last executing test programs:

19.946768139s ago: executing program 0 (id=2343):
r0 = socket$kcm(0xa, 0x6, 0x0)
sendmsg$kcm(r0, 0x0, 0x4040080)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r1, &(0x7f0000000280), &(0x7f0000000340)=""/59}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0xc00000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000d2106fbc66000000fa4e6d9df66ff2a655931f11c8f9f2298409622681ac5b8b936edd61ac2c7985bc19b794d53fc4b554829e8d7cbce287ac385338f5aaa5a945c5fc8e9db96d2144e2c398c5798dbd1e08c1b421ef29bbd7858cf13ecc67b59c1d50078639c9411035c1ae6215f2f9af7b83f45c438dc72ed70b3bbc4a687e16d37b93921da67bb7e3640a21596a3bff89d7ff5795fe94f7c8c71f53178475c7252b92182e5590c3844d5bf99416d0bcdb202a61f9f4b570dfb94deaaaf4489119b5a95ed647e7114491620357d704a96d296069580d098356b90829090fa522194878d2d7107ed8a86ebd8d19afb19eb83ab207f18d4e351dcba21af003f6d23ff19260d0563aa10996063ac204f132811d14ab90c874f14d36e4e920568677d1e5820d73819c56fc62821d02905e568e4f48bccb2613924e425e36cb492e321a6845852dca6dedd917b79afafc553ed1af0d7939e79f75f98a1f360a3aa71c0bcc68eaadd7f1266bd1ad2ea19e0178e222bd162272a27de8e982cb9e2c9865ff1260929f39cd2365dc5da300"], 0x50)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x5452, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0xa, 0x2, 0x3a)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x4, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440), 0x0)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000600)={r4, r5})
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x400, 0x2d, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x90, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x21140200, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073116f00000000008510000002000000850000004900000095000000000000009500a50500040000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

15.638228195s ago: executing program 0 (id=2355):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x8, 0x3ff}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000000)
r3 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r3, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x9, @loopback={0x0, 0x7ffffffe}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
socket$kcm(0x10, 0x400000002, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r4)
sendmsg$tipc(r4, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x24000840}, 0x20040089)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x3406c096)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[], 0xfe33)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000eaffffff00000000000000"], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r5}, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x5, 0x4, 0x1, 0x4, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYBLOB], 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xe, 0x0, &(0x7f0000000000)='GPL\x00', 0x1}, 0x94)

15.246768437s ago: executing program 0 (id=2357):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x8, 0x3ff}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000000)
r3 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r3, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x9, @loopback={0x0, 0x7ffffffe}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
socket$kcm(0x10, 0x400000002, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r4)
sendmsg$tipc(r4, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x24000840}, 0x20040089)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x3406c096)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[], 0xfe33)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000eaffffff00000000000000"], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r5}, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x5, 0x4, 0x1, 0x4, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYBLOB], 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xe, 0x0, 0x0, 0x1}, 0x94)

14.975156316s ago: executing program 0 (id=2351):
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000000980)={&(0x7f0000000080)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)="f659d23a", 0x4}], 0x1, &(0x7f0000000840)=[@ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x800}}], 0x30}, 0x4040044)
r2 = socket$kcm(0x2, 0x1, 0x84)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random})
setsockopt$sock_attach_bpf(r2, 0x0, 0x31, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000880)=[{0x18, 0x110, 0x1, "dc"}, {0x10, 0x107, 0x5}, {0x10, 0x118, 0x5000}], 0x38}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x1e, &(0x7f00000001c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @alu={0x4, 0x0, 0xd, 0x6, 0x5, 0x6, 0x8}, @generic={0x1, 0x3, 0x9, 0x7fff, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x5}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10000}, @jmp={0x5, 0x1, 0x0, 0x1, 0x7, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0xf6}], &(0x7f00000002c0)='GPL\x00', 0x3, 0xeb, &(0x7f0000000300)=""/235, 0x40f00, 0x41, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000400)=[0x1, 0x1, 0xffffffffffffffff, 0x1], &(0x7f0000000440)=[{0x5, 0x1, 0xc, 0x6}, {0x5, 0x3, 0xf, 0xa}], 0x10, 0x6aab770c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000feffffff850000007100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x400040, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='io.stat\x00', 0x26e1, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xf91, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x20000, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000080), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_procs(r10, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r11, &(0x7f0000000380), 0x12)
socket$kcm(0x2, 0x2, 0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

13.543962391s ago: executing program 0 (id=2354):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="06000000040000000900000008"], 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5a6e41dea43e63a3f70cff11c72b", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000300)=r6)
ioctl$TUNGETVNETHDRSZ(r4, 0x800454d7, &(0x7f0000000180))
write$cgroup_devices(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

9.203395489s ago: executing program 0 (id=2364):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10}, 0x0, 0xca, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0xfffffffe, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x53}, 0x28)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x200000, 0x71, 0x11, 0x64}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB], 0xfdef)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x0, 0xfffffffffffffe3d}, 0x28)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89a0, &(0x7f0000000080))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86a9}, 0x20000000)

4.070986542s ago: executing program 3 (id=2380):
perf_event_open(&(0x7f0000000e80)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x5, 0x9}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b2266"], 0xfdef)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x6}, 0x0, 0xc8, 0x80001, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x40000000)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfdef)

4.034736822s ago: executing program 1 (id=2381):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[], 0xfe33)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8948, &(0x7f00000000c0)={'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}})
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x10100)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={&(0x7f0000000100)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x80000, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r3, 0x0, &(0x7f0000000200)=""/76}, 0x20)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000600)='tasks\x00', 0x2, 0x0)
r4 = perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/29], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f00000004c0)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x40, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x840}, 0x80081)
getpid()

3.715010582s ago: executing program 3 (id=2383):
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000000006c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="716370750100691e"], 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
gettid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0x2a979d)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0xc280, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x10, 0x4, 0x4, 0x2}, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x89, 0x1, 0x0, 0x0, 0x0, 0x34, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x2}, 0x8002, 0x2, 0xfffffffe, 0x0, 0x200, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf}, 0x50)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x1)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.4936626s ago: executing program 1 (id=2384):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000480)="d80000001a0081044e81f782db4cb904021d0800fe007c05e81156a10a0015000200142603600e12080010007a010401a8001600200002400400077c035c0400a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7eef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e101ce81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a9412dd09206da6f7ddef7b39b27ee", 0xd8}], 0x1}, 0x0)

3.415967652s ago: executing program 2 (id=2386):
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8921, &(0x7f0000000140)='8)\r\xecn(:\xb8;\xd1\x85\xe0.U\xd3\xf6\xd3\xd6\xf7L\f\x0e}\x7f\x9e\x96\xbco\xb4\xeb\x87=\x13x\x88wq_2*E\xc8@\x15\xc7\xfc`\xc6Z\xeb\x9d\xeb\x9cJN\xd14\xeccZ\x8d\xc3\x82H\xceq\x14\xda\x117\xf5*\xfd0\xaf\xb5\xaa\xb4\xda\xbat\xfd\xe9\xb1!R\xf9\xe4\x17\xe9\x92{U\xe6&\xae\xdf\n\x15\xa0U\xb6!\xde9m\xd5\vU\x9fR\x84\xf3N\x83W\xd0\x80')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x5}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="180000001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000340)={r4}, 0xc)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x70400, 0x0)
ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x60000000, 0x0, 0x30, 0x0, 0x0}, 0x50)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
recvmsg$unix(r1, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYBLOB="3eca", @ANYRES8=r6], 0x9a)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r7, 0x4)
r8 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r8, 0x107, 0x8, &(0x7f00000000c0), 0x8)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff006, 0x81, 0x7f, 0x1}, 0x50)
bpf$BPF_GET_PROG_INFO(0x3, &(0x7f0000000340)={r9, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
recvmsg(r8, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/23, 0x17}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002400)={r7, 0x0, 0xae, 0xb5, &(0x7f0000000180)="3a60ec731f89024447617b76f994bee61870d3c0340396862dfca433245b9ef3fdf114e775c509e82dbffbb69571258d64e2247422eac0131b5228ee062968b0c8590e88c684996f30c3cef82148b6a28295e3cc3149b5c50e14dcc8141766ac2f9c50d2c3971591cfdb7ebd0ccad2c5d95d34d96e270f407559fedfc18932ee57076c33d437c47700492a1f25a66393e8436ba00eea3231a962ffbaa9e3470f9c1439eb65a07a80fd1495055783", &(0x7f0000000240)=""/181, 0x7, 0x0, 0xc8, 0x1000, &(0x7f0000000400)="eb8f42d2c3a100235eeafea895c046d0e08b73f295ea6d707787167841d6cd6dfeb59a0be6e13fa9bbe46f56a261cbe896039f2581fb4196f194c3d8ecc2d0efcfe8616859ce11b1e07db1b6e78d9930ab41054684de15c17fc4dd55f3447e886f8fd121ee7a7cb9388629e8f228c71a2d5dcbbbdd6dc586731f633f9c3b5bd998627510a0e4cc10db6b65c53391c4fb68db22cf0b5dd0e92a52a2ccba32dd2e9141790a252d4a70c80d1006439735f5f0af507843a2e842def850769557ff2b4e5af07bb4ba8483", &(0x7f0000001400)="ff315cbf0fb6060df42dbf2edc5cb7d4e94f48f61e52e901eb15f9d9671cb75add69a178ff6bafd0a73baeee30183227241de9ff21d2af4fd817fd4fa8ede28b35c4e862f7553db21ae822d502423d565da2a35ad644f6c35e4582510760ffba53541d8676c858c07b2b1e4f2f42bc7b5700c0c629decb375514ecc9fa9faec006b22c361ab3725872ee9abb49309a455fe6fcecfd35be747dce5c3bc5c30ed91e75875388806f43724118ad86162cf2e75fdd7b289b695ff72c8ad028ebbbe72318d2ae939908b7a246d80e082a29592922e1703e7fde62d0435f0b0b4a17c6c156bc7725900db7729ee31463e19cce4409da1d63f195e375d3e195e534f3e0c53b9e402deb491185edd947e8662e4aeceaf270da62def5141e9670f7356a409a6ee9b827e220e12334cb9b5bfc00848c271f6686144877e5bea15a1dcd6905ebbb327acefc516c5ba2e9c3290522bbfa5dd429d751531d74a31b102d0aae702a95671b5a206e15e904a9153a4bcc9fc83d864f30d9c7136a5e722deb447ba7e0f77a40c33d74d08ed997947e185aefc1e5cff521aaf5441b14eebe19342f42da1f2dcdcd89a8b009683ccdb34dda871af442f5523e1a7b2a5481c2696b868394492ac5112c3b8fe1f36d20c1bcaf94d4e5e9c17d7bfa7110705889ef86dcdf41b6bc121b7f8424e6af58208acf276cb906d545e6b5622ea6ed1b9d4de90a84c16dd1f54bc0bd50c0e39968090597337c009777d88f6059b16ab9e92254cbf37d7eaeeed8b584ad0171ee809b4ad737facd4c184a685b2a07507e3b64680c07c8235c14573565c0ba87a7e439161ddf9a42bb5ec829edcd2115266dcdfed022ed571ce3dfde5e474a34d2f76de4de98bf738b866d4421592ae2dd1032f2a6aa0969b586bbdfa96e4f184da2461e6ba0c5caf79c13738c4ce78c28408261a490b3aa47c74a5f5c102d3eeaf101578b8ce57e7a0411c34d06f68bba442eb2072ddb387bb9bdabfe96a649a4b10525e6dd83540f53a4dc6490a4cebd68c06f7db646011c0375f0d46d5fab2ca1ba8acb3bc53da3b947d9f402f343ea1ee499a845e141595dc556f9d570bf9aa2b479dcf2e49fe8fa91b520b47c4bb3c154c5edbb4b4eae2b11e146029f8a78c1134badf4155feeec6db71855f1607cf9cab210998db74471a85720cec9ea65e21c01375110a241c006ec19da939c1d8c182cf6e21b3982e849113a72bafb5c0fd3fb49bc0cdfc7f645bdd47265e1a4c92dd8247907a92cb2688d26448ef57e380d337632d128d03c9a03568e2df1736b6faf23565bf845c59965e0e8eed04f5145a51d9fed87d31f189d7cd1b3494f17fbb0c8b5214d99d5247fd8360b9fa1f490fb51cf6b6287ab9285bf69f418778ff580cdc7d5fe95d39118adf2693b633b811b5e3f9b16f63ead6a35f0814d6a46d6e9cda55bf30a7043f08afd6a2f119e6bbe20c3392436ac9be0d12329f282040d3afc703b0e65fa27cc4502a7ea6b747e035ac1a135102ca70c525773f7136747f02aeeabd171096cf1dcff05498107c9f11eca9f63fc2b260a86c7bbe588b2cc2786f8bee2988c81c33dd9bd2c042692b06072e3b2b05b77aa6becdc73e57e639eefc63abbcda0acca6bd5e35461401305101f4653c1761bc4b82d950d31e3a1193a3e562e3c277100c31116d4d6ac818d8fbd9916560eef863202fd153d1d4f15c70af6096bb2fd76e4c7058641bcfcda488729acd3071945d90219e9b0d3e636a55b3921e8428b3bf40e8142bbbdae61209292cc9aa9471e65947e927be59d25ab11e9e3de409d0a7a622e6b3e6b9d6175b323d5f71c3390f6808924733f5072ebfcfbb5ddf4579a76786dcda38729f41880c54b6109d78b5de9d064532ce4fcb9a0c3bd39851c7b79b1029f99cdf2122bf02c4e8bb9e260f3cf43f06865a07237000bf9c0c28120e0f78656873c2ca8196a98a7dc2941a177ba2470ee58eb7f6babc191dec23cbead0b765535f8ca1193042629a83a57c5205c36604d2cf2249e9ed78bc469ce3c928218fbef4ee4d96b4be197ee42148bda57ad3361eed97770aaf61bfea0202af9edfd5a24111999d2d4eabe00b070d1e94aa8aa4f6e9520534f31555e3b94408a67f89822bd065c6976830a5d8346e2ca2100f4ad2b6dd1b77c8bd792330f28065364cee3c18bbac49899bd02f6dd1adb2eac7d833a1b65179700bdab1b9c0cc702202b19033aa242575e83616f7916036a90e45d9808f6bcee7e5b1ef222847dc72533a0d447423b55b7b9fbe6f0516cfaff6ce670b7bfb886e337bfcfa96d5e5eff548ed323c035712542a55ca2534409e9095a957629195478fda203f586a31fa590e56d5c45400de1d2be85ce8f1520028abd7ce8f4003ed69732152c33c425a6b767161e11ee3e01d4b7eb7454034e67a0aebb756ad2292d79246f0652649884b159f39f39ea535da777764b8b17d661e2d988af08600d90b75ead7bdca6cc9e0aea6374a5409aa2f2cc7a004d6d2075297bc4d7419bbfa4c032cf8309f4e1f5d6a12fb8fc8f5092e2e682ba422a0469a2ec33d752c5bba2046f006dc2e1e0b4ed3a7f1464ed4143d3c4c461750fe1ecd0ffff3adffd7c7846c6edab6d2585ac4ca10cf929894ebb190565108719fc59a1193efaf254243996f999f16bb49a663ed884d22d72db5cda53f35fa0ede8837293de460fbd31260236fdf718cbb1d78c90848a8faadf9fda07798e53707484f8bcc96916e604ca1a58da00474118c09c58af8f14e52c8d625115761f0307150f1c07895611f937c196390c544b8aa5eedcda648ed46ad10aa266117e0c8908730a45720be5abe53b6ab334f8968d2b96dba399430d863638f2b6729b39dc2dec37dc8713431825675c9ab693cf851b64785f9d428c7c579203465a5d60a11456c57aa728a6866c918206acb32f275e8eb305ccaa26af79a3b5e0d1570d8a8b035ccfa068b31f97a20f5905ebdd07790f8d065ca3558186d5ca0ccf758e257a5a770eddb1a514264d4d148d17db7dcb3c62a4f8bf8bede13c8cd7b3cc996018e979f3eae9c4729907f5efff27a20e139c76cd8189671bb58871af13fa835c953525987a467d283abecc29fe0c1b95a725cc040ba46b9ebdc601482c6d424085a70d0f6f479ac8644c31fa82d57e025ba4e340c8bec7373cdd1e388c505e3593ff8453047de24d67730e98edb59db11aeee0668bb318c67da3c038434a199918e913c4989a81e41e694e1eea37c1df94940356ee755144ecdd53d1efb9e13726ca20edca6f6cb9f67c020998bef5e4536e4964b4917c032ee308ce91c389910a3716630d2cb8b667d75030bc7823ab957567d074e0025611631c0fa6720c5331f4d36547f763f941b8a44d16c35783fc1b8a300a6d0238f60cd00756b81b4420b7703af7bd7a2ef2513cfa9a94ad4d4e53688e57d72b08465dcc56650f088fde129bb0ad7e05df627c751d1c398030a837411fc1049538423f24ddb117097436c163c7f660c9a534b75ff2b3e108a87f5d2bdf3de123f7a3b840919a70bd0175ef83295085f0ee3972da1551580136c124840ee2ae5c82276eed9deb5d2922a9d7b74a7c72b7e3e1d57ec1808462da367099a3d87dc60f466f7fc43eed3ed6efb19c8cac006f890683165f253b44862602a4847b9fda3dc498e21387a548fe575db3bc70993c613f99973cc62851b528e5dbb0a61bb3eeef598ec3ccf5555198cc52eee3b8f928be6dfed3a276f828b7a95371a7d374bb8c44fffeab77656bdac1963159b1f46eca79137cbb86e079d2d4bd3ce41e6df3d1a8320d51a71f3851aa2308f60bf6c2aa55b6d1424317829e6c18f85402ff8bb42c894493ab5efa8a20451fd06718bc868f53b2f58d95d4b199665c86814eaae1c18f12bf4d422092f85115c90154bcfe99a840b93d7ed19debbd04b3b7a1a576ab22ee0fd4b4976be7bcfe5460d79740f498eba907f3d14876dbc3eee81074a9e21eaa2ec3c4e781438008ea73462b5c78690299bcf09a7bd2f1654b7337ab6624bba2af8470d786aa56a9025eec41b0d230cfc9255662ec38c33f6f8860ba04ffd2da86dfc16a9f3baa734a28ffd1583d7878fa8dd5e9e59b22406335fce505113eed8c84ae1ff2d8971de1138d6a378f4d97bda15bb8d924264ac2d5b52352d247a4404517eab1e937cb699cd5d4cb22d9ef857553b4aeb87b98e9f9620825c7655d444f96487672d15ff0b8fc4143587a9f08ea2f5a161450508dd39f0fc85696aa6a10d1b68c21d35d1a00af41fc1dbc29a76d9b9074fb86a8edf4099a19cbef0d4fc1cc5de3399c6a83b8960321ebc83f2790045dcead067e03ea9919d664d24a03b27b2a93ac3dd223b88d452c08d5d28c366c4444ac22bdea0d6ae9e39c09047357be6589fefc42ea3b62701e40390cfbb1bb31fb0bb839575ee013b09d6f1c2df248003aa4823fb1266c419082c0525ee8b9f7db38de82f111374540d802b7663964c59a8227cf40d3be03681c706429d00bd421975c12bcbb50510319a3d53d05a0b3158de096e3ff36f4bce90e0ecd92fa3fd08c99dde61c8bc42e59e5a5e5dac6eb8100a75f50e2222075249a07d43d774ef2c9e3793364738985425725166d55091cac45a90181416989dcd351314a8aa48a495eb87b87f381e92e2b0ed1c6a6ec3b97037db4e4b6b4f0d09c325166436bc9fc31f16d82444b30aa305bea868b8e7d14ccd7e51ca61fa82a16c7d799872dc3f908c35371626e06bb1b951fce57fe3c95c1ebbf3eca69828bdcc241f1285b514702affa8ce0d81c402f49e0af482719b8090d9a2ff520084989182320c4907715687127c19b1524ae2dee1623d03b3b5b41c9f6373c93bdaada9c7456d3df978ce77242777e242724bf20e999a8927f78405e70a9fd012334e96cfa94688decd9cd4f1f44b93bf38ec395ee8efc9a7b7a00e305e5ede402a7d2df33bac4ac87a4400a944dc82732b411278c825c6a2689e7c58cc0cfab18d3da14c772262f2d42f6087fb6a4943cd081149749343b8dc115c754505cbea3c31db083247b54a5b62fed7616ecdc7c552ee181e8afbadd9b5b21aa69c488a4aa4a394619e0a1a3cd6459aa852b6f763fd580d8a94f144f975622c403b25f8bc3e5c302ba5ecbf9c33eaee0c9d9e33472992b840e4f0b94eeb18568918f02c4e47f56d9e50c17d41f360df83348cc85da938ccb9f4b573cb5e78b29b407c71efa80b925826715e75e192bd76121202fc7ae4df332bc5dde93cfd1aea4e89d656031bad1a4cba49d37b198bd51bdae9e9351175f4294a2316e187e768b8649beb4e1227ea886d7d35afcf1f43d2b2ebc055e381997805e2eae7381de52503143a3183af897577d01829ca481dd12d2c5bba8181a67263cbd0ed9da07b5aa617d4bdf4ea6928804c8269ffbe4df158a188969028b4a10fc554c157fd098366200175d031ef936a284c1148f861df349cafbd060a79b23fd4de97766dbecefb54b4a9106cb624dd95ead4fd1a9b7849c8db6d1b689a9a79963fd40f292967dc9b4d1a5eb92c8791807c6df1e08acdcc0adf54069dc64738a2ba1f71c299e53f1f79ba26b2653cd0e5044793bfd8c230e83398f9f887c80a4aba84ad96aa1caa4ab0c8af03f1c8d0da4e043c95e8f7d04dd94a911691acbe45ca7454bc7b372c5f727ac743723d20cb899df404012a1aaf8eca3f7464ee3c2331424f32831d0e8d996a1d38fec7717eb1521b6f85c77775502c302d4a129d6f642e10d4e7ede36", 0x0, 0x0, 0x5}, 0x50)

