz.2.1438': attribute type 10 has an invalid length.
[  377.809728][ T9826] netlink: 'syz.2.1440': attribute type 10 has an invalid length.
[  378.351862][ T9833] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1445'.
[  379.066334][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  379.073095][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  379.209689][ T9834] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1444'.
[  379.566235][ T9854] validate_nla: 2 callbacks suppressed
[  379.566251][ T9854] netlink: 'syz.2.1449': attribute type 10 has an invalid length.
[  379.877009][ T9860] netlink: 'syz.2.1452': attribute type 21 has an invalid length.
[  379.986642][ T9860] netlink: 'syz.2.1452': attribute type 1 has an invalid length.
[  380.135668][ T9866] netlink: 'syz.3.1448': attribute type 21 has an invalid length.
[  380.172535][ T9866] netlink: 1926 bytes leftover after parsing attributes in process `syz.3.1448'.
[  381.145843][ T9878] netlink: 'syz.1.1454': attribute type 10 has an invalid length.
[  381.858228][ T9883] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1457'.
[  382.318566][ T9891] netlink: 'syz.3.1461': attribute type 21 has an invalid length.
[  384.151661][ T9918] netlink: 'syz.3.1470': attribute type 21 has an invalid length.
[  384.160406][ T9918] netlink: 'syz.3.1470': attribute type 1 has an invalid length.
[  384.904776][ T9927] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1471'.
[  385.833010][ T9948] netlink: 'syz.2.1479': attribute type 21 has an invalid length.
[  385.891034][ T9948] netlink: 1926 bytes leftover after parsing attributes in process `syz.2.1479'.
[  386.282401][ T9954] netlink: 'syz.1.1481': attribute type 21 has an invalid length.
[  386.341104][ T9954] netlink: 'syz.1.1481': attribute type 1 has an invalid length.
[  386.550434][ T9962] netlink: 'syz.3.1483': attribute type 21 has an invalid length.
[  386.573369][ T9962] netlink: 'syz.3.1483': attribute type 1 has an invalid length.
[  387.070617][ T9972] FAULT_INJECTION: forcing a failure.
[  387.070617][ T9972] name failslab, interval 1, probability 0, space 0, times 0
[  387.157754][ T9972] CPU: 1 PID: 9972 Comm: syz.3.1489 Not tainted syzkaller #0
[  387.165353][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  387.175473][ T9972] Call Trace:
[  387.178798][ T9972]  <TASK>
[  387.181781][ T9972]  dump_stack_lvl+0x18c/0x250
[  387.186636][ T9972]  ? show_regs_print_info+0x20/0x20
[  387.191910][ T9972]  ? load_image+0x420/0x420
[  387.196481][ T9972]  ? __might_sleep+0xe0/0xe0
[  387.201149][ T9972]  ? __lock_acquire+0x7d40/0x7d40
[  387.206233][ T9972]  should_fail_ex+0x39d/0x4d0
[  387.210967][ T9972]  should_failslab+0x9/0x20
[  387.215515][ T9972]  slab_pre_alloc_hook+0x59/0x310
[  387.220577][ T9972]  ? __lock_acquire+0x7d40/0x7d40
[  387.225634][ T9972]  kmem_cache_alloc_node+0x60/0x320
[  387.230872][ T9972]  ? __alloc_skb+0x103/0x2c0
[  387.235533][ T9972]  __alloc_skb+0x103/0x2c0
[  387.239983][ T9972]  netlink_sendmsg+0x66a/0xbf0
[  387.244793][ T9972]  ? netlink_getsockopt+0x590/0x590
[  387.250030][ T9972]  ? aa_sock_msg_perm+0x94/0x150
[  387.255033][ T9972]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  387.260373][ T9972]  ? security_socket_sendmsg+0x80/0xa0
[  387.265909][ T9972]  ? netlink_getsockopt+0x590/0x590
[  387.271169][ T9972]  ____sys_sendmsg+0x5ba/0x960
[  387.275976][ T9972]  ? __asan_memset+0x22/0x40
[  387.280634][ T9972]  ? __sys_sendmsg_sock+0x30/0x30
[  387.285691][ T9972]  ? __import_iovec+0x5f2/0x850
[  387.290673][ T9972]  ? import_iovec+0x73/0xa0
[  387.295207][ T9972]  ___sys_sendmsg+0x2a6/0x360
[  387.299927][ T9972]  ? __sys_sendmsg+0x2a0/0x2a0
[  387.304736][ T9972]  ? trace_call_bpf+0xc3/0x6c0
[  387.309561][ T9972]  __se_sys_sendmsg+0x1c2/0x2b0
[  387.314459][ T9972]  ? __x64_sys_sendmsg+0x80/0x80
[  387.319448][ T9972]  ? lockdep_hardirqs_on+0x98/0x150
[  387.324716][ T9972]  do_syscall_64+0x55/0xa0
[  387.329167][ T9972]  ? clear_bhb_loop+0x40/0x90
[  387.333874][ T9972]  ? clear_bhb_loop+0x40/0x90
[  387.338589][ T9972]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  387.344515][ T9972] RIP: 0033:0x7f0e1d39cdd9
[  387.349135][ T9972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  387.368865][ T9972] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.377316][ T9972] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  387.385330][ T9972] RDX: 0000000020000800 RSI: 0000200000000600 RDI: 0000000000000003
[  387.393363][ T9972] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  387.401498][ T9972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.409610][ T9972] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  387.417629][ T9972]  </TASK>
[  387.912536][ T9982] netlink: 'syz.3.1494': attribute type 21 has an invalid length.
[  387.932021][ T9982] netlink: 'syz.3.1494': attribute type 1 has an invalid length.
[  388.589080][ T9992] netlink: 'syz.1.1493': attribute type 21 has an invalid length.
[  388.664456][ T9992] netlink: 1926 bytes leftover after parsing attributes in process `syz.1.1493'.
[  388.849647][ T9997] netlink: 'syz.2.1497': attribute type 10 has an invalid length.
[  390.358696][T10012] netlink: 'syz.2.1503': attribute type 21 has an invalid length.
[  390.411593][ T5772] Bluetooth: hci0: Dropping invalid advertising data
[  390.418485][ T5772] Bluetooth: hci0: Malformed LE Event: 0x02
[  390.993024][T10030] FAULT_INJECTION: forcing a failure.
[  390.993024][T10030] name failslab, interval 1, probability 0, space 0, times 0
[  391.046915][T10030] CPU: 1 PID: 10030 Comm: syz.3.1509 Not tainted syzkaller #0
[  391.054511][T10030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  391.064721][T10030] Call Trace:
[  391.068206][T10030]  <TASK>
[  391.071180][T10030]  dump_stack_lvl+0x18c/0x250
[  391.075959][T10030]  ? show_regs_print_info+0x20/0x20
[  391.081231][T10030]  ? load_image+0x420/0x420
[  391.085788][T10030]  ? __might_sleep+0xe0/0xe0
[  391.090529][T10030]  ? __lock_acquire+0x7d40/0x7d40
[  391.095604][T10030]  should_fail_ex+0x39d/0x4d0
[  391.100334][T10030]  should_failslab+0x9/0x20
[  391.104888][T10030]  slab_pre_alloc_hook+0x59/0x310
[  391.110040][T10030]  ? __lock_acquire+0x7d40/0x7d40
[  391.115095][T10030]  kmem_cache_alloc_node+0x60/0x320
[  391.120363][T10030]  ? __alloc_skb+0x103/0x2c0
[  391.124988][T10030]  __alloc_skb+0x103/0x2c0
[  391.129530][T10030]  netlink_sendmsg+0x66a/0xbf0
[  391.134343][T10030]  ? netlink_getsockopt+0x590/0x590
[  391.139585][T10030]  ? aa_sock_msg_perm+0x94/0x150
[  391.144639][T10030]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  391.149959][T10030]  ? security_socket_sendmsg+0x80/0xa0
[  391.155448][T10030]  ? netlink_getsockopt+0x590/0x590
[  391.160687][T10030]  ____sys_sendmsg+0x5ba/0x960
[  391.165572][T10030]  ? __asan_memset+0x22/0x40
[  391.170194][T10030]  ? __sys_sendmsg_sock+0x30/0x30
[  391.175340][T10030]  ? __import_iovec+0x5f2/0x850
[  391.180244][T10030]  ? import_iovec+0x73/0xa0
[  391.184867][T10030]  ___sys_sendmsg+0x2a6/0x360
[  391.189616][T10030]  ? __sys_sendmsg+0x2a0/0x2a0
[  391.194429][T10030]  ? trace_call_bpf+0xc3/0x6c0
[  391.199295][T10030]  __se_sys_sendmsg+0x1c2/0x2b0
[  391.204215][T10030]  ? __x64_sys_sendmsg+0x80/0x80
[  391.209201][T10030]  ? lockdep_hardirqs_on+0x98/0x150
[  391.214440][T10030]  do_syscall_64+0x55/0xa0
[  391.218887][T10030]  ? clear_bhb_loop+0x40/0x90
[  391.223631][T10030]  ? clear_bhb_loop+0x40/0x90
[  391.228344][T10030]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  391.234286][T10030] RIP: 0033:0x7f0e1d39cdd9
[  391.238838][T10030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  391.258661][T10030] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.267113][T10030] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  391.275110][T10030] RDX: 0200000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  391.283110][T10030] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  391.291142][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.299324][T10030] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  391.307364][T10030]  </TASK>
[  391.349572][T10026] validate_nla: 1 callbacks suppressed
[  391.349627][T10026] netlink: 'syz.0.1508': attribute type 10 has an invalid length.
[  391.397838][T10026] macvlan0: left promiscuous mode
[  391.421738][T10026] macvlan0: left allmulticast mode
[  391.667449][T10034] netlink: 'syz.2.1519': attribute type 10 has an invalid length.
[  391.701259][T10034] macvlan0: left promiscuous mode
[  391.721309][T10034] macvlan0: left allmulticast mode
[  392.286767][ T5772] Bluetooth: hci1: Dropping invalid advertising data
[  392.293634][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  392.385020][T10037] netlink: 'syz.0.1510': attribute type 21 has an invalid length.
[  392.410004][T10037] netlink: 1926 bytes leftover after parsing attributes in process `syz.0.1510'.
[  392.531522][T10051] netlink: 'syz.3.1515': attribute type 21 has an invalid length.
[  392.554766][T10051] netlink: 'syz.3.1515': attribute type 1 has an invalid length.
[  394.024476][T10084] netlink: 'syz.1.1526': attribute type 10 has an invalid length.
[  394.045375][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  394.052339][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  394.056936][T10084] macvlan0: left promiscuous mode
[  394.097562][T10084] macvlan0: left allmulticast mode
[  394.210207][T10089] netlink: 'syz.2.1529': attribute type 21 has an invalid length.
[  394.247945][T10089] netlink: 'syz.2.1529': attribute type 1 has an invalid length.
[  394.652979][T10110] netlink: 'syz.2.1536': attribute type 10 has an invalid length.
[  394.660890][T10110] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1536'.
[  394.710288][T10110] batman_adv: batadv0: Adding interface: vlan1
[  394.755306][T10110] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.814208][T10110] batman_adv: batadv0: Interface activated: vlan1
[  395.166004][ T5772] Bluetooth: hci2: Dropping invalid advertising data
[  395.174175][ T5772] Bluetooth: hci2: Malformed LE Event: 0x02
[  395.301804][T10120] FAULT_INJECTION: forcing a failure.
