last executing test programs:

2.481264822s ago: executing program 2 (id=5872):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f0000004880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x5, 0x0, 0x8, 0x94d430193590d839, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xffffffff}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x8081, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161)
sendmsg$inet(r3, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e1f, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="20000000000000000000000007000000890f04630b4d7d113b3f186e"], 0x20, 0x5}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000000700)=[{&(0x7f0000000740)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033c0000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4, '\x00', 0x0, r0, 0x1, 0x5, 0x2}, 0x50)

2.190239821s ago: executing program 2 (id=5877):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

1.947755679s ago: executing program 2 (id=5880):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7f}, 0x100904, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904021d080009000200e8fe55a1180015000600142603600e120900210000000401a8001600a400014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e97", 0xd7}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x4, @perf_bp={&(0x7f0000000200)}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x3, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x4c, 0x0, 0x0)
r4 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000001340)=@hci={0x1f, 0xe00, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='b', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x13)
r5 = perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x374, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0xfffffffc, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007910a2000000f9ff06000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x1f, 0x5, &(0x7f0000000180)=ANY=[@ANYRES8=r3], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r9 = socket$kcm(0x10, 0x2, 0x2)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10, <r11=>0xffffffffffffffff}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xffffb774}, 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$kcm(r9, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001280)="16", 0x1}], 0x1}, 0x0)
close(0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="2e00000011008188040f80ec59acbc0413a181003f00000001010000000200000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

1.836836162s ago: executing program 0 (id=5883):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0x1d, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000040001000000000000000000850000004100000085000000500000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x1})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x20)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0xfffffffc, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.649841728s ago: executing program 2 (id=5886):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x104101, 0x4, 0x0, 0x1, 0x9, 0x10000000, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x20000840)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

1.613417429s ago: executing program 3 (id=5887):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x16}, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000940)="657573a2aaa76a045d877c1f6455a4bb7edaedaf2406cf034c55272afe4a39f80fec79674992739b3f1d46ab6fc6b89bc95d81d84d8c293613c9f90375e9112c7b5f65f27e0e214389e9034316b5f9b75aaba5bc0d8f2290bd36c6624c127b3433e77de62a43eb8eeecd139da8a083185e6bef3c0866b648a4f6432a60e58c664a7a3dcb4a1776e6fdb08687841d75cdf12f0d7578930caa6a450381441bd9023d757be41434aaa87208e070bae470b8ebe5b100c3d6ed01dbff6a6e13320627043926cb30d2233291a5d9a15bfb760df9fabaa9f450747ff1cf93258dfbd2132d00516d8edfcb6b6352eb385866585cb371846f31532e653ccf7bc842c81206c8e80530a748501b2da5fedb1bcd0e53d09826aeb25c7ed8f3e1b219649baf3fc9ccb0da4aa1bdefca77ca97aa0c50d0485413936b83a20158cc3795456df09a917751c6e9555988b80b26f36bc8294fa37aca1b0c570e93588c9c25f4d72f01ba4bb874685628f0b64d71eaa9d17b489826ada40cede73bad175b9e956942b581fb7c52added185ce2f24422c0bf33ff32bb0e9e50b697f3257eb76134076bcf59767d12dc2cfa9c6e4544b55adc09a330a873c3a5ac8e28dda7fe398be13b3949ddaa7e25fc9652b783a95db047a3477a64dee6c4eadccbb48e9a525539c51603f8fdf1a8af0b9968ea399b7d787ead48a43bb8f83ced7de9dbe9d29a04438103179d2cc91cc15a5f3b5c589594d5232f8e956776547946bd38ea993b2cd1b1290ba255ef4a1a97055ad51cff35b804ef472a9f60bfedf3af92fc51e9b9e5580d4b12ac5fae4d8a4b9761b1c72a7282fe1cbc90767ec3266aef7ccf306ba8fc5161c74c3765b6b1ad5ab007b9892aedca8fadc7b37597546de787034e2c98a34118ef63680882759f4c3cb654e050b1303d3c9ded614e54fc833992b3d376e9f581d2ef7064ff268359a022b0df7d0679a54746150528ce08d47a05dd0e1f481b0f0b27f25e8b7b0a17827841cd7711e84dae20d98a76e5c6ea29b7a676bc4afb5729705e235ab7d41cf6dc39a208e806db5077326345bff9910e8b591d9c45f506f57f0392c41dfbe0e788299582f1dc2323da8ba93a7141061c8f78f81518c59c41a289b98d83a4575e9a509c0c615cd39ae76d2749378047a3b4ca1078880a0620088c17661322632882c77f751c60443e27df36020a72081b8e32f796f103412721158831ad7658a1299015a8a28ebc4cfd1414f4f4dcdef109c2bd75b7a8d83447e382724ec1076237c85b311df47a4fa7ad981e0f3918a093855e9968364c9bd1f385fccf076bc9e61558ddbe969742a860599a87e045b8fd95b0eb11b1f0fbdcb8a4008da5277f071d819791a2f54fc9f676196cf0b3f0e91c6d1586d9bd687c1df1e759e80b0cea66ea75eef5f9e57a36f61670268b8e2ad39561525e73fe2c942d0fb3f53e46695762c0dcee78ca9b2b81cba1c5fa2a736954dedcdf869149c7220be1f4ea53ccd72c3f8f7d9483068d668542023ea9a3d415a2006a5ac5439668c0a211c9d3212d38cdc13c35bf184579955fff0c35b2870af088340d60f744a0806135ce50a123182ab68fa8a89d858eceeed660f1ec5671d6d1be21022c372eabfa4fb1ebe03f7ab2650ec3679507d17611d1cd694be1adb33e591716af45eb1269969aca77be07d18784e2dd1240b6ac67be842afa51ce452f106de37a1e271b37e2904d6276c09eb5915fc8af524ff86e652c2acd33b634d8ba9268b7c278ebb8a92d7a45d97d2e45b4064b55ed5c56d3ed11adc0c", 0x4fd}], 0x1}, 0x88c0)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x3, &(0x7f0000000000), 0x10)
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8916, &(0x7f0000000040)={'ipvlan1\x00', @random="0200ac7f7e00"})

1.528678672s ago: executing program 0 (id=5888):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

1.486065373s ago: executing program 2 (id=5890):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x19d5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x20001, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x0, 0x5}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000002000000000000000100008018150000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000450000001801000020756c2500000000002020207b1a00ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={0x1, 0x58, &(0x7f0000000580)}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640), 0x4)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b2844869"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r6 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r6, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r6, r5})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{0x1}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r7}, 0x4)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000000)=[{&(0x7f0000004500)="d800000016008111e00212ba0d8105040a601100ff0f040b067c55a1bc0009001e0006990300000015000500fe808178a8021500030001400200000901ac04000bd67f6f9400710016277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad85667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b440431629b0b5aa14c3d21e2fa353905e2a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x0)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r9, 0xc004743e, 0x110c230000)
recvmsg$kcm(r8, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x2042)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b00000000000000000000000000009500000000", @ANYRES32=0x1, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000030000000500"/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000980)={0x1}, 0x4)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000009c0)={0xffffffffffffffff, 0x40, 0x18}, 0xc)
sendmsg$inet(r2, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80)

1.388143206s ago: executing program 3 (id=5891):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000840)="09310f871c7ffa1a8b2589ab4750fc5cc190d5d7487af8c9662723eb30317f250ae6b046c9db7d192e203236eee3482e2e6795e82d1555f37b45524e2756c9810bf14035c705409646efb010800575e5eaedf751a310dbef", 0x58}], 0x1, 0x0, 0x108}, 0x40)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=[{0x18, 0x110, 0xc, ')'}], 0x18}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='N-N:N/NN'], 0x6a)
r3 = socket$kcm(0x2, 0x5, 0x84)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x80000005}, {0x2}]}, 0x94)
sendmsg$inet(r3, &(0x7f00000029c0)={&(0x7f0000000100)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000002780)=[{&(0x7f00000006c0)='{', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r4, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000080)=[0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000001c0)=[0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x0, 0x83, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000005c0), &(0x7f0000000700), 0x8, 0xe9, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18009500000000000000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', r7}, 0x94)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef438000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

1.337464548s ago: executing program 1 (id=5892):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000fbffffff000000000000000085"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_config_ext={0xff, 0x7}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$kcm(0x10, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x8000, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYRES16=r1], 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[], 0x20)

1.329110288s ago: executing program 0 (id=5893):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f0000004880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x5, 0x0, 0x8, 0x94d430193590d839, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xffffffff}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x8081, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161)
sendmsg$inet(r3, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e1f, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="20000000000000000000000007000000890f04630b4d7d113b3f186e"], 0x20, 0x5}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000000700)=[{&(0x7f0000000740)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033c0000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4, '\x00', 0x0, r0, 0x1, 0x5, 0x2}, 0x50)

1.126330034s ago: executing program 3 (id=5894):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb0, 0xb0, 0x2, [@enum={0x10, 0x7, 0x0, 0x6, 0x4, [{0x8, 0xb71}, {0x9, 0x1}, {0x9, 0xfffffffa}, {0x3, 0xfffffff1}, {0x5, 0x5}, {0xb, 0x8}, {0x5, 0xff}]}, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {0x2}, {}, {}, {}]}, @func={0x0, 0x0, 0x0, 0xc, 0x5}, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0xca, 0xfffffeb3}, 0x28)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000020000000000000000000003000000000300000002000000fcffffff00000000000000010500000010000000000000000000000402"], 0x0, 0x4e}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x14}, 0x8f)

967.848129ms ago: executing program 1 (id=5895):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7f}, 0x100904, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904021d080009000200e8fe55a1180015000600142603600e120900210000000401a8001600a400014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e97", 0xd7}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x4, @perf_bp={&(0x7f0000000200)}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x3, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x4c, 0x0, 0x0)
r4 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000001340)=@hci={0x1f, 0xe00, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='b', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x13)
r5 = perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x374, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0xfffffffc, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007910a2000000f9ff06000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x1f, 0x5, &(0x7f0000000180)=ANY=[@ANYRES8=r3], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r9 = socket$kcm(0x10, 0x2, 0x2)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10, <r11=>0xffffffffffffffff}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xffffb774}, 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$kcm(r9, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001280)="16", 0x1}], 0x1}, 0x0)
close(0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="2e00000011008188040f80ec59acbc0413a181003f00000001010000000200000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

967.520139ms ago: executing program 3 (id=5896):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0x1d, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000040001000000000000000000850000004100000085000000500000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x1})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x20)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0xfffffffc, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

965.782229ms ago: executing program 0 (id=5897):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x106)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000100)={r1})
setsockopt$sock_attach_bpf(r2, 0x107, 0x2, 0x0, 0x0)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8)
r4 = socket$kcm(0x15, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, 0x0)
recvmsg$kcm(r3, &(0x7f0000001c80)={&(0x7f0000000240)=@ax25={{0x3, @default}, [@null, @default, @null, @rose, @null, @remote, @netrom, @netrom]}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000000300)=""/122, 0x7a}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/184, 0xb8}, {&(0x7f0000001a80)=""/134, 0x86}, {&(0x7f0000001b40)=""/51, 0x33}, {&(0x7f0000001b80)=""/116, 0x74}], 0x6}, 0x2)
sendmsg$inet(r1, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000700)="fad2b9ed", 0x4}, {&(0x7f00000001c0)="660f829e3a5d48b05d82", 0xa}, {&(0x7f0000000180)="adb34727cc508abe1092fb01d95f9d", 0xf}], 0x3}, 0x8000)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0x0}, 0x50)
socket$kcm(0x22, 0x3, 0x22)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0xb0a3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0xffff, 0xfffffff3}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$kcm(0xa, 0x6, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb01001800000000000050554d0db8978b37004a00000000000000010000040000400002000000070000001900000000612e5f0000b06cfcb3b05bd82501eaf5ca8a2ea78e5433d78099e6424cbab77b71a05c0bca5d264575290c1e978ebe45de94cc9937a033c89264066cc220d9e4f0283a13d4b978f03e15aabe4af2eb027b34f84209d388c2ec1bcb209209a6c1db8b2fccba5773834bc1aa45f753a13b4be6c4462eb896f00c"], 0x0, 0x36, 0x0, 0x1}, 0x28)
setsockopt$sock_attach_bpf(r7, 0x10d, 0xf, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000003540)=""/4117, 0x1015}, {&(0x7f00000000c0)=""/185, 0xb9}], 0x2}, 0x2)
openat$cgroup_int(r3, &(0x7f0000000400)='hugetlb.1GB.rsvd.failcnt\x00', 0x2, 0x0)

787.547315ms ago: executing program 1 (id=5898):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x104101, 0x4, 0x0, 0x1, 0x9, 0x10000000, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x20000840)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

754.275525ms ago: executing program 0 (id=5899):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x16}, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000940)="657573a2aaa76a045d877c1f6455a4bb7edaedaf2406cf034c55272afe4a39f80fec79674992739b3f1d46ab6fc6b89bc95d81d84d8c293613c9f90375e9112c7b5f65f27e0e214389e9034316b5f9b75aaba5bc0d8f2290bd36c6624c127b3433e77de62a43eb8eeecd139da8a083185e6bef3c0866b648a4f6432a60e58c664a7a3dcb4a1776e6fdb08687841d75cdf12f0d7578930caa6a450381441bd9023d757be41434aaa87208e070bae470b8ebe5b100c3d6ed01dbff6a6e13320627043926cb30d2233291a5d9a15bfb760df9fabaa9f450747ff1cf93258dfbd2132d00516d8edfcb6b6352eb385866585cb371846f31532e653ccf7bc842c81206c8e80530a748501b2da5fedb1bcd0e53d09826aeb25c7ed8f3e1b219649baf3fc9ccb0da4aa1bdefca77ca97aa0c50d0485413936b83a20158cc3795456df09a917751c6e9555988b80b26f36bc8294fa37aca1b0c570e93588c9c25f4d72f01ba4bb874685628f0b64d71eaa9d17b489826ada40cede73bad175b9e956942b581fb7c52added185ce2f24422c0bf33ff32bb0e9e50b697f3257eb76134076bcf59767d12dc2cfa9c6e4544b55adc09a330a873c3a5ac8e28dda7fe398be13b3949ddaa7e25fc9652b783a95db047a3477a64dee6c4eadccbb48e9a525539c51603f8fdf1a8af0b9968ea399b7d787ead48a43bb8f83ced7de9dbe9d29a04438103179d2cc91cc15a5f3b5c589594d5232f8e956776547946bd38ea993b2cd1b1290ba255ef4a1a97055ad51cff35b804ef472a9f60bfedf3af92fc51e9b9e5580d4b12ac5fae4d8a4b9761b1c72a7282fe1cbc90767ec3266aef7ccf306ba8fc5161c74c3765b6b1ad5ab007b9892aedca8fadc7b37597546de787034e2c98a34118ef63680882759f4c3cb654e050b1303d3c9ded614e54fc833992b3d376e9f581d2ef7064ff268359a022b0df7d0679a54746150528ce08d47a05dd0e1f481b0f0b27f25e8b7b0a17827841cd7711e84dae20d98a76e5c6ea29b7a676bc4afb5729705e235ab7d41cf6dc39a208e806db5077326345bff9910e8b591d9c45f506f57f0392c41dfbe0e788299582f1dc2323da8ba93a7141061c8f78f81518c59c41a289b98d83a4575e9a509c0c615cd39ae76d2749378047a3b4ca1078880a0620088c17661322632882c77f751c60443e27df36020a72081b8e32f796f103412721158831ad7658a1299015a8a28ebc4cfd1414f4f4dcdef109c2bd75b7a8d83447e382724ec1076237c85b311df47a4fa7ad981e0f3918a093855e9968364c9bd1f385fccf076bc9e61558ddbe969742a860599a87e045b8fd95b0eb11b1f0fbdcb8a4008da5277f071d819791a2f54fc9f676196cf0b3f0e91c6d1586d9bd687c1df1e759e80b0cea66ea75eef5f9e57a36f61670268b8e2ad39561525e73fe2c942d0fb3f53e46695762c0dcee78ca9b2b81cba1c5fa2a736954dedcdf869149c7220be1f4ea53ccd72c3f8f7d9483068d668542023ea9a3d415a2006a5ac5439668c0a211c9d3212d38cdc13c35bf184579955fff0c35b2870af088340d60f744a0806135ce50a123182ab68fa8a89d858eceeed660f1ec5671d6d1be21022c372eabfa4fb1ebe03f7ab2650ec3679507d17611d1cd694be1adb33e591716af45eb1269969aca77be07d18784e2dd1240b6ac67be842afa51ce452f106de37a1e271b37e2904d6276c09eb5915fc8af524ff86e652c2acd33b634d8ba9268b7c278ebb8a92d7a45d97d2e45b4064b55ed5c56d3ed11adc0c", 0x4fd}], 0x1}, 0x88c0)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x3, &(0x7f0000000000), 0x10)
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8916, &(0x7f0000000040)={'ipvlan1\x00', @random="0200ac7f7e00"})