3.308808345s ago: executing program 1 (id=2387):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x6, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000580), 0x6e, &(0x7f0000000680)=[{&(0x7f0000000600)=""/76, 0x4c}], 0x1, &(0x7f00000006c0)=[@cred={{0x1c}}], 0x20}, 0x2)
ioctl$TUNGETDEVNETNS(r0, 0x5460, 0x20000000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r2 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r2, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x43}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000580)=ANY=[], 0x1458}, 0x240048c0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x2, &(0x7f00000002c0)=@raw=[@call={0x85, 0x0, 0x0, 0x43}, @exit], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x9, 0x6, 0x4000008, 0x1, 0x3020, r3, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x21, 0x0, 0x8, 0x4, 0x1, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x50)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r7, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r8}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x2, &(0x7f0000000000)=@raw=[@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x16}], &(0x7f00000000c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x0, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_ext={0x1c, 0x15, &(0x7f0000000840)=@raw=[@map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x5}, @exit, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @generic={0x2d, 0xb, 0x2, 0xff, 0x100}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7ff}, @generic={0x0, 0x2, 0x6, 0x9, 0x3}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x3}], &(0x7f0000000900)='GPL\x00', 0x4bd6, 0x73, &(0x7f0000000940)=""/115, 0x41100, 0x2, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000a00)={0x4, 0xa, 0xfff, 0xc2f}, 0x10, 0x2040f, 0xffffffffffffffff, 0x6, &(0x7f0000000b40)=[r4, r5, r5, r4, r3], &(0x7f0000000b80)=[{0x5, 0x1, 0x4, 0xb}, {0x3, 0x3, 0x8, 0x6}, {0x4, 0x4, 0x3, 0x5}, {0x4, 0x5, 0x9, 0xa}, {0x5, 0x2, 0x7, 0x4}, {0x3, 0x2, 0xe, 0xc}], 0x10, 0x8}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xd, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x3}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}, @map_fd={0x18, 0x8, 0x1, 0x0, r5}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000400)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41100, 0x4d, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0xf, 0x80000000, 0xb8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000540)=[r5, r3, r3, r3], &(0x7f0000000580)=[{0x1, 0x1, 0x8, 0x5}, {0x3, 0x4, 0xb, 0xb}, {0x3, 0x1, 0x10}], 0x10, 0x1954}, 0x94)

2.785342152s ago: executing program 1 (id=2388):
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000000006c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="716370750100691e"], 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
gettid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0x2a979d)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x10, 0x4, 0x4, 0x2}, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x89, 0x1, 0x0, 0x0, 0x0, 0x34, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x2}, 0x8002, 0x2, 0xfffffffe, 0x0, 0x200, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf}, 0x50)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x1)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.783406832s ago: executing program 2 (id=2389):
r0 = socket$kcm(0xa, 0x6, 0x0)
sendmsg$kcm(r0, 0x0, 0x4040080)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r1, &(0x7f0000000280), &(0x7f0000000340)=""/59}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0xc00000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000d2106fbc66000000fa4e6d9df66ff2a655931f11c8f9f2298409622681ac5b8b936edd61ac2c7985bc19b794d53fc4b554829e8d7cbce287ac385338f5aaa5a945c5fc8e9db96d2144e2c398c5798dbd1e08c1b421ef29bbd7858cf13ecc67b59c1d50078639c9411035c1ae6215f2f9af7b83f45c438dc72ed70b3bbc4a687e16d37b93921da67bb7e3640a21596a3bff89d7ff5795fe94f7c8c71f53178475c7252b92182e5590c3844d5bf99416d0bcdb202a61f9f4b570dfb94deaaaf4489119b5a95ed647e7114491620357d704a96d296069580d098356b90829090fa522194878d2d7107ed8a86ebd8d19afb19eb83ab207f18d4e351dcba21af003f6d23ff19260d0563aa10996063ac204f132811d14ab90c874f14d36e4e920568677d1e5820d73819c56fc62821d02905e568e4f48bccb2613924e425e36cb492e321a6845852dca6dedd917b79afafc553ed1af0d7939e79f75f98a1f360a3aa71c0bcc68eaadd7f1266bd1ad2ea19e0178e222bd162272a27de8e982cb9e2c9865ff1260929f39cd2365dc5da300"], 0x50)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x5452, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0xa, 0x2, 0x3a)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x4, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440), 0x0)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000600)={r4, r5})
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x400, 0x2d, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x90, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x21140200, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073116f00000000008510000002000000850000004900000095000000000000009500a50500040000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

2.113942753s ago: executing program 2 (id=2390):
r0 = perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3, 0x200000000006}, 0x0, 0xca, 0xdc1, 0x8, 0x0, 0x10, 0x0, 0x0, 0xfffffffe, 0x0, 0x4}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x2)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x11, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002c000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@o_path={&(0x7f0000000000)='./file0\x00', 0x0, 0x2010, r0}, 0x18)
r2 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={&(0x7f0000001540)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e22}}, 0x80, 0x0}, 0x20008044)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x9e4, 0x5, 0x8, 0x20005, 0xfffd, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
r4 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x2}, 0xd0, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="02000000040000"], 0x50)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, r6, 0x0)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r8, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
close(r2)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0xf, 0x1, 0xf, 0x8, 0x0, 0x4, 0x20000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb2, 0x0, @perf_config_ext={0x1, 0x5583}, 0x2000, 0x2, 0x2, 0x4, 0x1fffffffe00000, 0x1, 0xbe5, 0x0, 0x13d4, 0x0, 0x2}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x1)

2.113654673s ago: executing program 3 (id=2391):
perf_event_open(&(0x7f0000000e80)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x5, 0x9}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b2266"], 0xfdef)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x6}, 0x0, 0xc8, 0x80001, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x40000000)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xfdef)

770.348466ms ago: executing program 1 (id=2392):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000000600000000"], 0x66)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r2}, 0x38)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940), 0x0)
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x90)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x18, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="00000085ca1102000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x3, 0xfd, &(0x7f00000005c0)=""/253, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x5, 0x1, 0xea67}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[r1, r2, r2, 0xffffffffffffffff, r3], 0x0, 0x10, 0x8001}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000580)=r0, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/166}, 0x20)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x400})
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
socketpair(0x10, 0x4, 0xe4, &(0x7f00000002c0))
recvmsg$kcm(r4, 0x0, 0x0)
socket$kcm(0x2, 0x7, 0x2)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
socket$kcm(0x10, 0x3, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="14000000040000000400000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r6, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)=r5, 0x62)

769.966596ms ago: executing program 2 (id=2393):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[], 0xfe33)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8948, &(0x7f00000000c0)={'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}})
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x10100)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={&(0x7f0000000100)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x80000, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r3, 0x0, &(0x7f0000000200)=""/76}, 0x20)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000600)='tasks\x00', 0x2, 0x0)
r4 = perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/29], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f00000004c0)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x40, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x840}, 0x80081)
getpid()

762.150736ms ago: executing program 3 (id=2394):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000480)="d80000001a0081044e81f782db4cb904021d0800fe007c05e81156a10a0015000200142603600e12080010007a010401a8001600200002400400077c035c0400a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7eef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e101ce81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a9412dd09206da6f7ddef7b39b27ee", 0xd8}], 0x1}, 0x0) (fail_nth: 3)

624.341171ms ago: executing program 3 (id=2395):
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x5d31, 0x21, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x5, 0xff0000000}, 0x4000, 0x6, 0x0, 0x1, 0x8, 0x0, 0x3}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x0, 0xff, 0x0, 0xfd, 0x0, 0xb0, 0x25108, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x1, @perf_config_ext={0x4}, 0x2a10, 0xffffffffffffffff, 0x2, 0x0, 0x5, 0x8002000a, 0x0, 0x0, 0xfffffff8, 0x0, 0x5}, 0x0, 0x4, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000340)=""/129, 0x81, <r2=>0x0, &(0x7f00000004c0)=""/251, 0xfb}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000070400850000001b"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7}}, 0x0, 0x7}, 0xd1)
r3 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r4, 0x0, 0x0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, 0x0, &(0x7f0000000040)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip_vti0\x00'})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f00000002c0)=ANY=[@ANYRES8=r6, @ANYRESDEC], 0x12)
write$cgroup_pressure(r7, &(0x7f0000000400)={'some', 0x20, 0x1, 0x20, 0x3}, 0x2f)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f0, &(0x7f0000000080))
bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000008c0), 0x4)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x89f1, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r0, 0x29, 0x23, &(0x7f0000000040), 0xcf)

295.368011ms ago: executing program 2 (id=2396):
socketpair(0x22, 0x0, 0x24, &(0x7f00000001c0))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000003c0)}, 0x51)
setsockopt$sock_attach_bpf(r0, 0x1, 0xa, &(0x7f0000000480), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0x11, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x7}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0xa7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x2a, 0x5, 0x10, &(0x7f0000000380))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0xf0, &(0x7f0000000300)="882f1242a03c3f98722780b605a7", 0x0, 0x990d, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={0x0, 0x0, 0x4000, r2}, 0x18)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000002000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r6, 0xe0, &(0x7f0000004880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x5, 0x0, 0x8, 0x94d430193590d839, 0x0}}, 0x10)

65.515468ms ago: executing program 1 (id=2397):
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000000006c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="716370750100691e"], 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
gettid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0x2a979d)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0xc280, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x10, 0x4, 0x4, 0x2}, 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x89, 0x1, 0x0, 0x0, 0x0, 0x34, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x2}, 0x8002, 0x2, 0xfffffffe, 0x0, 0x200, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf}, 0x50)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x1)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

63.842278ms ago: executing program 3 (id=2398):
r0 = socket$kcm(0xa, 0x6, 0x0)
sendmsg$kcm(r0, 0x0, 0x4040080)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r1, &(0x7f0000000280), &(0x7f0000000340)=""/59}, 0x20)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0xc00000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000d2106fbc66000000fa4e6d9df66ff2a655931f11c8f9f2298409622681ac5b8b936edd61ac2c7985bc19b794d53fc4b554829e8d7cbce287ac385338f5aaa5a945c5fc8e9db96d2144e2c398c5798dbd1e08c1b421ef29bbd7858cf13ecc67b59c1d50078639c9411035c1ae6215f2f9af7b83f45c438dc72ed70b3bbc4a687e16d37b93921da67bb7e3640a21596a3bff89d7ff5795fe94f7c8c71f53178475c7252b92182e5590c3844d5bf99416d0bcdb202a61f9f4b570dfb94deaaaf4489119b5a95ed647e7114491620357d704a96d296069580d098356b90829090fa522194878d2d7107ed8a86ebd8d19afb19eb83ab207f18d4e351dcba21af003f6d23ff19260d0563aa10996063ac204f132811d14ab90c874f14d36e4e920568677d1e5820d73819c56fc62821d02905e568e4f48bccb2613924e425e36cb492e321a6845852dca6dedd917b79afafc553ed1af0d7939e79f75f98a1f360a3aa71c0bcc68eaadd7f1266bd1ad2ea19e0178e222bd162272a27de8e982cb9e2c9865ff1260929f39cd2365dc5da300"], 0x50)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x5452, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0xa, 0x2, 0x3a)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd, 0x590f}, 0x2920, 0x0, 0x4, 0x8, 0x80000000, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440), 0x0)
close(0x3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000600)={r4, r5})
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x400, 0x2d, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa16ae, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x90, 0xa4, 0x2, 0x1, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x21140200, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073116f00000000008510000002000000850000004900000095000000000000009500a50500040000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

0s ago: executing program 2 (id=2399):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="060000000400000009000000"], 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5a6e41dea43e63a3f70cff11c72b", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x2}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETSTEERINGEBPF(r5, 0x800454e0, &(0x7f0000000300)=r7)
ioctl$TUNGETVNETHDRSZ(r5, 0x800454d7, &(0x7f0000000180))
write$cgroup_devices(r6, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

kernel console output (not intermixed with test programs):