[  395.301804][T10120] name failslab, interval 1, probability 0, space 0, times 0
[  395.315190][T10120] CPU: 1 PID: 10120 Comm: syz.2.1540 Not tainted syzkaller #0
[  395.322737][T10120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  395.332940][T10120] Call Trace:
[  395.336346][T10120]  <TASK>
[  395.339318][T10120]  dump_stack_lvl+0x18c/0x250
[  395.344162][T10120]  ? show_regs_print_info+0x20/0x20
[  395.349457][T10120]  ? load_image+0x420/0x420
[  395.354035][T10120]  ? __might_sleep+0xe0/0xe0
[  395.358680][T10120]  ? __lock_acquire+0x7d40/0x7d40
[  395.363761][T10120]  should_fail_ex+0x39d/0x4d0
[  395.368606][T10120]  should_failslab+0x9/0x20
[  395.373178][T10120]  slab_pre_alloc_hook+0x59/0x310
[  395.378338][T10120]  ? tomoyo_encode+0x28b/0x540
[  395.383149][T10120]  ? tomoyo_encode+0x28b/0x540
[  395.388034][T10120]  __kmem_cache_alloc_node+0x53/0x250
[  395.393449][T10120]  ? tomoyo_encode+0x28b/0x540
[  395.398242][T10120]  __kmalloc+0xa4/0x230
[  395.402531][T10120]  tomoyo_encode+0x28b/0x540
[  395.407156][T10120]  tomoyo_realpath_from_path+0x592/0x5d0
[  395.412832][T10120]  tomoyo_path_number_perm+0x248/0x620
[  395.418332][T10120]  ? tomoyo_path_number_perm+0x217/0x620
[  395.424013][T10120]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  395.429508][T10120]  ? ksys_write+0x1c4/0x260
[  395.434074][T10120]  ? __fget_files+0x28/0x4b0
[  395.438701][T10120]  ? __fget_files+0x28/0x4b0
[  395.443345][T10120]  security_file_ioctl+0x70/0xa0
[  395.448345][T10120]  __se_sys_ioctl+0x48/0x170
[  395.453025][T10120]  do_syscall_64+0x55/0xa0
[  395.457522][T10120]  ? clear_bhb_loop+0x40/0x90
[  395.462248][T10120]  ? clear_bhb_loop+0x40/0x90
[  395.466982][T10120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  395.472918][T10120] RIP: 0033:0x7f30e719cdd9
[  395.477375][T10120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  395.497018][T10120] RSP: 002b:00007f30e7fdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.505556][T10120] RAX: ffffffffffffffda RBX: 00007f30e7415fa0 RCX: 00007f30e719cdd9
[  395.513555][T10120] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000004
[  395.521554][T10120] RBP: 00007f30e7fdf090 R08: 0000000000000000 R09: 0000000000000000
[  395.529554][T10120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.537990][T10120] R13: 00007f30e7416038 R14: 00007f30e7415fa0 R15: 00007ffe7a528818
[  395.546008][T10120]  </TASK>
[  395.579052][T10120] ERROR: Out of memory at tomoyo_realpath_from_path.
[  395.822615][T10129] netlink: 'syz.2.1544': attribute type 21 has an invalid length.
[  395.863332][T10125] macvlan0: left promiscuous mode
[  395.868949][T10125] macvlan0: left allmulticast mode
[  395.896262][T10127] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1543'.
[  395.948545][T10132] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1545'.
[  395.997985][T10132] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1545'.
[  396.062314][T10136] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1545'.
[  396.119145][T10133] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1545'.
[  396.306425][T10142] macvlan0: entered promiscuous mode
[  396.318879][T10142] macvlan0: entered allmulticast mode
[  396.423865][ T5772] Bluetooth: hci1: Dropping invalid advertising data
[  396.430732][ T5772] Bluetooth: hci1: Malformed LE Event: 0x02
[  397.035283][T10163] validate_nla: 3 callbacks suppressed
[  397.035337][T10163] netlink: 'syz.0.1556': attribute type 21 has an invalid length.
[  397.055164][T10163] netlink: 'syz.0.1556': attribute type 1 has an invalid length.
[  397.088173][T10165] FAULT_INJECTION: forcing a failure.
[  397.088173][T10165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.103816][T10165] CPU: 1 PID: 10165 Comm: syz.2.1557 Not tainted syzkaller #0
[  397.111372][T10165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  397.121489][T10165] Call Trace:
[  397.124832][T10165]  <TASK>
[  397.127812][T10165]  dump_stack_lvl+0x18c/0x250
[  397.132574][T10165]  ? show_regs_print_info+0x20/0x20
[  397.137839][T10165]  ? load_image+0x420/0x420
[  397.142403][T10165]  ? __might_fault+0xaa/0x120
[  397.147133][T10165]  ? __lock_acquire+0x7d40/0x7d40
[  397.152221][T10165]  should_fail_ex+0x39d/0x4d0
[  397.156966][T10165]  _copy_from_user+0x2f/0xe0
[  397.161618][T10165]  ___sys_sendmsg+0x1c7/0x360
[  397.166357][T10165]  ? __sys_sendmsg+0x2a0/0x2a0
[  397.171195][T10165]  ? trace_call_bpf+0xc3/0x6c0
[  397.176050][T10165]  __se_sys_sendmsg+0x1c2/0x2b0
[  397.181050][T10165]  ? __x64_sys_sendmsg+0x80/0x80
[  397.186057][T10165]  ? lockdep_hardirqs_on+0x98/0x150
[  397.191322][T10165]  do_syscall_64+0x55/0xa0
[  397.195795][T10165]  ? clear_bhb_loop+0x40/0x90
[  397.200540][T10165]  ? clear_bhb_loop+0x40/0x90
[  397.203458][T10168] netlink: 'syz.3.1558': attribute type 10 has an invalid length.
[  397.205281][T10165]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.205314][T10165] RIP: 0033:0x7f30e719cdd9
[  397.223511][T10165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.243180][T10165] RSP: 002b:00007f30e7fdf028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.251647][T10165] RAX: ffffffffffffffda RBX: 00007f30e7415fa0 RCX: 00007f30e719cdd9
[  397.259706][T10165] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  397.267723][T10165] RBP: 00007f30e7fdf090 R08: 0000000000000000 R09: 0000000000000000
[  397.275746][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.283764][T10165] R13: 00007f30e7416038 R14: 00007f30e7415fa0 R15: 00007ffe7a528818
[  397.291803][T10165]  </TASK>
[  397.679626][T10180] netlink: 'syz.0.1563': attribute type 10 has an invalid length.
[  397.699003][T10180] macvlan0: entered promiscuous mode
[  397.719349][T10180] macvlan0: entered allmulticast mode
[  398.205931][T10191] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  398.380661][T10194] netlink: 'syz.1.1570': attribute type 21 has an invalid length.
[  398.400003][T10194] netlink: 'syz.1.1570': attribute type 1 has an invalid length.
[  399.162719][T10214] netlink: 'syz.2.1578': attribute type 10 has an invalid length.
[  399.181428][T10214] macvlan0: entered promiscuous mode
[  399.204809][T10214] macvlan0: entered allmulticast mode
[  399.361855][T10219] netlink: 'syz.3.1579': attribute type 10 has an invalid length.
[  399.795138][T10229] netlink: 'syz.2.1581': attribute type 21 has an invalid length.
[  402.085850][T10282] validate_nla: 6 callbacks suppressed
[  402.085898][T10282] netlink: 'syz.3.1606': attribute type 21 has an invalid length.
[  402.126743][T10282] netlink: 'syz.3.1606': attribute type 1 has an invalid length.
[  402.509438][T10299] netlink: 'syz.0.1611': attribute type 10 has an invalid length.
[  402.982534][T10310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1616'.
[  403.029690][T10310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1616'.
[  403.067012][T10310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1616'.
[  403.094806][T10310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1616'.
[  403.306890][T10312] netlink: 'syz.0.1617': attribute type 21 has an invalid length.
[  403.330412][T10312] netlink: 'syz.0.1617': attribute type 1 has an invalid length.
[  403.607729][T10324] netlink: 'syz.1.1622': attribute type 10 has an invalid length.
[  404.780430][T10357] netlink: 'syz.3.1633': attribute type 10 has an invalid length.
[  406.302710][T10386] netlink: 'syz.2.1644': attribute type 10 has an invalid length.
[  406.651317][T10400] FAULT_INJECTION: forcing a failure.
[  406.651317][T10400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.722624][T10400] CPU: 1 PID: 10400 Comm: syz.3.1649 Not tainted syzkaller #0
[  406.730187][T10400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  406.740305][T10400] Call Trace:
[  406.743807][T10400]  <TASK>
[  406.746773][T10400]  dump_stack_lvl+0x18c/0x250
[  406.751498][T10400]  ? show_regs_print_info+0x20/0x20
[  406.756734][T10400]  ? load_image+0x420/0x420
[  406.761365][T10400]  ? __lock_acquire+0x7d40/0x7d40
[  406.766445][T10400]  should_fail_ex+0x39d/0x4d0
[  406.771165][T10400]  _copy_from_user+0x2f/0xe0
[  406.775803][T10400]  __copy_msghdr+0x3bb/0x580
[  406.780432][T10400]  ___sys_sendmsg+0x214/0x360
[  406.785139][T10400]  ? __sys_sendmsg+0x2a0/0x2a0
[  406.789946][T10400]  ? trace_call_bpf+0xc3/0x6c0
[  406.794766][T10400]  __se_sys_sendmsg+0x1c2/0x2b0
[  406.799649][T10400]  ? __x64_sys_sendmsg+0x80/0x80
[  406.804632][T10400]  ? lockdep_hardirqs_on+0x98/0x150
[  406.809862][T10400]  do_syscall_64+0x55/0xa0
[  406.814307][T10400]  ? clear_bhb_loop+0x40/0x90
[  406.819013][T10400]  ? clear_bhb_loop+0x40/0x90
[  406.823727][T10400]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  406.829655][T10400] RIP: 0033:0x7f0e1d39cdd9
[  406.834145][T10400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  406.853835][T10400] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  406.862292][T10400] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  406.870319][T10400] RDX: 0000000000040844 RSI: 00002000000000c0 RDI: 0000000000000003
[  406.878332][T10400] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  406.886444][T10400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.894553][T10400] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  406.902590][T10400]  </TASK>
[  407.632711][T10417] netlink: 'syz.1.1655': attribute type 10 has an invalid length.
[  408.534676][T10446] netlink: 'syz.2.1666': attribute type 10 has an invalid length.
[  408.998028][T10460] FAULT_INJECTION: forcing a failure.