618.83803ms ago: executing program 1 (id=5900):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8481a0000005e140602000000010e000a00100000000a800000", 0x2c}], 0x1}, 0x601000000000000)

598.23529ms ago: executing program 3 (id=5901):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{}], 0x1}, 0x0)

429.904676ms ago: executing program 1 (id=5902):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000840)="09310f871c7ffa1a8b2589ab4750fc5cc190d5d7487af8c9662723eb30317f250ae6b046c9db7d192e203236eee3482e2e6795e82d1555f37b45524e2756c9810bf14035c705409646efb010800575e5eaedf751a310dbef", 0x58}], 0x1, 0x0, 0x108}, 0x40)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=[{0x18, 0x110, 0xc, ')'}], 0x18}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000380)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='N-N:N/NN'], 0x6a)
r3 = socket$kcm(0x2, 0x5, 0x84)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x80000005}, {0x2}]}, 0x94)
sendmsg$inet(r3, &(0x7f00000029c0)={&(0x7f0000000100)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000002780)=[{&(0x7f00000006c0)='{', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r4, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000080)=[0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000001c0)=[0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x0, 0x83, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000005c0), &(0x7f0000000700), 0x8, 0xe9, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18009500000000000000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', r7}, 0x94)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x10}}], 0x10}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef438000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

354.183928ms ago: executing program 3 (id=5903):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000fbffffff000000000000000085000000bc00000085"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_config_ext={0xff, 0x7}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$kcm(0x10, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x8000, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYRES16=r1], 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[], 0x20)

314.43874ms ago: executing program 0 (id=5904):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0xdd86, 0x2c}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x28}], 0x1}, 0x0) (fail_nth: 1)

261.745721ms ago: executing program 2 (id=5905):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000100)=[0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x15, &(0x7f00000001c0)=[{}], 0x8, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x9d, 0x8, 0x8, &(0x7f0000000280)}}, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pI4   \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{0x1, <r4=>0xffffffffffffffff}, &(0x7f00000005c0), &(0x7f0000000600)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000680)={0x1, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r6}, 0x4)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x50)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000880)={0x0, 0x1, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r9 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000005, 0x5a4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x11540, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
r11 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r11, 0x40042408, r12)
r13 = perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xff, 0xff, 0xfc, 0x0, 0x1, 0x4041, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r13, 0x5452, &(0x7f0000000b80)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|C\b\x00\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdd\x85\xaac{\x8c\x8ffp`-\xcd\xf6jh\xbf\x9c\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\x8b\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca^\xf9\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x96\x86\xdb\xa9\xd3\x01\xb2\xc7\xf8G\x069\x90,\xda\xf6\xc5\xcd\xec\xa3B\xc3\"4\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\x7f\xec\xb2\xc5E\x00\xdd\xf2e\xa8\xf1<\xb2\xc82\xbf=o\x00`\xc1A\'\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x92\xbb\xe3Y\x97\xc2')
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x16, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r14)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r15 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
recvmsg$kcm(r15, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x40)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000007c0)=@bpf_ext={0x1c, 0xf, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x662, 0x0, 0x0, 0x0, 0x7793}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0x6}, @tail_call, @call={0x85, 0x0, 0x0, 0x6f}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r8}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x10, '\x00', r0, 0x0, r1, 0x8, &(0x7f0000000440)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x10, 0x1ff, 0x1}, 0x10, 0x101e6, 0xffffffffffffffff, 0x2, &(0x7f0000000740)=[r2, r3, 0x1, r4, r5, 0xffffffffffffffff, r6, r7], &(0x7f0000000780)=[{0x2, 0x3, 0xc, 0xa}, {0x0, 0x2, 0xe, 0xb}], 0x10, 0x9}, 0x94)

0s ago: executing program 1 (id=5906):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7f}, 0x100904, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904021d080009000200e8fe55a1180015000600142603600e120900210000000401a8001600a400014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e97", 0xd7}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x4, @perf_bp={&(0x7f0000000200)}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x7, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x3, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x4c, 0x0, 0x0)
r4 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000001340)=@hci={0x1f, 0xe00, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='b', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x13)
r5 = perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x374, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0xfffffffc, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007910a2000000f9ff06000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x1f, 0x5, &(0x7f0000000180)=ANY=[@ANYRES8=r3], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r9 = socket$kcm(0x10, 0x2, 0x2)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10, <r11=>0xffffffffffffffff}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xffffb774}, 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$kcm(r9, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001280)="16", 0x1}], 0x1}, 0x0)
close(0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="2e00000011008188040f80ec59acbc0413a181003f00000001010000000200000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