ld_failslab+0x9/0x20
[  461.835142][T10383]  slab_pre_alloc_hook+0x59/0x310
[  461.840205][T10383]  ? apparmor_sk_alloc_security+0x77/0x100
[  461.846045][T10383]  __kmem_cache_alloc_node+0x53/0x250
[  461.851457][T10383]  ? apparmor_sk_alloc_security+0x77/0x100
[  461.857304][T10383]  kmalloc_trace+0x2a/0xe0
[  461.861759][T10383]  apparmor_sk_alloc_security+0x77/0x100
[  461.867434][T10383]  security_sk_alloc+0x6e/0xa0
[  461.872237][T10383]  sk_prot_alloc+0x101/0x210
[  461.876871][T10383]  ? sk_alloc+0x24/0x360
[  461.881166][T10383]  sk_alloc+0x3a/0x360
[  461.885358][T10383]  ? bpf_ctx_init+0x163/0x1a0
[  461.890075][T10383]  ? bpf_prog_test_run_skb+0x279/0x18c0
[  461.895660][T10383]  bpf_prog_test_run_skb+0x3d1/0x18c0
[  461.901172][T10383]  ? __fget_files+0x28/0x4b0
[  461.905807][T10383]  ? __fget_files+0x43d/0x4b0
[  461.910537][T10383]  ? cpu_online+0x60/0x60
[  461.914911][T10383]  bpf_prog_test_run+0x321/0x390
[  461.919894][T10383]  __sys_bpf+0x49d/0x890
[  461.924194][T10383]  ? bpf_link_show_fdinfo+0x390/0x390
[  461.929617][T10383]  ? lock_chain_count+0x20/0x20
[  461.934511][T10383]  __x64_sys_bpf+0x7c/0x90
[  461.938957][T10383]  do_syscall_64+0x55/0xb0
[  461.943405][T10383]  ? clear_bhb_loop+0x40/0x90
[  461.948107][T10383]  ? clear_bhb_loop+0x40/0x90
[  461.952820][T10383]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  461.958749][T10383] RIP: 0033:0x7f1490b9ce59
[  461.963199][T10383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  461.982852][T10383] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  461.991318][T10383] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  461.999523][T10383] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[  462.007544][T10383] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  462.015567][T10383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.023617][T10383] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  462.031656][T10383]  </TASK>
[  466.929273][T10476] netlink: 'syz.2.1311': attribute type 21 has an invalid length.
[  466.938842][T10476] netlink: 'syz.2.1311': attribute type 10 has an invalid length.
[  466.948553][T10476] netlink: 'syz.2.1311': attribute type 12 has an invalid length.
[  466.990098][T10476] netlink: 'syz.2.1311': attribute type 13 has an invalid length.
[  467.040752][T10476] netlink: 'syz.2.1311': attribute type 14 has an invalid length.
[  467.049006][T10476] netlink: 'syz.2.1311': attribute type 15 has an invalid length.
[  467.097068][T10476] netlink: 'syz.2.1311': attribute type 16 has an invalid length.
[  467.135235][T10476] netlink: 'syz.2.1311': attribute type 19 has an invalid length.
[  467.180068][T10476] netlink: 'syz.2.1311': attribute type 21 has an invalid length.
[  467.194580][T10476] netlink: 'syz.2.1311': attribute type 22 has an invalid length.
[  467.203136][T10476] netlink: 12226 bytes leftover after parsing attributes in process `syz.2.1311'.
[  467.657741][T10494] netlink: 1045 bytes leftover after parsing attributes in process `syz.0.1315'.
[  470.155732][T10520] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1326'.
[  470.204454][T10520] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.1326'.
[  470.964092][T10540] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1334'.
[  475.178114][T10622] netlink: 192436 bytes leftover after parsing attributes in process `syz.1.1364'.
[  475.199287][T10622] openvswitch: netlink: Key type 4112 is out of range max 32
[  476.077745][T10625] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1365'.
[  476.531720][T10625] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.549607][T10625] batman_adv: batadv0: Removing interface: batadv_slave_0
[  476.594609][T10625] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.630671][T10625] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.193343][T10642] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1371'.
[  477.262538][T10645] FAULT_INJECTION: forcing a failure.
[  477.262538][T10645] name failslab, interval 1, probability 0, space 0, times 0
[  477.286885][T10645] CPU: 1 PID: 10645 Comm: syz.2.1372 Not tainted syzkaller #0
[  477.294539][T10645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  477.305004][T10645] Call Trace:
[  477.308369][T10645]  <TASK>
[  477.311355][T10645]  dump_stack_lvl+0x18c/0x250
[  477.316260][T10645]  ? sctp_sendmsg+0x15d2/0x2910
[  477.321271][T10645]  ? ___sys_sendmsg+0x2a6/0x360
[  477.326287][T10645]  ? show_regs_print_info+0x20/0x20
[  477.331635][T10645]  ? load_image+0x420/0x420
[  477.336249][T10645]  should_fail_ex+0x39d/0x4d0
[  477.341031][T10645]  should_failslab+0x9/0x20
[  477.345640][T10645]  slab_pre_alloc_hook+0x59/0x310
[  477.350776][T10645]  ? sctp_add_bind_addr+0x8c/0x360
[  477.356041][T10645]  __kmem_cache_alloc_node+0x53/0x250
[  477.361485][T10645]  ? sctp_add_bind_addr+0x8c/0x360
[  477.366744][T10645]  kmalloc_trace+0x2a/0xe0
[  477.371238][T10645]  sctp_add_bind_addr+0x8c/0x360
[  477.371259][T10646] validate_nla: 2 callbacks suppressed
[  477.371499][T10646] netlink: 'syz.1.1371': attribute type 3 has an invalid length.
[  477.376235][T10645]  sctp_copy_local_addr_list+0x315/0x4f0
[  477.396132][T10645]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  477.401923][T10645]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  477.408320][T10645]  ? sctp_v6_is_any+0x64/0x70
[  477.409088][T10646] netlink: 201372 bytes leftover after parsing attributes in process `syz.1.1371'.
[  477.413157][T10645]  ? sctp_copy_one_addr+0x8c/0x350
[  477.413194][T10645]  sctp_bind_addr_copy+0xb3/0x3c0
[  477.413224][T10645]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  477.413262][T10645]  sctp_connect_new_asoc+0x2f9/0x6a0
[  477.413296][T10645]  ? __sctp_connect+0xd80/0xd80
[  477.413322][T10645]  ? __local_bh_enable_ip+0x13a/0x1c0
[  477.413392][T10645]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  477.413429][T10645]  ? security_sctp_bind_connect+0x89/0xb0
[  477.413484][T10645]  sctp_sendmsg+0x15d2/0x2910
[  477.471529][T10645]  ? sctp_getsockopt+0xb60/0xb60
[  477.476710][T10645]  ? aa_sk_perm+0x83c/0x970
[  477.481309][T10645]  ? aa_af_perm+0x330/0x330
[  477.485866][T10645]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  477.492424][T10645]  ? sock_rps_record_flow+0x19/0x3f0
[  477.497821][T10645]  ? inet_sendmsg+0xe9/0x2f0
[  477.502479][T10645]  ? inet_send_prepare+0x260/0x260
[  477.507663][T10645]  ____sys_sendmsg+0x5ba/0x960
[  477.512585][T10645]  ? __lock_acquire+0x7d40/0x7d40
[  477.517712][T10645]  ? __sys_sendmsg_sock+0x30/0x30
[  477.522789][T10645]  ? __import_iovec+0x5f2/0x850
[  477.527998][T10645]  ? import_iovec+0x73/0xa0
[  477.532561][T10645]  ___sys_sendmsg+0x2a6/0x360
[  477.537399][T10645]  ? get_pid_task+0x20/0x1e0
[  477.542058][T10645]  ? __sys_sendmsg+0x2a0/0x2a0
[  477.546908][T10645]  ? __lock_acquire+0x7d40/0x7d40
[  477.552027][T10645]  __se_sys_sendmsg+0x1c2/0x2b0
[  477.556946][T10645]  ? __x64_sys_sendmsg+0x80/0x80
[  477.561957][T10645]  ? lockdep_hardirqs_on+0x98/0x150
[  477.567275][T10645]  do_syscall_64+0x55/0xb0
[  477.572556][T10645]  ? clear_bhb_loop+0x40/0x90
[  477.577505][T10645]  ? clear_bhb_loop+0x40/0x90
[  477.582246][T10645]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  477.588310][T10645] RIP: 0033:0x7f1490b9ce59
[  477.592758][T10645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  477.612537][T10645] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  477.621066][T10645] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  477.629075][T10645] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  477.637170][T10645] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  477.645245][T10645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  477.653251][T10645] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  477.661274][T10645]  </TASK>
[  479.710657][T10680] sock: sock_timestamping_bind_phc: sock not bind to device
[  480.657821][T10688] FAULT_INJECTION: forcing a failure.
[  480.657821][T10688] name failslab, interval 1, probability 0, space 0, times 0
[  480.671306][T10688] CPU: 0 PID: 10688 Comm: syz.2.1384 Not tainted syzkaller #0
[  480.678851][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  480.689071][T10688] Call Trace:
[  480.692411][T10688]  <TASK>
[  480.695395][T10688]  dump_stack_lvl+0x18c/0x250
[  480.700143][T10688]  ? show_regs_print_info+0x20/0x20
[  480.705405][T10688]  ? load_image+0x420/0x420
[  480.709972][T10688]  ? skb_network_protocol+0x529/0x780
[  480.710104][T10690] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1385'.
[  480.715499][T10688]  should_fail_ex+0x39d/0x4d0
[  480.729971][T10688]  should_failslab+0x9/0x20
[  480.734547][T10688]  slab_pre_alloc_hook+0x59/0x310
[  480.739648][T10688]  kmem_cache_alloc+0x5a/0x2d0
[  480.744486][T10688]  ? skb_clone+0x1eb/0x370
[  480.748974][T10688]  skb_clone+0x1eb/0x370
[  480.753289][T10688]  ? dev_queue_xmit_nit+0x212/0xbb0
[  480.758553][T10688]  dev_queue_xmit_nit+0x24d/0xbb0
[  480.763647][T10688]  ? dev_queue_xmit_nit+0x2d/0xbb0
[  480.769033][T10688]  ? validate_xmit_skb+0x949/0xf60
[  480.774272][T10688]  dev_hard_start_xmit+0x148/0x740
[  480.779474][T10688]  __dev_queue_xmit+0x19a3/0x3660
[  480.785225][T10688]  ? __dev_queue_xmit+0x265/0x3660
[  480.790426][T10688]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  480.796445][T10688]  ? netdev_core_pick_tx+0x340/0x340
[  480.801778][T10688]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  480.808066][T10688]  ? lockdep_hardirqs_on+0x98/0x150
[  480.813308][T10688]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  480.819635][T10688]  __bpf_tx_skb+0x189/0x250
[  480.824269][T10688]  bpf_clone_redirect+0x30f/0x4a0
[  480.829395][T10688]  bpf_prog_64e505a7b7f97a05+0x5d/0x62
[  480.835355][T10688]  ? __static_call_text_end+0xd5578/0xd5578
[  480.841291][T10688]  ? lockdep_hardirqs_on+0x98/0x150
[  480.846543][T10688]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  480.852741][T10688]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  480.859021][T10688]  ? lockdep_softirqs_on+0x580/0x580
[  480.864416][T10688]  ? seqcount_lockdep_reader_access+0x19a/0x1d0
[  480.870702][T10688]  ? ktime_get_real_ts64+0x440/0x440
[  480.876046][T10688]  ? lockdep_hardirqs_on+0x98/0x150
[  480.881604][T10688]  ? __local_bh_disable_ip+0x108/0x1a0
[  480.887109][T10688]  ? __cant_sleep+0x220/0x220
[  480.891847][T10688]  ? read_tsc+0x9/0x20
[  480.896004][T10688]  ? ktime_get+0x24b/0x280
[  480.900457][T10688]  ? bpf_test_run+0x174/0x870
[  480.905300][T10688]  bpf_test_run+0x2df/0x870
[  480.909872][T10688]  ? bpf_test_run+0x174/0x870
[  480.914594][T10688]  ? dst_hold+0x70/0x70
[  480.918822][T10688]  ? eth_get_headlen+0x210/0x210
[  480.923921][T10688]  bpf_prog_test_run_skb+0xdc8/0x18c0
[  480.929368][T10688]  ? cpu_online+0x60/0x60
[  480.933795][T10688]  bpf_prog_test_run+0x321/0x390
[  480.938790][T10688]  __sys_bpf+0x49d/0x890
[  480.943083][T10688]  ? bpf_link_show_fdinfo+0x390/0x390
[  480.948847][T10688]  ? lock_chain_count+0x20/0x20
[  480.954016][T10688]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  480.960158][T10688]  __x64_sys_bpf+0x7c/0x90
[  480.964625][T10688]  do_syscall_64+0x55/0xb0
[  480.969106][T10688]  ? clear_bhb_loop+0x40/0x90
[  480.973863][T10688]  ? clear_bhb_loop+0x40/0x90
[  480.979440][T10688]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.985564][T10688] RIP: 0033:0x7f1490b9ce59
[  480.990271][T10688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  481.009914][T10688] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  481.018364][T10688] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  481.027887][T10688] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[  481.036245][T10688] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  481.044253][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.052431][T10688] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  481.060448][T10688]  </TASK>
[  482.066173][T10686] syzkaller0: entered promiscuous mode
[  482.072021][T10686] syzkaller0: entered allmulticast mode
[  482.084367][T10697] netlink: 'syz.1.1387': attribute type 33 has an invalid length.
[  482.095474][T10697] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1387'.
[  484.520028][T10726] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1393'.
[  484.892160][T10744] veth0_vlan: entered allmulticast mode
[  486.812623][T10767] syzkaller0: entered promiscuous mode
[  486.818621][T10767] syzkaller0: entered allmulticast mode
[  486.835576][T10775] netlink: 'syz.3.1406': attribute type 10 has an invalid length.
[  489.799188][T10817] netlink: 'syz.1.1419': attribute type 10 has an invalid length.
[  491.151834][T10850] FAULT_INJECTION: forcing a failure.
[  491.151834][T10850] name failslab, interval 1, probability 0, space 0, times 0
[  491.194873][T10850] CPU: 1 PID: 10850 Comm: syz.1.1433 Not tainted syzkaller #0
[  491.202422][T10850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  491.212528][T10850] Call Trace:
[  491.215848][T10850]  <TASK>
[  491.218819][T10850]  dump_stack_lvl+0x18c/0x250
[  491.223556][T10850]  ? sctp_sendmsg+0x15d2/0x2910
[  491.228741][T10850]  ? ___sys_sendmsg+0x2a6/0x360
[  491.233659][T10850]  ? show_regs_print_info+0x20/0x20
[  491.238910][T10850]  ? load_image+0x420/0x420
[  491.243482][T10850]  should_fail_ex+0x39d/0x4d0
[  491.248217][T10850]  should_failslab+0x9/0x20
[  491.252778][T10850]  slab_pre_alloc_hook+0x59/0x310
[  491.258008][T10850]  ? sctp_add_bind_addr+0x8c/0x360
[  491.263166][T10850]  __kmem_cache_alloc_node+0x53/0x250
[  491.268609][T10850]  ? sctp_add_bind_addr+0x8c/0x360
[  491.273768][T10850]  kmalloc_trace+0x2a/0xe0
[  491.278226][T10850]  sctp_add_bind_addr+0x8c/0x360
[  491.283202][T10850]  sctp_copy_local_addr_list+0x315/0x4f0
[  491.288882][T10850]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  491.294639][T10850]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  491.300746][T10850]  ? sctp_v4_is_any+0x35/0x60
[  491.305480][T10850]  ? sctp_copy_one_addr+0x8c/0x350
[  491.310626][T10850]  sctp_bind_addr_copy+0xb3/0x3c0
[  491.315682][T10850]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  491.322052][T10850]  sctp_connect_new_asoc+0x2f9/0x6a0
[  491.327385][T10850]  ? __sctp_connect+0xd80/0xd80
[  491.332268][T10850]  ? __local_bh_enable_ip+0x13a/0x1c0
[  491.337682][T10850]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  491.343260][T10850]  ? security_sctp_bind_connect+0x89/0xb0
[  491.349021][T10850]  sctp_sendmsg+0x15d2/0x2910
[  491.353756][T10850]  ? sctp_getsockopt+0xb60/0xb60
[  491.358821][T10850]  ? aa_sk_perm+0x83c/0x970
[  491.363447][T10850]  ? aa_af_perm+0x330/0x330
[  491.367973][T10850]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  491.374436][T10850]  ? sock_rps_record_flow+0x19/0x3f0
[  491.379801][T10850]  ? inet_sendmsg+0xe9/0x2f0
[  491.384452][T10850]  ? inet_send_prepare+0x260/0x260
[  491.389617][T10850]  ____sys_sendmsg+0x5ba/0x960
[  491.394442][T10850]  ? __lock_acquire+0x7d40/0x7d40
[  491.399511][T10850]  ? __asan_memset+0x22/0x40
[  491.404239][T10850]  ? __sys_sendmsg_sock+0x30/0x30
[  491.409424][T10850]  ? __import_iovec+0x5f2/0x850
[  491.414329][T10850]  ? import_iovec+0x73/0xa0
[  491.418865][T10850]  ___sys_sendmsg+0x2a6/0x360
[  491.423666][T10850]  ? get_pid_task+0x20/0x1e0
[  491.428295][T10850]  ? __sys_sendmsg+0x2a0/0x2a0
[  491.433110][T10850]  ? __lock_acquire+0x7d40/0x7d40
[  491.438192][T10850]  __se_sys_sendmsg+0x1c2/0x2b0
[  491.443094][T10850]  ? __x64_sys_sendmsg+0x80/0x80
[  491.448091][T10850]  ? lockdep_hardirqs_on+0x98/0x150
[  491.453332][T10850]  do_syscall_64+0x55/0xb0
[  491.457784][T10850]  ? clear_bhb_loop+0x40/0x90
[  491.462504][T10850]  ? clear_bhb_loop+0x40/0x90
[  491.467228][T10850]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  491.473170][T10850] RIP: 0033:0x7f065bb9ce59
[  491.477635][T10850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  491.497295][T10850] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  491.505752][T10850] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  491.513770][T10850] RDX: 0000000000008804 RSI: 0000200000000380 RDI: 0000000000000004
[  491.522442][T10850] RBP: 00007f065c9f5090 R08: 0000000000000000 R09: 0000000000000000
[  491.531309][T10850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  491.539319][T10850] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  491.547348][T10850]  </TASK>
[  492.631227][T10870] netlink: 'syz.2.1439': attribute type 10 has an invalid length.
[  492.640878][T10870] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1439'.
[  492.667277][T10870] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  492.934152][T10880] netlink: 'syz.1.1443': attribute type 29 has an invalid length.
[  492.947318][T10880] netlink: 'syz.1.1443': attribute type 29 has an invalid length.
[  493.111097][T10880] netlink: 'syz.1.1443': attribute type 29 has an invalid length.
[  493.148023][T10883] netlink: 'syz.1.1443': attribute type 29 has an invalid length.
[  493.396756][T10889] netlink: 65047 bytes leftover after parsing attributes in process `syz.0.1447'.
[  493.890431][T10903] netlink: 'syz.2.1452': attribute type 3 has an invalid length.
[  493.914240][T10903] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1452'.
[  494.702326][T10930] netlink: 'syz.1.1460': attribute type 10 has an invalid length.
[  494.857447][T10935] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.1461'.
[  495.109076][T10942] netlink: 'syz.0.1465': attribute type 10 has an invalid length.
[  495.161076][T10942] bridge_slave_1: left allmulticast mode
[  495.166817][T10942] bridge_slave_1: left promiscuous mode
[  495.178248][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.793795][T10957] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1470'.
[  495.860032][T10957] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1470'.
[  495.869627][T10958] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1470'.
[  495.958223][T10961] FAULT_INJECTION: forcing a failure.
[  495.958223][T10961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  495.975850][T10961] CPU: 1 PID: 10961 Comm: syz.0.1471 Not tainted syzkaller #0
[  495.983430][T10961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  495.993635][T10961] Call Trace:
[  495.996959][T10961]  <TASK>
[  496.000120][T10961]  dump_stack_lvl+0x18c/0x250
[  496.006212][T10961]  ? show_regs_print_info+0x20/0x20
[  496.011740][T10961]  ? load_image+0x420/0x420
[  496.016316][T10961]  ? __might_fault+0xaa/0x120
[  496.021597][T10961]  ? __lock_acquire+0x7d40/0x7d40
[  496.026791][T10961]  should_fail_ex+0x39d/0x4d0
[  496.031747][T10961]  _copy_from_user+0x2f/0xe0
[  496.036444][T10961]  generic_map_update_batch+0x59a/0x810
[  496.042062][T10961]  ? rcu_read_unlock+0xa0/0xa0
[  496.046921][T10961]  ? __fdget+0x180/0x210
[  496.051261][T10961]  ? rcu_read_unlock+0xa0/0xa0
[  496.056084][T10961]  bpf_map_do_batch+0x3d7/0x610
[  496.061096][T10961]  __sys_bpf+0x381/0x890
[  496.065750][T10961]  ? bpf_link_show_fdinfo+0x390/0x390
[  496.072000][T10961]  ? lock_chain_count+0x20/0x20
[  496.076934][T10961]  __x64_sys_bpf+0x7c/0x90
[  496.081422][T10961]  do_syscall_64+0x55/0xb0
[  496.085920][T10961]  ? clear_bhb_loop+0x40/0x90
[  496.090819][T10961]  ? clear_bhb_loop+0x40/0x90
[  496.095613][T10961]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.101671][T10961] RIP: 0033:0x7fa6c219ce59
[  496.106144][T10961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  496.126155][T10961] RSP: 002b:00007fa6c30c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  496.134813][T10961] RAX: ffffffffffffffda RBX: 00007fa6c2415fa0 RCX: 00007fa6c219ce59
[  496.142856][T10961] RDX: 0000000000000038 RSI: 0000200000000900 RDI: 000000000000001a
[  496.150995][T10961] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  496.159116][T10961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  496.167147][T10961] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  496.175201][T10961]  </TASK>
[  496.195128][T10957] C: renamed from team_slave_0
[  496.206091][T10957] netlink: 'syz.1.1470': attribute type 3 has an invalid length.
[  496.224370][T10957] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1470'.
[  500.024689][T11005] syzkaller0: entered promiscuous mode
[  500.062226][T11005] syzkaller0: entered allmulticast mode
[  500.417632][T11037] FAULT_INJECTION: forcing a failure.
[  500.417632][T11037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.433995][T11037] CPU: 1 PID: 11037 Comm: syz.1.1495 Not tainted syzkaller #0
[  500.441569][T11037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  500.451707][T11037] Call Trace:
[  500.455077][T11037]  <TASK>
[  500.458065][T11037]  dump_stack_lvl+0x18c/0x250
[  500.462859][T11037]  ? show_regs_print_info+0x20/0x20
[  500.468133][T11037]  ? load_image+0x420/0x420
[  500.472709][T11037]  ? __might_fault+0xaa/0x120
[  500.477463][T11037]  ? __lock_acquire+0x7d40/0x7d40
[  500.482573][T11037]  should_fail_ex+0x39d/0x4d0
[  500.487343][T11037]  _copy_from_user+0x2f/0xe0
[  500.492017][T11037]  sctp_setsockopt+0x19e/0x11e0
[  500.496945][T11037]  ? sock_common_recvmsg+0x190/0x190
[  500.502332][T11037]  do_sock_setsockopt+0x175/0x1a0
[  500.507601][T11037]  ? __fdget+0x180/0x210
[  500.511925][T11037]  __x64_sys_setsockopt+0x182/0x200
[  500.517292][T11037]  do_syscall_64+0x55/0xb0
[  500.521775][T11037]  ? clear_bhb_loop+0x40/0x90
[  500.526513][T11037]  ? clear_bhb_loop+0x40/0x90
[  500.531257][T11037]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  500.537223][T11037] RIP: 0033:0x7f065bb9ce59
[  500.541696][T11037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  500.561383][T11037] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  500.569873][T11037] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  500.577904][T11037] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000004
[  500.585915][T11037] RBP: 00007f065c9f5090 R08: 0000000000000008 R09: 0000000000000000
[  500.593944][T11037] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.601957][T11037] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  500.610016][T11037]  </TASK>
[  501.734209][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  501.741921][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  503.940151][T11079] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1506'.
[  503.964033][T11079] netlink: 'syz.2.1506': attribute type 29 has an invalid length.
[  503.973567][T11079] netlink: 'syz.2.1506': attribute type 29 has an invalid length.
[  503.983627][T11079] netlink: 'syz.2.1506': attribute type 29 has an invalid length.