[  408.998028][T10460] name failslab, interval 1, probability 0, space 0, times 0
[  409.021140][T10460] CPU: 0 PID: 10460 Comm: syz.0.1671 Not tainted syzkaller #0
[  409.028698][T10460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  409.038808][T10460] Call Trace:
[  409.042217][T10460]  <TASK>
[  409.045187][T10460]  dump_stack_lvl+0x18c/0x250
[  409.049924][T10460]  ? show_regs_print_info+0x20/0x20
[  409.055309][T10460]  ? load_image+0x420/0x420
[  409.059870][T10460]  ? __might_sleep+0xe0/0xe0
[  409.064508][T10460]  ? __lock_acquire+0x7d40/0x7d40
[  409.069589][T10460]  should_fail_ex+0x39d/0x4d0
[  409.074340][T10460]  should_failslab+0x9/0x20
[  409.078893][T10460]  slab_pre_alloc_hook+0x59/0x310
[  409.084057][T10460]  ? __lock_acquire+0x7d40/0x7d40
[  409.089125][T10460]  kmem_cache_alloc_node+0x60/0x320
[  409.094365][T10460]  ? __alloc_skb+0x103/0x2c0
[  409.098999][T10460]  __alloc_skb+0x103/0x2c0
[  409.103458][T10460]  netlink_sendmsg+0x66a/0xbf0
[  409.108285][T10460]  ? netlink_getsockopt+0x590/0x590
[  409.113625][T10460]  ? aa_sock_msg_perm+0x94/0x150
[  409.118607][T10460]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  409.123923][T10460]  ? security_socket_sendmsg+0x80/0xa0
[  409.129459][T10460]  ? netlink_getsockopt+0x590/0x590
[  409.134699][T10460]  ____sys_sendmsg+0x5ba/0x960
[  409.139601][T10460]  ? __asan_memset+0x22/0x40
[  409.144270][T10460]  ? __sys_sendmsg_sock+0x30/0x30
[  409.149326][T10460]  ? __import_iovec+0x5f2/0x850
[  409.154308][T10460]  ? import_iovec+0x73/0xa0
[  409.158854][T10460]  ___sys_sendmsg+0x2a6/0x360
[  409.163565][T10460]  ? get_pid_task+0x20/0x1e0
[  409.168289][T10460]  ? __sys_sendmsg+0x2a0/0x2a0
[  409.173101][T10460]  ? __lock_acquire+0x7d40/0x7d40
[  409.178174][T10460]  __se_sys_sendmsg+0x1c2/0x2b0
[  409.183065][T10460]  ? __x64_sys_sendmsg+0x80/0x80
[  409.188052][T10460]  ? lockdep_hardirqs_on+0x98/0x150
[  409.193297][T10460]  do_syscall_64+0x55/0xa0
[  409.197739][T10460]  ? clear_bhb_loop+0x40/0x90
[  409.202452][T10460]  ? clear_bhb_loop+0x40/0x90
[  409.207167][T10460]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  409.213129][T10460] RIP: 0033:0x7f84ce19cdd9
[  409.217576][T10460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  409.237389][T10460] RSP: 002b:00007f84cefa4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  409.245838][T10460] RAX: ffffffffffffffda RBX: 00007f84ce415fa0 RCX: 00007f84ce19cdd9
[  409.253842][T10460] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[  409.261844][T10460] RBP: 00007f84cefa4090 R08: 0000000000000000 R09: 0000000000000000
[  409.269840][T10460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.277885][T10460] R13: 00007f84ce416038 R14: 00007f84ce415fa0 R15: 00007ffdb289fb48
[  409.285914][T10460]  </TASK>
[  409.686550][T10472] netlink: 'syz.0.1676': attribute type 10 has an invalid length.
[  410.637728][T10492] netlink: 'syz.2.1681': attribute type 10 has an invalid length.
[  410.720357][T10492] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  410.773124][T10496] FAULT_INJECTION: forcing a failure.
[  410.773124][T10496] name failslab, interval 1, probability 0, space 0, times 0
[  410.798565][T10496] CPU: 1 PID: 10496 Comm: syz.1.1682 Not tainted syzkaller #0
[  410.806198][T10496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  410.816311][T10496] Call Trace:
[  410.819643][T10496]  <TASK>
[  410.822612][T10496]  dump_stack_lvl+0x18c/0x250
[  410.827376][T10496]  ? show_regs_print_info+0x20/0x20
[  410.832653][T10496]  ? load_image+0x420/0x420
[  410.837305][T10496]  ? __might_sleep+0xe0/0xe0
[  410.841958][T10496]  ? __lock_acquire+0x7d40/0x7d40
[  410.847036][T10496]  should_fail_ex+0x39d/0x4d0
[  410.851858][T10496]  should_failslab+0x9/0x20
[  410.856418][T10496]  slab_pre_alloc_hook+0x59/0x310
[  410.861513][T10496]  ? __get_vm_area_node+0x125/0x370
[  410.866775][T10496]  __kmem_cache_alloc_node+0x53/0x250
[  410.872221][T10496]  ? __get_vm_area_node+0x125/0x370
[  410.877552][T10496]  kmalloc_node_trace+0x26/0xe0
[  410.882447][T10496]  __get_vm_area_node+0x125/0x370
[  410.887511][T10496]  __vmalloc_node_range+0x36e/0x1330
[  410.892833][T10496]  ? netlink_sendmsg+0x602/0xbf0
[  410.897983][T10496]  ? netlink_insert+0x109f/0x13a0
[  410.903143][T10496]  ? netlink_data_ready+0x10/0x10
[  410.908203][T10496]  ? free_vm_area+0x50/0x50
[  410.912746][T10496]  ? netlink_sendmsg+0x602/0xbf0
[  410.917740][T10496]  vmalloc+0x79/0x90
[  410.921670][T10496]  ? netlink_sendmsg+0x602/0xbf0
[  410.926646][T10496]  netlink_sendmsg+0x602/0xbf0
[  410.931452][T10496]  ? netlink_getsockopt+0x590/0x590
[  410.936690][T10496]  ? aa_sock_msg_perm+0x94/0x150
[  410.941663][T10496]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  410.946988][T10496]  ? security_socket_sendmsg+0x80/0xa0
[  410.952473][T10496]  ? netlink_getsockopt+0x590/0x590
[  410.957739][T10496]  ____sys_sendmsg+0x5ba/0x960
[  410.962558][T10496]  ? __asan_memset+0x22/0x40
[  410.967206][T10496]  ? __sys_sendmsg_sock+0x30/0x30
[  410.972272][T10496]  ? __import_iovec+0x5f2/0x850
[  410.977167][T10496]  ? import_iovec+0x73/0xa0
[  410.981702][T10496]  ___sys_sendmsg+0x2a6/0x360
[  410.986412][T10496]  ? __sys_sendmsg+0x2a0/0x2a0
[  410.991414][T10496]  ? trace_call_bpf+0xc3/0x6c0
[  410.996242][T10496]  __se_sys_sendmsg+0x1c2/0x2b0
[  411.001127][T10496]  ? __x64_sys_sendmsg+0x80/0x80
[  411.006104][T10496]  ? lockdep_hardirqs_on+0x98/0x150
[  411.011339][T10496]  do_syscall_64+0x55/0xa0
[  411.015784][T10496]  ? clear_bhb_loop+0x40/0x90
[  411.020519][T10496]  ? clear_bhb_loop+0x40/0x90
[  411.025255][T10496]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  411.031192][T10496] RIP: 0033:0x7ff741f9cdd9
[  411.035632][T10496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  411.055266][T10496] RSP: 002b:00007ff742f1e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  411.063711][T10496] RAX: ffffffffffffffda RBX: 00007ff742215fa0 RCX: 00007ff741f9cdd9
[  411.071740][T10496] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  411.079749][T10496] RBP: 00007ff742f1e090 R08: 0000000000000000 R09: 0000000000000000
[  411.087746][T10496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.095854][T10496] R13: 00007ff742216038 R14: 00007ff742215fa0 R15: 00007ffc6e0098b8
[  411.103872][T10496]  </TASK>
[  411.136799][T10496] syz.1.1682: vmalloc error: size 65600, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  411.167638][T10496] CPU: 0 PID: 10496 Comm: syz.1.1682 Not tainted syzkaller #0
[  411.175193][T10496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  411.185308][T10496] Call Trace:
[  411.188634][T10496]  <TASK>
[  411.191601][T10496]  dump_stack_lvl+0x18c/0x250
[  411.196347][T10496]  ? show_regs_print_info+0x20/0x20
[  411.201596][T10496]  ? load_image+0x420/0x420
[  411.206163][T10496]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  411.212625][T10496]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  411.219170][T10496]  warn_alloc+0x246/0x340
[  411.223556][T10496]  ? __get_vm_area_node+0x125/0x370
[  411.228882][T10496]  ? zone_watermark_ok_safe+0x230/0x230
[  411.234477][T10496]  ? rcu_is_watching+0x15/0xb0
[  411.239308][T10496]  ? __get_vm_area_node+0x356/0x370
[  411.244570][T10496]  __vmalloc_node_range+0x393/0x1330
[  411.249930][T10496]  ? netlink_insert+0x109f/0x13a0
[  411.255020][T10496]  ? netlink_data_ready+0x10/0x10
[  411.260113][T10496]  ? free_vm_area+0x50/0x50
[  411.264677][T10496]  ? netlink_sendmsg+0x602/0xbf0
[  411.269688][T10496]  vmalloc+0x79/0x90
[  411.273638][T10496]  ? netlink_sendmsg+0x602/0xbf0
[  411.278646][T10496]  netlink_sendmsg+0x602/0xbf0
[  411.283463][T10496]  ? netlink_getsockopt+0x590/0x590
[  411.288798][T10496]  ? aa_sock_msg_perm+0x94/0x150
[  411.293792][T10496]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  411.299117][T10496]  ? security_socket_sendmsg+0x80/0xa0
[  411.304617][T10496]  ? netlink_getsockopt+0x590/0x590
[  411.309870][T10496]  ____sys_sendmsg+0x5ba/0x960
[  411.314677][T10496]  ? __asan_memset+0x22/0x40
[  411.319320][T10496]  ? __sys_sendmsg_sock+0x30/0x30
[  411.324398][T10496]  ? __import_iovec+0x5f2/0x850
[  411.329298][T10496]  ? import_iovec+0x73/0xa0
[  411.333838][T10496]  ___sys_sendmsg+0x2a6/0x360
[  411.338560][T10496]  ? __sys_sendmsg+0x2a0/0x2a0
[  411.343387][T10496]  ? trace_call_bpf+0xc3/0x6c0
[  411.348222][T10496]  __se_sys_sendmsg+0x1c2/0x2b0
[  411.353149][T10496]  ? __x64_sys_sendmsg+0x80/0x80
[  411.358139][T10496]  ? lockdep_hardirqs_on+0x98/0x150
[  411.363448][T10496]  do_syscall_64+0x55/0xa0
[  411.368085][T10496]  ? clear_bhb_loop+0x40/0x90
[  411.372814][T10496]  ? clear_bhb_loop+0x40/0x90
[  411.377542][T10496]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  411.383476][T10496] RIP: 0033:0x7ff741f9cdd9
[  411.387927][T10496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  411.407576][T10496] RSP: 002b:00007ff742f1e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  411.416048][T10496] RAX: ffffffffffffffda RBX: 00007ff742215fa0 RCX: 00007ff741f9cdd9
[  411.424077][T10496] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  411.432173][T10496] RBP: 00007ff742f1e090 R08: 0000000000000000 R09: 0000000000000000
[  411.440171][T10496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.448175][T10496] R13: 00007ff742216038 R14: 00007ff742215fa0 R15: 00007ffc6e0098b8
[  411.456229][T10496]  </TASK>
[  411.499671][T10496] Mem-Info:
[  411.508970][T10496] active_anon:8282 inactive_anon:0 isolated_anon:0
[  411.508970][T10496]  active_file:11852 inactive_file:40058 isolated_file:0
[  411.508970][T10496]  unevictable:768 dirty:234 writeback:0
[  411.508970][T10496]  slab_reclaimable:11854 slab_unreclaimable:100335
[  411.508970][T10496]  mapped:25017 shmem:1361 pagetables:559
[  411.508970][T10496]  sec_pagetables:0 bounce:0
[  411.508970][T10496]  kernel_misc_reclaimable:0
[  411.508970][T10496]  free:1338671 free_pcp:10500 free_cma:0
[  411.571417][T10496] Node 0 active_anon:33028kB inactive_anon:0kB active_file:47408kB inactive_file:160028kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100068kB dirty:936kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10968kB pagetables:2136kB sec_pagetables:0kB all_unreclaimable? no
[  411.643818][T10496] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  411.676206][T10496] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  411.725833][T10496] lowmem_reserve[]: 0 2521 2522 2522 2522
[  411.751063][T10496] Node 0 DMA32 free:1447208kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:32388kB inactive_anon:0kB active_file:47408kB inactive_file:159208kB unevictable:1536kB writepending:936kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:23376kB local_pcp:16176kB free_cma:0kB
[  411.786801][T10496] lowmem_reserve[]: 0 0 0 0 0
[  411.816372][T10504] netlink: 'syz.0.1686': attribute type 10 has an invalid length.