90/0x990
[ 1256.592201][T23237]  ? lockdep_hardirqs_on+0x98/0x150
[ 1256.597702][T23237]  do_syscall_64+0x55/0xa0
[ 1256.602132][T23237]  ? clear_bhb_loop+0x40/0x90
[ 1256.606909][T23237]  ? clear_bhb_loop+0x40/0x90
[ 1256.611614][T23237]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1256.617694][T23237] RIP: 0033:0x7f0e67d5d68e
[ 1256.622122][T23237] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1256.642440][T23237] RSP: 002b:00007f0e68c31fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1256.650966][T23237] RAX: ffffffffffffffda RBX: 00007f0e68c326c0 RCX: 00007f0e67d5d68e
[ 1256.659654][T23237] RDX: 000000000000000f RSI: 00007f0e68c320a0 RDI: 0000000000000008
[ 1256.670117][T23237] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1256.678214][T23237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1256.686340][T23237] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1256.694668][T23237]  </TASK>
[ 1256.873318][T23243] netlink: 'syz.3.5034': attribute type 10 has an invalid length.
[ 1256.886799][T23243] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5034'.
[ 1256.896442][T23244] netlink: 'syz.2.4989': attribute type 10 has an invalid length.
[ 1256.908108][T23244] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4989'.
[ 1257.032355][T23244] batman_adv: batadv0: Adding interface: virt_wifi0
[ 1257.063406][T23244] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1257.120558][T23244] batman_adv: batadv0: Interface activated: virt_wifi0
[ 1257.398890][T23254] netlink: 'syz.0.5038': attribute type 10 has an invalid length.
[ 1257.426272][T23254] veth0_macvtap: left promiscuous mode
[ 1257.628143][T21907] Bluetooth: hci3: command tx timeout
[ 1257.706659][T23266] netlink: 'syz.2.5042': attribute type 21 has an invalid length.
[ 1257.717880][T23266] netlink: 128 bytes leftover after parsing attributes in process `syz.2.5042'.
[ 1257.727436][T23266] netlink: 3 bytes leftover after parsing attributes in process `syz.2.5042'.
[ 1257.805877][T23270] netlink: 128 bytes leftover after parsing attributes in process `syz.0.5043'.
[ 1257.826243][T23270] FAULT_INJECTION: forcing a failure.
[ 1257.826243][T23270] name failslab, interval 1, probability 0, space 0, times 0
[ 1257.903027][T23270] CPU: 0 PID: 23270 Comm: syz.0.5043 Not tainted syzkaller #0
[ 1257.910753][T23270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1257.920938][T23270] Call Trace:
[ 1257.924423][T23270]  <TASK>
[ 1257.927590][T23270]  dump_stack_lvl+0x18c/0x250
[ 1257.932527][T23270]  ? show_regs_print_info+0x20/0x20
[ 1257.937998][T23270]  ? load_image+0x420/0x420
[ 1257.942605][T23270]  ? __might_sleep+0xe0/0xe0
[ 1257.947368][T23270]  ? __lock_acquire+0x7d40/0x7d40
[ 1257.953615][T23270]  should_fail_ex+0x39d/0x4d0
[ 1257.958668][T23270]  should_failslab+0x9/0x20
[ 1257.963233][T23270]  slab_pre_alloc_hook+0x59/0x310
[ 1257.968317][T23270]  ? kernfs_fop_write_iter+0x159/0x520
[ 1257.973839][T23270]  ? kernfs_fop_write_iter+0x159/0x520
[ 1257.979532][T23270]  __kmem_cache_alloc_node+0x53/0x250
[ 1257.984977][T23270]  ? kernfs_fop_write_iter+0x159/0x520
[ 1257.990840][T23270]  __kmalloc+0xa4/0x230
[ 1257.995039][T23270]  kernfs_fop_write_iter+0x159/0x520
[ 1258.000451][T23270]  vfs_write+0x46c/0x990
[ 1258.004909][T23270]  ? file_end_write+0x250/0x250
[ 1258.009976][T23270]  ? __fget_files+0x43d/0x4b0
[ 1258.014691][T23270]  ? __fdget_pos+0x2a3/0x330
[ 1258.019479][T23270]  ? ksys_write+0x75/0x260
[ 1258.023929][T23270]  ksys_write+0x150/0x260
[ 1258.028382][T23270]  ? __ia32_sys_read+0x90/0x90
[ 1258.033267][T23270]  ? lockdep_hardirqs_on+0x98/0x150
[ 1258.038496][T23270]  do_syscall_64+0x55/0xa0
[ 1258.043025][T23270]  ? clear_bhb_loop+0x40/0x90
[ 1258.047910][T23270]  ? clear_bhb_loop+0x40/0x90
[ 1258.052727][T23270]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1258.058941][T23270] RIP: 0033:0x7f9703d9ce59
[ 1258.064392][T23270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1258.085003][T23270] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1258.093712][T23270] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1258.101900][T23270] RDX: 000000000000002f RSI: 00002000000001c0 RDI: 0000000000000006
[ 1258.110671][T23270] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1258.118757][T23270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1258.126864][T23270] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1258.134905][T23270]  </TASK>
[ 1258.188849][T23271] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1258.546404][T23284] FAULT_INJECTION: forcing a failure.
[ 1258.546404][T23284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1258.562538][T23284] CPU: 1 PID: 23284 Comm: syz.3.5047 Not tainted syzkaller #0
[ 1258.570174][T23284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1258.580462][T23284] Call Trace:
[ 1258.584063][T23284]  <TASK>
[ 1258.587112][T23284]  dump_stack_lvl+0x18c/0x250
[ 1258.591818][T23284]  ? show_regs_print_info+0x20/0x20
[ 1258.597028][T23284]  ? load_image+0x420/0x420
[ 1258.602015][T23284]  ? __might_fault+0xaa/0x120
[ 1258.606946][T23284]  ? __lock_acquire+0x7d40/0x7d40
[ 1258.612111][T23284]  should_fail_ex+0x39d/0x4d0
[ 1258.616898][T23284]  _copy_from_user+0x2f/0xe0
[ 1258.621982][T23284]  ___sys_sendmsg+0x1c7/0x360
[ 1258.626799][T23284]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1258.631749][T23284]  ? trace_call_bpf+0xc3/0x6c0
[ 1258.636559][T23284]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1258.641555][T23284]  ? __x64_sys_sendmsg+0x80/0x80
[ 1258.646763][T23284]  ? lockdep_hardirqs_on+0x98/0x150
[ 1258.652061][T23284]  do_syscall_64+0x55/0xa0
[ 1258.656513][T23284]  ? clear_bhb_loop+0x40/0x90
[ 1258.661411][T23284]  ? clear_bhb_loop+0x40/0x90
[ 1258.666314][T23284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1258.672296][T23284] RIP: 0033:0x7f0e67d9ce59
[ 1258.676739][T23284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1258.696477][T23284] RSP: 002b:00007f0e68c11028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1258.705114][T23284] RAX: ffffffffffffffda RBX: 00007f0e68016090 RCX: 00007f0e67d9ce59
[ 1258.706608][T23287] validate_nla: 3 callbacks suppressed
[ 1258.706642][T23287] netlink: 'syz.2.5048': attribute type 10 has an invalid length.
[ 1258.713212][T23284] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[ 1258.713233][T23284] RBP: 00007f0e68c11090 R08: 0000000000000000 R09: 0000000000000000
[ 1258.713246][T23284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1258.713259][T23284] R13: 00007f0e68016128 R14: 00007f0e68016090 R15: 00007fff4c61a8c8
[ 1258.713292][T23284]  </TASK>
[ 1259.425875][T23300] netlink: 'syz.0.5054': attribute type 21 has an invalid length.
[ 1259.853061][T23314] netlink: 'syz.1.5055': attribute type 10 has an invalid length.
[ 1259.861671][T23314] __nla_validate_parse: 10 callbacks suppressed
[ 1259.861690][T23314] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5055'.
[ 1259.885521][T23304] netlink: 'syz.3.5053': attribute type 21 has an invalid length.
[ 1259.934115][T23304] netlink: 128 bytes leftover after parsing attributes in process `syz.3.5053'.
[ 1260.470919][T23304] netlink: 3 bytes leftover after parsing attributes in process `syz.3.5053'.
[ 1260.667495][T23327] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.5059'.
[ 1264.004001][T23349] netlink: 'syz.0.5066': attribute type 10 has an invalid length.
[ 1264.024070][T23349] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5066'.
[ 1264.065192][T23353] netlink: 'syz.1.5067': attribute type 4 has an invalid length.
[ 1264.075888][T23353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5067'.
[ 1264.333973][T23361] netlink: 'syz.3.5071': attribute type 10 has an invalid length.
[ 1264.359886][T23361] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5071'.
[ 1265.397493][T23355] netlink: 105120 bytes leftover after parsing attributes in process `syz.1.5067'.
[ 1265.515096][T23355] netlink: 'syz.1.5067': attribute type 2 has an invalid length.
[ 1268.029227][T23383] syzkaller0: entered promiscuous mode
[ 1268.187990][T23383] syzkaller0: entered allmulticast mode
[ 1268.429805][T14643] hsr_slave_0: left promiscuous mode
[ 1268.469989][T14643] hsr_slave_1: left promiscuous mode
[ 1268.613832][T14643] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1268.621810][T14643] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1268.703062][T14643] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1268.728015][T14643] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1268.782258][T14643] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1268.807989][T14643] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1268.934596][T14643] veth1_macvtap: left promiscuous mode
[ 1268.958154][T14643] veth1_vlan: left promiscuous mode
[ 1268.978605][T14643] veth0_vlan: left promiscuous mode
[ 1269.464362][T14643] bond0 (unregistering): (slave geneve0): Releasing backup interface
[ 1269.718504][T14643] team0 (unregistering): Port device macvlan0 removed
[ 1270.401545][T14643] team0 (unregistering): Port device team_slave_1 removed
[ 1270.474535][T14643] team0 (unregistering): Port device team_slave_0 removed
[ 1270.542661][T14643] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1270.613155][T14643] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1271.086170][T14643] bond0 (unregistering): Released all slaves
[ 1271.144914][T23402] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1274.973447][T23431] netlink: 'syz.3.5088': attribute type 10 has an invalid length.
[ 1275.109971][T23434] FAULT_INJECTION: forcing a failure.
[ 1275.109971][T23434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1275.133469][T23434] CPU: 0 PID: 23434 Comm: syz.2.5089 Not tainted syzkaller #0
[ 1275.141011][T23434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1275.151464][T23434] Call Trace:
[ 1275.154788][T23434]  <TASK>
[ 1275.157750][T23434]  dump_stack_lvl+0x18c/0x250
[ 1275.162486][T23434]  ? show_regs_print_info+0x20/0x20
[ 1275.167829][T23434]  ? load_image+0x420/0x420
[ 1275.172384][T23434]  ? __lock_acquire+0x7d40/0x7d40
[ 1275.177462][T23434]  ? snprintf+0xe9/0x140
[ 1275.181757][T23434]  should_fail_ex+0x39d/0x4d0
[ 1275.186704][T23434]  _copy_to_user+0x2f/0xa0
[ 1275.191205][T23434]  simple_read_from_buffer+0xe7/0x150
[ 1275.196636][T23434]  proc_fail_nth_read+0x1e8/0x260
[ 1275.201715][T23434]  ? proc_fault_inject_write+0x360/0x360
[ 1275.207397][T23434]  ? fsnotify_perm+0x271/0x5e0
[ 1275.212229][T23434]  ? proc_fault_inject_write+0x360/0x360
[ 1275.218020][T23434]  vfs_read+0x28b/0x970
[ 1275.222247][T23434]  ? kernel_read+0x1e0/0x1e0
[ 1275.226966][T23434]  ? __fget_files+0x28/0x4b0
[ 1275.231595][T23434]  ? __fget_files+0x28/0x4b0
[ 1275.236263][T23434]  ? __fget_files+0x43d/0x4b0
[ 1275.241114][T23434]  ? __fdget_pos+0x2a3/0x330
[ 1275.245774][T23434]  ? ksys_read+0x75/0x260
[ 1275.250328][T23434]  ksys_read+0x150/0x260
[ 1275.254717][T23434]  ? vfs_write+0x990/0x990
[ 1275.259551][T23434]  ? lockdep_hardirqs_on+0x98/0x150
[ 1275.264808][T23434]  do_syscall_64+0x55/0xa0
[ 1275.269264][T23434]  ? clear_bhb_loop+0x40/0x90
[ 1275.273982][T23434]  ? clear_bhb_loop+0x40/0x90
[ 1275.278788][T23434]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1275.285165][T23434] RIP: 0033:0x7f5773b5d68e
[ 1275.289617][T23434] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1275.309506][T23434] RSP: 002b:00007f5774af0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1275.317952][T23434] RAX: ffffffffffffffda RBX: 00007f5774af16c0 RCX: 00007f5773b5d68e
[ 1275.326061][T23434] RDX: 000000000000000f RSI: 00007f5774af10a0 RDI: 0000000000000004
[ 1275.334217][T23434] RBP: 00007f5774af1090 R08: 0000000000000000 R09: 0000000000000000
[ 1275.342339][T23434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1275.350530][T23434] R13: 00007f5773e16038 R14: 00007f5773e15fa0 R15: 00007ffe736af918
[ 1275.358746][T23434]  </TASK>
[ 1275.522662][T23437] netlink: 'syz.3.5091': attribute type 10 has an invalid length.
[ 1275.548918][T23437] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5091'.
[ 1275.842997][T23443] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1276.074394][T23445] FAULT_INJECTION: forcing a failure.
[ 1276.074394][T23445] name failslab, interval 1, probability 0, space 0, times 0
[ 1276.118920][T23445] CPU: 0 PID: 23445 Comm: syz.3.5095 Not tainted syzkaller #0
[ 1276.126582][T23445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1276.136846][T23445] Call Trace:
[ 1276.140381][T23445]  <TASK>
[ 1276.143374][T23445]  dump_stack_lvl+0x18c/0x250
[ 1276.148351][T23445]  ? show_regs_print_info+0x20/0x20
[ 1276.153633][T23445]  ? load_image+0x420/0x420
[ 1276.158289][T23445]  ? __might_sleep+0xe0/0xe0
[ 1276.163109][T23445]  ? __lock_acquire+0x7d40/0x7d40
[ 1276.168237][T23445]  should_fail_ex+0x39d/0x4d0
[ 1276.173235][T23445]  should_failslab+0x9/0x20
[ 1276.178104][T23445]  slab_pre_alloc_hook+0x59/0x310
[ 1276.183241][T23445]  ? __lock_acquire+0x7d40/0x7d40
[ 1276.188414][T23445]  kmem_cache_alloc_node+0x60/0x320
[ 1276.193821][T23445]  ? __alloc_skb+0x103/0x2c0
[ 1276.198516][T23445]  __alloc_skb+0x103/0x2c0
[ 1276.203135][T23445]  netlink_sendmsg+0x66a/0xbf0
[ 1276.208352][T23445]  ? perf_trace_lock+0x304/0x3b0
[ 1276.213550][T23445]  ? netlink_getsockopt+0x590/0x590
[ 1276.218933][T23445]  ? aa_sock_msg_perm+0x94/0x150
[ 1276.223972][T23445]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1276.229409][T23445]  ? security_socket_sendmsg+0x80/0xa0
[ 1276.234951][T23445]  ? netlink_getsockopt+0x590/0x590
[ 1276.240334][T23445]  ____sys_sendmsg+0x5ba/0x960
[ 1276.245237][T23445]  ? __asan_memset+0x22/0x40
[ 1276.250097][T23445]  ? __sys_sendmsg_sock+0x30/0x30
[ 1276.255344][T23445]  ? __import_iovec+0x5f2/0x850
[ 1276.260408][T23445]  ? import_iovec+0x73/0xa0
[ 1276.265014][T23445]  ___sys_sendmsg+0x2a6/0x360
[ 1276.269798][T23445]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1276.274737][T23445]  ? __lock_acquire+0x7d40/0x7d40
[ 1276.279951][T23445]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1276.284983][T23445]  ? __x64_sys_sendmsg+0x80/0x80
[ 1276.290072][T23445]  ? lockdep_hardirqs_on+0x98/0x150
[ 1276.295373][T23445]  do_syscall_64+0x55/0xa0
[ 1276.300215][T23445]  ? clear_bhb_loop+0x40/0x90
[ 1276.304961][T23445]  ? clear_bhb_loop+0x40/0x90
[ 1276.309789][T23445]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1276.315861][T23445] RIP: 0033:0x7f0e67d9ce59
[ 1276.320435][T23445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1276.340677][T23445] RSP: 002b:00007f0e68c32028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1276.349534][T23445] RAX: ffffffffffffffda RBX: 00007f0e68015fa0 RCX: 00007f0e67d9ce59
[ 1276.357664][T23445] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 1276.365811][T23445] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1276.374034][T23445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1276.382089][T23445] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1276.390228][T23445]  </TASK>