[  504.994588][T11094] syzkaller0: entered promiscuous mode
[  505.047166][T11094] syzkaller0: entered allmulticast mode
[  507.988523][T11116] netlink: 'syz.0.1515': attribute type 10 has an invalid length.
[  508.744236][T11145] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1526'.
[  508.907852][T11149] netlink: 'syz.3.1527': attribute type 10 has an invalid length.
[  510.511225][T11174] delete_channel: no stack
[  510.542992][T11174] delete_channel: no stack
[  511.005449][T11163] syzkaller0: entered promiscuous mode
[  511.012611][T11163] syzkaller0: entered allmulticast mode
[  511.075936][T11169] netlink: 'syz.2.1537': attribute type 10 has an invalid length.
[  511.615702][T11190] syz.0.1535[11190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.616378][T11190] syz.0.1535[11190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  512.554485][T11196] netlink: 'syz.2.1539': attribute type 29 has an invalid length.
[  513.988009][T11196] netlink: 'syz.2.1539': attribute type 29 has an invalid length.
[  514.011041][T11197] netlink: 'syz.2.1539': attribute type 29 has an invalid length.
[  514.743364][T11212] netlink: 'syz.1.1544': attribute type 2 has an invalid length.
[  514.753125][T11212] netlink: 'syz.1.1544': attribute type 8 has an invalid length.
[  514.763369][T11212] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1544'.
[  514.908822][T11218] can: request_module (can-proto-5) failed.
[  514.950383][T11222] netlink: 'syz.2.1548': attribute type 11 has an invalid length.
[  514.958393][T11222] netlink: 184116 bytes leftover after parsing attributes in process `syz.2.1548'.
[  515.018159][T11222] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  515.939208][T11249] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1556'.
[  515.975670][T11249] netlink: zone id is out of range
[  515.997287][T11249] netlink: zone id is out of range
[  516.004986][T11249] netlink: zone id is out of range
[  516.021540][T11249] netlink: zone id is out of range
[  516.030292][T11249] netlink: zone id is out of range
[  516.040509][T11254] netlink: 'syz.2.1558': attribute type 1 has an invalid length.
[  516.048504][T11254] netlink: 60387 bytes leftover after parsing attributes in process `syz.2.1558'.
[  516.069941][T11249] netlink: zone id is out of range
[  516.082640][T11249] netlink: zone id is out of range
[  516.096003][T11249] netlink: zone id is out of range
[  516.110740][T11249] netlink: zone id is out of range
[  516.133993][T11249] netlink: zone id is out of range
[  517.796606][T11287] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  517.808107][T11287] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1568'.
[  517.820897][T11287] ipvlan1: entered promiscuous mode
[  517.826215][T11287] ipvlan1: entered allmulticast mode
[  517.851099][T11287] veth0_vlan: entered allmulticast mode
[  517.910690][T11287] bridge0: port 4(ipvlan1) entered blocking state
[  517.960361][T11287] bridge0: port 4(ipvlan1) entered disabled state
[  518.631036][T11301] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.1571'.
[  519.818029][T11327] syzkaller0: entered promiscuous mode
[  519.825421][T11327] syzkaller0: entered allmulticast mode
[  520.293413][T11333] syzkaller0: entered promiscuous mode
[  520.299159][T11333] syzkaller0: entered allmulticast mode
[  520.898222][T11346] netlink: 184912 bytes leftover after parsing attributes in process `syz.0.1584'.
[  524.595183][T11347] netlink: 'syz.0.1584': attribute type 27 has an invalid length.
[  524.793409][T11354] IPv6: Can't replace route, no match found
[  525.501295][T11369] syzkaller0: entered promiscuous mode
[  525.507922][T11369] syzkaller0: entered allmulticast mode
[  526.711716][T11392] FAULT_INJECTION: forcing a failure.
[  526.711716][T11392] name failslab, interval 1, probability 0, space 0, times 0
[  526.730375][T11392] CPU: 1 PID: 11392 Comm: syz.2.1599 Not tainted syzkaller #0
[  526.737972][T11392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  526.748136][T11392] Call Trace:
[  526.751492][T11392]  <TASK>
[  526.754489][T11392]  dump_stack_lvl+0x18c/0x250
[  526.759296][T11392]  ? show_regs_print_info+0x20/0x20
[  526.764547][T11392]  ? load_image+0x420/0x420
[  526.769299][T11392]  ? __might_sleep+0xe0/0xe0
[  526.773963][T11392]  ? __lock_acquire+0x7d40/0x7d40
[  526.779083][T11392]  should_fail_ex+0x39d/0x4d0
[  526.784184][T11392]  should_failslab+0x9/0x20
[  526.788736][T11392]  slab_pre_alloc_hook+0x59/0x310
[  526.793851][T11392]  ? __lock_acquire+0x7d40/0x7d40
[  526.798924][T11392]  kmem_cache_alloc_node+0x60/0x320
[  526.804187][T11392]  ? __alloc_skb+0x103/0x2c0
[  526.808861][T11392]  __alloc_skb+0x103/0x2c0
[  526.813386][T11392]  netlink_sendmsg+0x66a/0xbf0
[  526.818314][T11392]  ? netlink_getsockopt+0x590/0x590
[  526.823618][T11392]  ? aa_sock_msg_perm+0x94/0x150
[  526.828648][T11392]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  526.833976][T11392]  ? security_socket_sendmsg+0x80/0xa0
[  526.839519][T11392]  ? netlink_getsockopt+0x590/0x590
[  526.844791][T11392]  ____sys_sendmsg+0x5ba/0x960
[  526.849616][T11392]  ? __asan_memset+0x22/0x40
[  526.854250][T11392]  ? __sys_sendmsg_sock+0x30/0x30
[  526.859312][T11392]  ? __import_iovec+0x5f2/0x850
[  526.864221][T11392]  ? import_iovec+0x73/0xa0
[  526.868781][T11392]  ___sys_sendmsg+0x2a6/0x360
[  526.873544][T11392]  ? get_pid_task+0x20/0x1e0
[  526.878210][T11392]  ? __sys_sendmsg+0x2a0/0x2a0
[  526.883207][T11392]  ? __lock_acquire+0x7d40/0x7d40
[  526.888371][T11392]  __se_sys_sendmsg+0x1c2/0x2b0
[  526.893273][T11392]  ? __x64_sys_sendmsg+0x80/0x80
[  526.898281][T11392]  ? lockdep_hardirqs_on+0x98/0x150
[  526.903530][T11392]  do_syscall_64+0x55/0xb0
[  526.907977][T11392]  ? clear_bhb_loop+0x40/0x90
[  526.912699][T11392]  ? clear_bhb_loop+0x40/0x90
[  526.917422][T11392]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  526.923358][T11392] RIP: 0033:0x7f1490b9ce59
[  526.927803][T11392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  526.947551][T11392] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  526.956007][T11392] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  526.964059][T11392] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  526.972076][T11392] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  526.980387][T11392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.988449][T11392] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  526.996618][T11392]  </TASK>
[  530.302107][T11422] netlink: 'syz.0.1606': attribute type 41 has an invalid length.
[  530.807051][T11431] netlink: 'syz.0.1610': attribute type 10 has an invalid length.
[  530.993801][T11440] netlink: 'syz.1.1614': attribute type 29 has an invalid length.
[  531.010523][T11440] netlink: 'syz.1.1614': attribute type 29 has an invalid length.
[  531.043372][T11440] netlink: 'syz.1.1614': attribute type 29 has an invalid length.
[  531.055202][T11440] netlink: 'syz.1.1614': attribute type 29 has an invalid length.
[  531.365777][T11444] syzkaller0: entered promiscuous mode
[  531.371742][T11444] syzkaller0: entered allmulticast mode
[  533.801998][T11453] netlink: 'syz.2.1619': attribute type 41 has an invalid length.
[  534.782772][T11471] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1623'.
[  534.843675][T11474] netlink: 'syz.3.1624': attribute type 10 has an invalid length.
[  534.888631][T11474] geneve0: entered promiscuous mode
[  535.053503][T11474] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  535.603442][T11483] netlink: 'syz.3.1629': attribute type 41 has an invalid length.
[  536.187049][T11494] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.1633'.
[  537.556638][T11510] netlink: 'syz.2.1638': attribute type 10 has an invalid length.
[  537.619446][T11510] geneve0: entered promiscuous mode
[  537.776687][T11510] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  540.682652][T11576] netlink: 147900 bytes leftover after parsing attributes in process `syz.0.1660'.
[  540.692717][T11576] net_ratelimit: 103 callbacks suppressed
[  540.692732][T11576] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  541.338390][T11587] netlink: 'syz.0.1664': attribute type 9 has an invalid length.
[  541.360053][T11587] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1664'.
[  542.102408][T11605] FAULT_INJECTION: forcing a failure.
[  542.102408][T11605] name failslab, interval 1, probability 0, space 0, times 0
[  542.119030][T11605] CPU: 0 PID: 11605 Comm: syz.1.1670 Not tainted syzkaller #0
[  542.127099][T11605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  542.137485][T11605] Call Trace:
[  542.140815][T11605]  <TASK>
[  542.144612][T11605]  dump_stack_lvl+0x18c/0x250
[  542.149390][T11605]  ? show_regs_print_info+0x20/0x20
[  542.154652][T11605]  ? load_image+0x420/0x420
[  542.159212][T11605]  ? __might_sleep+0xe0/0xe0
[  542.164025][T11605]  ? __lock_acquire+0x7d40/0x7d40
[  542.169110][T11605]  ? trace_contention_end+0x39/0xe0
[  542.174375][T11605]  should_fail_ex+0x39d/0x4d0
[  542.179126][T11605]  should_failslab+0x9/0x20
[  542.183706][T11605]  slab_pre_alloc_hook+0x59/0x310
[  542.188790][T11605]  ? mutex_lock_nested+0x20/0x20
[  542.193852][T11605]  ? devinet_ioctl+0xaa6/0x1c40
[  542.198761][T11605]  __kmem_cache_alloc_node+0x53/0x250
[  542.204547][T11605]  ? devinet_ioctl+0xaa6/0x1c40
[  542.209463][T11605]  kmalloc_trace+0x2a/0xe0
[  542.213939][T11605]  devinet_ioctl+0xaa6/0x1c40
[  542.218713][T11605]  ? inet_ifa_byprefix+0x2a0/0x2a0
[  542.224076][T11605]  ? _copy_from_user+0xa5/0xe0
[  542.228902][T11605]  ? get_user_ifreq+0x12b/0x180
[  542.233819][T11605]  inet_ioctl+0x42b/0x560
[  542.238220][T11605]  ? tomoyo_path_number_perm+0x217/0x620
[  542.243904][T11605]  ? inet_shutdown+0x370/0x370
[  542.248723][T11605]  ? slab_free_freelist_hook+0x130/0x1a0
[  542.254409][T11605]  ? tomoyo_path_number_perm+0x500/0x620
[  542.260100][T11605]  ? __kmem_cache_free+0xba/0x1e0
[  542.265204][T11605]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  542.270734][T11605]  sock_do_ioctl+0xfc/0x310
[  542.275302][T11605]  ? sock_show_fdinfo+0xb0/0xb0
[  542.280340][T11605]  sock_ioctl+0x5ba/0x7e0
[  542.284910][T11605]  ? sock_poll+0x3e0/0x3e0
[  542.289390][T11605]  ? bpf_lsm_file_ioctl+0x9/0x10
[  542.294384][T11605]  ? security_file_ioctl+0x80/0xa0
[  542.299802][T11605]  ? sock_poll+0x3e0/0x3e0
[  542.304277][T11605]  __se_sys_ioctl+0xfd/0x170
[  542.308921][T11605]  do_syscall_64+0x55/0xb0
[  542.313380][T11605]  ? clear_bhb_loop+0x40/0x90
[  542.318372][T11605]  ? clear_bhb_loop+0x40/0x90
[  542.323275][T11605]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  542.329225][T11605] RIP: 0033:0x7f065bb9ce59
[  542.333906][T11605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  542.353575][T11605] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  542.362036][T11605] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  542.370048][T11605] RDX: 0000200000000040 RSI: 0000000000008916 RDI: 000000000000000e
[  542.378377][T11605] RBP: 00007f065c9f5090 R08: 0000000000000000 R09: 0000000000000000
[  542.386405][T11605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.394427][T11605] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  542.402453][T11605]  </TASK>
[  543.545938][T11618] syzkaller0: entered promiscuous mode
[  543.570002][T11618] syzkaller0: entered allmulticast mode
[  543.599162][T11623] netlink: 'syz.0.1676': attribute type 10 has an invalid length.
[  543.613091][T11623] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1676'.
[  549.538632][T11745] netlink: 'syz.0.1692': attribute type 21 has an invalid length.
[  549.589825][T11745] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1692'.
[  549.611192][T11745] netlink: 'syz.0.1692': attribute type 5 has an invalid length.
[  549.619551][T11745] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1692'.
[  551.033203][T11757] syzkaller0: entered promiscuous mode
[  551.039974][T11757] syzkaller0: entered allmulticast mode
[  554.602359][T11798] netlink: 'syz.2.1703': attribute type 10 has an invalid length.
[  555.909437][T11811] syzkaller0: entered promiscuous mode
[  555.915942][T11811] syzkaller0: entered allmulticast mode
[  556.201095][T11830] netlink: 'syz.2.1713': attribute type 10 has an invalid length.
[  556.503737][T11830] team0: Port device wlan1 added
[  556.711703][T11832] netlink: 14568 bytes leftover after parsing attributes in process `syz.2.1713'.
[  559.207673][T11846] netlink: 'syz.3.1714': attribute type 10 has an invalid length.
[  559.223239][T11846] veth0_macvtap: left promiscuous mode
[  559.360316][T11847] netlink: 'syz.3.1714': attribute type 10 has an invalid length.
[  559.371364][T11845] netlink: 'syz.3.1714': attribute type 7 has an invalid length.
[  559.559571][T11844] syzkaller0: entered promiscuous mode
[  559.570021][T11844] syzkaller0: entered allmulticast mode
[  563.173782][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  563.180588][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  563.312277][T11886] netlink: 'syz.3.1724': attribute type 1 has an invalid length.
[  563.328519][T11886] netlink: 'syz.3.1724': attribute type 4 has an invalid length.
[  563.336914][T11886] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1724'.
[  564.033442][T11889] syzkaller0: entered promiscuous mode
[  564.041385][T11889] syzkaller0: entered allmulticast mode
[  564.238774][T11908] vcan0: entered allmulticast mode
[  566.499621][T11911] netlink: 'syz.3.1732': attribute type 10 has an invalid length.
[  566.685913][T11919] syzkaller0: entered promiscuous mode
[  566.702911][T11919] syzkaller0: entered allmulticast mode
[  566.989013][T11940] FAULT_INJECTION: forcing a failure.
[  566.989013][T11940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.002976][T11940] CPU: 1 PID: 11940 Comm: syz.2.1740 Not tainted syzkaller #0
[  567.010496][T11940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  567.020693][T11940] Call Trace:
[  567.024123][T11940]  <TASK>
[  567.027113][T11940]  dump_stack_lvl+0x18c/0x250
[  567.031954][T11940]  ? show_regs_print_info+0x20/0x20
[  567.037234][T11940]  ? load_image+0x420/0x420
[  567.041824][T11940]  ? __might_fault+0xaa/0x120
[  567.046569][T11940]  should_fail_ex+0x39d/0x4d0
[  567.051325][T11940]  copyin+0x1a/0x90
[  567.055189][T11940]  _copy_from_iter+0x54f/0x12e0
[  567.060104][T11940]  ? __virt_addr_valid+0x18c/0x540
[  567.065277][T11940]  ? copyout_mc+0x70/0x70
[  567.069664][T11940]  ? __virt_addr_valid+0x18c/0x540
[  567.074825][T11940]  ? __virt_addr_valid+0x18c/0x540
[  567.080001][T11940]  ? __virt_addr_valid+0x469/0x540
[  567.085168][T11940]  ? __check_object_size+0x506/0xa20
[  567.090491][T11940]  netlink_sendmsg+0x76b/0xbf0
[  567.095313][T11940]  ? netlink_getsockopt+0x590/0x590
[  567.100542][T11940]  ? aa_sock_msg_perm+0x94/0x150
[  567.105546][T11940]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  567.110954][T11940]  ? security_socket_sendmsg+0x80/0xa0
[  567.116442][T11940]  ? netlink_getsockopt+0x590/0x590
[  567.121695][T11940]  ____sys_sendmsg+0x5ba/0x960
[  567.126517][T11940]  ? __asan_memset+0x22/0x40
[  567.131145][T11940]  ? __sys_sendmsg_sock+0x30/0x30
[  567.136214][T11940]  ? __import_iovec+0x3fa/0x850
[  567.141098][T11940]  ? import_iovec+0x73/0xa0
[  567.145629][T11940]  ___sys_sendmsg+0x2a6/0x360
[  567.150331][T11940]  ? get_pid_task+0x20/0x1e0
[  567.154954][T11940]  ? __sys_sendmsg+0x2a0/0x2a0
[  567.159769][T11940]  ? __lock_acquire+0x7d40/0x7d40
[  567.164852][T11940]  __se_sys_sendmsg+0x1c2/0x2b0
[  567.169735][T11940]  ? __x64_sys_sendmsg+0x80/0x80
[  567.174716][T11940]  ? lockdep_hardirqs_on+0x98/0x150
[  567.179952][T11940]  do_syscall_64+0x55/0xb0
[  567.184397][T11940]  ? clear_bhb_loop+0x40/0x90
[  567.189144][T11940]  ? clear_bhb_loop+0x40/0x90
[  567.193936][T11940]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  567.199866][T11940] RIP: 0033:0x7f1490b9ce59
[  567.204399][T11940] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  567.224041][T11940] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.232485][T11940] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  567.240493][T11940] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[  567.248494][T11940] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  567.256509][T11940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.264516][T11940] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  567.272533][T11940]  </TASK>
[  569.631381][T11930] netlink: 'syz.1.1736': attribute type 1 has an invalid length.
[  569.639934][T11930] netlink: 'syz.1.1736': attribute type 4 has an invalid length.
[  569.647734][T11930] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1736'.
[  569.658549][T11950] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.1744'.
[  570.550286][T11979] FAULT_INJECTION: forcing a failure.
[  570.550286][T11979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.598453][T11979] CPU: 1 PID: 11979 Comm: syz.2.1752 Not tainted syzkaller #0
[  570.606013][T11979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  570.616121][T11979] Call Trace:
[  570.619438][T11979]  <TASK>
[  570.622404][T11979]  dump_stack_lvl+0x18c/0x250
[  570.627152][T11979]  ? show_regs_print_info+0x20/0x20
[  570.632597][T11979]  ? load_image+0x420/0x420
[  570.637426][T11979]  ? __might_fault+0xaa/0x120
[  570.642157][T11979]  ? __lock_acquire+0x7d40/0x7d40
[  570.647289][T11979]  should_fail_ex+0x39d/0x4d0
[  570.652032][T11979]  _copy_from_iter+0x1d9/0x12e0
[  570.656957][T11979]  ? slab_post_alloc_hook+0x8a/0x4b0
[  570.662293][T11979]  ? __virt_addr_valid+0x18c/0x540
[  570.667463][T11979]  ? __lock_acquire+0x7d40/0x7d40
[  570.672543][T11979]  ? rcu_is_watching+0x15/0xb0
[  570.677382][T11979]  ? copyout_mc+0x70/0x70
[  570.681856][T11979]  ? __virt_addr_valid+0x18c/0x540
[  570.687385][T11979]  ? __virt_addr_valid+0x18c/0x540
[  570.692561][T11979]  ? __virt_addr_valid+0x469/0x540
[  570.697739][T11979]  ? __check_object_size+0x506/0xa20
[  570.703098][T11979]  netlink_sendmsg+0x76b/0xbf0
[  570.707924][T11979]  ? netlink_getsockopt+0x590/0x590
[  570.713189][T11979]  ? aa_sock_msg_perm+0x94/0x150
[  570.718177][T11979]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  570.723796][T11979]  ? security_socket_sendmsg+0x80/0xa0
[  570.729313][T11979]  ? netlink_getsockopt+0x590/0x590
[  570.734576][T11979]  ____sys_sendmsg+0x5ba/0x960
[  570.739548][T11979]  ? __asan_memset+0x22/0x40
[  570.744200][T11979]  ? __sys_sendmsg_sock+0x30/0x30
[  570.749277][T11979]  ? __import_iovec+0x5f2/0x850
[  570.754180][T11979]  ? import_iovec+0x73/0xa0
[  570.758729][T11964] syzkaller0: entered promiscuous mode
[  570.758739][T11979]  ___sys_sendmsg+0x2a6/0x360
[  570.764229][T11979]  ? get_pid_task+0x20/0x1e0
[  570.764264][T11979]  ? __sys_sendmsg+0x2a0/0x2a0
[  570.764311][T11979]  ? __lock_acquire+0x7d40/0x7d40
[  570.764361][T11979]  __se_sys_sendmsg+0x1c2/0x2b0
[  570.764390][T11979]  ? __x64_sys_sendmsg+0x80/0x80
[  570.764433][T11979]  ? lockdep_hardirqs_on+0x98/0x150
[  570.764470][T11979]  do_syscall_64+0x55/0xb0
[  570.786997][T11964] syzkaller0: entered allmulticast mode
[  570.788505][T11979]  ? clear_bhb_loop+0x40/0x90
[  570.788532][T11979]  ? clear_bhb_loop+0x40/0x90
[  570.788556][T11979]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  570.824139][T11979] RIP: 0033:0x7f1490b9ce59
[  570.828621][T11979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  570.848457][T11979] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  570.856939][T11979] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  570.865487][T11979] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000003
[  570.873529][T11979] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  570.881567][T11979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.889743][T11979] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  570.899857][T11979]  </TASK>
[  571.224242][T11988] FAULT_INJECTION: forcing a failure.
[  571.224242][T11988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  571.237754][T11988] CPU: 1 PID: 11988 Comm: syz.2.1754 Not tainted syzkaller #0
[  571.245288][T11988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  571.255386][T11988] Call Trace:
[  571.258709][T11988]  <TASK>
[  571.261679][T11988]  dump_stack_lvl+0x18c/0x250
[  571.266423][T11988]  ? show_regs_print_info+0x20/0x20
[  571.271682][T11988]  ? load_image+0x420/0x420
[  571.276331][T11988]  ? __might_fault+0xaa/0x120
[  571.281051][T11988]  ? __lock_acquire+0x7d40/0x7d40
[  571.286134][T11988]  should_fail_ex+0x39d/0x4d0
[  571.290990][T11988]  _copy_from_user+0x2f/0xe0
[  571.295634][T11988]  get_user_ifreq+0x6b/0x180
[  571.300285][T11988]  sock_ioctl+0x6f1/0x7e0
[  571.304678][T11988]  ? sock_poll+0x3e0/0x3e0
[  571.309166][T11988]  ? bpf_lsm_file_ioctl+0x9/0x10
[  571.314148][T11988]  ? security_file_ioctl+0x80/0xa0
[  571.319309][T11988]  ? sock_poll+0x3e0/0x3e0
[  571.323783][T11988]  __se_sys_ioctl+0xfd/0x170
[  571.328434][T11988]  do_syscall_64+0x55/0xb0
[  571.332904][T11988]  ? clear_bhb_loop+0x40/0x90
[  571.337648][T11988]  ? clear_bhb_loop+0x40/0x90
[  571.342378][T11988]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  571.348342][T11988] RIP: 0033:0x7f1490b9ce59
[  571.353013][T11988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  571.372672][T11988] RSP: 002b:00007f14919d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  571.381138][T11988] RAX: ffffffffffffffda RBX: 00007f1490e16090 RCX: 00007f1490b9ce59
[  571.389158][T11988] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000009
[  571.397185][T11988] RBP: 00007f14919d3090 R08: 0000000000000000 R09: 0000000000000000
[  571.405301][T11988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.413498][T11988] R13: 00007f1490e16128 R14: 00007f1490e16090 R15: 00007fffaba92848
[  571.421546][T11988]  </TASK>
[  573.404479][T11991] netlink: 'syz.0.1756': attribute type 1 has an invalid length.
[  573.412663][T11991] netlink: 'syz.0.1756': attribute type 4 has an invalid length.
[  573.423398][T11991] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1756'.
[  573.622055][T12002] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1759'.
[  574.925744][T12022] syzkaller0: entered promiscuous mode
[  574.932952][T12022] syzkaller0: entered allmulticast mode
[  575.500313][T12024] syzkaller0: entered promiscuous mode
[  575.509654][T12024] syzkaller0: entered allmulticast mode
[  577.746152][T12051] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1774'.
[  577.756855][T12051] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  579.802938][T12045] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.1772'.