[  411.821538][T10496] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  411.898740][T10496] lowmem_reserve[]: 0 0 0 0 0
[  411.904918][T10496] Node 1 Normal free:3892116kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20320kB local_pcp:10720kB free_cma:0kB
[  411.977120][T10496] lowmem_reserve[]: 0 0 0 0 0
[  411.989818][T10496] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  412.033583][T10496] Node 0 DMA32: 1458*4kB (UM) 1090*8kB (UM) 989*16kB (UME) 573*32kB (UME) 576*64kB (UME) 90*128kB (UM) 69*256kB (UM) 42*512kB (UME) 26*1024kB (UME) 11*2048kB (UM) 308*4096kB (M) = 1446984kB
[  412.109124][T10496] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  412.135497][T10496] Node 1 Normal: 257*4kB (U) 56*8kB (UME) 27*16kB (UME) 45*32kB (UME) 16*64kB (UE) 7*128kB (UME) 1*256kB (E) 1*512kB (M) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3892116kB
[  412.171596][T10496] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  412.191400][T10496] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  412.222234][T10496] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  412.250965][T10496] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  412.282718][T10496] 53271 total pagecache pages
[  412.287580][T10496] 0 pages in swap cache
[  412.310976][T10496] Free swap  = 124996kB
[  412.328398][T10496] Total swap = 124996kB
[  412.336366][T10496] 2097051 pages RAM
[  412.343509][T10496] 0 pages HighMem/MovableOnly
[  412.348362][T10496] 416927 pages reserved
[  412.352864][T10496] 0 pages cma reserved
[  413.488744][T10536] netlink: 'syz.2.1697': attribute type 10 has an invalid length.
[  413.631693][T10543] FAULT_INJECTION: forcing a failure.
[  413.631693][T10543] name failslab, interval 1, probability 0, space 0, times 0
[  413.669868][T10543] CPU: 0 PID: 10543 Comm: syz.2.1700 Not tainted syzkaller #0
[  413.677428][T10543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  413.687546][T10543] Call Trace:
[  413.690884][T10543]  <TASK>
[  413.693856][T10543]  dump_stack_lvl+0x18c/0x250
[  413.698603][T10543]  ? show_regs_print_info+0x20/0x20
[  413.703880][T10543]  ? load_image+0x420/0x420
[  413.708472][T10543]  ? __might_sleep+0xe0/0xe0
[  413.713113][T10543]  ? __lock_acquire+0x7d40/0x7d40
[  413.718218][T10543]  should_fail_ex+0x39d/0x4d0
[  413.723088][T10543]  should_failslab+0x9/0x20
[  413.727673][T10543]  slab_pre_alloc_hook+0x59/0x310
[  413.732824][T10543]  ? __lock_acquire+0x7d40/0x7d40
[  413.737920][T10543]  kmem_cache_alloc_node+0x60/0x320
[  413.743219][T10543]  ? __alloc_skb+0x103/0x2c0
[  413.747861][T10543]  __alloc_skb+0x103/0x2c0
[  413.752413][T10543]  netlink_sendmsg+0x66a/0xbf0
[  413.757257][T10543]  ? netlink_getsockopt+0x590/0x590
[  413.762522][T10543]  ? aa_sock_msg_perm+0x94/0x150
[  413.767522][T10543]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  413.772872][T10543]  ? security_socket_sendmsg+0x80/0xa0
[  413.778393][T10543]  ? netlink_getsockopt+0x590/0x590
[  413.783707][T10543]  ____sys_sendmsg+0x5ba/0x960
[  413.788524][T10543]  ? __asan_memset+0x22/0x40
[  413.793177][T10543]  ? __sys_sendmsg_sock+0x30/0x30
[  413.798250][T10543]  ? __import_iovec+0x5f2/0x850
[  413.803161][T10543]  ? import_iovec+0x73/0xa0
[  413.807900][T10543]  ___sys_sendmsg+0x2a6/0x360
[  413.812638][T10543]  ? __sys_sendmsg+0x2a0/0x2a0
[  413.817474][T10543]  ? trace_call_bpf+0xc3/0x6c0
[  413.822331][T10543]  __se_sys_sendmsg+0x1c2/0x2b0
[  413.827318][T10543]  ? __x64_sys_sendmsg+0x80/0x80
[  413.832321][T10543]  ? lockdep_hardirqs_on+0x98/0x150
[  413.837575][T10543]  do_syscall_64+0x55/0xa0
[  413.842039][T10543]  ? clear_bhb_loop+0x40/0x90
[  413.846777][T10543]  ? clear_bhb_loop+0x40/0x90
[  413.851512][T10543]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  413.857473][T10543] RIP: 0033:0x7f30e719cdd9
[  413.861943][T10543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  413.881610][T10543] RSP: 002b:00007f30e7fdf028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.890095][T10543] RAX: ffffffffffffffda RBX: 00007f30e7415fa0 RCX: 00007f30e719cdd9
[  413.898139][T10543] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000003
[  413.906177][T10543] RBP: 00007f30e7fdf090 R08: 0000000000000000 R09: 0000000000000000
[  413.914200][T10543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.922227][T10543] R13: 00007f30e7416038 R14: 00007f30e7415fa0 R15: 00007ffe7a528818
[  413.930267][T10543]  </TASK>
[  418.457289][T10577] netlink: 'syz.2.1708': attribute type 10 has an invalid length.
[  419.329092][ T5772] Bluetooth: hci3: Dropping invalid advertising data
[  419.336069][ T5772] Bluetooth: hci3: Malformed LE Event: 0x02
[  421.630635][T10601] netlink: 'syz.2.1718': attribute type 10 has an invalid length.
[  421.674925][T10604] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1716'.
[  421.750003][T10604] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.1716'.
[  421.798070][T10604] netlink: zone id is out of range
[  421.809970][T10604] netlink: zone id is out of range
[  421.826355][T10604] netlink: zone id is out of range
[  421.838118][ T5772] Bluetooth: hci2: Dropping invalid advertising data
[  421.841951][T10604] netlink: zone id is out of range
[  421.847508][ T5772] Bluetooth: hci2: Malformed LE Event: 0x02
[  421.874796][T10604] netlink: zone id is out of range
[  421.898948][T10604] netlink: zone id is out of range
[  421.910617][T10604] netlink: zone id is out of range
[  421.924689][T10604] netlink: zone id is out of range
[  421.971704][T10604] netlink: zone id is out of range
[  421.987881][T10604] netlink: zone id is out of range
[  422.627308][T10620] netlink: 14568 bytes leftover after parsing attributes in process `syz.0.1722'.
[  423.215166][T10641] netlink: 'syz.2.1728': attribute type 10 has an invalid length.
[  424.195724][T10649] FAULT_INJECTION: forcing a failure.
[  424.195724][T10649] name failslab, interval 1, probability 0, space 0, times 0
[  424.229322][T10649] CPU: 1 PID: 10649 Comm: syz.2.1731 Not tainted syzkaller #0
[  424.236889][T10649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  424.246998][T10649] Call Trace:
[  424.250338][T10649]  <TASK>
[  424.253326][T10649]  dump_stack_lvl+0x18c/0x250
[  424.258069][T10649]  ? show_regs_print_info+0x20/0x20
[  424.263343][T10649]  ? load_image+0x420/0x420
[  424.267902][T10649]  ? __lock_acquire+0x7d40/0x7d40
[  424.272979][T10649]  should_fail_ex+0x39d/0x4d0
[  424.277730][T10649]  should_failslab+0x9/0x20
[  424.282646][T10649]  slab_pre_alloc_hook+0x59/0x310
[  424.287715][T10649]  ? bpf_test_init+0x9f/0x140
[  424.292450][T10649]  ? bpf_test_init+0x9f/0x140
[  424.297183][T10649]  __kmem_cache_alloc_node+0x53/0x250
[  424.302632][T10649]  ? bpf_test_init+0x9f/0x140
[  424.307374][T10649]  __kmalloc+0xa4/0x230
[  424.311583][T10649]  bpf_test_init+0x9f/0x140
[  424.316160][T10649]  bpf_prog_test_run_xdp+0x4d1/0x10e0
[  424.321577][T10649]  ? __fget_files+0x59/0x4b0
[  424.326209][T10649]  ? dev_put+0x80/0x80
[  424.330405][T10649]  ? dev_put+0x80/0x80
[  424.334505][T10649]  bpf_prog_test_run+0x321/0x390
[  424.339482][T10649]  __sys_bpf+0x49d/0x890
[  424.343759][T10649]  ? bpf_link_show_fdinfo+0x390/0x390
[  424.349198][T10649]  __x64_sys_bpf+0x7c/0x90
[  424.353673][T10649]  do_syscall_64+0x55/0xa0
[  424.358121][T10649]  ? clear_bhb_loop+0x40/0x90
[  424.362847][T10649]  ? clear_bhb_loop+0x40/0x90
[  424.367688][T10649]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  424.373636][T10649] RIP: 0033:0x7f30e719cdd9
[  424.378086][T10649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  424.397757][T10649] RSP: 002b:00007f30e7fdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  424.406215][T10649] RAX: ffffffffffffffda RBX: 00007f30e7415fa0 RCX: 00007f30e719cdd9
[  424.414237][T10649] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  424.422266][T10649] RBP: 00007f30e7fdf090 R08: 0000000000000000 R09: 0000000000000000
[  424.430276][T10649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.438288][T10649] R13: 00007f30e7416038 R14: 00007f30e7415fa0 R15: 00007ffe7a528818
[  424.446339][T10649]  </TASK>
[  424.601387][ T5772] Bluetooth: hci2: unexpected event 0x06 length: 15 > 3
[  424.906664][T10657] netlink: 'syz.2.1734': attribute type 10 has an invalid length.
[  424.969638][T10657] veth1_vlan: left promiscuous mode
[  425.009874][T10657] macvlan1: entered allmulticast mode
[  425.159430][T10657] veth1_vlan: entered promiscuous mode
[  425.181645][T10657] veth1_vlan: entered allmulticast mode
[  425.327232][T10657] team0: Port device macvlan1 added
[  425.377838][T10661] netlink: 'syz.1.1735': attribute type 10 has an invalid length.
[  425.407467][T10661] macvlan0: entered promiscuous mode
[  425.435083][T10661] macvlan0: entered allmulticast mode
[  425.467842][T10663] netlink: 'syz.0.1736': attribute type 64 has an invalid length.
[  425.700365][T10669] netlink: 'syz.2.1737': attribute type 10 has an invalid length.
[  425.912034][T10674] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1739'.
[  426.561800][T10684] netlink: 'syz.2.1744': attribute type 1 has an invalid length.
[  426.591409][T10684] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1744'.
[  426.618112][T10687] netlink: 153060 bytes leftover after parsing attributes in process `syz.2.1744'.
[  427.018237][T10694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  427.090255][T10695] netlink: 'syz.2.1747': attribute type 10 has an invalid length.
[  427.178425][T10699] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1746'.
[  427.215202][T10700] netlink: 'syz.0.1749': attribute type 10 has an invalid length.
[  427.768166][T10714] netlink: 'syz.0.1754': attribute type 2 has an invalid length.
[  427.782137][T10714] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1754'.
[  428.630486][T10733] netlink: 'syz.0.1760': attribute type 10 has an invalid length.
[  428.859537][T10736] netlink: 'syz.0.1761': attribute type 10 has an invalid length.
[  429.519080][T10746] netlink: 'syz.0.1765': attribute type 1 has an invalid length.
[  429.536108][T10746] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.1765'.
[  430.004011][T10760] netlink: 'syz.1.1769': attribute type 10 has an invalid length.
[  430.446626][T10770] netlink: 'syz.1.1773': attribute type 10 has an invalid length.
[  430.751024][ T5772] Bluetooth: hci2: command 0x0406 tx timeout
[  431.266543][T10780] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1776'.
[  431.275778][T10780] net_ratelimit: 58 callbacks suppressed
[  431.275797][T10780] openvswitch: netlink: Flow key attr not present in new flow.
[  431.496358][T10785] FAULT_INJECTION: forcing a failure.