[ 1276.967338][T23466] netlink: 'syz.2.5101': attribute type 4 has an invalid length.
[ 1276.996485][T23466] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5101'.
[ 1278.243396][T23468] syzkaller0: entered promiscuous mode
[ 1278.257886][T23468] syzkaller0: entered allmulticast mode
[ 1278.410875][T23472] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.5101'.
[ 1278.449600][T23472] netlink: 'syz.2.5101': attribute type 2 has an invalid length.
[ 1279.450909][T23490] FAULT_INJECTION: forcing a failure.
[ 1279.450909][T23490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1279.511513][T23490] CPU: 1 PID: 23490 Comm: syz.0.5105 Not tainted syzkaller #0
[ 1279.519062][T23490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1279.529381][T23490] Call Trace:
[ 1279.532708][T23490]  <TASK>
[ 1279.535679][T23490]  dump_stack_lvl+0x18c/0x250
[ 1279.540433][T23490]  ? show_regs_print_info+0x20/0x20
[ 1279.545704][T23490]  ? load_image+0x420/0x420
[ 1279.550275][T23490]  ? __might_fault+0xaa/0x120
[ 1279.554998][T23490]  ? __lock_acquire+0x7d40/0x7d40
[ 1279.560120][T23490]  should_fail_ex+0x39d/0x4d0
[ 1279.565480][T23490]  _copy_from_user+0x2f/0xe0
[ 1279.570214][T23490]  kstrtouint_from_user+0xde/0x170
[ 1279.575491][T23490]  ? kstrtol_from_user+0x190/0x190
[ 1279.580681][T23490]  proc_fail_nth_write+0x8f/0x250
[ 1279.585760][T23490]  ? proc_fail_nth_read+0x260/0x260
[ 1279.591016][T23490]  ? proc_fail_nth_read+0x260/0x260
[ 1279.596359][T23490]  vfs_write+0x296/0x990
[ 1279.600760][T23490]  ? file_end_write+0x250/0x250
[ 1279.605754][T23490]  ? __fget_files+0x28/0x4b0
[ 1279.610479][T23490]  ? __fget_files+0x28/0x4b0
[ 1279.615211][T23490]  ? __fget_files+0x43d/0x4b0
[ 1279.619957][T23490]  ? __fdget_pos+0x2a3/0x330
[ 1279.624607][T23490]  ? ksys_write+0x75/0x260
[ 1279.629170][T23490]  ksys_write+0x150/0x260
[ 1279.633730][T23490]  ? __ia32_sys_read+0x90/0x90
[ 1279.638545][T23490]  ? lockdep_hardirqs_on+0x98/0x150
[ 1279.643968][T23490]  do_syscall_64+0x55/0xa0
[ 1279.648511][T23490]  ? clear_bhb_loop+0x40/0x90
[ 1279.653237][T23490]  ? clear_bhb_loop+0x40/0x90
[ 1279.658049][T23490]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1279.664076][T23490] RIP: 0033:0x7f9703d5d68e
[ 1279.668544][T23490] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1279.688570][T23490] RSP: 002b:00007f9704c15fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1279.697324][T23490] RAX: ffffffffffffffda RBX: 00007f9704c166c0 RCX: 00007f9703d5d68e
[ 1279.705350][T23490] RDX: 0000000000000001 RSI: 00007f9704c160a0 RDI: 0000000000000004
[ 1279.713466][T23490] RBP: 00007f9704c16090 R08: 0000000000000000 R09: 0000000000000000
[ 1279.721569][T23490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1279.729662][T23490] R13: 00007f9704016128 R14: 00007f9704016090 R15: 00007ffec6016e88
[ 1279.737783][T23490]  </TASK>
[ 1282.900782][T23492] netlink: 'syz.0.5114': attribute type 10 has an invalid length.
[ 1282.948001][T23492] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5114'.
[ 1283.135480][T23496] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1283.422545][T23502] netlink: 'syz.2.5108': attribute type 10 has an invalid length.
[ 1283.438636][T23502] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5108'.
[ 1283.450007][T23502] ipvlan1: entered promiscuous mode
[ 1283.459179][T23502] ipvlan1: entered allmulticast mode
[ 1283.465012][T23502] veth0_vlan: entered allmulticast mode
[ 1283.486148][T23502] bridge0: port 3(ipvlan1) entered blocking state
[ 1283.494817][T23502] bridge0: port 3(ipvlan1) entered disabled state
[ 1283.531810][T23502] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1283.799926][T23506] netlink: 'syz.0.5110': attribute type 10 has an invalid length.
[ 1283.829471][T23506] team0: Device ipvlan1 is up. Set it down before adding it as a team port
[ 1283.910358][T23513] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.5113'.
[ 1283.926864][T23513] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.5113'.
[ 1283.943888][T23513] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.5113'.
[ 1284.098993][T23517] netlink: 'syz.3.5116': attribute type 10 has an invalid length.
[ 1284.107070][T23517] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5116'.
[ 1284.146031][T23517] netlink: 'syz.3.5116': attribute type 10 has an invalid length.
[ 1284.194793][T23517] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5116'.
[ 1284.238898][T23522] netlink: 'syz.1.5118': attribute type 10 has an invalid length.
[ 1284.246999][T23522] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5118'.
[ 1284.261550][T23517] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.5116'.
[ 1284.338569][T23517] netlink: 6324 bytes leftover after parsing attributes in process `syz.3.5116'.
[ 1284.966220][T23541] netlink: 'syz.3.5122': attribute type 21 has an invalid length.
[ 1284.974814][T23541] netlink: 'syz.3.5122': attribute type 6 has an invalid length.
[ 1285.691358][T23521] syzkaller0: entered promiscuous mode
[ 1285.698135][T23521] syzkaller0: entered allmulticast mode
[ 1285.811843][T23550] netlink: 'syz.2.5126': attribute type 10 has an invalid length.
[ 1285.833789][T23550] team0: Device ipvlan1 is up. Set it down before adding it as a team port
[ 1289.344004][T23560] netlink: 'syz.2.5128': attribute type 10 has an invalid length.
[ 1289.352321][T23560] __nla_validate_parse: 3 callbacks suppressed
[ 1289.352338][T23560] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5128'.
[ 1289.676161][T23571] netlink: 144 bytes leftover after parsing attributes in process `syz.3.5131'.
[ 1291.720055][T23599] syzkaller0: entered promiscuous mode
[ 1291.725707][T23599] syzkaller0: entered allmulticast mode
[ 1292.052024][T23600] netlink: 'syz.3.5139': attribute type 10 has an invalid length.
[ 1292.086382][T23600] team0: Device ipvlan1 failed to register rx_handler
[ 1292.331759][T23605] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.5140'.
[ 1292.500633][T23605] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.5140'.
[ 1293.085426][T23617] netlink: 'syz.3.5147': attribute type 10 has an invalid length.
[ 1293.198790][T23616] netlink: 'syz.1.5146': attribute type 10 has an invalid length.
[ 1293.207353][T23616] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5146'.
[ 1293.247552][T23616] bridge0: port 3(ipvlan1) entered blocking state
[ 1293.272111][T23616] bridge0: port 3(ipvlan1) entered disabled state
[ 1293.341096][T23616] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1297.548018][T21907] Bluetooth: hci2: command 0x0406 tx timeout
[ 1298.327655][T23640] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.5160'.
[ 1298.516975][T23649] netlink: 'syz.2.5155': attribute type 29 has an invalid length.
[ 1300.553279][T23641] netlink: 'syz.1.5152': attribute type 10 has an invalid length.
[ 1300.562546][T23641] team0: Device ipvlan1 is up. Set it down before adding it as a team port
[ 1300.574556][T23640] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.5160'.
[ 1300.584935][T23649] netlink: 'syz.2.5155': attribute type 29 has an invalid length.
[ 1300.603471][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.617983][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.974087][T23664] netlink: 'syz.3.5158': attribute type 10 has an invalid length.
[ 1301.110655][T23662] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.5157'.
[ 1301.279846][T23670] netlink: 'syz.2.5169': attribute type 10 has an invalid length.
[ 1301.359434][T23662] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.5157'.
[ 1301.464203][T23670] veth0_macvtap: left promiscuous mode
[ 1302.364925][T23675] netlink: 144 bytes leftover after parsing attributes in process `syz.0.5161'.
[ 1302.904829][T23688] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.5167'.
[ 1302.931944][T23688] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.5167'.
[ 1302.974151][T23688] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.5167'.
[ 1303.037588][T23686] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.5167'.
[ 1305.750176][T23700] netlink: 'syz.2.5172': attribute type 9 has an invalid length.
[ 1305.754340][T23706] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.5175'.
[ 1305.767636][T23700] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.5172'.
[ 1306.060209][T23711] netlink: 144 bytes leftover after parsing attributes in process `syz.1.5176'.
[ 1306.063255][T23715] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.5178'.
[ 1307.091598][T23733] netlink: 'syz.3.5185': attribute type 10 has an invalid length.
[ 1307.122453][T23729] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.5182'.
[ 1307.148144][T23729] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.5182'.
[ 1307.177707][T23727] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.5182'.
[ 1307.220823][T23729] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.5182'.
[ 1309.801061][T23738] netlink: 'syz.0.5186': attribute type 10 has an invalid length.
[ 1309.818281][T23738] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5186'.
[ 1309.842297][T23738] bridge0: port 3(ipvlan1) entered blocking state
[ 1309.860541][T23738] bridge0: port 3(ipvlan1) entered disabled state
[ 1309.913781][T23738] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1309.928359][T23744] netlink: 37143 bytes leftover after parsing attributes in process `syz.1.5187'.
[ 1310.763461][T23759] FAULT_INJECTION: forcing a failure.
[ 1310.763461][T23759] name failslab, interval 1, probability 0, space 0, times 0
[ 1310.779574][T23759] CPU: 0 PID: 23759 Comm: syz.1.5193 Not tainted syzkaller #0
[ 1310.787304][T23759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1310.797499][T23759] Call Trace:
[ 1310.800907][T23759]  <TASK>
[ 1310.804059][T23759]  dump_stack_lvl+0x18c/0x250
[ 1310.808969][T23759]  ? show_regs_print_info+0x20/0x20
[ 1310.814337][T23759]  ? load_image+0x420/0x420
[ 1310.819069][T23759]  ? __might_sleep+0xe0/0xe0
[ 1310.823705][T23759]  ? __lock_acquire+0x7d40/0x7d40
[ 1310.828874][T23759]  ? mark_lock+0x94/0x320
[ 1310.833346][T23759]  should_fail_ex+0x39d/0x4d0
[ 1310.838169][T23759]  should_failslab+0x9/0x20
[ 1310.842810][T23759]  slab_pre_alloc_hook+0x59/0x310
[ 1310.847927][T23759]  ? __get_vm_area_node+0x125/0x370
[ 1310.853176][T23759]  __kmem_cache_alloc_node+0x53/0x250
[ 1310.858692][T23759]  ? __get_vm_area_node+0x125/0x370
[ 1310.864032][T23759]  kmalloc_node_trace+0x26/0xe0
[ 1310.869030][T23759]  __get_vm_area_node+0x125/0x370
[ 1310.874188][T23759]  __vmalloc_node_range+0x36e/0x1330
[ 1310.879697][T23759]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1310.885377][T23759]  ? mark_lock+0x94/0x320
[ 1310.889940][T23759]  ? __lock_acquire+0x1347/0x7d40
[ 1310.895167][T23759]  ? verify_lock_unused+0x140/0x140
[ 1310.900402][T23759]  ? free_vm_area+0x50/0x50
[ 1310.904943][T23759]  ? end_current_label_crit_section+0x170/0x170
[ 1310.911213][T23759]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1310.916770][T23759]  __vmalloc+0x7a/0x90
[ 1310.920959][T23759]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1310.926547][T23759]  bpf_prog_alloc_no_stats+0x47/0x440
[ 1310.931933][T23759]  ? bpf_prog_alloc+0x2b/0x1a0
[ 1310.936711][T23759]  bpf_prog_alloc+0x3d/0x1a0
[ 1310.941412][T23759]  bpf_prog_load+0x6eb/0x1670
[ 1310.946196][T23759]  ? map_freeze+0x420/0x420
[ 1310.950724][T23759]  ? __might_fault+0xaa/0x120
[ 1310.955589][T23759]  ? __lock_acquire+0x7d40/0x7d40
[ 1310.960983][T23759]  ? file_end_write+0x159/0x250
[ 1310.966113][T23759]  ? __might_fault+0xaa/0x120
[ 1310.970806][T23759]  ? __might_fault+0xc6/0x120
[ 1310.975493][T23759]  ? __might_fault+0xaa/0x120
[ 1310.980193][T23759]  ? bpf_lsm_bpf+0x9/0x10
[ 1310.984537][T23759]  ? security_bpf+0x7e/0xa0
[ 1310.989057][T23759]  __sys_bpf+0x5ba/0x890
[ 1310.993322][T23759]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1310.998829][T23759]  ? lock_chain_count+0x20/0x20
[ 1311.003703][T23759]  __x64_sys_bpf+0x7c/0x90
[ 1311.008321][T23759]  do_syscall_64+0x55/0xa0
[ 1311.012927][T23759]  ? clear_bhb_loop+0x40/0x90
[ 1311.017618][T23759]  ? clear_bhb_loop+0x40/0x90
[ 1311.022308][T23759]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1311.028307][T23759] RIP: 0033:0x7f775799ce59
[ 1311.033616][T23759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1311.053412][T23759] RSP: 002b:00007f77588b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1311.061862][T23759] RAX: ffffffffffffffda RBX: 00007f7757c15fa0 RCX: 00007f775799ce59
[ 1311.070317][T23759] RDX: 0000000000000094 RSI: 0000200000002c40 RDI: 0000000000000005
[ 1311.078512][T23759] RBP: 00007f77588b1090 R08: 0000000000000000 R09: 0000000000000000
[ 1311.086515][T23759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1311.094946][T23759] R13: 00007f7757c16038 R14: 00007f7757c15fa0 R15: 00007ffca3523158
[ 1311.103210][T23759]  </TASK>
[ 1311.154679][T23759] syz.1.5193: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[ 1311.181712][T23759] CPU: 1 PID: 23759 Comm: syz.1.5193 Not tainted syzkaller #0
[ 1311.189433][T23759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1311.199620][T23759] Call Trace:
[ 1311.202925][T23759]  <TASK>
[ 1311.205877][T23759]  dump_stack_lvl+0x18c/0x250
[ 1311.210607][T23759]  ? show_regs_print_info+0x20/0x20
[ 1311.215837][T23759]  ? load_image+0x420/0x420
[ 1311.220383][T23759]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1311.226908][T23759]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1311.233958][T23759]  warn_alloc+0x246/0x340
[ 1311.238401][T23759]  ? __get_vm_area_node+0x125/0x370
[ 1311.244064][T23759]  ? zone_watermark_ok_safe+0x230/0x230
[ 1311.249999][T23759]  ? rcu_is_watching+0x15/0xb0
[ 1311.254788][T23759]  ? __get_vm_area_node+0x356/0x370
[ 1311.260015][T23759]  __vmalloc_node_range+0x393/0x1330
[ 1311.265321][T23759]  ? mark_lock+0x94/0x320
[ 1311.269756][T23759]  ? __lock_acquire+0x1347/0x7d40
[ 1311.274814][T23759]  ? verify_lock_unused+0x140/0x140
[ 1311.280041][T23759]  ? free_vm_area+0x50/0x50
[ 1311.284562][T23759]  ? end_current_label_crit_section+0x170/0x170
[ 1311.290836][T23759]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1311.296394][T23759]  __vmalloc+0x7a/0x90
[ 1311.300565][T23759]  ? bpf_prog_alloc_no_stats+0x47/0x440
[ 1311.306213][T23759]  bpf_prog_alloc_no_stats+0x47/0x440
[ 1311.311598][T23759]  ? bpf_prog_alloc+0x2b/0x1a0
[ 1311.316377][T23759]  bpf_prog_alloc+0x3d/0x1a0
[ 1311.321071][T23759]  bpf_prog_load+0x6eb/0x1670
[ 1311.325772][T23759]  ? map_freeze+0x420/0x420
[ 1311.330470][T23759]  ? __might_fault+0xaa/0x120
[ 1311.335251][T23759]  ? __lock_acquire+0x7d40/0x7d40
[ 1311.340304][T23759]  ? file_end_write+0x159/0x250
[ 1311.345260][T23759]  ? __might_fault+0xaa/0x120