[  581.007594][T12087] syzkaller0: entered promiscuous mode
[  581.014210][T12087] syzkaller0: entered allmulticast mode
[  583.352219][T12098] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.1785'.
[  583.427956][T12100] syzkaller0: entered promiscuous mode
[  583.440387][T12100] syzkaller0: entered allmulticast mode
[  586.128445][T12143] tap0: tun_chr_ioctl cmd 1074025675
[  586.150061][T12143] tap0: persist enabled
[  586.158583][T12143] tap0: tun_chr_ioctl cmd 21731
[  586.178883][T12143] tap0: tun_chr_ioctl cmd 1074025675
[  586.201739][T12143] tap0: persist enabled
[  586.251576][T12143] tap0: tun_chr_ioctl cmd 1074025680
[  587.006337][T12155] syzkaller0: entered promiscuous mode
[  587.021778][T12155] syzkaller0: entered allmulticast mode
[  587.072748][T12165] FAULT_INJECTION: forcing a failure.
[  587.072748][T12165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  587.100121][T12165] CPU: 0 PID: 12165 Comm: syz.2.1802 Not tainted syzkaller #0
[  587.107674][T12165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  587.117791][T12165] Call Trace:
[  587.121124][T12165]  <TASK>
[  587.124111][T12165]  dump_stack_lvl+0x18c/0x250
[  587.128861][T12165]  ? show_regs_print_info+0x20/0x20
[  587.134135][T12165]  ? load_image+0x420/0x420
[  587.138706][T12165]  ? __lock_acquire+0x7d40/0x7d40
[  587.143805][T12165]  ? lockdep_hardirqs_on+0x98/0x150
[  587.149084][T12165]  should_fail_ex+0x39d/0x4d0
[  587.153836][T12165]  _copy_to_user+0x2f/0xa0
[  587.158315][T12165]  simple_read_from_buffer+0xe7/0x150
[  587.163773][T12165]  proc_fail_nth_read+0x1e8/0x260
[  587.169086][T12165]  ? proc_fault_inject_write+0x360/0x360
[  587.174804][T12165]  ? fsnotify_perm+0x271/0x5e0
[  587.179979][T12165]  ? proc_fault_inject_write+0x360/0x360
[  587.186215][T12165]  vfs_read+0x28b/0x970
[  587.190631][T12165]  ? kernel_read+0x1e0/0x1e0
[  587.195293][T12165]  ? __fget_files+0x28/0x4b0
[  587.200127][T12165]  ? __fget_files+0x28/0x4b0
[  587.204774][T12165]  ? __fget_files+0x43d/0x4b0
[  587.209538][T12165]  ? __fdget_pos+0x2a3/0x330
[  587.214201][T12165]  ? ksys_read+0x75/0x260
[  587.218572][T12165]  ksys_read+0x150/0x260
[  587.223129][T12165]  ? vfs_write+0x990/0x990
[  587.227582][T12165]  ? syscall_enter_from_user_mode+0x2e/0x80
[  587.233520][T12165]  do_syscall_64+0x55/0xb0
[  587.238068][T12165]  ? clear_bhb_loop+0x40/0x90
[  587.243087][T12165]  ? clear_bhb_loop+0x40/0x90
[  587.247808][T12165]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  587.253765][T12165] RIP: 0033:0x7f1490b5d68e
[  587.258209][T12165] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  587.278312][T12165] RSP: 002b:00007f14919f3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  587.286794][T12165] RAX: ffffffffffffffda RBX: 00007f14919f46c0 RCX: 00007f1490b5d68e
[  587.294801][T12165] RDX: 000000000000000f RSI: 00007f14919f40a0 RDI: 0000000000000008
[  587.302806][T12165] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  587.310826][T12165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.319023][T12165] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  587.327154][T12165]  </TASK>
[  590.351772][T12196] netlink: 'syz.0.1810': attribute type 22 has an invalid length.
[  590.371259][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1810'.
[  590.413163][T12191] tap0: tun_chr_ioctl cmd 21731
[  590.447148][T12191] tap0: tun_chr_ioctl cmd 1074025675
[  590.457768][T12191] tap0: persist enabled
[  590.500461][T12191] tap0: tun_chr_ioctl cmd 1074025680
[  590.650588][T12206] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1813'.
[  590.660817][T12206] netlink: 3064 bytes leftover after parsing attributes in process `syz.3.1813'.
[  590.687791][T12206] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.1813'.
[  590.722848][T12206] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.1813'.
[  592.445541][T12226] syzkaller0: entered promiscuous mode
[  592.486558][T12226] syzkaller0: entered allmulticast mode
[  594.989938][T12246] tap0: tun_chr_ioctl cmd 1074025675
[  594.996494][T12246] tap0: persist enabled
[  595.028600][T12248] tap0: tun_chr_ioctl cmd 21731
[  595.034968][T12251] tap0: tun_chr_ioctl cmd 1074025675
[  595.042945][T12251] tap0: persist enabled
[  595.048351][T12254] tap0: tun_chr_ioctl cmd 1074025680
[  595.191946][T12259] FAULT_INJECTION: forcing a failure.
[  595.191946][T12259] name failslab, interval 1, probability 0, space 0, times 0
[  595.240123][T12259] CPU: 0 PID: 12259 Comm: syz.1.1826 Not tainted syzkaller #0
[  595.248229][T12259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  595.258616][T12259] Call Trace:
[  595.261945][T12259]  <TASK>
[  595.264934][T12259]  dump_stack_lvl+0x18c/0x250
[  595.269710][T12259]  ? show_regs_print_info+0x20/0x20
[  595.274991][T12259]  ? load_image+0x420/0x420
[  595.279649][T12259]  ? __might_sleep+0xe0/0xe0
[  595.284315][T12259]  ? __lock_acquire+0x7d40/0x7d40
[  595.289413][T12259]  should_fail_ex+0x39d/0x4d0
[  595.294965][T12259]  should_failslab+0x9/0x20
[  595.299551][T12259]  slab_pre_alloc_hook+0x59/0x310
[  595.305158][T12259]  ? tomoyo_encode+0x28b/0x540
[  595.310468][T12259]  ? tomoyo_encode+0x28b/0x540
[  595.315278][T12259]  __kmem_cache_alloc_node+0x53/0x250
[  595.320714][T12259]  ? tomoyo_encode+0x28b/0x540
[  595.325521][T12259]  __kmalloc+0xa4/0x230
[  595.330048][T12259]  tomoyo_encode+0x28b/0x540
[  595.335522][T12259]  tomoyo_realpath_from_path+0x592/0x5d0
[  595.341332][T12259]  tomoyo_path_number_perm+0x248/0x620
[  595.346840][T12259]  ? tomoyo_path_number_perm+0x217/0x620
[  595.352612][T12259]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  595.358121][T12259]  ? ksys_write+0x1c4/0x260
[  595.362723][T12259]  ? __fget_files+0x28/0x4b0
[  595.367452][T12259]  ? __fget_files+0x28/0x4b0
[  595.372105][T12259]  security_file_ioctl+0x70/0xa0
[  595.377094][T12259]  __se_sys_ioctl+0x48/0x170
[  595.381763][T12259]  do_syscall_64+0x55/0xb0
[  595.386258][T12259]  ? clear_bhb_loop+0x40/0x90
[  595.390991][T12259]  ? clear_bhb_loop+0x40/0x90
[  595.395706][T12259]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  595.401657][T12259] RIP: 0033:0x7f065bb9ce59
[  595.406201][T12259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  595.426059][T12259] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  595.434523][T12259] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  595.442689][T12259] RDX: 0000200000000000 RSI: 000000000000890b RDI: 0000000000000003
[  595.450792][T12259] RBP: 00007f065c9f5090 R08: 0000000000000000 R09: 0000000000000000
[  595.460091][T12259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  595.469369][T12259] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  595.477440][T12259]  </TASK>
[  595.488003][T12259] ERROR: Out of memory at tomoyo_realpath_from_path.
[  597.723296][T12287] syzkaller0: entered promiscuous mode
[  597.729429][T12287] syzkaller0: entered allmulticast mode
[  600.725622][T12343] netlink: 212912 bytes leftover after parsing attributes in process `syz.1.1853'.
[  600.752756][T12343] openvswitch: netlink: IP tunnel dst address not specified
[  601.166540][T12343] netlink: 'syz.1.1853': attribute type 23 has an invalid length.
[  601.185472][T12343] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1853'.
[  602.637092][T12365] syzkaller0: entered promiscuous mode
[  602.649921][T12365] syzkaller0: entered allmulticast mode
[  602.804750][T12381] FAULT_INJECTION: forcing a failure.
[  602.804750][T12381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  602.821574][T12381] CPU: 0 PID: 12381 Comm: syz.0.1862 Not tainted syzkaller #0
[  602.829151][T12381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  602.839873][T12381] Call Trace:
[  602.843194][T12381]  <TASK>
[  602.846176][T12381]  dump_stack_lvl+0x18c/0x250
[  602.850893][T12381]  ? show_regs_print_info+0x20/0x20
[  602.856123][T12381]  ? load_image+0x420/0x420
[  602.860686][T12381]  ? __lock_acquire+0x7d40/0x7d40
[  602.865746][T12381]  ? snprintf+0xe9/0x140
[  602.870073][T12381]  should_fail_ex+0x39d/0x4d0
[  602.874817][T12381]  _copy_to_user+0x2f/0xa0
[  602.879356][T12381]  simple_read_from_buffer+0xe7/0x150
[  602.884769][T12381]  proc_fail_nth_read+0x1e8/0x260
[  602.889830][T12381]  ? proc_fault_inject_write+0x360/0x360
[  602.895765][T12381]  ? fsnotify_perm+0x271/0x5e0
[  602.900559][T12381]  ? proc_fault_inject_write+0x360/0x360
[  602.906223][T12381]  vfs_read+0x28b/0x970
[  602.910430][T12381]  ? kernel_read+0x1e0/0x1e0
[  602.915054][T12381]  ? __fget_files+0x28/0x4b0
[  602.919677][T12381]  ? __fget_files+0x28/0x4b0
[  602.924307][T12381]  ? __fget_files+0x43d/0x4b0
[  602.929114][T12381]  ? __fdget_pos+0x2a3/0x330
[  602.933784][T12381]  ? ksys_read+0x75/0x260
[  602.938617][T12381]  ksys_read+0x150/0x260
[  602.943305][T12381]  ? vfs_write+0x990/0x990
[  602.947819][T12381]  ? lockdep_hardirqs_on+0x98/0x150
[  602.953073][T12381]  do_syscall_64+0x55/0xb0
[  602.957540][T12381]  ? clear_bhb_loop+0x40/0x90
[  602.962897][T12381]  ? clear_bhb_loop+0x40/0x90
[  602.967649][T12381]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  602.973677][T12381] RIP: 0033:0x7fa6c215d68e
[  602.978297][T12381] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  602.998282][T12381] RSP: 002b:00007fa6c30c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  603.006747][T12381] RAX: ffffffffffffffda RBX: 00007fa6c30c46c0 RCX: 00007fa6c215d68e
[  603.014936][T12381] RDX: 000000000000000f RSI: 00007fa6c30c40a0 RDI: 0000000000000006
[  603.024417][T12381] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  603.032688][T12381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.040863][T12381] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  603.049493][T12381]  </TASK>
[  603.119582][T12378] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1861'.
[  603.203988][T12378] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  603.226299][T12378] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  603.258247][T12378] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  603.298673][T12378] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  603.328895][T12378] bond0 (unregistering): Released all slaves
[  603.357098][T12379] netlink: 'syz.3.1861': attribute type 6 has an invalid length.
[  603.365758][T12379] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1861'.
[  606.912173][T12390] netlink: 'syz.2.1864': attribute type 1 has an invalid length.
[  606.920412][T12390] netlink: 'syz.2.1864': attribute type 4 has an invalid length.
[  606.928194][T12390] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.1864'.
[  607.194804][T12403] bridge0: port 4(syz_tun) entered blocking state
[  607.202217][T12403] bridge0: port 4(syz_tun) entered disabled state
[  607.209609][T12403] syz_tun: entered allmulticast mode
[  607.221410][T12403] syz_tun: entered promiscuous mode
[  607.233455][T12403] bridge0: port 4(syz_tun) entered blocking state
[  607.240753][T12403] bridge0: port 4(syz_tun) entered forwarding state
[  608.309063][T12431] syzkaller0: entered promiscuous mode
[  608.316855][T12431] syzkaller0: entered allmulticast mode
[  608.505790][T12434] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.1877'.
[  608.518311][T12442] netlink: 'syz.1.1879': attribute type 10 has an invalid length.
[  608.752362][T12436] syzkaller0: entered promiscuous mode
[  608.758138][T12436] syzkaller0: entered allmulticast mode
[  614.871220][T12496] netlink: 212912 bytes leftover after parsing attributes in process `syz.2.1892'.
[  614.881389][T12496] openvswitch: netlink: IP tunnel dst address not specified
[  615.008409][T12499] netlink: 212912 bytes leftover after parsing attributes in process `syz.0.1893'.
[  615.024310][T12499] openvswitch: netlink: IP tunnel dst address not specified
[  615.141490][T12502] netlink: 'syz.0.1893': attribute type 23 has an invalid length.
[  615.149700][T12502] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1893'.
[  618.714620][T12535] sit0: left promiscuous mode
[  619.543742][T12556] netlink: 212912 bytes leftover after parsing attributes in process `syz.3.1906'.
[  619.553857][T12541] syzkaller0: entered promiscuous mode
[  619.553973][T12541] syzkaller0: entered allmulticast mode
[  619.600965][T12556] openvswitch: netlink: IP tunnel dst address not specified
[  619.841700][T12543] syzkaller0: entered promiscuous mode
[  619.847664][T12543] syzkaller0: entered allmulticast mode
[  619.879713][T12559] netlink: 'syz.3.1906': attribute type 23 has an invalid length.
[  619.888070][T12559] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1906'.
[  622.851191][T12596] FAULT_INJECTION: forcing a failure.
[  622.851191][T12596] name failslab, interval 1, probability 0, space 0, times 0
[  622.895235][T12596] CPU: 1 PID: 12596 Comm: syz.2.1912 Not tainted syzkaller #0
[  622.902803][T12596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  622.912940][T12596] Call Trace:
[  622.916268][T12596]  <TASK>
[  622.919250][T12596]  dump_stack_lvl+0x18c/0x250
[  622.924028][T12596]  ? show_regs_print_info+0x20/0x20
[  622.929303][T12596]  ? load_image+0x420/0x420
[  622.933881][T12596]  ? __might_sleep+0xe0/0xe0
[  622.938604][T12596]  ? __lock_acquire+0x7d40/0x7d40
[  622.943798][T12596]  ? __asan_memset+0x22/0x40
[  622.948631][T12596]  should_fail_ex+0x39d/0x4d0
[  622.953401][T12596]  should_failslab+0x9/0x20
[  622.958157][T12596]  slab_pre_alloc_hook+0x59/0x310
[  622.963497][T12596]  ? sctp_add_bind_addr+0x8c/0x360
[  622.968859][T12596]  __kmem_cache_alloc_node+0x53/0x250
[  622.974657][T12596]  ? sctp_add_bind_addr+0x8c/0x360
[  622.979861][T12596]  kmalloc_trace+0x2a/0xe0
[  622.984335][T12596]  sctp_add_bind_addr+0x8c/0x360
[  622.989319][T12596]  sctp_bind_addr_copy+0xb3/0x3c0
[  622.994393][T12596]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  623.000789][T12596]  sctp_connect_new_asoc+0x2f9/0x6a0
[  623.006117][T12596]  ? __sctp_connect+0xd80/0xd80
[  623.011005][T12596]  ? __local_bh_enable_ip+0x13a/0x1c0
[  623.016408][T12596]  ? _local_bh_enable+0xa0/0xa0
[  623.021290][T12596]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  623.027231][T12596]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  623.033090][T12596]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  623.038797][T12596]  ? security_sctp_bind_connect+0x89/0xb0
[  623.044563][T12596]  sctp_sendmsg+0x15d2/0x2910
[  623.049286][T12596]  ? sctp_getsockopt+0xb60/0xb60
[  623.054261][T12596]  ? aa_sk_perm+0x83c/0x970
[  623.058805][T12596]  ? aa_af_perm+0x330/0x330
[  623.063342][T12596]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  623.069802][T12596]  ? sock_rps_record_flow+0x19/0x3f0
[  623.075136][T12596]  ? inet_sendmsg+0x7c/0x2f0
[  623.079766][T12596]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  623.085128][T12596]  ? security_socket_sendmsg+0x80/0xa0
[  623.090615][T12596]  ? inet_send_prepare+0x260/0x260
[  623.095864][T12596]  ____sys_sendmsg+0x5ba/0x960
[  623.100749][T12596]  ? __lock_acquire+0x7d40/0x7d40
[  623.105806][T12596]  ? __asan_memset+0x22/0x40
[  623.110433][T12596]  ? __sys_sendmsg_sock+0x30/0x30
[  623.115493][T12596]  ? __import_iovec+0x5f2/0x850
[  623.120467][T12596]  ? import_iovec+0x73/0xa0
[  623.125000][T12596]  ___sys_sendmsg+0x2a6/0x360
[  623.129714][T12596]  ? get_pid_task+0x20/0x1e0
[  623.134359][T12596]  ? __sys_sendmsg+0x2a0/0x2a0
[  623.139179][T12596]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  623.145208][T12596]  __se_sys_sendmsg+0x1c2/0x2b0
[  623.150093][T12596]  ? fput+0x22/0x1a0
[  623.154135][T12596]  ? __x64_sys_sendmsg+0x80/0x80
[  623.159136][T12596]  ? lockdep_hardirqs_on+0x98/0x150
[  623.164374][T12596]  do_syscall_64+0x55/0xb0
[  623.168823][T12596]  ? clear_bhb_loop+0x40/0x90
[  623.173645][T12596]  ? clear_bhb_loop+0x40/0x90
[  623.178443][T12596]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  623.184381][T12596] RIP: 0033:0x7f1490b9ce59
[  623.188818][T12596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  623.208623][T12596] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  623.217070][T12596] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  623.225067][T12596] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[  623.233063][T12596] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  623.241065][T12596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.249066][T12596] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  623.257080][T12596]  </TASK>
[  624.619495][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  624.625939][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  625.190596][T12602] bridge0: port 4(syz_tun) entered disabled state
[  625.197465][T12602] bridge0: port 3(dummy0) entered disabled state
[  625.204122][T12602] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.211636][T12602] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.220624][T12602] bridge0: left promiscuous mode
[  625.388288][T12607] syzkaller0: entered promiscuous mode
[  625.413995][T12607] syzkaller0: entered allmulticast mode
[  626.178809][T12619] bridge0: port 4(syz_tun) entered blocking state
[  626.186039][T12619] bridge0: port 4(syz_tun) entered disabled state
[  626.195169][T12619] syz_tun: entered allmulticast mode
[  626.202915][T12619] syz_tun: entered promiscuous mode
[  626.208786][T12619] bridge0: port 4(syz_tun) entered blocking state
[  626.216400][T12619] bridge0: port 4(syz_tun) entered forwarding state
[  626.773331][T12649] FAULT_INJECTION: forcing a failure.
[  626.773331][T12649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.809854][T12649] CPU: 0 PID: 12649 Comm: syz.3.1925 Not tainted syzkaller #0
[  626.817418][T12649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  626.827509][T12649] Call Trace:
[  626.830805][T12649]  <TASK>
[  626.833749][T12649]  dump_stack_lvl+0x18c/0x250
[  626.838456][T12649]  ? show_regs_print_info+0x20/0x20
[  626.843669][T12649]  ? load_image+0x420/0x420
[  626.848183][T12649]  ? __might_fault+0xaa/0x120
[  626.852872][T12649]  ? __lock_acquire+0x7d40/0x7d40
[  626.857913][T12649]  should_fail_ex+0x39d/0x4d0
[  626.862611][T12649]  _copy_from_user+0x2f/0xe0
[  626.867219][T12649]  generic_map_update_batch+0x59a/0x810
[  626.872808][T12649]  ? rcu_read_unlock+0xa0/0xa0
[  626.877589][T12649]  ? __fdget+0x180/0x210
[  626.881904][T12649]  ? rcu_read_unlock+0xa0/0xa0
[  626.886674][T12649]  bpf_map_do_batch+0x3d7/0x610
[  626.891561][T12649]  __sys_bpf+0x381/0x890
[  626.895834][T12649]  ? bpf_link_show_fdinfo+0x390/0x390
[  626.901296][T12649]  ? lock_chain_count+0x20/0x20
[  626.906177][T12649]  __x64_sys_bpf+0x7c/0x90
[  626.910632][T12649]  do_syscall_64+0x55/0xb0
[  626.915068][T12649]  ? clear_bhb_loop+0x40/0x90
[  626.919765][T12649]  ? clear_bhb_loop+0x40/0x90
[  626.924479][T12649]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  626.930501][T12649] RIP: 0033:0x7fa475d9ce59
[  626.934929][T12649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  626.954546][T12649] RSP: 002b:00007fa476ba6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  626.962974][T12649] RAX: ffffffffffffffda RBX: 00007fa476016090 RCX: 00007fa475d9ce59
[  626.970957][T12649] RDX: 0000000000000038 RSI: 0000200000000500 RDI: 000000000000001a
[  626.978940][T12649] RBP: 00007fa476ba6090 R08: 0000000000000000 R09: 0000000000000000
[  626.986925][T12649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  626.994912][T12649] R13: 00007fa476016128 R14: 00007fa476016090 R15: 00007fffd7a4fc08
[  627.003008][T12649]  </TASK>
[  628.606838][T12648] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1926'.
[  628.955316][T12653] syzkaller0: entered promiscuous mode
[  628.962048][T12653] syzkaller0: entered allmulticast mode
[  632.238995][T12699] netlink: 'syz.0.1938': attribute type 10 has an invalid length.
[  632.247628][T12699] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1938'.
[  632.485334][T12706] netlink: 'syz.0.1941': attribute type 29 has an invalid length.
[  632.498116][T12706] netlink: 'syz.0.1941': attribute type 29 has an invalid length.
[  632.508216][T12706] netlink: 'syz.0.1941': attribute type 29 has an invalid length.
[  632.531151][T12706] netlink: 'syz.0.1941': attribute type 29 has an invalid length.
[  632.550640][T12706] netlink: 'syz.0.1941': attribute type 29 has an invalid length.
[  633.226236][T12718] syzkaller0: entered promiscuous mode
[  633.240143][T12718] syzkaller0: entered allmulticast mode
[  633.611406][T12740] syzkaller0: entered promiscuous mode
[  633.617360][T12740] syzkaller0: entered allmulticast mode
[  634.648485][T12759] FAULT_INJECTION: forcing a failure.
[  634.648485][T12759] name failslab, interval 1, probability 0, space 0, times 0
[  634.670164][T12759] CPU: 0 PID: 12759 Comm: syz.2.1955 Not tainted syzkaller #0
[  634.677797][T12759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  634.688498][T12759] Call Trace:
[  634.692022][T12759]  <TASK>
[  634.695152][T12759]  dump_stack_lvl+0x18c/0x250
[  634.700085][T12759]  ? show_regs_print_info+0x20/0x20
[  634.705411][T12759]  ? load_image+0x420/0x420
[  634.710154][T12759]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  634.715973][T12759]  should_fail_ex+0x39d/0x4d0
[  634.720805][T12759]  should_failslab+0x9/0x20
[  634.725386][T12759]  slab_pre_alloc_hook+0x59/0x310
[  634.730498][T12759]  ? tipc_group_create+0xa1/0x500
[  634.735698][T12759]  __kmem_cache_alloc_node+0x53/0x250
[  634.741203][T12759]  ? tipc_group_create+0xa1/0x500
[  634.746501][T12759]  kmalloc_trace+0x2a/0xe0
[  634.751125][T12759]  tipc_group_create+0xa1/0x500
[  634.756127][T12759]  tipc_sk_join+0x253/0x6a0
[  634.760749][T12759]  ? lockdep_hardirqs_on+0x98/0x150
[  634.766051][T12759]  ? __local_bh_enable_ip+0x13a/0x1c0
[  634.771531][T12759]  ? __tipc_sendstream+0x1270/0x1270
[  634.776960][T12759]  tipc_setsockopt+0x73f/0x990
[  634.781852][T12759]  ? tipc_shutdown+0x4d0/0x4d0
[  634.786713][T12759]  ? __fget_files+0x28/0x4b0
[  634.791383][T12759]  ? __fget_files+0x28/0x4b0
[  634.796058][T12759]  ? aa_sock_opt_perm+0x74/0x100
[  634.801091][T12759]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  634.806721][T12759]  ? security_socket_setsockopt+0x7e/0xa0
[  634.812842][T12759]  ? tipc_shutdown+0x4d0/0x4d0
[  634.817715][T12759]  do_sock_setsockopt+0x175/0x1a0
[  634.822824][T12759]  ? __fdget+0x180/0x210
[  634.827217][T12759]  __x64_sys_setsockopt+0x182/0x200
[  634.832618][T12759]  do_syscall_64+0x55/0xb0
[  634.837118][T12759]  ? clear_bhb_loop+0x40/0x90
[  634.841903][T12759]  ? clear_bhb_loop+0x40/0x90
[  634.847014][T12759]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  634.853077][T12759] RIP: 0033:0x7f1490b9ce59