[  431.496358][T10785] name failslab, interval 1, probability 0, space 0, times 0
[  431.527207][T10785] CPU: 1 PID: 10785 Comm: syz.2.1778 Not tainted syzkaller #0
[  431.534775][T10785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  431.544896][T10785] Call Trace:
[  431.548232][T10785]  <TASK>
[  431.551210][T10785]  dump_stack_lvl+0x18c/0x250
[  431.555965][T10785]  ? show_regs_print_info+0x20/0x20
[  431.561236][T10785]  ? load_image+0x420/0x420
[  431.565783][T10785]  ? __might_sleep+0xe0/0xe0
[  431.570414][T10785]  ? __lock_acquire+0x7d40/0x7d40
[  431.575476][T10785]  should_fail_ex+0x39d/0x4d0
[  431.580203][T10785]  should_failslab+0x9/0x20
[  431.584746][T10785]  slab_pre_alloc_hook+0x59/0x310
[  431.589831][T10785]  ? tomoyo_encode+0x28b/0x540
[  431.594624][T10785]  ? tomoyo_encode+0x28b/0x540
[  431.599425][T10785]  __kmem_cache_alloc_node+0x53/0x250
[  431.604846][T10785]  ? tomoyo_encode+0x28b/0x540
[  431.609646][T10785]  __kmalloc+0xa4/0x230
[  431.613842][T10785]  tomoyo_encode+0x28b/0x540
[  431.618471][T10785]  tomoyo_realpath_from_path+0x592/0x5d0
[  431.624150][T10785]  tomoyo_path_number_perm+0x248/0x620
[  431.629656][T10785]  ? tomoyo_path_number_perm+0x217/0x620
[  431.635342][T10785]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  431.640849][T10785]  ? ksys_write+0x1c4/0x260
[  431.645417][T10785]  ? __fget_files+0x28/0x4b0
[  431.650040][T10785]  ? __fget_files+0x28/0x4b0
[  431.654682][T10785]  security_file_ioctl+0x70/0xa0
[  431.659693][T10785]  __se_sys_ioctl+0x48/0x170
[  431.664323][T10785]  do_syscall_64+0x55/0xa0
[  431.668796][T10785]  ? clear_bhb_loop+0x40/0x90
[  431.673516][T10785]  ? clear_bhb_loop+0x40/0x90
[  431.678235][T10785]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  431.684173][T10785] RIP: 0033:0x7f30e719cdd9
[  431.688619][T10785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  431.708371][T10785] RSP: 002b:00007f30e7fbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.716816][T10785] RAX: ffffffffffffffda RBX: 00007f30e7416090 RCX: 00007f30e719cdd9
[  431.724822][T10785] RDX: 0000200000000000 RSI: 000000000000890b RDI: 0000000000000006
[  431.732853][T10785] RBP: 00007f30e7fbe090 R08: 0000000000000000 R09: 0000000000000000
[  431.740950][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.748955][T10785] R13: 00007f30e7416128 R14: 00007f30e7416090 R15: 00007ffe7a528818
[  431.756972][T10785]  </TASK>
[  431.782031][T10785] ERROR: Out of memory at tomoyo_realpath_from_path.
[  431.980680][T10787] netlink: 'syz.0.1780': attribute type 10 has an invalid length.
[  432.258466][T10795] netlink: 'syz.2.1784': attribute type 10 has an invalid length.
[  433.476226][T10823] netlink: 'syz.0.1790': attribute type 10 has an invalid length.
[  433.772524][T10833] netlink: 'syz.0.1795': attribute type 10 has an invalid length.
[  435.086055][T10854] netlink: 'syz.3.1802': attribute type 10 has an invalid length.
[  435.579248][T10865] netlink: 'syz.3.1807': attribute type 10 has an invalid length.
[  436.143028][T10876] FAULT_INJECTION: forcing a failure.
[  436.143028][T10876] name failslab, interval 1, probability 0, space 0, times 0
[  436.168381][T10876] CPU: 0 PID: 10876 Comm: syz.0.1809 Not tainted syzkaller #0
[  436.175940][T10876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  436.186047][T10876] Call Trace:
[  436.189436][T10876]  <TASK>
[  436.192409][T10876]  dump_stack_lvl+0x18c/0x250
[  436.197148][T10876]  ? show_regs_print_info+0x20/0x20
[  436.202409][T10876]  ? load_image+0x420/0x420
[  436.207062][T10876]  ? __might_sleep+0xe0/0xe0
[  436.211709][T10876]  ? __lock_acquire+0x7d40/0x7d40
[  436.216814][T10876]  should_fail_ex+0x39d/0x4d0
[  436.221577][T10876]  should_failslab+0x9/0x20
[  436.226152][T10876]  slab_pre_alloc_hook+0x59/0x310
[  436.231246][T10876]  kmem_cache_alloc_node+0x60/0x320
[  436.236528][T10876]  ? __alloc_skb+0x103/0x2c0
[  436.241172][T10876]  __alloc_skb+0x103/0x2c0
[  436.245646][T10876]  alloc_skb_with_frags+0xca/0x7b0
[  436.250817][T10876]  ? __lock_acquire+0x7d40/0x7d40
[  436.255911][T10876]  sock_alloc_send_pskb+0x883/0x9a0
[  436.261157][T10876]  ? __might_fault+0xaa/0x120
[  436.265895][T10876]  ? sock_kzfree_s+0x50/0x50
[  436.270552][T10876]  ? iov_iter_advance+0x88/0x1a0
[  436.275551][T10876]  tun_get_user+0x82c/0x3ca0
[  436.280221][T10876]  ? aa_file_perm+0x11b/0xee0
[  436.284970][T10876]  ? rcu_read_unlock+0xa0/0xa0
[  436.289799][T10876]  ? tun_get+0x1c/0x2e0
[  436.294009][T10876]  ? __lock_acquire+0x7d40/0x7d40
[  436.299081][T10876]  ? tun_get+0x1c/0x2e0
[  436.303274][T10876]  tun_chr_write_iter+0x119/0x200
[  436.308368][T10876]  vfs_write+0x46c/0x990
[  436.312652][T10876]  ? file_end_write+0x250/0x250
[  436.317543][T10876]  ? __fget_files+0x43d/0x4b0
[  436.322266][T10876]  ? __fdget_pos+0x1d8/0x330
[  436.326897][T10876]  ? ksys_write+0x75/0x260
[  436.331376][T10876]  ksys_write+0x150/0x260
[  436.335747][T10876]  ? __ia32_sys_read+0x90/0x90
[  436.340550][T10876]  ? lockdep_hardirqs_on+0x98/0x150
[  436.345780][T10876]  do_syscall_64+0x55/0xa0
[  436.350223][T10876]  ? clear_bhb_loop+0x40/0x90
[  436.354960][T10876]  ? clear_bhb_loop+0x40/0x90
[  436.359690][T10876]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  436.365620][T10876] RIP: 0033:0x7f84ce19cdd9
[  436.370067][T10876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  436.389803][T10876] RSP: 002b:00007f84cef83028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  436.398257][T10876] RAX: ffffffffffffffda RBX: 00007f84ce416090 RCX: 00007f84ce19cdd9
[  436.406274][T10876] RDX: 000000000000ffdd RSI: 0000200000000280 RDI: 0000000000000006
[  436.414387][T10876] RBP: 00007f84cef83090 R08: 0000000000000000 R09: 0000000000000000
[  436.422485][T10876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.430514][T10876] R13: 00007f84ce416128 R14: 00007f84ce416090 R15: 00007ffdb289fb48
[  436.438530][T10876]  </TASK>
[  436.631251][T10880] netlink: 'syz.1.1812': attribute type 10 has an invalid length.
[  436.710952][T10871] syzkaller0: entered promiscuous mode
[  436.716614][T10871] syzkaller0: entered allmulticast mode
[  439.672319][T10898] netlink: 'syz.1.1819': attribute type 10 has an invalid length.
[  439.685247][T10908] netlink: 'syz.2.1821': attribute type 10 has an invalid length.
[  439.914051][T10911] netlink: 'syz.1.1822': attribute type 1 has an invalid length.
[  439.951133][T10911] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.1822'.
[  440.317333][T10923] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1828'.
[  440.384379][T10930] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.1828'.
[  440.425856][T10930] netlink: zone id is out of range
[  440.436598][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  440.443041][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  440.458908][T10930] netlink: zone id is out of range
[  440.485447][T10930] netlink: zone id is out of range
[  440.490672][T10930] netlink: zone id is out of range
[  440.500951][T10930] netlink: zone id is out of range
[  440.506156][T10930] netlink: zone id is out of range
[  440.515722][T10930] netlink: zone id is out of range
[  440.541993][T10930] netlink: zone id is out of range
[  440.547202][T10930] netlink: zone id is out of range
[  440.577177][T10930] netlink: zone id is out of range
[  440.685311][T10936] netlink: 'syz.3.1830': attribute type 10 has an invalid length.
[  441.048259][T10941] netlink: 'syz.1.1831': attribute type 10 has an invalid length.
[  441.831780][T10961] netlink: 'syz.3.1839': attribute type 1 has an invalid length.
[  441.839926][T10961] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1839'.
[  441.889532][T10963] netlink: 'syz.0.1840': attribute type 10 has an invalid length.
[  442.092516][T10966] netlink: 'syz.1.1841': attribute type 10 has an invalid length.
[  443.430069][T10991] netlink: 'syz.3.1851': attribute type 10 has an invalid length.
[  443.833752][T10996] netlink: 'syz.1.1853': attribute type 10 has an invalid length.
[  444.256655][T11010] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.1850'.
[  444.777312][T11027] validate_nla: 1 callbacks suppressed
[  444.777359][T11027] netlink: 'syz.3.1864': attribute type 10 has an invalid length.
[  444.816572][T11031] netlink: 'syz.2.1865': attribute type 10 has an invalid length.
[  446.111172][T11055] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1874'.
[  446.120400][T11055] net_ratelimit: 57 callbacks suppressed
[  446.120415][T11055] openvswitch: netlink: Flow key attr not present in new flow.
[  446.389643][T11059] netlink: 'syz.2.1876': attribute type 10 has an invalid length.
[  448.447565][T11086] netlink: 'syz.3.1889': attribute type 10 has an invalid length.
[  448.599049][ T5783] Bluetooth: hci0: unknown advertising packet type: 0x80
[  448.599098][ T5783] Bluetooth: hci0: unknown advertising packet type: 0xff
[  448.608280][ T5783] Bluetooth: hci0: Malformed LE Event: 0x02
[  449.130713][T11103] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1893'.
[  449.158008][T11103] openvswitch: netlink: Flow key attr not present in new flow.
[  449.657252][ T5783] Bluetooth: hci1: unknown advertising packet type: 0x80
[  449.657292][ T5783] Bluetooth: hci1: unknown advertising packet type: 0xff
[  449.669163][ T5783] Bluetooth: hci1: Malformed LE Event: 0x02
[  449.867680][T11126] netlink: 'syz.1.1902': attribute type 10 has an invalid length.
[  453.826191][T11148] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1908'.
[  453.906400][T11148] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1908'.
[  453.937573][T11148] netlink: zone id is out of range
[  453.944122][T11148] netlink: zone id is out of range
[  453.949915][T11148] netlink: zone id is out of range
[  453.978015][T11148] netlink: zone id is out of range
[  454.003650][T11148] netlink: zone id is out of range
[  454.009717][T11148] netlink: zone id is out of range
[  454.039940][T11148] netlink: zone id is out of range
[  454.057205][T11148] netlink: zone id is out of range
[  454.095924][T11148] netlink: zone id is out of range
[  454.104238][ T5783] Bluetooth: hci0: unknown advertising packet type: 0x80
[  454.104274][ T5783] Bluetooth: hci0: unknown advertising packet type: 0xff
[  454.112122][ T5783] Bluetooth: hci0: Malformed LE Event: 0x02
[  454.122227][T11148] netlink: zone id is out of range
[  454.385486][T11161] netlink: 'syz.2.1914': attribute type 10 has an invalid length.
[  456.898438][T11196] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1926'.
[  457.002880][T11199] netlink: 'syz.0.1927': attribute type 10 has an invalid length.