[ 1311.350315][T23759]  ? __might_fault+0xc6/0x120
[ 1311.355177][T23759]  ? __might_fault+0xaa/0x120
[ 1311.360002][T23759]  ? bpf_lsm_bpf+0x9/0x10
[ 1311.364437][T23759]  ? security_bpf+0x7e/0xa0
[ 1311.369048][T23759]  __sys_bpf+0x5ba/0x890
[ 1311.373305][T23759]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1311.378705][T23759]  ? lock_chain_count+0x20/0x20
[ 1311.383578][T23759]  __x64_sys_bpf+0x7c/0x90
[ 1311.388010][T23759]  do_syscall_64+0x55/0xa0
[ 1311.392448][T23759]  ? clear_bhb_loop+0x40/0x90
[ 1311.397137][T23759]  ? clear_bhb_loop+0x40/0x90
[ 1311.401843][T23759]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1311.407935][T23759] RIP: 0033:0x7f775799ce59
[ 1311.412649][T23759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1311.432359][T23759] RSP: 002b:00007f77588b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1311.440973][T23759] RAX: ffffffffffffffda RBX: 00007f7757c15fa0 RCX: 00007f775799ce59
[ 1311.449049][T23759] RDX: 0000000000000094 RSI: 0000200000002c40 RDI: 0000000000000005
[ 1311.457118][T23759] RBP: 00007f77588b1090 R08: 0000000000000000 R09: 0000000000000000
[ 1311.465193][T23759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1311.473178][T23759] R13: 00007f7757c16038 R14: 00007f7757c15fa0 R15: 00007ffca3523158
[ 1311.481180][T23759]  </TASK>
[ 1311.576821][T23759] Mem-Info:
[ 1311.595327][T23759] active_anon:5521 inactive_anon:0 isolated_anon:0
[ 1311.595327][T23759]  active_file:19489 inactive_file:40432 isolated_file:0
[ 1311.595327][T23759]  unevictable:768 dirty:142 writeback:0
[ 1311.595327][T23759]  slab_reclaimable:10855 slab_unreclaimable:102640
[ 1311.595327][T23759]  mapped:25038 shmem:1461 pagetables:561
[ 1311.595327][T23759]  sec_pagetables:0 bounce:0
[ 1311.595327][T23759]  kernel_misc_reclaimable:0
[ 1311.595327][T23759]  free:1326586 free_pcp:10932 free_cma:0
[ 1311.675592][T23769] netlink: 'syz.0.5196': attribute type 10 has an invalid length.
[ 1311.678029][T23759] Node 0 active_anon:23684kB inactive_anon:0kB active_file:77956kB inactive_file:161532kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100852kB dirty:564kB writeback:0kB shmem:5708kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10460kB pagetables:2244kB sec_pagetables:0kB all_unreclaimable? no
[ 1311.684207][T23769] __nla_validate_parse: 1 callbacks suppressed
[ 1311.684238][T23769] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5196'.
[ 1311.723956][T23759] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1311.724014][T23759] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1311.724072][T23759] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1311.724127][T23759] Node 0 DMA32 free:1382524kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:23648kB inactive_anon:0kB active_file:77956kB inactive_file:160696kB unevictable:1536kB writepending:564kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:36840kB local_pcp:17592kB free_cma:0kB
[ 1311.724185][T23759] lowmem_reserve[]: 0 0 0 0 0
[ 1311.724228][T23759] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1311.724280][T23759] lowmem_reserve[]: 0 0 0 0 0
[ 1311.724323][T23759] Node 1 Normal free:3906948kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:7264kB local_pcp:7264kB free_cma:0kB
[ 1311.724378][T23759] lowmem_reserve[]: 0 0 0 0 0
[ 1311.724422][T23759] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1311.724559][T23759] Node 0 DMA32: 595*4kB (UME) 1408*8kB (UME) 1127*16kB (UME) 1258*32kB (UME) 358*64kB (UME) 180*128kB (UM) 76*256kB (M) 44*512kB (UM) 34*1024kB (ME) 20*2048kB (ME) 280*4096kB (M) = 1382524kB
[ 1311.724747][T23759] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1311.724861][T23759] Node 1 Normal: 207*4kB (UME) 39*8kB (UME) 41*16kB (UME) 242*32kB (UME) 81*64kB (UME) 26*128kB (UME) 3*256kB (UM) 2*512kB (UE) 2*1024kB (UE) 1*2048kB (E) 948*4096kB (M) = 3906948kB
[ 1311.726263][T23759] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1311.726280][T23759] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1311.726297][T23759] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1311.726313][T23759] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1311.726330][T23759] 61732 total pagecache pages
[ 1311.726338][T23759] 0 pages in swap cache
[ 1311.726345][T23759] Free swap  = 124996kB
[ 1311.726354][T23759] Total swap = 124996kB
[ 1311.726363][T23759] 2097051 pages RAM
[ 1311.726372][T23759] 0 pages HighMem/MovableOnly
[ 1311.726380][T23759] 416927 pages reserved
[ 1311.726388][T23759] 0 pages cma reserved
[ 1312.415736][T23769] bridge0: port 3(ipvlan1) entered blocking state
[ 1312.436916][T23769] bridge0: port 3(ipvlan1) entered disabled state
[ 1312.711113][T23769] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1312.755747][T23778] netlink: 'syz.2.5198': attribute type 10 has an invalid length.
[ 1313.353346][T23784] netlink: 'syz.2.5201': attribute type 10 has an invalid length.
[ 1313.398419][T23784] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5201'.
[ 1313.443998][T23784] bridge0: port 3(ipvlan1) entered blocking state
[ 1313.478973][T23784] bridge0: port 3(ipvlan1) entered disabled state
[ 1313.535096][T23784] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1316.201679][T23802] netlink: 'syz.0.5209': attribute type 10 has an invalid length.
[ 1316.562207][T23808] netlink: 'syz.2.5211': attribute type 10 has an invalid length.
[ 1316.579475][T23808] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5211'.
[ 1316.608776][T23808] bridge0: port 3(ipvlan1) entered blocking state
[ 1316.616226][T23808] bridge0: port 3(ipvlan1) entered disabled state
[ 1316.701739][T23808] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1316.774678][T23814] netlink: 164 bytes leftover after parsing attributes in process `syz.1.5214'.
[ 1317.481823][T23828] netlink: 'syz.1.5217': attribute type 10 has an invalid length.
[ 1317.500652][T23828] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5217'.
[ 1317.523013][T23828] bridge0: port 3(ipvlan1) entered blocking state
[ 1317.543331][T23828] bridge0: port 3(ipvlan1) entered disabled state
[ 1317.576200][T23828] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1317.795964][T23835] netlink: 'syz.3.5221': attribute type 10 has an invalid length.
[ 1318.321809][T23847] netlink: 'syz.3.5226': attribute type 10 has an invalid length.
[ 1318.338430][T23847] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5226'.
[ 1318.349596][T23847] ipvlan1: entered promiscuous mode
[ 1318.355270][T23847] ipvlan1: entered allmulticast mode
[ 1318.368347][T23847] veth0_vlan: entered allmulticast mode
[ 1318.403923][T23847] bridge0: port 3(ipvlan1) entered blocking state
[ 1318.416614][T23847] bridge0: port 3(ipvlan1) entered disabled state
[ 1318.460567][T23847] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1318.533675][T23850] netlink: 'syz.1.5227': attribute type 10 has an invalid length.
[ 1318.549058][T23850] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5227'.
[ 1318.580678][T23850] bridge0: port 3(ipvlan1) entered blocking state
[ 1318.605059][T23850] bridge0: port 3(ipvlan1) entered disabled state
[ 1318.651744][T23850] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1319.154900][T23858] netlink: 164 bytes leftover after parsing attributes in process `syz.3.5229'.
[ 1319.914935][T23878] netlink: 'syz.0.5233': attribute type 10 has an invalid length.
[ 1320.520010][T23884] netlink: 'syz.3.5238': attribute type 10 has an invalid length.
[ 1320.546214][T23884] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5238'.
[ 1320.595634][T23884] bridge0: port 3(ipvlan1) entered blocking state
[ 1320.624787][T23884] bridge0: port 3(ipvlan1) entered disabled state
[ 1320.681895][T23884] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1324.196578][T23910] netlink: 'syz.0.5246': attribute type 9 has an invalid length.
[ 1324.330380][T23910] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.5246'.
[ 1324.512539][T23899] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1324.803725][T23916] netlink: 'syz.2.5249': attribute type 10 has an invalid length.
[ 1325.614068][T23943] netlink: 'syz.2.5255': attribute type 10 has an invalid length.
[ 1325.633660][T23943] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5255'.
[ 1325.690256][T23943] bridge0: port 3(ipvlan1) entered blocking state
[ 1325.699034][T23943] bridge0: port 3(ipvlan1) entered disabled state
[ 1325.793833][T23943] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1326.064592][T23956] netlink: 'syz.2.5261': attribute type 10 has an invalid length.
[ 1326.130843][T23947] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1327.274011][T23968] FAULT_INJECTION: forcing a failure.
[ 1327.274011][T23968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1327.312602][T23968] CPU: 0 PID: 23968 Comm: syz.0.5266 Not tainted syzkaller #0
[ 1327.320155][T23968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1327.330343][T23968] Call Trace:
[ 1327.333640][T23968]  <TASK>
[ 1327.336583][T23968]  dump_stack_lvl+0x18c/0x250
[ 1327.341306][T23968]  ? show_regs_print_info+0x20/0x20
[ 1327.346615][T23968]  ? load_image+0x420/0x420
[ 1327.351314][T23968]  ? __lock_acquire+0x7d40/0x7d40
[ 1327.356531][T23968]  ? lockdep_hardirqs_on+0x98/0x150
[ 1327.361744][T23968]  should_fail_ex+0x39d/0x4d0
[ 1327.366518][T23968]  _copy_from_user+0x2f/0xe0
[ 1327.371212][T23968]  __copy_msghdr+0x3bb/0x580
[ 1327.375836][T23968]  ___sys_sendmsg+0x214/0x360
[ 1327.380526][T23968]  ? get_pid_task+0x20/0x1e0
[ 1327.385311][T23968]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1327.390104][T23968]  ? __lock_acquire+0x7d40/0x7d40
[ 1327.395168][T23968]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1327.400031][T23968]  ? __x64_sys_sendmsg+0x80/0x80
[ 1327.405041][T23968]  ? lockdep_hardirqs_on+0x98/0x150
[ 1327.410260][T23968]  do_syscall_64+0x55/0xa0
[ 1327.414686][T23968]  ? clear_bhb_loop+0x40/0x90
[ 1327.419554][T23968]  ? clear_bhb_loop+0x40/0x90
[ 1327.424249][T23968]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1327.430161][T23968] RIP: 0033:0x7f9703d9ce59
[ 1327.434601][T23968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1327.454396][T23968] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1327.462998][T23968] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1327.471169][T23968] RDX: 0000000000001800 RSI: 0000200000000080 RDI: 0000000000000007
[ 1327.479149][T23968] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1327.487127][T23968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1327.495215][T23968] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1327.503473][T23968]  </TASK>
[ 1327.892449][T23983] netlink: 'syz.0.5270': attribute type 10 has an invalid length.
[ 1328.454825][T23991] netlink: 'syz.2.5272': attribute type 21 has an invalid length.
[ 1329.089066][T23999] netlink: 'syz.1.5274': attribute type 10 has an invalid length.
[ 1329.356598][T23999] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5274'.
[ 1329.415595][T23999] bridge0: port 3(ipvlan1) entered blocking state
[ 1329.462336][T23999] bridge0: port 3(ipvlan1) entered disabled state
[ 1329.523933][T23999] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1330.208399][T24019] netlink: 'syz.3.5281': attribute type 10 has an invalid length.
[ 1331.168563][T24031] netlink: 'syz.2.5285': attribute type 10 has an invalid length.
[ 1331.226701][T24031] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5285'.
[ 1331.434352][T24031] caif0: entered promiscuous mode
[ 1331.478635][T24031] caif0: entered allmulticast mode
[ 1331.566337][T24031] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1331.730965][T24028] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1331.865748][T24038] netlink: 'syz.0.5288': attribute type 10 has an invalid length.
[ 1331.908198][T24038] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5288'.
[ 1331.999734][T24038] bridge0: port 3(ipvlan1) entered blocking state
[ 1332.006962][T24038] bridge0: port 3(ipvlan1) entered disabled state
[ 1332.078452][T24038] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1332.668151][T24052] netlink: 'syz.0.5292': attribute type 10 has an invalid length.
[ 1333.611568][T24067] netlink: 'syz.3.5297': attribute type 21 has an invalid length.
[ 1333.642642][T24067] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5297'.
[ 1335.492308][T24085] netlink: 'syz.0.5308': attribute type 10 has an invalid length.
[ 1335.746387][T24085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1335.865463][T24085] bridge_slave_1: left allmulticast mode
[ 1335.910618][T24085] bridge_slave_1: left promiscuous mode
[ 1335.963434][T24085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1336.470982][T24085] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[ 1336.574805][T24088] netlink: 'syz.2.5300': attribute type 10 has an invalid length.
[ 1336.633438][T24088] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5300'.
[ 1336.691253][T24088] bridge0: port 3(ipvlan1) entered blocking state
[ 1336.724207][T24088] bridge0: port 3(ipvlan1) entered disabled state
[ 1336.749591][T24088] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1336.794835][T24100] FAULT_INJECTION: forcing a failure.
[ 1336.794835][T24100] name failslab, interval 1, probability 0, space 0, times 0
[ 1336.851249][T24100] CPU: 0 PID: 24100 Comm: syz.0.5305 Not tainted syzkaller #0
[ 1336.858884][T24100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1336.869067][T24100] Call Trace:
[ 1336.872388][T24100]  <TASK>
[ 1336.875359][T24100]  dump_stack_lvl+0x18c/0x250
[ 1336.880102][T24100]  ? show_regs_print_info+0x20/0x20
[ 1336.885359][T24100]  ? load_image+0x420/0x420
[ 1336.889912][T24100]  ? __might_sleep+0xe0/0xe0
[ 1336.894630][T24100]  ? __lock_acquire+0x7d40/0x7d40
[ 1336.895425][T24101] netlink: 'syz.0.5305': attribute type 46 has an invalid length.
[ 1336.899688][T24100]  should_fail_ex+0x39d/0x4d0
[ 1336.899731][T24100]  should_failslab+0x9/0x20
[ 1336.899757][T24100]  slab_pre_alloc_hook+0x59/0x310
[ 1336.899785][T24100]  ? __lock_acquire+0x7d40/0x7d40
[ 1336.899815][T24100]  kmem_cache_alloc_node+0x60/0x320
[ 1336.899844][T24100]  ? __alloc_skb+0x103/0x2c0
[ 1336.899872][T24100]  __alloc_skb+0x103/0x2c0
[ 1336.899899][T24100]  netlink_sendmsg+0x66a/0xbf0
[ 1336.899945][T24100]  ? netlink_getsockopt+0x590/0x590
[ 1336.899980][T24100]  ? aa_sock_msg_perm+0x94/0x150
[ 1336.900011][T24100]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1336.900036][T24100]  ? security_socket_sendmsg+0x80/0xa0
[ 1336.900059][T24100]  ? netlink_getsockopt+0x590/0x590
[ 1336.900091][T24100]  ____sys_sendmsg+0x5ba/0x960
[ 1336.900124][T24100]  ? __asan_memset+0x22/0x40
[ 1336.900151][T24100]  ? __sys_sendmsg_sock+0x30/0x30
[ 1336.900178][T24100]  ? __import_iovec+0x5f2/0x850
[ 1336.900212][T24100]  ? import_iovec+0x73/0xa0
[ 1336.900239][T24100]  ___sys_sendmsg+0x2a6/0x360