[  634.857569][T12759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  634.877270][T12759] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  634.886078][T12759] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  634.894186][T12759] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000005
[  634.902263][T12759] RBP: 00007f14919f4090 R08: 0000000000000043 R09: 0000000000000000
[  634.910499][T12759] R10: 00002000000008c0 R11: 0000000000000246 R12: 0000000000000001
[  634.918571][T12759] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  634.926745][T12759]  </TASK>
[  637.138035][T12776] FAULT_INJECTION: forcing a failure.
[  637.138035][T12776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  637.151885][T12776] CPU: 1 PID: 12776 Comm: syz.0.1959 Not tainted syzkaller #0
[  637.159411][T12776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  637.169513][T12776] Call Trace:
[  637.172839][T12776]  <TASK>
[  637.175894][T12776]  dump_stack_lvl+0x18c/0x250
[  637.180617][T12776]  ? show_regs_print_info+0x20/0x20
[  637.185851][T12776]  ? load_image+0x420/0x420
[  637.190390][T12776]  ? __lock_acquire+0x7d40/0x7d40
[  637.195487][T12776]  should_fail_ex+0x39d/0x4d0
[  637.200380][T12776]  _copy_from_user+0x2f/0xe0
[  637.205011][T12776]  __copy_msghdr+0x3bb/0x580
[  637.209659][T12776]  ___sys_sendmsg+0x214/0x360
[  637.214375][T12776]  ? __sys_sendmsg+0x2a0/0x2a0
[  637.219183][T12776]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  637.225050][T12776]  __se_sys_sendmsg+0x1c2/0x2b0
[  637.229939][T12776]  ? __x64_sys_sendmsg+0x80/0x80
[  637.235165][T12776]  ? lockdep_hardirqs_on+0x98/0x150
[  637.240610][T12776]  ? __x64_sys_sendmsg+0x4f/0x80
[  637.245600][T12776]  do_syscall_64+0x55/0xb0
[  637.250338][T12776]  ? clear_bhb_loop+0x40/0x90
[  637.255106][T12776]  ? clear_bhb_loop+0x40/0x90
[  637.259876][T12776]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  637.265864][T12776] RIP: 0033:0x7fa6c219ce59
[  637.270340][T12776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  637.290168][T12776] RSP: 002b:00007fa6c30c4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  637.298625][T12776] RAX: ffffffffffffffda RBX: 00007fa6c2415fa0 RCX: 00007fa6c219ce59
[  637.306630][T12776] RDX: 000000002400800c RSI: 00002000000000c0 RDI: 0000000000000005
[  637.314634][T12776] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  637.322653][T12776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.330751][T12776] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  637.339052][T12776]  </TASK>
[  644.196042][T12828] netlink: 52711 bytes leftover after parsing attributes in process `syz.0.1976'.
[  645.958258][T12852] syzkaller0: entered promiscuous mode
[  645.964510][T12852] syzkaller0: entered allmulticast mode
[  646.228002][T12867] netlink: 'syz.3.1985': attribute type 10 has an invalid length.
[  646.405466][T12867] veth1_macvtap: left promiscuous mode
[  652.132475][T12899] netlink: 'syz.1.1995': attribute type 11 has an invalid length.
[  652.163107][T12899] netlink: 184116 bytes leftover after parsing attributes in process `syz.1.1995'.
[  652.657641][T12910] FAULT_INJECTION: forcing a failure.
[  652.657641][T12910] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  652.692308][T12910] CPU: 0 PID: 12910 Comm: syz.2.1997 Not tainted syzkaller #0
[  652.699913][T12910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  652.710049][T12910] Call Trace:
[  652.713478][T12910]  <TASK>
[  652.716478][T12910]  dump_stack_lvl+0x18c/0x250
[  652.721231][T12910]  ? show_regs_print_info+0x20/0x20
[  652.726495][T12910]  ? load_image+0x420/0x420
[  652.731063][T12910]  ? __lock_acquire+0x7d40/0x7d40
[  652.736155][T12910]  ? _copy_from_iter+0x1b1/0x12e0
[  652.741263][T12910]  should_fail_ex+0x39d/0x4d0
[  652.746035][T12910]  prepare_alloc_pages+0x1e2/0x5f0
[  652.751240][T12910]  __alloc_pages+0x134/0x460
[  652.755905][T12910]  ? zone_statistics+0x170/0x170
[  652.760913][T12910]  ? _raw_spin_lock_irqsave+0x100/0x100
[  652.766638][T12910]  ? copy_page_from_iter+0xe8/0x100
[  652.771913][T12910]  pipe_write+0x62b/0x1b10
[  652.776678][T12910]  ? pipe_read+0x1310/0x1310
[  652.781346][T12910]  ? end_current_label_crit_section+0x149/0x170
[  652.787852][T12910]  ? common_file_perm+0x198/0x1f0
[  652.792972][T12910]  vfs_write+0x46c/0x990
[  652.797312][T12910]  ? file_end_write+0x250/0x250
[  652.802248][T12910]  ? __fget_files+0x43d/0x4b0
[  652.807031][T12910]  ? __fdget_pos+0x1d8/0x330
[  652.811696][T12910]  ? ksys_write+0x75/0x260
[  652.816196][T12910]  ksys_write+0x150/0x260
[  652.820638][T12910]  ? __ia32_sys_read+0x90/0x90
[  652.825481][T12910]  ? lockdep_hardirqs_on+0x98/0x150
[  652.830854][T12910]  do_syscall_64+0x55/0xb0
[  652.835339][T12910]  ? clear_bhb_loop+0x40/0x90
[  652.840101][T12910]  ? clear_bhb_loop+0x40/0x90
[  652.844846][T12910]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  652.850808][T12910] RIP: 0033:0x7f1490b9ce59
[  652.855283][T12910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  652.874963][T12910] RSP: 002b:00007f14919f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  652.883559][T12910] RAX: ffffffffffffffda RBX: 00007f1490e15fa0 RCX: 00007f1490b9ce59
[  652.891593][T12910] RDX: 00000000fffffdef RSI: 00002000000001c0 RDI: 0000000000000000
[  652.899639][T12910] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  652.907681][T12910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.915886][T12910] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  652.923977][T12910]  </TASK>
[  653.649280][T12913] syzkaller0: entered promiscuous mode
[  653.669909][T12913] syzkaller0: entered allmulticast mode
[  654.296046][T12938] netlink: 'syz.0.2005': attribute type 11 has an invalid length.
[  654.319963][T12938] netlink: 184116 bytes leftover after parsing attributes in process `syz.0.2005'.
[  658.386900][T12962] netlink: 15743 bytes leftover after parsing attributes in process `syz.0.2011'.
[  658.935462][T12975] can: request_module (can-proto-5) failed.
[  659.644558][T12991] syzkaller0: entered promiscuous mode
[  659.659028][T12991] syzkaller0: entered allmulticast mode
[  660.457407][T13003] netlink: 'syz.3.2021': attribute type 11 has an invalid length.
[  660.474548][T13003] netlink: 184116 bytes leftover after parsing attributes in process `syz.3.2021'.
[  660.686807][T13011] netlink: 'syz.1.2023': attribute type 1 has an invalid length.
[  660.718977][T13011] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.2023'.
[  662.504125][T13016] netlink: 'syz.1.2024': attribute type 10 has an invalid length.
[  662.529684][T13016] hsr_slave_0: entered promiscuous mode
[  662.536619][T13016] hsr_slave_0: entered allmulticast mode
[  662.544058][T13016] team0: Port device hsr_slave_0 added
[  663.285424][T13043] syzkaller0: entered promiscuous mode
[  663.340625][T13043] syzkaller0: entered allmulticast mode
[  665.165288][T13059] syzkaller0: entered promiscuous mode
[  665.183243][T13064] netlink: 'syz.2.2040': attribute type 11 has an invalid length.
[  665.193139][T13059] syzkaller0: entered allmulticast mode
[  665.203210][T13064] netlink: 184116 bytes leftover after parsing attributes in process `syz.2.2040'.
[  665.371457][T13074] netlink: 105120 bytes leftover after parsing attributes in process `syz.1.2041'.
[  665.433685][T13074] netlink: 'syz.1.2041': attribute type 2 has an invalid length.
[  665.883108][T13088] FAULT_INJECTION: forcing a failure.
[  665.883108][T13088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  665.960231][T13088] CPU: 0 PID: 13088 Comm: syz.0.2044 Not tainted syzkaller #0
[  665.969375][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  665.980921][T13088] Call Trace:
[  665.985656][T13088]  <TASK>
[  665.989394][T13088]  dump_stack_lvl+0x18c/0x250
[  665.994243][T13088]  ? show_regs_print_info+0x20/0x20
[  666.000741][T13088]  ? load_image+0x420/0x420
[  666.005691][T13088]  ? __might_fault+0xaa/0x120
[  666.010475][T13088]  ? __lock_acquire+0x7d40/0x7d40
[  666.015656][T13088]  should_fail_ex+0x39d/0x4d0
[  666.020419][T13088]  _copy_from_user+0x2f/0xe0
[  666.025075][T13088]  __sys_bpf+0x23e/0x890
[  666.030050][T13088]  ? bpf_link_show_fdinfo+0x390/0x390
[  666.035766][T13088]  ? lock_chain_count+0x20/0x20
[  666.041029][T13088]  __x64_sys_bpf+0x7c/0x90
[  666.045592][T13088]  do_syscall_64+0x55/0xb0
[  666.050143][T13088]  ? clear_bhb_loop+0x40/0x90
[  666.055913][T13088]  ? clear_bhb_loop+0x40/0x90
[  666.060665][T13088]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  666.066696][T13088] RIP: 0033:0x7fa6c219ce59
[  666.071231][T13088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  666.091308][T13088] RSP: 002b:00007fa6c30c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  666.099789][T13088] RAX: ffffffffffffffda RBX: 00007fa6c2415fa0 RCX: 00007fa6c219ce59
[  666.107790][T13088] RDX: 0000000000000094 RSI: 0000200000000240 RDI: 0000000000000005
[  666.116240][T13088] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  666.124246][T13088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  666.132249][T13088] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  666.140309][T13088]  </TASK>
[  666.278215][T13101] FAULT_INJECTION: forcing a failure.
[  666.278215][T13101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  666.300185][T13101] CPU: 0 PID: 13101 Comm: syz.0.2047 Not tainted syzkaller #0
[  666.307737][T13101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  666.317943][T13101] Call Trace:
[  666.321268][T13101]  <TASK>
[  666.324239][T13101]  dump_stack_lvl+0x18c/0x250
[  666.328990][T13101]  ? show_regs_print_info+0x20/0x20
[  666.334254][T13101]  ? load_image+0x420/0x420
[  666.338817][T13101]  ? __might_fault+0xaa/0x120
[  666.343555][T13101]  ? __lock_acquire+0x7d40/0x7d40
[  666.348649][T13101]  should_fail_ex+0x39d/0x4d0
[  666.353495][T13101]  _copy_from_iter+0x1d9/0x12e0
[  666.358451][T13101]  ? __might_fault+0xaa/0x120
[  666.363193][T13101]  ? _copy_from_iter+0x24e/0x12e0
[  666.368285][T13101]  ? __virt_addr_valid+0x18c/0x540
[  666.373462][T13101]  ? __lock_acquire+0x7d40/0x7d40
[  666.378546][T13101]  ? copyout_mc+0x70/0x70
[  666.382959][T13101]  ? copyout_mc+0x70/0x70
[  666.387353][T13101]  ? __virt_addr_valid+0x18c/0x540
[  666.392536][T13101]  ? page_copy_sane+0x16a/0x270
[  666.397499][T13101]  copy_page_from_iter+0x7b/0x100
[  666.403284][T13101]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  666.409147][T13101]  tun_get_user+0x15db/0x3ca0
[  666.414009][T13101]  ? aa_file_perm+0x11b/0xee0
[  666.418756][T13101]  ? rcu_read_unlock+0xa0/0xa0
[  666.423564][T13101]  ? tun_get+0x1c/0x2e0
[  666.427758][T13101]  ? __lock_acquire+0x7d40/0x7d40
[  666.432813][T13101]  ? tun_get+0x1c/0x2e0
[  666.437006][T13101]  tun_chr_write_iter+0x119/0x200
[  666.442070][T13101]  vfs_write+0x46c/0x990
[  666.446357][T13101]  ? file_end_write+0x250/0x250
[  666.451252][T13101]  ? __fget_files+0x43d/0x4b0
[  666.455975][T13101]  ? __fdget_pos+0x1d8/0x330
[  666.460604][T13101]  ? ksys_write+0x75/0x260
[  666.465056][T13101]  ksys_write+0x150/0x260
[  666.469418][T13101]  ? __ia32_sys_read+0x90/0x90
[  666.474219][T13101]  ? lockdep_hardirqs_on+0x98/0x150
[  666.479471][T13101]  do_syscall_64+0x55/0xb0
[  666.483921][T13101]  ? clear_bhb_loop+0x40/0x90
[  666.488626][T13101]  ? clear_bhb_loop+0x40/0x90
[  666.493357][T13101]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  666.499285][T13101] RIP: 0033:0x7fa6c219ce59
[  666.503756][T13101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  666.524697][T13101] RSP: 002b:00007fa6c30c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  666.533236][T13101] RAX: ffffffffffffffda RBX: 00007fa6c2415fa0 RCX: 00007fa6c219ce59
[  666.541269][T13101] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[  666.549285][T13101] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  666.557288][T13101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  666.565372][T13101] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  666.573645][T13101]  </TASK>
[  670.791056][T13149] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2062'.
[  670.819126][T13147] syzkaller0: entered promiscuous mode
[  670.832293][T13147] syzkaller0: entered allmulticast mode
[  670.844416][T13149] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2062'.
[  670.865751][T13159] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2062'.
[  671.338560][T13170] netlink: 'syz.2.2067': attribute type 29 has an invalid length.
[  672.980045][T13170] netlink: 'syz.2.2067': attribute type 29 has an invalid length.
[  674.419841][T13198] netlink: 'syz.2.2073': attribute type 10 has an invalid length.
[  674.533216][T13198] bond0: (slave veth1_to_bridge): Enslaving as an active interface with an up link
[  675.183667][T13220] netlink: 668 bytes leftover after parsing attributes in process `syz.1.2079'.
[  675.209388][T13223] netlink: 'syz.2.2080': attribute type 21 has an invalid length.
[  675.217458][T13220] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  675.217495][T13220] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  675.273543][T13223] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2080'.
[  676.087084][T13228] syzkaller0: entered promiscuous mode
[  676.096977][T13228] syzkaller0: entered allmulticast mode
[  681.497288][T13278] netlink: 'syz.3.2090': attribute type 21 has an invalid length.
[  681.505547][T13278] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2090'.
[  681.666320][T13289] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2093'.
[  681.717502][T13289] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  683.474291][T13323] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.2101'.
[  683.968822][T13332] netlink: 'syz.1.2103': attribute type 21 has an invalid length.
[  684.009892][T13332] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2103'.
[  684.627068][T13338] syzkaller0: entered promiscuous mode
[  684.639875][T13338] syzkaller0: entered allmulticast mode
[  684.803335][T13352] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.2111'.
[  684.835300][T13352] netlink: 21068 bytes leftover after parsing attributes in process `syz.1.2111'.
[  684.861700][T13352] tipc: Started in network mode
[  684.866910][T13352] tipc: Node identity d, cluster identity 56
[  684.875527][T13352] tipc: Node number set to 13
[  686.060685][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  686.067469][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  688.688656][T13400] netlink: 'syz.0.2119': attribute type 21 has an invalid length.
[  688.699935][T13400] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2119'.
[  688.821130][T13404] netlink: 'syz.3.2124': attribute type 3 has an invalid length.
[  688.829073][T13404] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2124'.
[  690.188936][T13419] syzkaller0: entered promiscuous mode
[  690.212723][T13419] syzkaller0: entered allmulticast mode
[  690.423288][T13439] netlink: 'syz.1.2135': attribute type 1 has an invalid length.
[  690.440059][T13439] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2135'.
[  691.208684][T13436] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  693.187570][T13437] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2134'.
[  694.519578][T13473] syzkaller0: entered promiscuous mode
[  694.529427][T13473] syzkaller0: entered allmulticast mode
[  694.646685][T13477] netlink: 'syz.2.2146': attribute type 25 has an invalid length.
[  694.656177][T13477] netlink: 'syz.2.2146': attribute type 29 has an invalid length.
[  697.083073][T13493] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2149'.
[  697.144124][T13493] team_slave_0 (unregistering): left promiscuous mode
[  697.151128][T13493] team_slave_0 (unregistering): left allmulticast mode
[  697.169977][T13493] team0: Port device team_slave_0 removed
[  698.022199][T13512] À: port 1(ªªªªªª) entered blocking state
[  698.043627][T13512] À: port 1(ªªªªªª) entered disabled state
[  698.097350][T13512] ªªªªªª: entered allmulticast mode
[  698.130433][T13512] ªªªªªª: entered promiscuous mode
[  698.168248][T13509] À: port 1(ªªªªªª) entered blocking state
[  698.174914][T13509] À: port 1(ªªªªªª) entered forwarding state
[  698.765145][T13531] netlink: 'syz.3.2164': attribute type 1 has an invalid length.
[  698.841785][T13531] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.2164'.
[  699.294071][T13527] syzkaller0: entered promiscuous mode
[  699.299640][T13527] syzkaller0: entered allmulticast mode
[  699.906781][T13554] FAULT_INJECTION: forcing a failure.
[  699.906781][T13554] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  699.930308][T13554] CPU: 0 PID: 13554 Comm: syz.1.2170 Not tainted syzkaller #0
[  699.937882][T13554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  699.947986][T13554] Call Trace:
[  699.951317][T13554]  <TASK>
[  699.954295][T13554]  dump_stack_lvl+0x18c/0x250
[  699.959040][T13554]  ? show_regs_print_info+0x20/0x20
[  699.964304][T13554]  ? load_image+0x420/0x420
[  699.968864][T13554]  ? __might_fault+0xaa/0x120
[  699.973666][T13554]  ? __lock_acquire+0x7d40/0x7d40
[  699.978759][T13554]  should_fail_ex+0x39d/0x4d0
[  699.983517][T13554]  _copy_from_user+0x2f/0xe0
[  699.988172][T13554]  ___sys_sendmsg+0x1c7/0x360
[  699.992913][T13554]  ? get_pid_task+0x20/0x1e0
[  699.997574][T13554]  ? __sys_sendmsg+0x2a0/0x2a0
[  700.002573][T13554]  __se_sys_sendmsg+0x1c2/0x2b0
[  700.007598][T13554]  ? __x64_sys_sendmsg+0x80/0x80
[  700.012662][T13554]  ? lockdep_hardirqs_on+0x98/0x150
[  700.018045][T13554]  do_syscall_64+0x55/0xb0
[  700.022643][T13554]  ? clear_bhb_loop+0x40/0x90
[  700.027462][T13554]  ? clear_bhb_loop+0x40/0x90
[  700.032211][T13554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  700.038191][T13554] RIP: 0033:0x7f065bb9ce59
[  700.042677][T13554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  700.063024][T13554] RSP: 002b:00007f065c9d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.071508][T13554] RAX: ffffffffffffffda RBX: 00007f065be16090 RCX: 00007f065bb9ce59
[  700.079880][T13554] RDX: 0000000000000851 RSI: 0000200000002e40 RDI: 0000000000000003
[  700.087906][T13554] RBP: 00007f065c9d4090 R08: 0000000000000000 R09: 0000000000000000
[  700.095943][T13554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.103968][T13554] R13: 00007f065be16128 R14: 00007f065be16090 R15: 00007ffff9f917c8
[  700.112103][T13554]  </TASK>
[  703.798601][T13580] syzkaller0: entered promiscuous mode
[  703.806021][T13580] syzkaller0: entered allmulticast mode
[  704.352079][T13604] FAULT_INJECTION: forcing a failure.
[  704.352079][T13604] name failslab, interval 1, probability 0, space 0, times 0
[  704.377377][T13604] CPU: 0 PID: 13604 Comm: syz.2.2186 Not tainted syzkaller #0
[  704.384957][T13604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  704.395267][T13604] Call Trace:
[  704.398720][T13604]  <TASK>
[  704.401732][T13604]  dump_stack_lvl+0x18c/0x250
[  704.406495][T13604]  ? sctp_sendmsg+0x15d2/0x2910
[  704.411453][T13604]  ? ___sys_sendmsg+0x2a6/0x360
[  704.416398][T13604]  ? show_regs_print_info+0x20/0x20
[  704.421686][T13604]  ? load_image+0x420/0x420
[  704.426337][T13604]  should_fail_ex+0x39d/0x4d0
[  704.431129][T13604]  should_failslab+0x9/0x20
[  704.435722][T13604]  slab_pre_alloc_hook+0x59/0x310
[  704.440949][T13604]  ? sctp_add_bind_addr+0x8c/0x360
[  704.446154][T13604]  __kmem_cache_alloc_node+0x53/0x250
[  704.451651][T13604]  ? sctp_add_bind_addr+0x8c/0x360
[  704.456854][T13604]  kmalloc_trace+0x2a/0xe0
[  704.461375][T13604]  sctp_add_bind_addr+0x8c/0x360
[  704.466507][T13604]  sctp_copy_local_addr_list+0x315/0x4f0
[  704.472250][T13604]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  704.478058][T13604]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  704.484230][T13604]  ? sctp_v4_is_any+0x35/0x60
[  704.488996][T13604]  ? sctp_copy_one_addr+0x8c/0x350
[  704.494215][T13604]  sctp_bind_addr_copy+0xb3/0x3c0
[  704.499350][T13604]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  704.505944][T13604]  sctp_connect_new_asoc+0x2f9/0x6a0
[  704.511369][T13604]  ? __sctp_connect+0xd80/0xd80
[  704.516312][T13604]  ? __local_bh_enable_ip+0x13a/0x1c0
[  704.521971][T13604]  ? _local_bh_enable+0xa0/0xa0
[  704.527000][T13604]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  704.532901][T13604]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  704.538810][T13604]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  704.544570][T13604]  ? security_sctp_bind_connect+0x89/0xb0
[  704.550435][T13604]  sctp_sendmsg+0x15d2/0x2910
[  704.555267][T13604]  ? sctp_getsockopt+0xb60/0xb60
[  704.560326][T13604]  ? aa_sk_perm+0x83c/0x970
[  704.564969][T13604]  ? aa_af_perm+0x330/0x330
[  704.569563][T13604]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  704.576093][T13604]  ? sock_rps_record_flow+0x19/0x3f0
[  704.581671][T13604]  ? inet_sendmsg+0x7c/0x2f0
[  704.586348][T13604]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  704.591734][T13604]  ? security_socket_sendmsg+0x80/0xa0
[  704.597270][T13604]  ? inet_send_prepare+0x260/0x260
[  704.602490][T13604]  ____sys_sendmsg+0x5ba/0x960
[  704.607349][T13604]  ? __lock_acquire+0x7d40/0x7d40
[  704.612475][T13604]  ? __asan_memset+0x22/0x40
[  704.617153][T13604]  ? __sys_sendmsg_sock+0x30/0x30
[  704.622249][T13604]  ? __import_iovec+0x5f2/0x850
[  704.627262][T13604]  ? import_iovec+0x73/0xa0
[  704.631889][T13604]  ___sys_sendmsg+0x2a6/0x360
[  704.636705][T13604]  ? __sys_sendmsg+0x2a0/0x2a0
[  704.641675][T13604]  ? __lock_acquire+0x7d40/0x7d40
[  704.646940][T13604]  __se_sys_sendmsg+0x1c2/0x2b0
[  704.651926][T13604]  ? __x64_sys_sendmsg+0x80/0x80
[  704.657043][T13604]  ? lockdep_hardirqs_on+0x98/0x150
[  704.662365][T13604]  do_syscall_64+0x55/0xb0
[  704.666872][T13604]  ? clear_bhb_loop+0x40/0x90
[  704.671635][T13604]  ? clear_bhb_loop+0x40/0x90
[  704.676427][T13604]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  704.682462][T13604] RIP: 0033:0x7f1490b9ce59
[  704.686999][T13604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  704.706711][T13604] RSP: 002b:00007f14919d3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  704.715243][T13604] RAX: ffffffffffffffda RBX: 00007f1490e16090 RCX: 00007f1490b9ce59
[  704.723295][T13604] RDX: 0000000000008054 RSI: 0000200000000300 RDI: 0000000000000005
[  704.731338][T13604] RBP: 00007f14919d3090 R08: 0000000000000000 R09: 0000000000000000
[  704.739442][T13604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  704.747523][T13604] R13: 00007f1490e16128 R14: 00007f1490e16090 R15: 00007fffaba92848
[  704.755651][T13604]  </TASK>