[  457.019759][T11196] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1926'.
[  459.529665][T11243] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1939'.
[  459.656482][T11243] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.1939'.
[  459.684690][T11243] net_ratelimit: 124 callbacks suppressed
[  459.684755][T11243] netlink: zone id is out of range
[  459.736868][T11243] netlink: zone id is out of range
[  459.769590][T11243] netlink: zone id is out of range
[  459.779630][T11243] netlink: zone id is out of range
[  459.801172][T11243] netlink: zone id is out of range
[  459.808395][T11243] netlink: zone id is out of range
[  459.819916][T11243] netlink: zone id is out of range
[  459.828057][T11243] netlink: zone id is out of range
[  459.836013][T11243] netlink: zone id is out of range
[  459.842254][T11243] netlink: zone id is out of range
[  460.044397][T11249] netlink: 'syz.3.1941': attribute type 10 has an invalid length.
[  460.565480][T11260] netlink: 'syz.2.1953': attribute type 10 has an invalid length.
[  465.030510][T11295] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1954'.
[  465.151936][T11295] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.1954'.
[  465.193580][T11295] net_ratelimit: 57 callbacks suppressed
[  465.193634][T11295] netlink: zone id is out of range
[  465.232522][T11295] netlink: zone id is out of range
[  465.239199][T11295] netlink: zone id is out of range
[  465.261807][T11295] netlink: zone id is out of range
[  465.267957][T11295] netlink: zone id is out of range
[  465.282739][T11295] netlink: zone id is out of range
[  465.291451][T11295] netlink: zone id is out of range
[  465.308774][T11295] netlink: zone id is out of range
[  465.387333][T11295] netlink: zone id is out of range
[  465.417309][T11295] netlink: zone id is out of range
[  465.716077][T11308] netlink: 'syz.0.1959': attribute type 10 has an invalid length.
[  466.392090][T11318] netlink: 'syz.2.1961': attribute type 1 has an invalid length.
[  466.414687][T11318] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.1961'.
[  466.795405][T11332] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1966'.
[  466.853175][T11332] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.1966'.
[  467.420477][T11339] netlink: 'syz.0.1968': attribute type 1 has an invalid length.
[  467.451753][T11339] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.1968'.
[  467.559005][T11341] netlink: 'syz.3.1969': attribute type 1 has an invalid length.
[  467.574670][T11341] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1969'.
[  467.920007][T11356] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1975'.
[  467.987380][T11356] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1975'.
[  470.982308][T11415] netlink: 'syz.1.1993': attribute type 10 has an invalid length.
[  471.476705][T11427] netlink: 'syz.3.1998': attribute type 1 has an invalid length.
[  471.500630][T11427] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1998'.
[  472.167530][T11445] netlink: 'syz.3.2004': attribute type 10 has an invalid length.
[  473.156890][T11467] netlink: 'syz.1.2011': attribute type 1 has an invalid length.
[  473.176566][T11467] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2011'.
[  473.451756][T11472] netlink: 'syz.3.2014': attribute type 10 has an invalid length.
[  473.649707][T11475] netlink: 'syz.2.2013': attribute type 1 has an invalid length.
[  473.712303][T11475] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.2013'.
[  474.770230][T11500] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2022'.
[  474.845531][T11500] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2022'.
[  474.873970][T11500] net_ratelimit: 191 callbacks suppressed
[  474.874011][T11500] netlink: zone id is out of range
[  474.924121][T11500] netlink: zone id is out of range
[  474.948639][T11503] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2023'.
[  474.951580][T11500] netlink: zone id is out of range
[  475.004335][T11500] netlink: zone id is out of range
[  475.037464][T11500] netlink: zone id is out of range
[  475.049811][T11500] netlink: zone id is out of range
[  475.075728][T11500] netlink: zone id is out of range
[  475.083246][T11500] netlink: zone id is out of range
[  475.103328][T11500] netlink: zone id is out of range
[  475.118340][T11503] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.2023'.
[  475.123011][T11500] netlink: zone id is out of range
[  475.892941][T11521] netlink: 'syz.1.2028': attribute type 1 has an invalid length.
[  475.922537][T11521] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2028'.
[  476.011989][T11514] syzkaller0: entered promiscuous mode
[  476.017564][T11514] syzkaller0: entered allmulticast mode
[  478.675378][T11546] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2034'.
[  478.787422][T11547] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2034'.
[  480.609964][T11530] syzkaller0: entered promiscuous mode
[  480.621048][T11530] syzkaller0: entered allmulticast mode
[  481.009956][T11558] netlink: 'syz.3.2038': attribute type 1 has an invalid length.
[  481.018589][T11558] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2038'.
[  484.298319][T11572] netlink: 'syz.1.2042': attribute type 10 has an invalid length.
[  485.252933][T11586] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2049'.
[  485.283017][T11588] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.2049'.
[  485.316382][T11588] net_ratelimit: 191 callbacks suppressed
[  485.316404][T11588] netlink: zone id is out of range
[  485.334089][T11588] netlink: zone id is out of range
[  485.344550][T11588] netlink: zone id is out of range
[  485.349753][T11588] netlink: zone id is out of range
[  485.401040][T11588] netlink: zone id is out of range
[  485.438570][T11588] netlink: zone id is out of range
[  485.502293][T11588] netlink: zone id is out of range
[  485.507524][T11588] netlink: zone id is out of range
[  485.551654][T11588] netlink: zone id is out of range
[  485.557522][T11588] netlink: zone id is out of range
[  485.888762][T11591] netlink: 'syz.2.2051': attribute type 10 has an invalid length.
[  486.108643][T11595] netlink: 'syz.2.2052': attribute type 1 has an invalid length.
[  486.123341][T11595] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.2052'.
[  486.828785][T11611] syzkaller0: entered promiscuous mode
[  486.871055][T11611] syzkaller0: entered allmulticast mode
[  486.997298][T11623] netlink: 'syz.3.2061': attribute type 10 has an invalid length.
[  487.617203][T11627] FAULT_INJECTION: forcing a failure.
[  487.617203][T11627] name failslab, interval 1, probability 0, space 0, times 0
[  487.641203][T11627] CPU: 1 PID: 11627 Comm: syz.1.2071 Not tainted syzkaller #0
[  487.648746][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  487.658842][T11627] Call Trace:
[  487.662155][T11627]  <TASK>
[  487.665122][T11627]  dump_stack_lvl+0x18c/0x250
[  487.669854][T11627]  ? show_regs_print_info+0x20/0x20
[  487.675097][T11627]  ? load_image+0x420/0x420
[  487.679666][T11627]  ? __might_sleep+0xe0/0xe0
[  487.684320][T11627]  ? __lock_acquire+0x7d40/0x7d40
[  487.689384][T11627]  should_fail_ex+0x39d/0x4d0
[  487.694120][T11627]  should_failslab+0x9/0x20
[  487.698665][T11627]  slab_pre_alloc_hook+0x59/0x310
[  487.703734][T11627]  ? tomoyo_encode+0x28b/0x540
[  487.708613][T11627]  ? tomoyo_encode+0x28b/0x540
[  487.713490][T11627]  __kmem_cache_alloc_node+0x53/0x250
[  487.718904][T11627]  ? tomoyo_encode+0x28b/0x540
[  487.723877][T11627]  __kmalloc+0xa4/0x230
[  487.728165][T11627]  tomoyo_encode+0x28b/0x540
[  487.732882][T11627]  tomoyo_realpath_from_path+0x592/0x5d0
[  487.738554][T11627]  tomoyo_path_number_perm+0x248/0x620
[  487.744083][T11627]  ? tomoyo_path_number_perm+0x217/0x620
[  487.749772][T11627]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  487.755273][T11627]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  487.761210][T11627]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  487.767236][T11627]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  487.773427][T11627]  ? tomoyo_file_ioctl+0x11/0x30
[  487.778405][T11627]  security_file_ioctl+0x70/0xa0
[  487.783398][T11627]  __se_sys_ioctl+0x48/0x170
[  487.788039][T11627]  do_syscall_64+0x55/0xa0
[  487.792491][T11627]  ? clear_bhb_loop+0x40/0x90
[  487.797209][T11627]  ? clear_bhb_loop+0x40/0x90
[  487.802187][T11627]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  487.808114][T11627] RIP: 0033:0x7ff741f9cdd9
[  487.812557][T11627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  487.832286][T11627] RSP: 002b:00007ff742f1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  487.840730][T11627] RAX: ffffffffffffffda RBX: 00007ff742215fa0 RCX: 00007ff741f9cdd9
[  487.848746][T11627] RDX: 0000200000000080 RSI: 0000000000008914 RDI: 000000000000000c
[  487.856755][T11627] RBP: 00007ff742f1e090 R08: 0000000000000000 R09: 0000000000000000
[  487.864751][T11627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.872756][T11627] R13: 00007ff742216038 R14: 00007ff742215fa0 R15: 00007ffc6e0098b8
[  487.880866][T11627]  </TASK>
[  488.041499][T11627] ERROR: Out of memory at tomoyo_realpath_from_path.
[  488.277401][T11631] netlink: 'syz.3.2064': attribute type 1 has an invalid length.
[  488.301084][T11631] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2064'.
[  490.568443][T11645] netlink: 'syz.3.2070': attribute type 10 has an invalid length.
[  491.405813][T11663] netlink: 'syz.3.2076': attribute type 1 has an invalid length.
[  491.441162][T11663] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2076'.
[  492.919741][T11698] FAULT_INJECTION: forcing a failure.