[ 1336.900270][T24100]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1336.900320][T24100]  ? __lock_acquire+0x7d40/0x7d40
[ 1336.900378][T24100]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1336.900404][T24100]  ? __x64_sys_sendmsg+0x80/0x80
[ 1336.900447][T24100]  ? lockdep_hardirqs_on+0x98/0x150
[ 1336.900477][T24100]  do_syscall_64+0x55/0xa0
[ 1336.900496][T24100]  ? clear_bhb_loop+0x40/0x90
[ 1336.900520][T24100]  ? clear_bhb_loop+0x40/0x90
[ 1336.900548][T24100]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1336.900573][T24100] RIP: 0033:0x7f9703d9ce59
[ 1336.900594][T24100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1336.900612][T24100] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1336.900637][T24100] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1336.900654][T24100] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1336.900668][T24100] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1336.900683][T24100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1336.900696][T24100] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1336.900735][T24100]  </TASK>
[ 1337.196055][T24101] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5305'.
[ 1337.205409][T24099] netlink: 'syz.3.5304': attribute type 10 has an invalid length.
[ 1337.240339][T24102] IPv6: Can't replace route, no match found
[ 1337.854718][T24114] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1337.864367][T24120] FAULT_INJECTION: forcing a failure.
[ 1337.864367][T24120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1337.935915][T24120] CPU: 1 PID: 24120 Comm: syz.1.5312 Not tainted syzkaller #0
[ 1337.943463][T24120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1337.953729][T24120] Call Trace:
[ 1337.957128][T24120]  <TASK>
[ 1337.960213][T24120]  dump_stack_lvl+0x18c/0x250
[ 1337.965122][T24120]  ? show_regs_print_info+0x20/0x20
[ 1337.970556][T24120]  ? load_image+0x420/0x420
[ 1337.975284][T24120]  ? __might_fault+0xaa/0x120
[ 1337.980208][T24120]  should_fail_ex+0x39d/0x4d0
[ 1337.985219][T24120]  copyin+0x1a/0x90
[ 1337.989161][T24120]  _copy_from_iter+0x54f/0x12e0
[ 1337.994075][T24120]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1337.999414][T24120]  ? __virt_addr_valid+0x18c/0x540
[ 1338.004564][T24120]  ? copyout_mc+0x70/0x70
[ 1338.008913][T24120]  ? __virt_addr_valid+0x18c/0x540
[ 1338.014046][T24120]  ? __virt_addr_valid+0x18c/0x540
[ 1338.019354][T24120]  ? __virt_addr_valid+0x469/0x540
[ 1338.024501][T24120]  ? __check_object_size+0x506/0xa20
[ 1338.029806][T24120]  netlink_sendmsg+0x76b/0xbf0
[ 1338.034707][T24120]  ? netlink_getsockopt+0x590/0x590
[ 1338.040361][T24120]  ? aa_sock_msg_perm+0x94/0x150
[ 1338.045317][T24120]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1338.050616][T24120]  ? security_socket_sendmsg+0x80/0xa0
[ 1338.056089][T24120]  ? netlink_getsockopt+0x590/0x590
[ 1338.061313][T24120]  ____sys_sendmsg+0x5ba/0x960
[ 1338.066096][T24120]  ? __asan_memset+0x22/0x40
[ 1338.070709][T24120]  ? __sys_sendmsg_sock+0x30/0x30
[ 1338.075828][T24120]  ? __import_iovec+0x3fa/0x850
[ 1338.080697][T24120]  ? import_iovec+0x73/0xa0
[ 1338.085390][T24120]  ___sys_sendmsg+0x2a6/0x360
[ 1338.090080][T24120]  ? get_pid_task+0x20/0x1e0
[ 1338.094691][T24120]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1338.099773][T24120]  ? __lock_acquire+0x7d40/0x7d40
[ 1338.105024][T24120]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1338.109988][T24120]  ? __x64_sys_sendmsg+0x80/0x80
[ 1338.115057][T24120]  ? lockdep_hardirqs_on+0x98/0x150
[ 1338.120288][T24120]  do_syscall_64+0x55/0xa0
[ 1338.124725][T24120]  ? clear_bhb_loop+0x40/0x90
[ 1338.129440][T24120]  ? clear_bhb_loop+0x40/0x90
[ 1338.134231][T24120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1338.140261][T24120] RIP: 0033:0x7f775799ce59
[ 1338.144778][T24120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1338.164484][T24120] RSP: 002b:00007f7758890028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1338.173001][T24120] RAX: ffffffffffffffda RBX: 00007f7757c16090 RCX: 00007f775799ce59
[ 1338.181163][T24120] RDX: 0000000020000010 RSI: 0000200000000000 RDI: 0000000000000007
[ 1338.189424][T24120] RBP: 00007f7758890090 R08: 0000000000000000 R09: 0000000000000000
[ 1338.197440][T24120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1338.205532][T24120] R13: 00007f7757c16128 R14: 00007f7757c16090 R15: 00007ffca3523158
[ 1338.213633][T24120]  </TASK>
[ 1343.045432][T24131] netlink: 'syz.2.5315': attribute type 10 has an invalid length.
[ 1343.078208][T24131] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5315'.
[ 1343.465927][T24148] netlink: 'syz.3.5319': attribute type 10 has an invalid length.
[ 1343.778329][T24155] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1345.462000][T24172] netlink: 'syz.3.5329': attribute type 10 has an invalid length.
[ 1345.480733][T24172] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5329'.
[ 1345.912809][T24182] netlink: 'syz.3.5333': attribute type 10 has an invalid length.
[ 1346.091758][T24185] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1347.418737][T24212] netlink: 'syz.0.5341': attribute type 10 has an invalid length.
[ 1347.447278][T24212] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5341'.
[ 1347.708533][T24222] netlink: 'syz.0.5345': attribute type 10 has an invalid length.
[ 1348.188455][T24234] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1348.740312][T24247] netlink: 'syz.3.5353': attribute type 10 has an invalid length.
[ 1348.842070][T24247] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5353'.
[ 1349.379205][T24251] netlink: 'syz.2.5355': attribute type 10 has an invalid length.
[ 1349.602155][T24255] netlink: 'syz.3.5356': attribute type 10 has an invalid length.
[ 1349.875228][T24255] team0: Device hsr_slave_0 failed to register rx_handler
[ 1350.323680][T24255] syz.3.5356 (24255) used greatest stack depth: 18184 bytes left
[ 1350.665275][T24270] netlink: 'syz.3.5364': attribute type 10 has an invalid length.
[ 1350.739707][T24270] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5364'.
[ 1350.943855][T24275] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1351.264400][T24282] netlink: 'syz.3.5367': attribute type 10 has an invalid length.
[ 1351.301028][T24282] team0: Device hsr_slave_0 failed to register rx_handler
[ 1352.171331][T24304] netlink: 'syz.3.5376': attribute type 10 has an invalid length.
[ 1352.415482][T24311] netlink: 'syz.1.5375': attribute type 10 has an invalid length.
[ 1352.500673][T24311] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5375'.
[ 1353.116404][T24308] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1354.404642][T24338] netlink: 'syz.3.5388': attribute type 10 has an invalid length.
[ 1354.418313][T24338] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5388'.
[ 1354.427653][T24340] netlink: 'syz.0.5387': attribute type 10 has an invalid length.
[ 1355.019523][T24351] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1355.065027][T24347] netlink: 'syz.0.5390': attribute type 10 has an invalid length.
[ 1355.149456][T24347] team0: Device hsr_slave_0 failed to register rx_handler
[ 1355.868097][T24368] netlink: 'syz.2.5397': attribute type 10 has an invalid length.
[ 1355.895232][T24368] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5397'.
[ 1355.928074][T24371] netlink: 'syz.0.5398': attribute type 10 has an invalid length.
[ 1356.057148][T24375] netlink: 'syz.3.5400': attribute type 9 has an invalid length.
[ 1356.095841][T24375] netlink: 'syz.3.5400': attribute type 29 has an invalid length.
[ 1356.108575][T24375] netlink: 'syz.3.5400': attribute type 29 has an invalid length.
[ 1356.159010][T24375] netlink: 'syz.3.5400': attribute type 29 has an invalid length.
[ 1356.183100][T24375] netlink: 'syz.3.5400': attribute type 29 has an invalid length.
[ 1356.722597][T24388] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1356.780094][T24384] team0: Device hsr_slave_0 failed to register rx_handler
[ 1357.351217][T24399] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5409'.
[ 1358.142458][T24411] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1358.666201][T24432] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5422'.
[ 1358.988430][T21907] Bluetooth: hci0: command 0x0406 tx timeout
[ 1359.089460][T24435] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5423'.
[ 1359.118780][T24435] bridge0: port 3(ipvlan1) entered blocking state
[ 1359.126344][T24435] bridge0: port 3(ipvlan1) entered disabled state
[ 1359.250395][T24435] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1359.610624][T24441] validate_nla: 5 callbacks suppressed
[ 1359.610665][T24441] netlink: 'syz.0.5424': attribute type 10 has an invalid length.
[ 1359.695034][T24441] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5424'.
[ 1359.746894][T24441] bridge0: port 2(ipvlan1) entered blocking state
[ 1359.772128][T24441] bridge0: port 2(ipvlan1) entered disabled state
[ 1359.888775][T24441] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1360.860688][T24456] netlink: 'syz.1.5431': attribute type 10 has an invalid length.
[ 1360.869821][T24456] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5431'.
[ 1361.053736][T24455] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1361.830755][T24469] netlink: 'syz.0.5435': attribute type 10 has an invalid length.
[ 1361.858226][T24469] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5435'.
[ 1361.889330][T24469] bridge0: port 2(ipvlan1) entered blocking state
[ 1361.938922][T24469] bridge0: port 2(ipvlan1) entered disabled state
[ 1361.987426][T24469] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1362.195002][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.209363][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.265934][T24472] netlink: 15231 bytes leftover after parsing attributes in process `syz.3.5434'.
[ 1362.472831][T24478] netlink: 'syz.1.5436': attribute type 10 has an invalid length.
[ 1362.530698][T24478] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5436'.
[ 1362.736990][T24478] bridge0: port 3(ipvlan1) entered blocking state
[ 1362.803187][T24478] bridge0: port 3(ipvlan1) entered disabled state
[ 1363.146447][T24478] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1363.458417][T24489] netlink: 'syz.3.5441': attribute type 10 has an invalid length.
[ 1363.513388][T24489] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5441'.
[ 1363.707514][T24492] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1363.797240][T24497] netlink: 'syz.3.5445': attribute type 29 has an invalid length.
[ 1363.806420][T24497] netlink: 'syz.3.5445': attribute type 29 has an invalid length.
[ 1363.826369][T24497] netlink: 'syz.3.5445': attribute type 29 has an invalid length.
[ 1363.880291][T24497] netlink: 'syz.3.5445': attribute type 29 has an invalid length.
[ 1364.248830][T24504] netlink: 'syz.3.5447': attribute type 10 has an invalid length.
[ 1364.257128][T24504] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5447'.
[ 1364.321713][T24504] bridge0: port 3(ipvlan1) entered blocking state
[ 1364.345639][T24504] bridge0: port 3(ipvlan1) entered disabled state
[ 1364.439129][T24504] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1364.570301][T24505] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1366.943499][T24513] FAULT_INJECTION: forcing a failure.
[ 1366.943499][T24513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1366.988089][T24513] CPU: 1 PID: 24513 Comm: syz.3.5449 Not tainted syzkaller #0
[ 1366.995935][T24513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1367.006059][T24513] Call Trace:
[ 1367.009582][T24513]  <TASK>
[ 1367.012603][T24513]  dump_stack_lvl+0x18c/0x250
[ 1367.017389][T24513]  ? show_regs_print_info+0x20/0x20
[ 1367.022750][T24513]  ? load_image+0x420/0x420
[ 1367.027308][T24513]  ? __might_fault+0xaa/0x120
[ 1367.032106][T24513]  ? __lock_acquire+0x7d40/0x7d40
[ 1367.037259][T24513]  ? tomoyo_path_number_perm+0x5b4/0x620
[ 1367.043164][T24513]  should_fail_ex+0x39d/0x4d0
[ 1367.047993][T24513]  _copy_from_user+0x2f/0xe0
[ 1367.052717][T24513]  sock_do_ioctl+0x190/0x310
[ 1367.057461][T24513]  ? sock_show_fdinfo+0xb0/0xb0
[ 1367.062480][T24513]  sock_ioctl+0x5ba/0x7e0
[ 1367.067119][T24513]  ? sock_poll+0x3e0/0x3e0
[ 1367.071601][T24513]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1367.076828][T24513]  ? security_file_ioctl+0x80/0xa0
[ 1367.082164][T24513]  ? sock_poll+0x3e0/0x3e0
[ 1367.086797][T24513]  __se_sys_ioctl+0xfd/0x170
[ 1367.091521][T24513]  do_syscall_64+0x55/0xa0
[ 1367.095975][T24513]  ? clear_bhb_loop+0x40/0x90
[ 1367.100690][T24513]  ? clear_bhb_loop+0x40/0x90
[ 1367.105493][T24513]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1367.111506][T24513] RIP: 0033:0x7f0e67d9ce59
[ 1367.115980][T24513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1367.135662][T24513] RSP: 002b:00007f0e68c32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1367.144222][T24513] RAX: ffffffffffffffda RBX: 00007f0e68015fa0 RCX: 00007f0e67d9ce59
[ 1367.152671][T24513] RDX: 0000200000000000 RSI: 0000000000008922 RDI: 0000000000000003
[ 1367.160938][T24513] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1367.169117][T24513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1367.177253][T24513] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1367.185421][T24513]  </TASK>
[ 1367.552770][T24521] netlink: 'syz.3.5453': attribute type 10 has an invalid length.
[ 1367.593047][T24521] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5453'.
[ 1367.622543][T24521] bridge0: port 3(ipvlan1) entered blocking state
[ 1367.648561][T24521] bridge0: port 3(ipvlan1) entered disabled state
[ 1367.701346][T24527] netlink: 'syz.1.5455': attribute type 29 has an invalid length.
[ 1367.723641][T24521] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1367.769191][T24524] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1367.800259][T24527] netlink: 'syz.1.5455': attribute type 29 has an invalid length.
[ 1367.811689][T24528] netlink: 'syz.1.5455': attribute type 29 has an invalid length.
[ 1367.820374][T24531] netlink: 'syz.1.5455': attribute type 29 has an invalid length.
[ 1371.554732][T24563] netlink: 'syz.0.5465': attribute type 29 has an invalid length.
[ 1371.577450][T24563] netlink: 'syz.0.5465': attribute type 29 has an invalid length.
[ 1371.649183][T24564] netlink: 'syz.0.5465': attribute type 29 has an invalid length.
[ 1371.652374][T24566] netlink: 'syz.1.5466': attribute type 1 has an invalid length.
[ 1371.675784][T24566] netlink: 191376 bytes leftover after parsing attributes in process `syz.1.5466'.
[ 1371.707041][T24563] netlink: 'syz.0.5465': attribute type 29 has an invalid length.
[ 1371.996316][T24568] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1373.495444][T24595] pim6reg0: tun_chr_ioctl cmd 1074025675
[ 1373.517881][T24595] pim6reg0: persist enabled