[  707.197728][T13625] netlink: 'syz.2.2194': attribute type 10 has an invalid length.
[  707.205738][T13625] netlink: 55 bytes leftover after parsing attributes in process `syz.2.2194'.
[  707.294937][T13625] À: port 1(ªªªªªª) entered disabled state
[  707.783676][T13625] ªªªªªª (unregistering): left allmulticast mode
[  707.803154][T13625] ªªªªªª (unregistering): left promiscuous mode
[  707.813049][T13625] À: port 1(ªªªªªª) entered disabled state
[  709.907539][T13653] syzkaller0: entered promiscuous mode
[  709.915340][T13653] syzkaller0: entered allmulticast mode
[  710.520374][T13667] FAULT_INJECTION: forcing a failure.
[  710.520374][T13667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  710.533853][T13667] CPU: 1 PID: 13667 Comm: syz.3.2205 Not tainted syzkaller #0
[  710.541374][T13667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  710.551480][T13667] Call Trace:
[  710.554943][T13667]  <TASK>
[  710.557937][T13667]  dump_stack_lvl+0x18c/0x250
[  710.562658][T13667]  ? show_regs_print_info+0x20/0x20
[  710.567898][T13667]  ? load_image+0x420/0x420
[  710.572432][T13667]  ? __lock_acquire+0x7d40/0x7d40
[  710.577489][T13667]  ? snprintf+0xe9/0x140
[  710.581774][T13667]  should_fail_ex+0x39d/0x4d0
[  710.586670][T13667]  _copy_to_user+0x2f/0xa0
[  710.591140][T13667]  simple_read_from_buffer+0xe7/0x150
[  710.596553][T13667]  proc_fail_nth_read+0x1e8/0x260
[  710.601616][T13667]  ? proc_fault_inject_write+0x360/0x360
[  710.607289][T13667]  ? fsnotify_perm+0x271/0x5e0
[  710.612081][T13667]  ? proc_fault_inject_write+0x360/0x360
[  710.617750][T13667]  vfs_read+0x28b/0x970
[  710.621947][T13667]  ? kernel_read+0x1e0/0x1e0
[  710.626600][T13667]  ? __fget_files+0x28/0x4b0
[  710.631223][T13667]  ? __fget_files+0x28/0x4b0
[  710.635957][T13667]  ? __fget_files+0x43d/0x4b0
[  710.640714][T13667]  ? __fdget_pos+0x2a3/0x330
[  710.645354][T13667]  ? ksys_read+0x75/0x260
[  710.649725][T13667]  ksys_read+0x150/0x260
[  710.654019][T13667]  ? vfs_write+0x990/0x990
[  710.658479][T13667]  ? lockdep_hardirqs_on+0x98/0x150
[  710.663756][T13667]  do_syscall_64+0x55/0xb0
[  710.668203][T13667]  ? clear_bhb_loop+0x40/0x90
[  710.672908][T13667]  ? clear_bhb_loop+0x40/0x90
[  710.677617][T13667]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  710.683571][T13667] RIP: 0033:0x7fa475d5d68e
[  710.688043][T13667] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  710.707707][T13667] RSP: 002b:00007fa476ba5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  710.716201][T13667] RAX: ffffffffffffffda RBX: 00007fa476ba66c0 RCX: 00007fa475d5d68e
[  710.724205][T13667] RDX: 000000000000000f RSI: 00007fa476ba60a0 RDI: 0000000000000007
[  710.732205][T13667] RBP: 00007fa476ba6090 R08: 0000000000000000 R09: 0000000000000000
[  710.740205][T13667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  710.748233][T13667] R13: 00007fa476016128 R14: 00007fa476016090 R15: 00007fffd7a4fc08
[  710.756254][T13667]  </TASK>
[  714.231362][T13700] sit0: left promiscuous mode
[  714.512928][T13704] bond0: entered promiscuous mode
[  714.518065][T13704] bond_slave_0: entered promiscuous mode
[  714.559994][T13704] bond_slave_1: entered promiscuous mode
[  714.566458][T13704] veth1_to_bridge: entered promiscuous mode
[  714.612046][T13704] bond0: entered allmulticast mode
[  714.630019][T13704] bond_slave_0: entered allmulticast mode
[  714.635922][T13704] bond_slave_1: entered allmulticast mode
[  714.662539][T13704] geneve0: entered allmulticast mode
[  714.668075][T13704] veth1_to_bridge: entered allmulticast mode
[  719.528021][T13715] syzkaller0: entered promiscuous mode
[  719.534164][T13715] syzkaller0: entered allmulticast mode
[  719.902282][T13748] FAULT_INJECTION: forcing a failure.
[  719.902282][T13748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.932955][T13748] CPU: 0 PID: 13748 Comm: syz.2.2233 Not tainted syzkaller #0
[  719.942403][T13748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  719.953872][T13748] Call Trace:
[  719.957672][T13748]  <TASK>
[  719.960855][T13748]  dump_stack_lvl+0x18c/0x250
[  719.966436][T13748]  ? show_regs_print_info+0x20/0x20
[  719.972033][T13748]  ? load_image+0x420/0x420
[  719.977061][T13748]  ? __lock_acquire+0x7d40/0x7d40
[  719.982243][T13748]  ? snprintf+0xe9/0x140
[  719.987399][T13748]  should_fail_ex+0x39d/0x4d0
[  719.992622][T13748]  _copy_to_user+0x2f/0xa0
[  719.997306][T13748]  simple_read_from_buffer+0xe7/0x150
[  720.003055][T13748]  proc_fail_nth_read+0x1e8/0x260
[  720.008188][T13748]  ? proc_fault_inject_write+0x360/0x360
[  720.014644][T13748]  ? fsnotify_perm+0x271/0x5e0
[  720.019500][T13748]  ? proc_fault_inject_write+0x360/0x360
[  720.025369][T13748]  vfs_read+0x28b/0x970
[  720.030350][T13748]  ? kernel_read+0x1e0/0x1e0
[  720.035055][T13748]  ? __fget_files+0x28/0x4b0
[  720.040185][T13748]  ? __fget_files+0x28/0x4b0
[  720.044906][T13748]  ? __fget_files+0x43d/0x4b0
[  720.049714][T13748]  ? __fdget_pos+0x2a3/0x330
[  720.054362][T13748]  ? ksys_read+0x75/0x260
[  720.058944][T13748]  ksys_read+0x150/0x260
[  720.063272][T13748]  ? vfs_write+0x990/0x990
[  720.067790][T13748]  ? lockdep_hardirqs_on+0x98/0x150
[  720.073131][T13748]  do_syscall_64+0x55/0xb0
[  720.077650][T13748]  ? clear_bhb_loop+0x40/0x90
[  720.082405][T13748]  ? clear_bhb_loop+0x40/0x90
[  720.087243][T13748]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  720.093195][T13748] RIP: 0033:0x7f1490b5d68e
[  720.097678][T13748] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  720.117371][T13748] RSP: 002b:00007f14919f3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  720.125888][T13748] RAX: ffffffffffffffda RBX: 00007f14919f46c0 RCX: 00007f1490b5d68e
[  720.133948][T13748] RDX: 000000000000000f RSI: 00007f14919f40a0 RDI: 0000000000000004
[  720.141996][T13748] RBP: 00007f14919f4090 R08: 0000000000000000 R09: 0000000000000000
[  720.150033][T13748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  720.158075][T13748] R13: 00007f1490e16038 R14: 00007f1490e15fa0 R15: 00007fffaba92848
[  720.166185][T13748]  </TASK>
[  722.148533][T13750] sit0: left promiscuous mode
[  722.221595][T13755] bond0: entered promiscuous mode
[  722.237354][T13755] bond_slave_0: entered promiscuous mode
[  722.257954][T13755] bond_slave_1: entered promiscuous mode
[  722.278912][T13755] bridge0: entered promiscuous mode
[  722.285181][T13755] bridge_slave_1: entered promiscuous mode
[  722.300113][T13755] bond0: entered allmulticast mode
[  722.306124][T13755] bond_slave_0: entered allmulticast mode
[  722.314009][T13755] bond_slave_1: entered allmulticast mode
[  722.322688][T13755] bridge0: entered allmulticast mode
[  722.328276][T13755] bridge_slave_1: entered allmulticast mode
[  722.600753][ T5085] Bluetooth: hci0: unexpected event 0x16 length: 151 > 6
[  723.227472][T13791] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.2248'.
[  723.355518][T13778] syzkaller0: entered promiscuous mode
[  723.362037][T13778] syzkaller0: entered allmulticast mode
[  723.547354][T13784] syzkaller0: entered promiscuous mode
[  723.557997][T13784] syzkaller0: entered allmulticast mode
[  726.179404][T13815] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2255'.
[  726.189850][T13815] netlink: zone id is out of range
[  726.195536][T13815] netlink: zone id is out of range
[  726.211010][T13815] netlink: zone id is out of range
[  726.216403][T13815] netlink: zone id is out of range
[  726.221834][T13815] netlink: zone id is out of range
[  726.236859][T13815] netlink: zone id is out of range
[  726.245222][T13815] netlink: zone id is out of range
[  726.255606][T13815] netlink: zone id is out of range
[  726.262216][T13815] netlink: zone id is out of range
[  726.268391][T13815] netlink: zone id is out of range
[  727.826372][T13810] netlink: 'syz.2.2253': attribute type 10 has an invalid length.
[  727.834523][T13810] bridge0: left allmulticast mode
[  727.841253][T13810] bridge0: port 4(syz_tun) entered blocking state
[  727.847861][T13810] bridge0: port 4(syz_tun) entered forwarding state
[  727.855046][T13810] bridge0: port 3(dummy0) entered blocking state
[  727.861629][T13810] bridge0: port 3(dummy0) entered forwarding state
[  727.868729][T13810] bridge0: port 2(bridge_slave_1) entered blocking state
[  727.876055][T13810] bridge0: port 2(bridge_slave_1) entered forwarding state
[  727.883646][T13810] bridge0: port 1(bridge_slave_0) entered blocking state
[  727.890959][T13810] bridge0: port 1(bridge_slave_0) entered forwarding state
[  727.902646][T13810] bridge0: entered promiscuous mode
[  727.911987][T13810] bridge0: entered allmulticast mode
[  727.918085][T13810] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  728.146911][T13827] netlink: 'syz.1.2258': attribute type 21 has an invalid length.
[  728.164626][T13827] netlink: 'syz.1.2258': attribute type 1 has an invalid length.
[  729.494473][T13852] syzkaller0: entered promiscuous mode
[  729.500995][T13852] syzkaller0: entered allmulticast mode
[  729.634695][T13858] netlink: 'syz.2.2268': attribute type 2 has an invalid length.
[  729.647282][T13858] netlink: 'syz.2.2268': attribute type 8 has an invalid length.
[  729.659288][T13858] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2268'.
[  733.239348][T13891] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.2280'.
[  733.517310][T13907] netlink: 'syz.2.2285': attribute type 10 has an invalid length.
[  733.543916][T13907] netlink: 210880 bytes leftover after parsing attributes in process `syz.2.2285'.
[  735.234214][T13926] syzkaller0: entered promiscuous mode
[  735.244318][T13926] syzkaller0: entered allmulticast mode
[  735.329363][T13930] netlink: 'syz.1.2294': attribute type 10 has an invalid length.
[  735.401802][T13943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  735.414383][T13943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  735.430028][T13943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  735.453591][T13943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  735.462402][T13943] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  735.480150][T13943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  735.518655][ T5777] bridge0: port 4(syz_tun) entered disabled state
[  735.732548][ T5777] syz_tun (unregistering): left allmulticast mode
[  735.739273][ T5777] syz_tun (unregistering): left promiscuous mode
[  735.747598][ T5777] bridge0: port 4(syz_tun) entered disabled state
[  737.564980][ T5085] Bluetooth: hci2: command tx timeout
[  737.776716][T13954] netlink: 'syz.0.2299': attribute type 10 has an invalid length.
[  737.785879][T13954] team0: Device hsr_slave_0 is up. Set it down before adding it as a team port
[  737.795933][T13961] netlink: 'syz.1.2301': attribute type 10 has an invalid length.
[  738.415788][T13941] chnl_net:caif_netlink_parms(): no params data found
[  738.672035][T13941] bridge0: port 1(bridge_slave_0) entered blocking state
[  738.681717][T13941] bridge0: port 1(bridge_slave_0) entered disabled state
[  738.694971][T13941] bridge_slave_0: entered allmulticast mode
[  738.703779][T13988] netlink: 'syz.0.2307': attribute type 9 has an invalid length.
[  738.712000][T13988] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.2307'.
[  738.724433][T13941] bridge_slave_0: entered promiscuous mode
[  738.747886][T13941] bridge0: port 2(bridge_slave_1) entered blocking state
[  738.762051][T13941] bridge0: port 2(bridge_slave_1) entered disabled state
[  738.782055][T13941] bridge_slave_1: entered allmulticast mode
[  738.798102][T13941] bridge_slave_1: entered promiscuous mode
[  738.867021][T13941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  738.981589][T13941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  739.106044][T13941] team0: Port device team_slave_0 added
[  739.136893][T13941] team0: Port device team_slave_1 added
[  739.240290][T13941] batman_adv: batadv0: Adding interface: batadv_slave_0
[  739.247404][T13941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  739.304625][T13941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  739.322087][T13941] batman_adv: batadv0: Adding interface: batadv_slave_1
[  739.339757][T13941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  739.382077][T13941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  739.642202][ T5085] Bluetooth: hci2: command tx timeout
[  739.797494][T14002] syzkaller0: entered promiscuous mode
[  739.820661][T14002] syzkaller0: entered allmulticast mode
[  739.906646][T13999] netlink: 'syz.0.2309': attribute type 2 has an invalid length.
[  739.929965][T13999] netlink: 'syz.0.2309': attribute type 8 has an invalid length.
[  739.938134][T13999] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2309'.
[  740.061638][T14010] netlink: 'syz.1.2313': attribute type 3 has an invalid length.
[  740.069570][T14010] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2313'.
[  740.258495][T13941] hsr_slave_0: entered promiscuous mode
[  740.295059][T13941] hsr_slave_1: entered promiscuous mode
[  741.720005][ T5085] Bluetooth: hci2: command tx timeout
[  743.799833][ T5085] Bluetooth: hci2: command tx timeout
[  744.960063][T14027] netlink: 'syz.1.2317': attribute type 39 has an invalid length.
[  744.980133][T14027] FAULT_INJECTION: forcing a failure.
[  744.980133][T14027] name failslab, interval 1, probability 0, space 0, times 0
[  745.017018][T14027] CPU: 1 PID: 14027 Comm: syz.1.2317 Not tainted syzkaller #0
[  745.024586][T14027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  745.034999][T14027] Call Trace:
[  745.038333][T14027]  <TASK>
[  745.041318][T14027]  dump_stack_lvl+0x18c/0x250
[  745.046056][T14027]  ? show_regs_print_info+0x20/0x20
[  745.051298][T14027]  ? load_image+0x420/0x420
[  745.055828][T14027]  ? verify_lock_unused+0x140/0x140
[  745.061064][T14027]  should_fail_ex+0x39d/0x4d0
[  745.065782][T14027]  should_failslab+0x9/0x20
[  745.070329][T14027]  slab_pre_alloc_hook+0x59/0x310
[  745.075394][T14027]  kmem_cache_alloc+0x5a/0x2d0
[  745.080189][T14027]  ? skb_clone+0x1eb/0x370
[  745.085901][T14027]  skb_clone+0x1eb/0x370
[  745.091151][T14027]  __netlink_deliver_tap+0x41c/0x830
[  745.099019][T14027]  ? netlink_deliver_tap+0x2e/0x1b0
[  745.104514][T14027]  netlink_deliver_tap+0x19c/0x1b0
[  745.110100][T14027]  netlink_sendskb+0x68/0x130
[  745.115455][T14027]  netlink_ack+0xce1/0x1180
[  745.120544][T14027]  ? netlink_dump+0xe50/0xe50
[  745.125443][T14027]  ? ref_tracker_free+0x690/0x840
[  745.130515][T14027]  netlink_rcv_skb+0x2c5/0x4d0
[  745.135330][T14027]  ? rtnetlink_bind+0x80/0x80
[  745.140449][T14027]  ? netlink_ack+0x1180/0x1180
[  745.145382][T14027]  ? __lock_acquire+0x7d40/0x7d40
[  745.150465][T14027]  ? netlink_deliver_tap+0x2e/0x1b0
[  745.156012][T14027]  netlink_unicast+0x751/0x8d0
[  745.161028][T14027]  netlink_sendmsg+0x8d0/0xbf0
[  745.166305][T14027]  ? netlink_getsockopt+0x590/0x590
[  745.173132][T14027]  ? aa_sock_msg_perm+0x94/0x150
[  745.178736][T14027]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  745.184897][T14027]  ? security_socket_sendmsg+0x80/0xa0
[  745.190408][T14027]  ? netlink_getsockopt+0x590/0x590
[  745.196218][T14027]  ____sys_sendmsg+0x5ba/0x960
[  745.201480][T14027]  ? __asan_memset+0x22/0x40
[  745.206148][T14027]  ? __sys_sendmsg_sock+0x30/0x30
[  745.211889][T14027]  ? __import_iovec+0x5f2/0x850
[  745.217068][T14027]  ? import_iovec+0x73/0xa0
[  745.222184][T14027]  ___sys_sendmsg+0x2a6/0x360
[  745.226959][T14027]  ? get_pid_task+0x20/0x1e0
[  745.231702][T14027]  ? __sys_sendmsg+0x2a0/0x2a0
[  745.237605][T14027]  ? __lock_acquire+0x7d40/0x7d40
[  745.243209][T14027]  __se_sys_sendmsg+0x1c2/0x2b0
[  745.248550][T14027]  ? __x64_sys_sendmsg+0x80/0x80
[  745.253568][T14027]  ? lockdep_hardirqs_on+0x98/0x150
[  745.259597][T14027]  do_syscall_64+0x55/0xb0
[  745.264456][T14027]  ? clear_bhb_loop+0x40/0x90
[  745.269184][T14027]  ? clear_bhb_loop+0x40/0x90
[  745.273906][T14027]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.279845][T14027] RIP: 0033:0x7f065bb9ce59
[  745.284333][T14027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.304170][T14027] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  745.312886][T14027] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  745.320903][T14027] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[  745.329160][T14027] RBP: 00007f065c9f5090 R08: 0000000000000000 R09: 0000000000000000
[  745.337152][T14027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.346110][T14027] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  745.354140][T14027]  </TASK>
[  745.477338][T14044] FAULT_INJECTION: forcing a failure.
[  745.477338][T14044] name failslab, interval 1, probability 0, space 0, times 0
[  745.499597][T14044] CPU: 0 PID: 14044 Comm: syz.0.2324 Not tainted syzkaller #0
[  745.507146][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  745.517285][T14044] Call Trace:
[  745.520649][T14044]  <TASK>
[  745.523624][T14044]  dump_stack_lvl+0x18c/0x250
[  745.528538][T14044]  ? show_regs_print_info+0x20/0x20
[  745.534419][T14044]  ? load_image+0x420/0x420
[  745.539068][T14044]  ? __lock_acquire+0x7d40/0x7d40
[  745.544155][T14044]  should_fail_ex+0x39d/0x4d0
[  745.548906][T14044]  should_failslab+0x9/0x20
[  745.553492][T14044]  slab_pre_alloc_hook+0x59/0x310
[  745.558590][T14044]  kmem_cache_alloc+0x5a/0x2d0
[  745.563813][T14044]  ? sk_prot_alloc+0x57/0x210
[  745.568653][T14044]  sk_prot_alloc+0x57/0x210
[  745.573238][T14044]  ? sk_alloc+0x24/0x360
[  745.577561][T14044]  sk_alloc+0x3a/0x360
[  745.581729][T14044]  inet_create+0x7a0/0xfe0
[  745.586182][T14044]  ? inet_create+0x9c/0xfe0
[  745.590750][T14044]  __sock_create+0x4a6/0x940
[  745.595376][T14044]  udp_sock_create4+0xcb/0x480
[  745.600268][T14044]  ? erspan_exit_batch_net+0x30/0x30
[  745.605814][T14044]  rxrpc_lookup_local+0xd1f/0x1610
[  745.611204][T14044]  ? rxrpc_local_dont_fragment+0x70/0x70
[  745.617013][T14044]  ? __local_bh_enable_ip+0x142/0x1c0
[  745.622443][T14044]  ? _local_bh_enable+0xa0/0xa0
[  745.627342][T14044]  rxrpc_sendmsg+0x30a/0x5b0
[  745.631971][T14044]  ? rxrpc_getsockopt+0x150/0x150
[  745.637030][T14044]  ____sys_sendmsg+0x5ba/0x960
[  745.641840][T14044]  ? __asan_memset+0x22/0x40
[  745.646497][T14044]  ? __sys_sendmsg_sock+0x30/0x30
[  745.651596][T14044]  ? __import_iovec+0x3fa/0x850
[  745.656494][T14044]  ? import_iovec+0x73/0xa0
[  745.661029][T14044]  ___sys_sendmsg+0x2a6/0x360
[  745.665749][T14044]  ? __sys_sendmsg+0x2a0/0x2a0
[  745.670590][T14044]  __se_sys_sendmsg+0x1c2/0x2b0
[  745.675485][T14044]  ? __x64_sys_sendmsg+0x80/0x80
[  745.680472][T14044]  ? lockdep_hardirqs_on+0x98/0x150
[  745.685802][T14044]  do_syscall_64+0x55/0xb0
[  745.690260][T14044]  ? clear_bhb_loop+0x40/0x90
[  745.694973][T14044]  ? clear_bhb_loop+0x40/0x90
[  745.699715][T14044]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  745.705682][T14044] RIP: 0033:0x7fa6c219ce59
[  745.710134][T14044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.729784][T14044] RSP: 002b:00007fa6c30c4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  745.738777][T14044] RAX: ffffffffffffffda RBX: 00007fa6c2415fa0 RCX: 00007fa6c219ce59
[  745.746814][T14044] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000008
[  745.754819][T14044] RBP: 00007fa6c30c4090 R08: 0000000000000000 R09: 0000000000000000
[  745.762844][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.770842][T14044] R13: 00007fa6c2416038 R14: 00007fa6c2415fa0 R15: 00007ffd51d439a8
[  745.778883][T14044]  </TASK>
[  745.865459][T13941] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  746.556931][T13941] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.570832][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  747.580459][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  747.689134][T13941] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.732701][T14068] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2330'.
[  747.760145][T14069] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.2330'.
[  747.786229][T14069] net_ratelimit: 116 callbacks suppressed
[  747.786250][T14069] bridge0: received packet on bridge_slave_1 with own address as source address (addr:0a:0a:da:1b:40:d8, vlan:0)
[  747.813703][T14069] bridge0: received packet on bridge_slave_1 with own address as source address (addr:0a:0a:da:1b:40:d8, vlan:1)
[  747.865912][T13941] netdevsim netdevsim2 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  748.439502][T14075] syzkaller0: entered promiscuous mode
[  748.462684][T14075] syzkaller0: entered allmulticast mode
[  749.036594][T14083] syzkaller0: entered promiscuous mode
[  749.097268][T14083] syzkaller0: entered allmulticast mode
[  752.230459][T14115] netlink: 'syz.1.2341': attribute type 11 has an invalid length.
[  752.242993][T14115] netlink: 184116 bytes leftover after parsing attributes in process `syz.1.2341'.
[  754.598362][T14130] syzkaller0: entered promiscuous mode
[  754.604151][T14130] syzkaller0: entered allmulticast mode
[  756.509139][T13941] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  756.522707][T13941] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  756.545160][T13941] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  756.566689][T13941] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  756.739183][T13941] 8021q: adding VLAN 0 to HW filter on device bond0
[  756.775357][T13941] 8021q: adding VLAN 0 to HW filter on device team0
[  756.792935][T11689] bridge0: port 1(bridge_slave_0) entered blocking state
[  756.801038][T11689] bridge0: port 1(bridge_slave_0) entered forwarding state
[  756.835932][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  756.843378][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  757.318241][T13941] 8021q: adding VLAN 0 to HW filter on device batadv0
[  757.425044][T13941] veth0_vlan: entered promiscuous mode
[  757.447527][T13941] veth1_vlan: entered promiscuous mode
[  757.568825][T13941] veth0_macvtap: entered promiscuous mode
[  758.167795][T13941] veth1_macvtap: entered promiscuous mode
[  758.393503][T13941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.413488][T13941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.427429][T13941] batman_adv: batadv0: Interface activated: batadv_slave_0
[  758.451739][T13941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.467352][T14171] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2352'.
[  758.476500][T13941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.491964][T13941] batman_adv: batadv0: Interface activated: batadv_slave_1