[  492.919741][T11698] name failslab, interval 1, probability 0, space 0, times 0
[  492.985511][T11698] CPU: 0 PID: 11698 Comm: syz.3.2085 Not tainted syzkaller #0
[  492.993080][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  493.003191][T11698] Call Trace:
[  493.006534][T11698]  <TASK>
[  493.009516][T11698]  dump_stack_lvl+0x18c/0x250
[  493.014267][T11698]  ? show_regs_print_info+0x20/0x20
[  493.019550][T11698]  ? load_image+0x420/0x420
[  493.024129][T11698]  ? __might_sleep+0xe0/0xe0
[  493.028790][T11698]  ? __lock_acquire+0x7d40/0x7d40
[  493.033871][T11698]  ? mark_lock+0x94/0x320
[  493.038266][T11698]  should_fail_ex+0x39d/0x4d0
[  493.043023][T11698]  should_failslab+0x9/0x20
[  493.047594][T11698]  slab_pre_alloc_hook+0x59/0x310
[  493.052705][T11698]  ? __get_vm_area_node+0x125/0x370
[  493.058021][T11698]  __kmem_cache_alloc_node+0x53/0x250
[  493.063473][T11698]  ? __get_vm_area_node+0x125/0x370
[  493.068830][T11698]  kmalloc_node_trace+0x26/0xe0
[  493.073758][T11698]  __get_vm_area_node+0x125/0x370
[  493.078958][T11698]  __vmalloc_node_range+0x36e/0x1330
[  493.084314][T11698]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  493.090014][T11698]  ? mark_lock+0x94/0x320
[  493.094402][T11698]  ? __lock_acquire+0x1347/0x7d40
[  493.099464][T11698]  ? verify_lock_unused+0x140/0x140
[  493.104790][T11698]  ? free_vm_area+0x50/0x50
[  493.109504][T11698]  ? end_current_label_crit_section+0x170/0x170
[  493.115788][T11698]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  493.121460][T11698]  __vmalloc+0x7a/0x90
[  493.125564][T11698]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  493.131269][T11698]  bpf_prog_alloc_no_stats+0x47/0x440
[  493.136689][T11698]  ? bpf_prog_alloc+0x2b/0x1a0
[  493.141514][T11698]  bpf_prog_alloc+0x3d/0x1a0
[  493.146154][T11698]  bpf_prog_load+0x6eb/0x1670
[  493.150893][T11698]  ? map_freeze+0x420/0x420
[  493.155458][T11698]  ? __might_fault+0xaa/0x120
[  493.160164][T11698]  ? __lock_acquire+0x7d40/0x7d40
[  493.165221][T11698]  ? file_end_write+0x159/0x250
[  493.170106][T11698]  ? __might_fault+0xaa/0x120
[  493.174814][T11698]  ? __might_fault+0xc6/0x120
[  493.179521][T11698]  ? __might_fault+0xaa/0x120
[  493.184314][T11698]  ? bpf_lsm_bpf+0x9/0x10
[  493.188742][T11698]  ? security_bpf+0x7e/0xa0
[  493.193286][T11698]  __sys_bpf+0x5ba/0x890
[  493.197564][T11698]  ? bpf_link_show_fdinfo+0x390/0x390
[  493.202983][T11698]  ? lock_chain_count+0x20/0x20
[  493.207875][T11698]  __x64_sys_bpf+0x7c/0x90
[  493.212330][T11698]  do_syscall_64+0x55/0xa0
[  493.216781][T11698]  ? clear_bhb_loop+0x40/0x90
[  493.221584][T11698]  ? clear_bhb_loop+0x40/0x90
[  493.226293][T11698]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  493.232227][T11698] RIP: 0033:0x7f0e1d39cdd9
[  493.236697][T11698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.256442][T11698] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  493.264892][T11698] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  493.272902][T11698] RDX: 0000000000000094 RSI: 0000200000000640 RDI: 0000000000000005
[  493.280990][T11698] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  493.288993][T11698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.296994][T11698] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  493.305023][T11698]  </TASK>
[  493.329040][T11698] syz.3.2085: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  493.372024][T11698] CPU: 1 PID: 11698 Comm: syz.3.2085 Not tainted syzkaller #0
[  493.379581][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  493.389691][T11698] Call Trace:
[  493.393017][T11698]  <TASK>
[  493.395990][T11698]  dump_stack_lvl+0x18c/0x250
[  493.400738][T11698]  ? show_regs_print_info+0x20/0x20
[  493.406043][T11698]  ? load_image+0x420/0x420
[  493.410615][T11698]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  493.417101][T11698]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  493.423675][T11698]  warn_alloc+0x246/0x340
[  493.428085][T11698]  ? zone_watermark_ok_safe+0x230/0x230
[  493.433719][T11698]  ? __get_vm_area_node+0x356/0x370
[  493.438996][T11698]  __vmalloc_node_range+0x393/0x1330
[  493.444361][T11698]  ? mark_lock+0x94/0x320
[  493.448756][T11698]  ? __lock_acquire+0x1347/0x7d40
[  493.453838][T11698]  ? verify_lock_unused+0x140/0x140
[  493.459114][T11698]  ? free_vm_area+0x50/0x50
[  493.463678][T11698]  ? end_current_label_crit_section+0x170/0x170
[  493.469965][T11698]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  493.475547][T11698]  __vmalloc+0x7a/0x90
[  493.479657][T11698]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  493.485250][T11698]  bpf_prog_alloc_no_stats+0x47/0x440
[  493.490669][T11698]  ? bpf_prog_alloc+0x2b/0x1a0
[  493.495466][T11698]  bpf_prog_alloc+0x3d/0x1a0
[  493.500091][T11698]  bpf_prog_load+0x6eb/0x1670
[  493.504803][T11698]  ? map_freeze+0x420/0x420
[  493.509341][T11698]  ? __might_fault+0xaa/0x120
[  493.514045][T11698]  ? __lock_acquire+0x7d40/0x7d40
[  493.519097][T11698]  ? file_end_write+0x159/0x250
[  493.524155][T11698]  ? __might_fault+0xaa/0x120
[  493.528868][T11698]  ? __might_fault+0xc6/0x120
[  493.533572][T11698]  ? __might_fault+0xaa/0x120
[  493.538278][T11698]  ? bpf_lsm_bpf+0x9/0x10
[  493.542646][T11698]  ? security_bpf+0x7e/0xa0
[  493.547183][T11698]  __sys_bpf+0x5ba/0x890
[  493.551458][T11698]  ? bpf_link_show_fdinfo+0x390/0x390
[  493.556879][T11698]  ? lock_chain_count+0x20/0x20
[  493.561767][T11698]  __x64_sys_bpf+0x7c/0x90
[  493.566216][T11698]  do_syscall_64+0x55/0xa0
[  493.570696][T11698]  ? clear_bhb_loop+0x40/0x90
[  493.575511][T11698]  ? clear_bhb_loop+0x40/0x90
[  493.580231][T11698]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  493.586158][T11698] RIP: 0033:0x7f0e1d39cdd9
[  493.590705][T11698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.610350][T11698] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  493.618817][T11698] RAX: ffffffffffffffda RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  493.626833][T11698] RDX: 0000000000000094 RSI: 0000200000000640 RDI: 0000000000000005
[  493.634845][T11698] RBP: 00007f0e1e260090 R08: 0000000000000000 R09: 0000000000000000
[  493.642866][T11698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.650972][T11698] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  493.659022][T11698]  </TASK>
[  493.835505][T11698] Mem-Info:
[  493.838776][T11698] active_anon:25208 inactive_anon:0 isolated_anon:0
[  493.838776][T11698]  active_file:18567 inactive_file:40088 isolated_file:0
[  493.838776][T11698]  unevictable:768 dirty:293 writeback:0
[  493.838776][T11698]  slab_reclaimable:11833 slab_unreclaimable:101686
[  493.838776][T11698]  mapped:35351 shmem:18359 pagetables:642
[  493.838776][T11698]  sec_pagetables:0 bounce:0
[  493.838776][T11698]  kernel_misc_reclaimable:0
[  493.838776][T11698]  free:1312721 free_pcp:9060 free_cma:0
[  493.901069][T11698] Node 0 active_anon:102032kB inactive_anon:0kB active_file:74268kB inactive_file:160148kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:141404kB dirty:1172kB writeback:0kB shmem:73000kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10952kB pagetables:2568kB sec_pagetables:0kB all_unreclaimable? no
[  493.940452][T11698] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  494.005913][T11698] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  494.072514][T11698] lowmem_reserve[]: 0 2521 2522 2522 2522
[  494.078395][T11698] Node 0 DMA32 free:1338620kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:105492kB inactive_anon:0kB active_file:74268kB inactive_file:159328kB unevictable:1536kB writepending:1172kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:15508kB local_pcp:13072kB free_cma:0kB
[  494.138096][T11705] netlink: 'syz.1.2088': attribute type 1 has an invalid length.
[  494.147596][T11698] lowmem_reserve[]: 0 0 0 0 0
[  494.175392][T11698] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  494.188153][T11705] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2088'.
[  494.227690][T11698] lowmem_reserve[]: 0 0 0 0 0
[  494.255632][T11698] Node 1 Normal free:3892116kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20320kB local_pcp:10720kB free_cma:0kB
[  494.371077][T11698] lowmem_reserve[]: 0 0 0 0 0
[  494.375912][T11698] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  494.408882][T11698] Node 0 DMA32: 526*4kB (UE) 487*8kB (UM) 500*16kB (UME) 0*32kB 204*64kB (UM) 126*128kB (UME) 90*256kB (UM) 31*512kB (UME) 20*1024kB (UME) 8*2048kB (UM) 295*4096kB (UM) = 1327280kB
[  494.470077][T11698] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  494.498577][T11698] Node 1 Normal: 257*4kB (U) 56*8kB (UME) 27*16kB (UME) 45*32kB (UME) 16*64kB (UE) 7*128kB (UME) 1*256kB (E) 1*512kB (M) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3892116kB
[  494.537615][T11698] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  494.572630][T11698] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  494.599454][T11698] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  494.624892][T11698] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  494.644170][T11698] 82646 total pagecache pages
[  494.649133][T11698] 0 pages in swap cache
[  494.653669][T11698] Free swap  = 124996kB
[  494.657944][T11698] Total swap = 124996kB
[  494.668084][T11698] 2097051 pages RAM
[  494.672737][T11698] 0 pages HighMem/MovableOnly
[  494.677472][T11698] 416927 pages reserved
[  494.681863][T11698] 0 pages cma reserved
[  494.712791][T11713] FAULT_INJECTION: forcing a failure.
[  494.712791][T11713] name failslab, interval 1, probability 0, space 0, times 0
[  494.778042][T11713] CPU: 0 PID: 11713 Comm: syz.1.2091 Not tainted syzkaller #0
[  494.785602][T11713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  494.795716][T11713] Call Trace:
[  494.799051][T11713]  <TASK>
[  494.802029][T11713]  dump_stack_lvl+0x18c/0x250
[  494.806771][T11713]  ? show_regs_print_info+0x20/0x20
[  494.812065][T11713]  ? load_image+0x420/0x420
[  494.816635][T11713]  ? __might_sleep+0xe0/0xe0
[  494.821288][T11713]  ? __lock_acquire+0x7d40/0x7d40
[  494.826368][T11713]  should_fail_ex+0x39d/0x4d0
[  494.831114][T11713]  should_failslab+0x9/0x20
[  494.835674][T11713]  slab_pre_alloc_hook+0x59/0x310
[  494.837658][T11714] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  494.840831][T11713]  ? tomoyo_encode+0x28b/0x540
[  494.840883][T11713]  ? tomoyo_encode+0x28b/0x540
[  494.840903][T11713]  __kmem_cache_alloc_node+0x53/0x250
[  494.840942][T11713]  ? tomoyo_encode+0x28b/0x540
[  494.840963][T11713]  __kmalloc+0xa4/0x230
[  494.840997][T11713]  tomoyo_encode+0x28b/0x540
[  494.841027][T11713]  tomoyo_realpath_from_path+0x592/0x5d0
[  494.841065][T11713]  tomoyo_path_number_perm+0x248/0x620
[  494.841101][T11713]  ? tomoyo_path_number_perm+0x217/0x620
[  494.862568][T11714] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  494.863033][T11713]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  494.906099][T11713]  ? ksys_write+0x1c4/0x260
[  494.910694][T11713]  ? __fget_files+0x28/0x4b0
[  494.915342][T11713]  ? __fget_files+0x28/0x4b0
[  494.919983][T11713]  security_file_ioctl+0x70/0xa0
[  494.924963][T11713]  __se_sys_ioctl+0x48/0x170
[  494.929592][T11713]  do_syscall_64+0x55/0xa0
[  494.934037][T11713]  ? clear_bhb_loop+0x40/0x90
[  494.938747][T11713]  ? clear_bhb_loop+0x40/0x90
[  494.943548][T11713]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  494.949473][T11713] RIP: 0033:0x7ff741f9cdd9
[  494.953916][T11713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  494.973555][T11713] RSP: 002b:00007ff742f1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  494.982011][T11713] RAX: ffffffffffffffda RBX: 00007ff742215fa0 RCX: 00007ff741f9cdd9
[  494.990118][T11713] RDX: 0000200000000080 RSI: 0000000000008914 RDI: 000000000000000d
[  494.998121][T11713] RBP: 00007ff742f1e090 R08: 0000000000000000 R09: 0000000000000000
[  495.006121][T11713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.014117][T11713] R13: 00007ff742216038 R14: 00007ff742215fa0 R15: 00007ffc6e0098b8
[  495.022156][T11713]  </TASK>
[  495.073422][T11713] ERROR: Out of memory at tomoyo_realpath_from_path.
[  495.281729][T11721] syz.0.2094[11721] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  495.282016][T11721] syz.0.2094[11721] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  495.380061][T11713] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  495.503124][T11713] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  496.093407][T11719] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  496.138641][T11719] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  496.762390][T11742] netlink: 'syz.0.2099': attribute type 1 has an invalid length.
[  496.779115][T11742] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2099'.
[  500.351506][T11767] netlink: 'syz.0.2110': attribute type 1 has an invalid length.
[  500.377320][T11767] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2110'.
[  500.443567][T11775] FAULT_INJECTION: forcing a failure.