[ 1374.348057][T13315] Bluetooth: hci3: command 0x0406 tx timeout
[ 1374.411169][T24606] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1374.549055][T24609] netlink: 'syz.2.5480': attribute type 10 has an invalid length.
[ 1374.633887][T24609] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5480'.
[ 1374.705188][T24609] bridge0: port 3(ipvlan1) entered blocking state
[ 1374.748028][T24609] bridge0: port 3(ipvlan1) entered disabled state
[ 1374.844788][T24609] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1376.762337][T24621] FAULT_INJECTION: forcing a failure.
[ 1376.762337][T24621] name failslab, interval 1, probability 0, space 0, times 0
[ 1376.775127][T24621] CPU: 1 PID: 24621 Comm: syz.0.5483 Not tainted syzkaller #0
[ 1376.782631][T24621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1376.792893][T24621] Call Trace:
[ 1376.796200][T24621]  <TASK>
[ 1376.799155][T24621]  dump_stack_lvl+0x18c/0x250
[ 1376.803880][T24621]  ? show_regs_print_info+0x20/0x20
[ 1376.809116][T24621]  ? load_image+0x420/0x420
[ 1376.813840][T24621]  should_fail_ex+0x39d/0x4d0
[ 1376.818641][T24621]  should_failslab+0x9/0x20
[ 1376.823182][T24621]  slab_pre_alloc_hook+0x59/0x310
[ 1376.828351][T24621]  ? ip6_pol_route+0x171/0x1230
[ 1376.833499][T24621]  kmem_cache_alloc+0x5a/0x2d0
[ 1376.838299][T24621]  ? dst_alloc+0x105/0x170
[ 1376.842872][T24621]  ? ipv6_sysctl_rtcache_flush+0xf0/0xf0
[ 1376.848537][T24621]  dst_alloc+0x105/0x170
[ 1376.852987][T24621]  ip6_pol_route+0x94f/0x1230
[ 1376.857879][T24621]  ? ip6_pol_route+0x171/0x1230
[ 1376.862768][T24621]  ? trace_fib6_table_lookup+0x1b0/0x1b0
[ 1376.868447][T24621]  fib6_rule_lookup+0x33d/0x570
[ 1376.873517][T24621]  ? skb_header_pointer+0x120/0x120
[ 1376.878754][T24621]  ? fib6_lookup+0x2d0/0x2d0
[ 1376.883545][T24621]  ? __lock_acquire+0x1347/0x7d40
[ 1376.888691][T24621]  ? verify_lock_unused+0x140/0x140
[ 1376.894100][T24621]  ? read_lock_is_recursive+0x20/0x20
[ 1376.899597][T24621]  ? dev_get_by_index_rcu+0xf4/0x110
[ 1376.905019][T24621]  ip6_route_output_flags+0x364/0x5d0
[ 1376.910510][T24621]  ? ip6_route_output_flags+0x2e/0x5d0
[ 1376.916183][T24621]  ip6_dst_lookup_tail+0x1ae/0x1530
[ 1376.921512][T24621]  ? sk_dst_check+0x25/0x430
[ 1376.926144][T24621]  ? ip6_dst_lookup+0x60/0x60
[ 1376.930953][T24621]  ? sk_dst_check+0x25/0x430
[ 1376.936109][T24621]  ? sk_dst_check+0x2f3/0x430
[ 1376.940818][T24621]  ip6_sk_dst_lookup_flow+0x731/0x970
[ 1376.946312][T24621]  ? udpv6_sendmsg+0x1664/0x2390
[ 1376.951551][T24621]  udpv6_sendmsg+0x188c/0x2390
[ 1376.956735][T24621]  ? udpv6_sendmsg+0x2390/0x2390
[ 1376.961996][T24621]  ? udp_v6_early_demux+0xf80/0xf80
[ 1376.967251][T24621]  ? lock_chain_count+0x20/0x20
[ 1376.972237][T24621]  ? _local_bh_enable+0xa0/0xa0
[ 1376.977578][T24621]  ? inet_send_prepare+0x1b3/0x260
[ 1376.983004][T24621]  ? inet_send_prepare+0x1b3/0x260
[ 1376.988334][T24621]  ? inet6_sendmsg+0x5f/0xd0
[ 1376.993132][T24621]  ? inet6_compat_ioctl+0x3c0/0x3c0
[ 1376.998452][T24621]  ____sys_sendmsg+0x5ba/0x960
[ 1377.003596][T24621]  ? __lock_acquire+0x7d40/0x7d40
[ 1377.008830][T24621]  ? __asan_memset+0x22/0x40
[ 1377.013983][T24621]  ? __sys_sendmsg_sock+0x30/0x30
[ 1377.019121][T24621]  ? __import_iovec+0x5f2/0x850
[ 1377.024011][T24621]  ? import_iovec+0x73/0xa0
[ 1377.028554][T24621]  ___sys_sendmsg+0x2a6/0x360
[ 1377.033268][T24621]  ? get_pid_task+0x20/0x1e0
[ 1377.038155][T24621]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1377.043061][T24621]  ? __lock_acquire+0x7d40/0x7d40
[ 1377.048318][T24621]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1377.053289][T24621]  ? __x64_sys_sendmsg+0x80/0x80
[ 1377.058622][T24621]  ? lockdep_hardirqs_on+0x98/0x150
[ 1377.063920][T24621]  do_syscall_64+0x55/0xa0
[ 1377.068363][T24621]  ? clear_bhb_loop+0x40/0x90
[ 1377.073110][T24621]  ? clear_bhb_loop+0x40/0x90
[ 1377.077887][T24621]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1377.083812][T24621] RIP: 0033:0x7f9703d9ce59
[ 1377.088434][T24621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1377.108254][T24621] RSP: 002b:00007f9704c16028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1377.116798][T24621] RAX: ffffffffffffffda RBX: 00007f9704016090 RCX: 00007f9703d9ce59
[ 1377.124795][T24621] RDX: 0000000000040814 RSI: 0000200000000480 RDI: 0000000000000006
[ 1377.132792][T24621] RBP: 00007f9704c16090 R08: 0000000000000000 R09: 0000000000000000
[ 1377.141224][T24621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1377.149221][T24621] R13: 00007f9704016128 R14: 00007f9704016090 R15: 00007ffec6016e88
[ 1377.157417][T24621]  </TASK>
[ 1378.611485][T24652] netlink: 'syz.3.5494': attribute type 29 has an invalid length.
[ 1378.639686][T24652] netlink: 'syz.3.5494': attribute type 29 has an invalid length.
[ 1378.688633][T24654] netlink: 'syz.3.5494': attribute type 29 has an invalid length.
[ 1378.798007][T24652] netlink: 'syz.3.5494': attribute type 29 has an invalid length.
[ 1382.315741][T24694] netlink: 'syz.0.5508': attribute type 39 has an invalid length.
[ 1383.218604][T24695] netlink: 'syz.2.5507': attribute type 10 has an invalid length.
[ 1383.228245][T24695] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5507'.
[ 1383.240926][T24695] bridge0: port 3(ipvlan1) entered blocking state
[ 1383.248732][T24695] bridge0: port 3(ipvlan1) entered disabled state
[ 1383.260548][T24695] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1384.116187][T24718] syzkaller0: entered promiscuous mode
[ 1384.125388][T24718] syzkaller0: entered allmulticast mode
[ 1389.830383][T24741] netlink: 'syz.2.5520': attribute type 10 has an invalid length.
[ 1389.838615][T24741] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5520'.
[ 1389.849338][T24741] bridge0: port 3(ipvlan1) entered blocking state
[ 1389.856485][T24741] bridge0: port 3(ipvlan1) entered disabled state
[ 1389.866981][T24741] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1389.971471][T24744] netlink: 'syz.2.5523': attribute type 11 has an invalid length.
[ 1390.041983][T24752] netlink: 'syz.2.5523': attribute type 21 has an invalid length.
[ 1390.085971][T24750] netlink: 'syz.0.5530': attribute type 10 has an invalid length.
[ 1390.109132][T24750] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5530'.
[ 1390.138708][T24750] bridge0: port 2(ipvlan1) entered blocking state
[ 1390.146893][T24750] bridge0: port 2(ipvlan1) entered disabled state
[ 1390.172709][T24750] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1390.380218][T24756] netlink: 'syz.0.5526': attribute type 10 has an invalid length.
[ 1390.416943][T24756] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5526'.
[ 1390.845569][T24773] FAULT_INJECTION: forcing a failure.
[ 1390.845569][T24773] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1390.886989][T24773] CPU: 0 PID: 24773 Comm: syz.1.5532 Not tainted syzkaller #0
[ 1390.894624][T24773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1390.904726][T24773] Call Trace:
[ 1390.908076][T24773]  <TASK>
[ 1390.911044][T24773]  dump_stack_lvl+0x18c/0x250
[ 1390.915785][T24773]  ? show_regs_print_info+0x20/0x20
[ 1390.921041][T24773]  ? load_image+0x420/0x420
[ 1390.925875][T24773]  ? __lock_acquire+0x7d40/0x7d40
[ 1390.931308][T24773]  ? mark_lock+0x94/0x320
[ 1390.935831][T24773]  should_fail_ex+0x39d/0x4d0
[ 1390.940752][T24773]  prepare_alloc_pages+0x1e2/0x5f0
[ 1390.946912][T24773]  __alloc_pages+0x134/0x460
[ 1390.951575][T24773]  ? zone_statistics+0x170/0x170
[ 1390.956662][T24773]  ? do_wp_page+0x7ca/0x35f0
[ 1390.961398][T24773]  ? do_wp_page+0xfc5/0x35f0
[ 1390.966228][T24773]  __folio_alloc+0x10/0x20
[ 1390.970798][T24773]  vma_alloc_folio+0x47a/0x8f0
[ 1390.975618][T24773]  do_wp_page+0x1243/0x35f0
[ 1390.980372][T24773]  ? folio_put+0xd0/0xd0
[ 1390.985099][T24773]  ? do_raw_spin_lock+0x11f/0x2c0
[ 1390.990802][T24773]  ? __rwlock_init+0x150/0x150
[ 1390.995919][T24773]  handle_mm_fault+0x135d/0x4c00
[ 1391.000920][T24773]  ? handle_mm_fault+0xe7/0x4c00
[ 1391.010006][T24773]  ? numa_migrate_prep+0x350/0x350
[ 1391.015284][T24773]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1391.020620][T24773]  do_user_addr_fault+0x730/0x12c0
[ 1391.025834][T24773]  exc_page_fault+0x64/0x100
[ 1391.030573][T24773]  asm_exc_page_fault+0x26/0x30
[ 1391.035585][T24773] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1391.041457][T24773] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[ 1391.061395][T24773] RSP: 0018:ffffc9000f6d7b10 EFLAGS: 00050206
[ 1391.067525][T24773] RAX: ffffffff842a2101 RBX: 0000000000000e40 RCX: 0000000000000140
[ 1391.075854][T24773] RDX: 0000000000000000 RSI: ffff88805b740d40 RDI: 0000200000001000
[ 1391.084049][T24773] RBP: ffffc9000f6d7c48 R08: ffff88805b740e7f R09: 1ffff1100b6e81cf
[ 1391.092161][T24773] R10: dffffc0000000000 R11: ffffed100b6e81d0 R12: 0000200000001140
[ 1391.100278][T24773] R13: 0000000000000e40 R14: 0000200000000300 R15: ffff88805b740040
[ 1391.108569][T24773]  ? _copy_from_user+0xb1/0xe0
[ 1391.113495][T24773]  _copy_to_user+0x85/0xa0
[ 1391.117982][T24773]  bpf_test_finish+0x206/0x650
[ 1391.122887][T24773]  ? convert___skb_to_skb+0x590/0x590
[ 1391.128398][T24773]  ? convert_skb_to___skb+0x420/0x420
[ 1391.133920][T24773]  ? slab_build_skb+0x25f/0x3f0
[ 1391.138822][T24773]  bpf_prog_test_run_skb+0xcc3/0x12b0
[ 1391.144265][T24773]  ? cpu_online+0x60/0x60
[ 1391.148721][T24773]  bpf_prog_test_run+0x321/0x390
[ 1391.153715][T24773]  __sys_bpf+0x49d/0x890
[ 1391.158016][T24773]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1391.163463][T24773]  ? lock_chain_count+0x20/0x20
[ 1391.168373][T24773]  __x64_sys_bpf+0x7c/0x90
[ 1391.173196][T24773]  do_syscall_64+0x55/0xa0
[ 1391.177750][T24773]  ? clear_bhb_loop+0x40/0x90
[ 1391.182484][T24773]  ? clear_bhb_loop+0x40/0x90
[ 1391.187478][T24773]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1391.193425][T24773] RIP: 0033:0x7f775799ce59
[ 1391.197973][T24773] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1391.217736][T24773] RSP: 002b:00007f77588b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1391.226300][T24773] RAX: ffffffffffffffda RBX: 00007f7757c15fa0 RCX: 00007f775799ce59
[ 1391.234513][T24773] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[ 1391.242807][T24773] RBP: 00007f77588b1090 R08: 0000000000000000 R09: 0000000000000000
[ 1391.251019][T24773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1391.259127][T24773] R13: 00007f7757c16038 R14: 00007f7757c15fa0 R15: 00007ffca3523158
[ 1391.267180][T24773]  </TASK>
[ 1391.783810][T24777] delete_channel: no stack
[ 1391.866143][T24777] delete_channel: no stack
[ 1392.788568][T24789] netlink: 'syz.1.5537': attribute type 10 has an invalid length.
[ 1392.807197][T24789] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5537'.
[ 1392.837084][T24789] bridge0: port 3(ipvlan1) entered blocking state
[ 1392.850128][T24789] bridge0: port 3(ipvlan1) entered disabled state
[ 1392.901500][T24789] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1393.065549][T24792] netlink: 'syz.3.5538': attribute type 10 has an invalid length.
[ 1393.099024][T24792] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5538'.
[ 1393.735414][T24801] bridge_slave_1: left allmulticast mode
[ 1393.854486][T24801] bridge_slave_1: left promiscuous mode
[ 1393.978862][T24801] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1394.858851][T24801] bridge_slave_0: left allmulticast mode
[ 1394.887890][T24801] bridge_slave_0: left promiscuous mode
[ 1394.893954][T24801] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1397.671921][T24807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5541'.
[ 1397.685138][T24826] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1398.031664][T24830] netlink: 'syz.3.5548': attribute type 10 has an invalid length.
[ 1398.043202][T24830] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5548'.
[ 1398.054175][T24830] bridge0: port 3(ipvlan1) entered blocking state
[ 1398.061763][T24830] bridge0: port 3(ipvlan1) entered disabled state
[ 1398.078124][T24830] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1398.101284][T24834] netlink: 'syz.1.5550': attribute type 10 has an invalid length.
[ 1398.135254][T24834] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5550'.
[ 1398.237442][T24841] can: request_module (can-proto-0) failed.
[ 1398.423425][T24847] delete_channel: no stack
[ 1398.515124][T24847] delete_channel: no stack
[ 1399.521714][T24865] FAULT_INJECTION: forcing a failure.
[ 1399.521714][T24865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1399.536061][T24865] CPU: 1 PID: 24865 Comm: syz.3.5557 Not tainted syzkaller #0
[ 1399.543671][T24865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1399.554129][T24865] Call Trace:
[ 1399.557443][T24865]  <TASK>
[ 1399.560398][T24865]  dump_stack_lvl+0x18c/0x250
[ 1399.565229][T24865]  ? show_regs_print_info+0x20/0x20
[ 1399.570660][T24865]  ? load_image+0x420/0x420
[ 1399.575203][T24865]  ? __might_fault+0xaa/0x120
[ 1399.579936][T24865]  ? __lock_acquire+0x7d40/0x7d40
[ 1399.585081][T24865]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[ 1399.591364][T24865]  should_fail_ex+0x39d/0x4d0
[ 1399.596088][T24865]  _copy_from_user+0x2f/0xe0
[ 1399.600710][T24865]  __sys_bpf+0x23e/0x890
[ 1399.604990][T24865]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1399.610495][T24865]  ? lock_chain_count+0x20/0x20
[ 1399.615607][T24865]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1399.621787][T24865]  __x64_sys_bpf+0x7c/0x90
[ 1399.626231][T24865]  do_syscall_64+0x55/0xa0
[ 1399.630675][T24865]  ? clear_bhb_loop+0x40/0x90
[ 1399.635381][T24865]  ? clear_bhb_loop+0x40/0x90
[ 1399.640265][T24865]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1399.646378][T24865] RIP: 0033:0x7f0e67d9ce59
[ 1399.650831][T24865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1399.670907][T24865] RSP: 002b:00007f0e68c32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1399.679740][T24865] RAX: ffffffffffffffda RBX: 00007f0e68015fa0 RCX: 00007f0e67d9ce59
[ 1399.687761][T24865] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1399.695759][T24865] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1399.703798][T24865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1399.711975][T24865] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1399.720173][T24865]  </TASK>
[ 1399.971133][T24870] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1400.251607][T24877] netlink: 'syz.3.5562': attribute type 10 has an invalid length.
[ 1400.287638][T24877] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5562'.
[ 1400.336658][T24877] bridge0: port 3(ipvlan1) entered blocking state
[ 1400.371717][T24877] bridge0: port 3(ipvlan1) entered disabled state
[ 1400.420128][T24877] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1400.489705][T24886] netlink: 'syz.1.5563': attribute type 10 has an invalid length.