[  758.510298][T13941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.519384][T13941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  758.529057][T13941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  758.538164][T13941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  759.222011][T14177] syzkaller0: entered promiscuous mode
[  759.249053][T14177] syzkaller0: entered allmulticast mode
[  759.341296][ T3535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.365094][ T3535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.381140][T14184] netlink: 'syz.1.2356': attribute type 33 has an invalid length.
[  759.408950][T14184] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2356'.
[  759.775104][T14188] FAULT_INJECTION: forcing a failure.
[  759.775104][T14188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  759.792623][T14188] CPU: 0 PID: 14188 Comm: syz.1.2359 Not tainted syzkaller #0
[  759.800529][T14188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  759.810739][T14188] Call Trace:
[  759.814173][T14188]  <TASK>
[  759.817166][T14188]  dump_stack_lvl+0x18c/0x250
[  759.822091][T14188]  ? show_regs_print_info+0x20/0x20
[  759.827465][T14188]  ? load_image+0x420/0x420
[  759.832807][T14188]  ? __might_fault+0xaa/0x120
[  759.837534][T14188]  ? __lock_acquire+0x7d40/0x7d40
[  759.842602][T14188]  should_fail_ex+0x39d/0x4d0
[  759.847324][T14188]  _copy_from_user+0x2f/0xe0
[  759.851946][T14188]  generic_map_update_batch+0x59a/0x810
[  759.857530][T14188]  ? rcu_read_unlock+0xa0/0xa0
[  759.862334][T14188]  ? __fdget+0x180/0x210
[  759.866617][T14188]  ? rcu_read_unlock+0xa0/0xa0
[  759.871410][T14188]  bpf_map_do_batch+0x3d7/0x610
[  759.876299][T14188]  __sys_bpf+0x381/0x890
[  759.880578][T14188]  ? bpf_link_show_fdinfo+0x390/0x390
[  759.885996][T14188]  ? lock_chain_count+0x20/0x20
[  759.890971][T14188]  __x64_sys_bpf+0x7c/0x90
[  759.895558][T14188]  do_syscall_64+0x55/0xb0
[  759.900027][T14188]  ? clear_bhb_loop+0x40/0x90
[  759.904763][T14188]  ? clear_bhb_loop+0x40/0x90
[  759.909479][T14188]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  759.915431][T14188] RIP: 0033:0x7f065bb9ce59
[  759.919901][T14188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  759.942342][T14188] RSP: 002b:00007f065c9f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  759.953775][T14188] RAX: ffffffffffffffda RBX: 00007f065be15fa0 RCX: 00007f065bb9ce59
[  759.963448][T14188] RDX: 0000000000000038 RSI: 0000200000000900 RDI: 000000000000001a
[  759.974170][T14188] RBP: 00007f065c9f5090 R08: 0000000000000000 R09: 0000000000000000
[  759.984974][T14188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  759.994328][T14188] R13: 00007f065be16038 R14: 00007f065be15fa0 R15: 00007ffff9f917c8
[  760.003951][T14188]  </TASK>
[  760.446066][T14195] netlink: 'syz.1.2361': attribute type 9 has an invalid length.
[  760.461119][T14195] netlink: 160016 bytes leftover after parsing attributes in process `syz.1.2361'.
[  762.990789][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  763.051683][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  764.885403][T13943] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  764.895419][T13943] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  764.905298][T13943] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  764.914957][T13943] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  764.923282][T13943] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  764.932949][T13943] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  765.160325][T14244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2372'.
[  765.307204][ T3535] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.394013][T14249] can: request_module (can-proto-5) failed.
[  765.470889][ T3535] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.623185][ T3535] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.748119][T14238] chnl_net:caif_netlink_parms(): no params data found
[  765.816786][ T3535] netdevsim netdevsim0 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.170055][T14263] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2376'.
[  766.201027][T14266] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2376'.
[  766.509528][T14238] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.528945][T14238] bridge0: port 1(bridge_slave_0) entered disabled state
[  766.547722][T14238] bridge_slave_0: entered allmulticast mode
[  766.571440][T14238] bridge_slave_0: entered promiscuous mode
[  766.588413][T14238] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.596702][T14238] bridge0: port 2(bridge_slave_1) entered disabled state
[  766.604240][T14238] bridge_slave_1: entered allmulticast mode
[  766.611824][T14238] bridge_slave_1: entered promiscuous mode
[  766.853247][T14238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  766.911201][T14238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.000710][ T5085] Bluetooth: hci4: command tx timeout
[  767.117924][T14238] team0: Port device team_slave_0 added
[  767.144220][T14238] team0: Port device team_slave_1 added
[  767.451003][T14289] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2378'.
[  767.518487][T14238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  767.546645][T14238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  767.740822][T14238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  767.812339][T14238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  767.819364][T14238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  767.916644][T14238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  768.676207][T14238] hsr_slave_0: entered promiscuous mode
[  768.705186][T14238] hsr_slave_1: entered promiscuous mode
[  768.716161][T14238] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  768.732166][T14238] Cannot create hsr debugfs directory
[  768.829872][T14322] netlink: 'syz.1.2384': attribute type 21 has an invalid length.
[  769.080808][ T5085] Bluetooth: hci4: command tx timeout
[  770.384049][T14360] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2390'.
[  771.190152][ T5085] Bluetooth: hci4: command tx timeout
[  772.111663][T14238] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  772.246263][T14238] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  772.276516][T14238] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  772.447011][T14238] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  772.596189][ T3535] 
[  772.598606][ T3535] ======================================================
[  772.605667][ T3535] WARNING: possible circular locking dependency detected
[  772.612741][ T3535] syzkaller #0 Not tainted
[  772.617194][ T3535] ------------------------------------------------------
[  772.624242][ T3535] kworker/u4:8/3535 is trying to acquire lock:
[  772.630431][ T3535] ffff88805e50cd80 (team->team_lock_key#4){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  772.640273][ T3535] 
[  772.640273][ T3535] but task is already holding lock:
[  772.647676][ T3535] ffff888021c80768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  772.658234][ T3535] 
[  772.658234][ T3535] which lock already depends on the new lock.
[  772.658234][ T3535] 
[  772.668774][ T3535] 
[  772.668774][ T3535] the existing dependency chain (in reverse order) is:
[  772.677838][ T3535] 
[  772.677838][ T3535] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  772.685632][ T3535]        __mutex_lock+0x136/0xcc0
[  772.690716][ T3535]        ieee80211_open+0x144/0x200
[  772.695973][ T3535]        __dev_open+0x2cb/0x430
[  772.700890][ T3535]        dev_open+0xab/0x190
[  772.705535][ T3535]        team_add_slave+0x75f/0x29a0
[  772.711333][ T3535]        do_setlink+0xdfe/0x4130
[  772.716322][ T3535]        rtnl_newlink+0x17da/0x20a0
[  772.721579][ T3535]        rtnetlink_rcv_msg+0x869/0xfa0
[  772.727095][ T3535]        netlink_rcv_skb+0x241/0x4d0
[  772.732428][ T3535]        netlink_unicast+0x751/0x8d0
[  772.737754][ T3535]        netlink_sendmsg+0x8d0/0xbf0
[  772.743084][ T3535]        ____sys_sendmsg+0x5ba/0x960
[  772.748417][ T3535]        ___sys_sendmsg+0x2a6/0x360
[  772.753656][ T3535]        __se_sys_sendmsg+0x1c2/0x2b0
[  772.759076][ T3535]        do_syscall_64+0x55/0xb0
[  772.764060][ T3535]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  772.770528][ T3535] 
[  772.770528][ T3535] -> #0 (team->team_lock_key#4){+.+.}-{3:3}:
[  772.778844][ T3535]        __lock_acquire+0x2df1/0x7d40
[  772.784368][ T3535]        lock_acquire+0x19e/0x420
[  772.789436][ T3535]        __mutex_lock+0x136/0xcc0
[  772.794508][ T3535]        team_del_slave+0x32/0x1c0
[  772.799674][ T3535]        team_device_event+0x28d/0xa20
[  772.805181][ T3535]        notifier_call_chain+0x197/0x380
[  772.811035][ T3535]        unregister_netdevice_many_notify+0x100d/0x1900
[  772.818017][ T3535]        unregister_netdevice_queue+0x32c/0x370
[  772.824821][ T3535]        _cfg80211_unregister_wdev+0x16b/0x580
[  772.831113][ T3535]        ieee80211_remove_interfaces+0x49e/0x690
[  772.837577][ T3535]        ieee80211_unregister_hw+0x5d/0x2a0
[  772.843598][ T3535]        mac80211_hwsim_del_radio+0x289/0x480
[  772.849746][ T3535]        hwsim_exit_net+0x58d/0x650
[  772.855091][ T3535]        cleanup_net+0x70a/0xbb0
[  772.860080][ T3535]        process_scheduled_works+0xa5d/0x15d0
[  772.866218][ T3535]        worker_thread+0xa55/0xfc0
[  772.871384][ T3535]        kthread+0x2fa/0x390
[  772.876015][ T3535]        ret_from_fork+0x48/0x80
[  772.881001][ T3535]        ret_from_fork_asm+0x11/0x20
[  772.886371][ T3535] 
[  772.886371][ T3535] other info that might help us debug this:
[  772.886371][ T3535] 
[  772.896648][ T3535]  Possible unsafe locking scenario:
[  772.896648][ T3535] 
[  772.904141][ T3535]        CPU0                    CPU1
[  772.909638][ T3535]        ----                    ----
[  772.915054][ T3535]   lock(&rdev->wiphy.mtx);
[  772.919608][ T3535]                                lock(team->team_lock_key#4);
[  772.927159][ T3535]                                lock(&rdev->wiphy.mtx);
[  772.934425][ T3535]   lock(team->team_lock_key#4);
[  772.939479][ T3535] 
[  772.939479][ T3535]  *** DEADLOCK ***
[  772.939479][ T3535] 
[  772.947672][ T3535] 5 locks held by kworker/u4:8/3535:
[  772.953100][ T3535]  #0: ffff88801a254938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  772.964764][ T3535]  #1: ffffc9000cf37d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  772.975651][ T3535]  #2: ffffffff8e3b9990 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[  772.985709][ T3535]  #3: ffffffff8e3c6988 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  772.996098][ T3535]  #4: ffff888021c80768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  773.007084][ T3535] 
[  773.007084][ T3535] stack backtrace:
[  773.013025][ T3535] CPU: 0 PID: 3535 Comm: kworker/u4:8 Not tainted syzkaller #0
[  773.020718][ T3535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  773.030828][ T3535] Workqueue: netns cleanup_net
[  773.035647][ T3535] Call Trace:
[  773.038962][ T3535]  <TASK>
[  773.041933][ T3535]  dump_stack_lvl+0x18c/0x250
[  773.046654][ T3535]  ? load_image+0x420/0x420
[  773.051198][ T3535]  ? show_regs_print_info+0x20/0x20
[  773.056435][ T3535]  ? print_circular_bug+0x12b/0x1a0
[  773.061673][ T3535]  check_noncircular+0x2fc/0x400
[  773.066649][ T3535]  ? print_deadlock_bug+0x5d0/0x5d0
[  773.071881][ T3535]  ? lockdep_lock+0xf5/0x230
[  773.076516][ T3535]  ? __lock_acquire+0x1273/0x7d40
[  773.081635][ T3535]  ? _find_first_zero_bit+0xd3/0x100
[  773.086956][ T3535]  __lock_acquire+0x2df1/0x7d40
[  773.091867][ T3535]  ? verify_lock_unused+0x140/0x140
[  773.097106][ T3535]  ? verify_lock_unused+0x140/0x140
[  773.102444][ T3535]  lock_acquire+0x19e/0x420
[  773.106994][ T3535]  ? team_del_slave+0x32/0x1c0
[  773.111979][ T3535]  ? __might_sleep+0xe0/0xe0
[  773.116618][ T3535]  ? read_lock_is_recursive+0x20/0x20
[  773.122041][ T3535]  __mutex_lock+0x136/0xcc0
[  773.126584][ T3535]  ? team_del_slave+0x32/0x1c0
[  773.131386][ T3535]  ? __lock_acquire+0x7d40/0x7d40
[  773.136446][ T3535]  ? rcu_is_watching+0x15/0xb0
[  773.141251][ T3535]  ? trace_contention_end+0x39/0xe0
[  773.146494][ T3535]  ? __mutex_lock+0x315/0xcc0
[  773.151271][ T3535]  ? team_del_slave+0x32/0x1c0
[  773.156086][ T3535]  ? mutex_lock_nested+0x20/0x20
[  773.161145][ T3535]  ? bond_netdev_event+0xeb/0xf20
[  773.166298][ T3535]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  773.171983][ T3535]  team_del_slave+0x32/0x1c0
[  773.176608][ T3535]  team_device_event+0x28d/0xa20
[  773.181577][ T3535]  notifier_call_chain+0x197/0x380
[  773.186765][ T3535]  unregister_netdevice_many_notify+0x100d/0x1900
[  773.193312][ T3535]  ? lock_chain_count+0x20/0x20
[  773.198210][ T3535]  ? unregister_netdevice_many+0x20/0x20
[  773.203903][ T3535]  ? kernfs_remove_by_name_ns+0x117/0x150
[  773.209696][ T3535]  ? __lock_acquire+0x7d40/0x7d40
[  773.214766][ T3535]  unregister_netdevice_queue+0x32c/0x370
[  773.220622][ T3535]  ? list_netdevice+0x730/0x730
[  773.225521][ T3535]  ? kernfs_remove_by_name_ns+0x117/0x150
[  773.231304][ T3535]  _cfg80211_unregister_wdev+0x16b/0x580
[  773.236981][ T3535]  ieee80211_remove_interfaces+0x49e/0x690
[  773.242838][ T3535]  ? ieee80211_do_stop+0x1e20/0x1e20
[  773.248249][ T3535]  ? rcu_is_watching+0x15/0xb0
[  773.253108][ T3535]  ieee80211_unregister_hw+0x5d/0x2a0
[  773.258526][ T3535]  mac80211_hwsim_del_radio+0x289/0x480
[  773.264128][ T3535]  ? rhashtable_remove_fast+0xc00/0xc00
[  773.269718][ T3535]  hwsim_exit_net+0x58d/0x650
[  773.274430][ T3535]  ? hwsim_init_net+0x90/0x90
[  773.279193][ T3535]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  773.285308][ T3535]  cleanup_net+0x70a/0xbb0
[  773.289855][ T3535]  ? ops_free_list+0x3b0/0x3b0
[  773.294675][ T3535]  ? _raw_spin_unlock_irq+0x23/0x50
[  773.299927][ T3535]  ? process_scheduled_works+0x96f/0x15d0
[  773.305775][ T3535]  ? process_scheduled_works+0x96f/0x15d0
[  773.311587][ T3535]  process_scheduled_works+0xa5d/0x15d0
[  773.317192][ T3535]  ? worker_attach_to_pool+0x380/0x380
[  773.322755][ T3535]  ? assign_work+0x3d2/0x5d0
[  773.327471][ T3535]  worker_thread+0xa55/0xfc0
[  773.332100][ T3535]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  773.338042][ T3535]  ? _raw_spin_unlock+0x40/0x40
[  773.342931][ T3535]  ? _raw_spin_unlock_irqrestore+0x86/0x120
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  773.348877][ T3535]  kthread+0x2fa/0x390
[  773.352985][ T3535]  ? pr_cont_work+0x560/0x560
[  773.357708][ T3535]  ? kthread_blkcg+0xd0/0xd0
[  773.362339][ T3535]  ret_from_fork+0x48/0x80
[  773.366790][ T3535]  ? kthread_blkcg+0xd0/0xd0
[  773.371412][ T3535]  ret_from_fork_asm+0x11/0x20
[  773.376218][ T3535]  </TASK>
[  773.420607][ T5085] Bluetooth: hci4: command tx timeout
[  773.454383][ T3535] team0: Port device wlan1 removed
[  773.757853][T14396] syzkaller0: entered promiscuous mode
[  773.797402][T14396] syzkaller0: entered allmulticast mode
[  773.901689][T14410] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2400'.
[  773.946544][T14410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  773.979961][T14410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  774.010491][T14410] batadv_slave_1: entered promiscuous mode
[  774.570552][ T3535] bridge_slave_0: left allmulticast mode
[  774.576384][ T3535] bridge_slave_0: left promiscuous mode
[  774.620060][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.737024][ T3535] veth0_macvtap: left promiscuous mode
[  774.760520][ T3535] veth1_vlan: left promiscuous mode
[  774.766152][ T3535] veth0_vlan: left promiscuous mode
[  775.704483][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  775.755778][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  776.220636][T14410] bridge0: port 4(syz_tun) entered disabled state
[  776.246625][T14410] syz_tun (unregistering): left allmulticast mode
[  776.253691][T14410] syz_tun (unregistering): left promiscuous mode
[  776.263505][T14410] bridge0: port 4(syz_tun) entered disabled state
[  776.814354][ T3535] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.909526][ T3535] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.979476][ T3535] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.046066][ T3535] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.176789][ T3535] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.237617][ T3535] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.317425][ T3535] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.366814][ T3535] netdevsim netdevsim3 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.788833][ T3535] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.866962][ T3535] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.908911][ T3535] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.996494][ T3535] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  778.216429][ T3535] tipc: Left network mode
[  779.605704][ T3535] mac80211_hwsim hwsim5 ..ãc¤± (unregistering): left promiscuous mode
[  779.614385][ T3535] mac80211_hwsim hwsim5 ..ãc¤± (unregistering): left allmulticast mode
[  779.629000][ T3535] team0: Port device ..ãc¤± removed
[  780.059865][ T3535] hsr_slave_0: left promiscuous mode
[  780.066867][ T3535] hsr_slave_1: left promiscuous mode
[  780.076209][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  780.085205][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  780.093963][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  780.102826][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  780.110862][ T3535] bridge_slave_1: left allmulticast mode
[  780.116557][ T3535] bridge_slave_1: left promiscuous mode
[  780.124935][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.135634][ T3535] bridge_slave_0: left allmulticast mode
[  780.142864][ T3535] bridge_slave_0: left promiscuous mode
[  780.148666][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.162872][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  780.170622][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  780.178568][ T3535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  780.196132][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  780.212883][ T3535] team0: left allmulticast mode
[  780.217846][ T3535] team_slave_1: left allmulticast mode
[  780.224052][ T3535] hsr_slave_0: left allmulticast mode
[  780.229543][ T3535] team0: left promiscuous mode
[  780.235004][ T3535] team_slave_1: left promiscuous mode
[  780.240946][ T3535] hsr_slave_0: left promiscuous mode
[  780.246579][ T3535] bridge0: port 3(team0) entered disabled state
[  780.255031][ T3535] bridge_slave_1: left allmulticast mode
[  780.260987][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.270543][ T3535] bridge_slave_0: left allmulticast mode
[  780.276238][ T3535] bridge_slave_0: left promiscuous mode
[  780.282424][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.296665][ T3535] hsr_slave_0: left promiscuous mode
[  780.303602][ T3535] hsr_slave_1: left promiscuous mode
[  780.310049][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_0
[  780.317881][ T3535] batman_adv: batadv0: Removing interface: batadv_slave_1
[  780.327182][ T3535] bridge_slave_1: left allmulticast mode
[  780.333142][ T3535] bridge_slave_1: left promiscuous mode
[  780.338896][ T3535] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.353766][ T3535] bridge_slave_0: left allmulticast mode
[  780.359567][ T3535] bridge_slave_0: left promiscuous mode
[  780.366453][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.380894][ T3535] bridge0: port 3(team0) entered disabled state
[  780.388431][ T3535] bridge_slave_0: left allmulticast mode
[  780.394226][ T3535] bridge_slave_0: left promiscuous mode
[  780.400927][ T3535] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.414263][ T3535] veth1_macvtap: left promiscuous mode
[  780.423071][ T3535] veth0_macvtap: left promiscuous mode
[  780.428708][ T3535] veth1_vlan: left promiscuous mode
[  780.434671][ T3535] veth0_vlan: left promiscuous mode
[  780.441332][ T3535] veth1_vlan: left promiscuous mode
[  780.446591][ T3535] veth0_vlan: left promiscuous mode
[  780.453104][ T3535] veth1_macvtap: left promiscuous mode
[  780.458753][ T3535] veth0_macvtap: left promiscuous mode
[  780.796528][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  780.832224][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  780.864375][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.882323][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.974088][ T3535] bond0 (unregistering): Released all slaves
[  781.188507][ T3535] team0 (unregistering): Port device hsr_slave_0 removed
[  781.241225][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  781.634526][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  781.647645][ T3535] team0 (unregistering): Port device team_slave_0 removed
[  781.687211][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.721984][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  781.790495][ T3535] bond0 (unregistering): Released all slaves
[  782.085070][ T3535] hsr_slave_0 (unregistering): left promiscuous mode
[  782.092792][ T3535] hsr_slave_0 (unregistering): left allmulticast mode
[  782.100741][ T3535] team0 (unregistering): Port device hsr_slave_0 removed
[  782.144711][ T3535] team_slave_1 (unregistering): left promiscuous mode
[  782.158958][ T3535] team_slave_1 (unregistering): left allmulticast mode
[  782.167638][ T3535] team0 (unregistering): Port device team_slave_1 removed
[  782.197784][ T3535] C (unregistering): left promiscuous mode
[  782.203883][ T3535] C (unregistering): left allmulticast mode
[  782.210798][ T3535] team0 (unregistering): Port device C removed
[  782.254655][ T3535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  782.265277][ T3535] bond_slave_1 (unregistering): left promiscuous mode
[  782.272530][ T3535] bond_slave_1 (unregistering): left allmulticast mode
[  782.300203][ T3535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  782.309120][ T3535] bond_slave_0 (unregistering): left promiscuous mode
[  782.316208][ T3535] bond_slave_0 (unregistering): left allmulticast mode
[  782.342284][ T3535] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  782.352547][ T3535] bridge_slave_1 (unregistering): left promiscuous mode
[  782.359556][ T3535] bridge_slave_1 (unregistering): left allmulticast mode
[  782.437541][ T3535] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  782.446384][ T3535] bridge0 (unregistering): left promiscuous mode
[  782.453554][ T3535] bridge0 (unregistering): left allmulticast mode
[  782.460810][ T3535] bond0 (unregistering): Released all slaves