[  500.443567][T11775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.497925][T11775] CPU: 1 PID: 11775 Comm: syz.3.2109 Not tainted syzkaller #0
[  500.505575][T11775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  500.515684][T11775] Call Trace:
[  500.519006][T11775]  <TASK>
[  500.521976][T11775]  dump_stack_lvl+0x18c/0x250
[  500.526727][T11775]  ? show_regs_print_info+0x20/0x20
[  500.532004][T11775]  ? load_image+0x420/0x420
[  500.536578][T11775]  ? __might_fault+0xaa/0x120
[  500.541307][T11775]  ? __lock_acquire+0x7d40/0x7d40
[  500.546395][T11775]  should_fail_ex+0x39d/0x4d0
[  500.551138][T11775]  _copy_from_iter+0x1d9/0x12e0
[  500.556066][T11775]  ? __virt_addr_valid+0x18c/0x540
[  500.561235][T11775]  ? __lock_acquire+0x7d40/0x7d40
[  500.566357][T11775]  ? copyout_mc+0x70/0x70
[  500.570753][T11775]  ? __virt_addr_valid+0x18c/0x540
[  500.575927][T11775]  ? __virt_addr_valid+0x18c/0x540
[  500.581100][T11775]  ? __virt_addr_valid+0x469/0x540
[  500.586271][T11775]  ? __check_object_size+0x506/0xa20
[  500.591650][T11775]  kernfs_fop_write_iter+0x1a4/0x520
[  500.597023][T11775]  vfs_write+0x46c/0x990
[  500.601339][T11775]  ? file_end_write+0x250/0x250
[  500.606246][T11775]  ? __fget_files+0x43d/0x4b0
[  500.610986][T11775]  ? __fdget_pos+0x2a3/0x330
[  500.613416][T11769] ------------[ cut here ]------------
[  500.615608][T11775]  ? ksys_write+0x75/0x260
[  500.621600][T11769] WARNING: CPU: 0 PID: 11769 at kernel/events/core.c:6808 perf_pending_task+0x35c/0x470
[  500.625511][T11775]  ksys_write+0x150/0x260
[  500.625548][T11775]  ? __ia32_sys_read+0x90/0x90
[  500.635681][T11769] Modules linked in:
[  500.639650][T11775]  ? lockdep_hardirqs_on+0x98/0x150
[  500.644897][T11769] 
[  500.648361][T11775]  do_syscall_64+0x55/0xa0
[  500.654477][T11769] CPU: 0 PID: 11769 Comm: syz.3.2109 Not tainted syzkaller #0
[  500.655930][T11775]  ? clear_bhb_loop+0x40/0x90
[  500.660380][T11769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  500.667855][T11775]  ? clear_bhb_loop+0x40/0x90
[  500.667893][T11775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  500.667919][T11775] RIP: 0033:0x7f0e1d39cdd9
[  500.667938][T11775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  500.667956][T11775] RSP: 002b:00007f0e1e23f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  500.667984][T11775] RAX: ffffffffffffffda RBX: 00007f0e1d616090 RCX: 00007f0e1d39cdd9
[  500.672849][T11769] RIP: 0010:perf_pending_task+0x35c/0x470
[  500.682736][T11775] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 000000000000000c
[  500.682753][T11775] RBP: 00007f0e1e23f090 R08: 0000000000000000 R09: 0000000000000000
[  500.682766][T11775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.682779][T11775] R13: 00007f0e1d616128 R14: 00007f0e1d616090 R15: 00007ffef4fda058
[  500.682839][T11775]  </TASK>
[  500.687502][T11769] Code: ff 84 db 75 14 e8 44 d8 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 30 d8 d5 ff e8 ab 53 4f ff eb e5 e8 24 d8 d5 ff <0f> 0b e9 f3 fe ff ff e8 18 d8 d5 ff 48 c7 c7 70 f4 1c 8d 4c 89 f6
[  500.795700][T11769] RSP: 0018:ffffc9000ca079c0 EFLAGS: 00010293
[  500.802157][T11769] RAX: ffffffff81b149dc RBX: ffff88805a6fd9b8 RCX: ffff88802b968000
[  500.810190][T11769] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  500.818441][T11769] RBP: 0000000000000001 R08: ffffffff8e8b19af R09: 1ffffffff1d16335
[  500.826659][T11769] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff88802b968000
[  500.834828][T11769] R13: ffff888020f5f930 R14: ffff88805a6fd778 R15: 1ffff1100b4dfaef
[  500.842923][T11769] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  500.852005][T11769] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  500.858673][T11769] CR2: 0000200000030000 CR3: 000000007512c000 CR4: 00000000003506f0
[  500.866787][T11769] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[  500.874942][T11769] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  500.883075][T11769] Call Trace:
[  500.886593][T11769]  <TASK>
[  500.889678][T11769]  task_work_run+0x1d4/0x260
[  500.894464][T11769]  ? task_work_cancel+0x220/0x220
[  500.899579][T11769]  do_exit+0x95a/0x2460
[  500.903994][T11769]  ? put_task_struct+0xc0/0xc0
[  500.908848][T11769]  ? preempt_schedule_common+0x82/0xc0
[  500.914825][T11769]  ? preempt_schedule+0xc0/0xd0
[  500.919754][T11769]  ? schedule_preempt_disabled+0x20/0x20
[  500.925666][T11769]  ? lock_chain_count+0x20/0x20
[  500.930632][T11769]  do_group_exit+0x21b/0x2d0
[  500.935466][T11769]  get_signal+0x12fc/0x13f0
[  500.940065][T11769]  arch_do_signal_or_restart+0xc2/0x800
[  500.945777][T11769]  ? get_sigframe_size+0x20/0x20
[  500.950807][T11769]  ? perf_trace_preemptirq_template+0xac/0x330
[  500.957310][T11769]  ? ksys_write+0x1fb/0x260
[  500.961962][T11769]  ? exit_to_user_mode_loop+0x3b/0x110
[  500.967514][T11769]  exit_to_user_mode_loop+0x70/0x110
[  500.972977][T11769]  exit_to_user_mode_prepare+0xee/0x180
[  500.978628][T11769]  syscall_exit_to_user_mode+0x1a/0x50
[  500.984248][T11769]  do_syscall_64+0x61/0xa0
[  500.988770][T11769]  ? clear_bhb_loop+0x40/0x90
[  500.993759][T11769]  ? clear_bhb_loop+0x40/0x90
[  500.998523][T11769]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  501.004584][T11769] RIP: 0033:0x7f0e1d39cdd9
[  501.009052][T11769] Code: Unable to access opcode bytes at 0x7f0e1d39cdaf.
[  501.016180][T11769] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  501.024962][T11769] RAX: 0000000000000012 RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  501.033092][T11769] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 000000000000000a
[  501.041204][T11769] RBP: 00007f0e1d432d69 R08: 0000000000000000 R09: 0000000000000000
[  501.049251][T11769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  501.057368][T11769] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  501.065487][T11769]  </TASK>
[  501.068580][T11769] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  501.075906][T11769] CPU: 0 PID: 11769 Comm: syz.3.2109 Not tainted syzkaller #0
[  501.083488][T11769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  501.093577][T11769] Call Trace:
[  501.096890][T11769]  <TASK>
[  501.099896][T11769]  dump_stack_lvl+0x18c/0x250
[  501.104639][T11769]  ? show_regs_print_info+0x20/0x20
[  501.109892][T11769]  ? load_image+0x420/0x420
[  501.114454][T11769]  panic+0x2dc/0x730
[  501.118479][T11769]  ? bpf_jit_dump+0xd0/0xd0
[  501.123043][T11769]  __warn+0x2e0/0x470
[  501.127150][T11769]  ? perf_pending_task+0x35c/0x470
[  501.132310][T11769]  ? perf_pending_task+0x35c/0x470
[  501.137492][T11769]  report_bug+0x2be/0x4f0
[  501.141861][T11769]  ? perf_pending_task+0x35c/0x470
[  501.147019][T11769]  ? perf_pending_task+0x35c/0x470
[  501.152173][T11769]  ? perf_pending_task+0x35e/0x470
[  501.157328][T11769]  handle_bug+0xcf/0x120
[  501.161612][T11769]  exc_invalid_op+0x1a/0x50
[  501.166154][T11769]  asm_exc_invalid_op+0x1a/0x20
[  501.171052][T11769] RIP: 0010:perf_pending_task+0x35c/0x470
[  501.176830][T11769] Code: ff 84 db 75 14 e8 44 d8 d5 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 30 d8 d5 ff e8 ab 53 4f ff eb e5 e8 24 d8 d5 ff <0f> 0b e9 f3 fe ff ff e8 18 d8 d5 ff 48 c7 c7 70 f4 1c 8d 4c 89 f6
[  501.196472][T11769] RSP: 0018:ffffc9000ca079c0 EFLAGS: 00010293
[  501.202603][T11769] RAX: ffffffff81b149dc RBX: ffff88805a6fd9b8 RCX: ffff88802b968000
[  501.210643][T11769] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  501.218666][T11769] RBP: 0000000000000001 R08: ffffffff8e8b19af R09: 1ffffffff1d16335
[  501.226678][T11769] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff88802b968000
[  501.234703][T11769] R13: ffff888020f5f930 R14: ffff88805a6fd778 R15: 1ffff1100b4dfaef
[  501.242718][T11769]  ? perf_pending_task+0x35c/0x470
[  501.247897][T11769]  task_work_run+0x1d4/0x260
[  501.252543][T11769]  ? task_work_cancel+0x220/0x220
[  501.257618][T11769]  do_exit+0x95a/0x2460
[  501.261837][T11769]  ? put_task_struct+0xc0/0xc0
[  501.266643][T11769]  ? preempt_schedule_common+0x82/0xc0
[  501.272153][T11769]  ? preempt_schedule+0xc0/0xd0
[  501.277077][T11769]  ? schedule_preempt_disabled+0x20/0x20
[  501.282745][T11769]  ? lock_chain_count+0x20/0x20
[  501.287645][T11769]  do_group_exit+0x21b/0x2d0
[  501.292381][T11769]  get_signal+0x12fc/0x13f0
[  501.296945][T11769]  arch_do_signal_or_restart+0xc2/0x800
[  501.302656][T11769]  ? get_sigframe_size+0x20/0x20
[  501.307816][T11769]  ? perf_trace_preemptirq_template+0xac/0x330
[  501.314027][T11769]  ? ksys_write+0x1fb/0x260
[  501.318573][T11769]  ? exit_to_user_mode_loop+0x3b/0x110
[  501.324088][T11769]  exit_to_user_mode_loop+0x70/0x110
[  501.329437][T11769]  exit_to_user_mode_prepare+0xee/0x180
[  501.335030][T11769]  syscall_exit_to_user_mode+0x1a/0x50
[  501.340620][T11769]  do_syscall_64+0x61/0xa0
[  501.345076][T11769]  ? clear_bhb_loop+0x40/0x90
[  501.349880][T11769]  ? clear_bhb_loop+0x40/0x90
[  501.354642][T11769]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  501.360585][T11769] RIP: 0033:0x7f0e1d39cdd9
[  501.365132][T11769] Code: Unable to access opcode bytes at 0x7f0e1d39cdaf.
[  501.372219][T11769] RSP: 002b:00007f0e1e260028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  501.380688][T11769] RAX: 0000000000000012 RBX: 00007f0e1d615fa0 RCX: 00007f0e1d39cdd9
[  501.388697][T11769] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 000000000000000a
[  501.396700][T11769] RBP: 00007f0e1d432d69 R08: 0000000000000000 R09: 0000000000000000
[  501.404704][T11769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  501.412712][T11769] R13: 00007f0e1d616038 R14: 00007f0e1d615fa0 R15: 00007ffef4fda058
[  501.420736][T11769]  </TASK>
[  501.424403][T11769] Kernel Offset: disabled
[  501.428766][T11769] Rebooting in 86400 seconds..