[ 1400.511384][T24886] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5563'.
[ 1401.021406][T24893] FAULT_INJECTION: forcing a failure.
[ 1401.021406][T24893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1401.044533][T24893] CPU: 1 PID: 24893 Comm: syz.1.5567 Not tainted syzkaller #0
[ 1401.052190][T24893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1401.062376][T24893] Call Trace:
[ 1401.065779][T24893]  <TASK>
[ 1401.068797][T24893]  dump_stack_lvl+0x18c/0x250
[ 1401.073530][T24893]  ? show_regs_print_info+0x20/0x20
[ 1401.078959][T24893]  ? load_image+0x420/0x420
[ 1401.083687][T24893]  ? __might_fault+0xaa/0x120
[ 1401.088414][T24893]  ? __lock_acquire+0x7d40/0x7d40
[ 1401.093619][T24893]  should_fail_ex+0x39d/0x4d0
[ 1401.098456][T24893]  _copy_from_user+0x2f/0xe0
[ 1401.103272][T24893]  __sys_bpf+0x23e/0x890
[ 1401.107565][T24893]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1401.113017][T24893]  ? lock_chain_count+0x20/0x20
[ 1401.118191][T24893]  __x64_sys_bpf+0x7c/0x90
[ 1401.122666][T24893]  do_syscall_64+0x55/0xa0
[ 1401.127128][T24893]  ? clear_bhb_loop+0x40/0x90
[ 1401.131859][T24893]  ? clear_bhb_loop+0x40/0x90
[ 1401.136591][T24893]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1401.142557][T24893] RIP: 0033:0x7f775799ce59
[ 1401.147100][T24893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1401.153747][T24895] delete_channel: no stack
[ 1401.166905][T24893] RSP: 002b:00007f77588b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1401.166942][T24893] RAX: ffffffffffffffda RBX: 00007f7757c15fa0 RCX: 00007f775799ce59
[ 1401.166957][T24893] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1401.166969][T24893] RBP: 00007f77588b1090 R08: 0000000000000000 R09: 0000000000000000
[ 1401.166981][T24893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1401.166994][T24893] R13: 00007f7757c16038 R14: 00007f7757c15fa0 R15: 00007ffca3523158
[ 1401.167028][T24893]  </TASK>
[ 1401.333637][T24895] delete_channel: no stack
[ 1401.967583][T24907] netlink: 'syz.3.5570': attribute type 10 has an invalid length.
[ 1402.267547][T24911] FAULT_INJECTION: forcing a failure.
[ 1402.267547][T24911] name failslab, interval 1, probability 0, space 0, times 0
[ 1402.285152][T24911] CPU: 1 PID: 24911 Comm: syz.0.5572 Not tainted syzkaller #0
[ 1402.292750][T24911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1402.302935][T24911] Call Trace:
[ 1402.306265][T24911]  <TASK>
[ 1402.309228][T24911]  dump_stack_lvl+0x18c/0x250
[ 1402.314071][T24911]  ? show_regs_print_info+0x20/0x20
[ 1402.319307][T24911]  ? load_image+0x420/0x420
[ 1402.324054][T24911]  should_fail_ex+0x39d/0x4d0
[ 1402.328771][T24911]  should_failslab+0x9/0x20
[ 1402.333308][T24911]  slab_pre_alloc_hook+0x59/0x310
[ 1402.338373][T24911]  ? sk_prot_alloc+0xe7/0x210
[ 1402.343175][T24911]  ? sk_prot_alloc+0xe7/0x210
[ 1402.347893][T24911]  __kmem_cache_alloc_node+0x53/0x250
[ 1402.353657][T24911]  ? sk_prot_alloc+0xe7/0x210
[ 1402.358551][T24911]  __kmalloc+0xa4/0x230
[ 1402.362841][T24911]  sk_prot_alloc+0xe7/0x210
[ 1402.367381][T24911]  ? sk_alloc+0x24/0x360
[ 1402.371676][T24911]  sk_alloc+0x3a/0x360
[ 1402.375862][T24911]  ? bpf_ctx_init+0x163/0x1a0
[ 1402.380745][T24911]  ? bpf_prog_test_run_skb+0x273/0x12b0
[ 1402.386507][T24911]  bpf_prog_test_run_skb+0x3a5/0x12b0
[ 1402.392083][T24911]  ? __fget_files+0x28/0x4b0
[ 1402.396794][T24911]  ? __fget_files+0x28/0x4b0
[ 1402.401417][T24911]  ? __fget_files+0x43d/0x4b0
[ 1402.406226][T24911]  ? cpu_online+0x60/0x60
[ 1402.410592][T24911]  bpf_prog_test_run+0x321/0x390
[ 1402.415571][T24911]  __sys_bpf+0x49d/0x890
[ 1402.419857][T24911]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1402.425285][T24911]  ? lock_chain_count+0x20/0x20
[ 1402.430164][T24911]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1402.436292][T24911]  __x64_sys_bpf+0x7c/0x90
[ 1402.440826][T24911]  do_syscall_64+0x55/0xa0
[ 1402.445452][T24911]  ? clear_bhb_loop+0x40/0x90
[ 1402.450258][T24911]  ? clear_bhb_loop+0x40/0x90
[ 1402.455338][T24911]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1402.461259][T24911] RIP: 0033:0x7f9703d9ce59
[ 1402.465707][T24911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1402.485786][T24911] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1402.494327][T24911] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1402.502326][T24911] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[ 1402.510343][T24911] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1402.518341][T24911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1402.526332][T24911] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1402.534516][T24911]  </TASK>
[ 1402.709891][T24917] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1402.768300][T24915] netlink: 'syz.3.5573': attribute type 10 has an invalid length.
[ 1402.776454][T24915] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5573'.
[ 1402.797714][T24915] bridge0: port 3(ipvlan1) entered blocking state
[ 1402.805689][T24915] bridge0: port 3(ipvlan1) entered disabled state
[ 1402.834047][T24915] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1402.969309][T24922] netlink: 'syz.1.5576': attribute type 10 has an invalid length.
[ 1403.032652][T24922] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5576'.
[ 1404.446082][T24948] netlink: 'syz.2.5582': attribute type 10 has an invalid length.
[ 1404.453545][T24946] delete_channel: no stack
[ 1404.566705][T24946] delete_channel: no stack
[ 1406.664733][T24958] netlink: 'syz.3.5587': attribute type 10 has an invalid length.
[ 1406.711700][T24958] team0: Device wg1 is up. Set it down before adding it as a team port
[ 1407.113325][T24965] netlink: 'syz.3.5588': attribute type 10 has an invalid length.
[ 1407.164527][T24965] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5588'.
[ 1407.821804][T24978] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1408.073467][T24983] netlink: 'syz.0.5593': attribute type 10 has an invalid length.
[ 1408.142172][T24983] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5593'.
[ 1408.336078][T24983] bridge0: port 2(ipvlan1) entered blocking state
[ 1408.363810][T24983] bridge0: port 2(ipvlan1) entered disabled state
[ 1408.473980][T24983] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1408.768910][T24989] netlink: 'syz.1.5594': attribute type 10 has an invalid length.
[ 1410.459170][T24989] veth0_macvtap: left promiscuous mode
[ 1410.770496][T24993] netlink: 'syz.2.5596': attribute type 10 has an invalid length.
[ 1410.798350][T24993] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5596'.
[ 1410.821006][T24993] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1411.032185][T24995] can: request_module (can-proto-0) failed.
[ 1411.345692][T25004] netlink: 'syz.2.5600': attribute type 10 has an invalid length.
[ 1411.373005][T25004] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5600'.
[ 1411.412865][T25002] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1411.811025][T25015] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5604'.
[ 1411.821426][T25015] batadv_slave_1: entered promiscuous mode
[ 1411.854003][T25020] netlink: 'syz.2.5606': attribute type 10 has an invalid length.
[ 1411.988341][T25022] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1412.215295][T25027] netlink: 'syz.2.5608': attribute type 10 has an invalid length.
[ 1412.226200][T25027] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5608'.
[ 1412.238672][T25027] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1412.335417][T25033] netlink: 'syz.1.5611': attribute type 10 has an invalid length.
[ 1412.343719][T25033] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5611'.
[ 1412.787540][T25046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1412.876958][T25048] netlink: 'syz.3.5616': attribute type 10 has an invalid length.
[ 1413.497029][T25042] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1413.738655][T25056] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5618'.
[ 1413.756343][T25056] batadv_slave_1: entered promiscuous mode
[ 1414.125639][T25067] netlink: 'syz.1.5622': attribute type 10 has an invalid length.
[ 1414.135134][T25067] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5622'.
[ 1414.192107][T25072] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1414.468270][T25078] netlink: 'syz.3.5625': attribute type 10 has an invalid length.
[ 1414.496737][T25080] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1414.787398][T25082] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1415.005003][T25093] netlink: 'syz.0.5634': attribute type 10 has an invalid length.
[ 1415.013102][T25093] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5634'.
[ 1415.313936][T25107] netlink: 'syz.0.5639': attribute type 10 has an invalid length.
[ 1415.640035][T25114] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1415.988218][T25120] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1416.082781][T25125] netlink: 'syz.1.5646': attribute type 10 has an invalid length.
[ 1416.091327][T25125] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5646'.
[ 1416.412483][T25134] netlink: 'syz.1.5651': attribute type 10 has an invalid length.
[ 1416.639658][T25140] netlink: 'syz.3.5654': attribute type 2 has an invalid length.
[ 1416.653854][T25140] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5654'.
[ 1417.690547][T25154] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1417.867712][T25156] netlink: 'syz.2.5658': attribute type 10 has an invalid length.
[ 1417.877038][T25156] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5658'.
[ 1418.085780][T25166] netlink: 'syz.2.5663': attribute type 10 has an invalid length.
[ 1418.848298][T25189] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1418.897656][T25190] netlink: 'syz.2.5671': attribute type 10 has an invalid length.
[ 1418.918225][T25190] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5671'.
[ 1421.469537][T25202] netlink: 'syz.1.5675': attribute type 10 has an invalid length.
[ 1421.975957][T25223] netlink: 'syz.1.5684': attribute type 10 has an invalid length.
[ 1421.987623][T25223] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5684'.
[ 1422.919814][T25228] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1423.329107][T25233] netlink: 'syz.3.5687': attribute type 10 has an invalid length.
[ 1423.498796][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.505533][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.136057][T25252] netlink: 'syz.3.5693': attribute type 10 has an invalid length.
[ 1424.144304][T25252] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5693'.
[ 1426.568618][T25262] netlink: 'syz.3.5698': attribute type 10 has an invalid length.
[ 1428.036548][T25277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1428.102526][T25288] netlink: 'syz.1.5706': attribute type 10 has an invalid length.
[ 1428.164043][T25288] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5706'.
[ 1430.658365][T25303] netlink: 'syz.3.5711': attribute type 10 has an invalid length.
[ 1430.717332][T25307] FAULT_INJECTION: forcing a failure.
[ 1430.717332][T25307] name failslab, interval 1, probability 0, space 0, times 0
[ 1430.758899][T25307] CPU: 0 PID: 25307 Comm: syz.0.5714 Not tainted syzkaller #0
[ 1430.766620][T25307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1430.776810][T25307] Call Trace:
[ 1430.780131][T25307]  <TASK>
[ 1430.783195][T25307]  dump_stack_lvl+0x18c/0x250
[ 1430.787938][T25307]  ? show_regs_print_info+0x20/0x20
[ 1430.793209][T25307]  ? load_image+0x420/0x420
[ 1430.797767][T25307]  ? __might_sleep+0xe0/0xe0
[ 1430.802412][T25307]  ? __lock_acquire+0x7d40/0x7d40
[ 1430.807540][T25307]  ? perf_trace_lock+0xfc/0x3b0
[ 1430.812436][T25307]  should_fail_ex+0x39d/0x4d0
[ 1430.817132][T25307]  should_failslab+0x9/0x20
[ 1430.821655][T25307]  slab_pre_alloc_hook+0x59/0x310
[ 1430.826820][T25307]  ? __get_vm_area_node+0x125/0x370
[ 1430.832324][T25307]  __kmem_cache_alloc_node+0x53/0x250
[ 1430.837721][T25307]  ? __get_vm_area_node+0x125/0x370
[ 1430.843027][T25307]  kmalloc_node_trace+0x26/0xe0
[ 1430.847983][T25307]  __get_vm_area_node+0x125/0x370
[ 1430.853027][T25307]  __vmalloc_node_range+0x36e/0x1330
[ 1430.858356][T25307]  ? netlink_sendmsg+0x602/0xbf0
[ 1430.863402][T25307]  ? netlink_insert+0x109f/0x13a0
[ 1430.868458][T25307]  ? netlink_data_ready+0x10/0x10
[ 1430.873503][T25307]  ? free_vm_area+0x50/0x50
[ 1430.878026][T25307]  ? netlink_sendmsg+0x602/0xbf0
[ 1430.883064][T25307]  vmalloc+0x79/0x90
[ 1430.887058][T25307]  ? netlink_sendmsg+0x602/0xbf0
[ 1430.892011][T25307]  netlink_sendmsg+0x602/0xbf0
[ 1430.897058][T25307]  ? netlink_getsockopt+0x590/0x590
[ 1430.902479][T25307]  ? aa_sock_msg_perm+0x94/0x150
[ 1430.907433][T25307]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1430.912824][T25307]  ? security_socket_sendmsg+0x80/0xa0
[ 1430.918304][T25307]  sock_write_iter+0x2df/0x420
[ 1430.923117][T25307]  ? sock_read_iter+0x3e0/0x3e0
[ 1430.928056][T25307]  ? common_file_perm+0x198/0x1f0
[ 1430.933297][T25307]  vfs_write+0x46c/0x990
[ 1430.937595][T25307]  ? file_end_write+0x250/0x250
[ 1430.942561][T25307]  ? __fget_files+0x43d/0x4b0
[ 1430.947440][T25307]  ? __fdget_pos+0x1d8/0x330
[ 1430.952077][T25307]  ? ksys_write+0x75/0x260
[ 1430.956512][T25307]  ksys_write+0x150/0x260
[ 1430.960869][T25307]  ? __ia32_sys_read+0x90/0x90
[ 1430.965737][T25307]  ? lockdep_hardirqs_on+0x98/0x150
[ 1430.971154][T25307]  do_syscall_64+0x55/0xa0
[ 1430.975670][T25307]  ? clear_bhb_loop+0x40/0x90
[ 1430.980366][T25307]  ? clear_bhb_loop+0x40/0x90
[ 1430.985234][T25307]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1430.991143][T25307] RIP: 0033:0x7f9703d9ce59
[ 1430.995576][T25307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1431.015372][T25307] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1431.023823][T25307] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1431.031818][T25307] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[ 1431.039977][T25307] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1431.048044][T25307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1431.056111][T25307] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1431.064199][T25307]  </TASK>
[ 1431.093707][T25307] syz.0.5714: vmalloc error: size 65408, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1431.178298][T25307] CPU: 1 PID: 25307 Comm: syz.0.5714 Not tainted syzkaller #0
[ 1431.185845][T25307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1431.195950][T25307] Call Trace:
[ 1431.199350][T25307]  <TASK>
[ 1431.202309][T25307]  dump_stack_lvl+0x18c/0x250
[ 1431.207125][T25307]  ? show_regs_print_info+0x20/0x20
[ 1431.212708][T25307]  ? load_image+0x420/0x420
[ 1431.217517][T25307]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1431.223975][T25307]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1431.230512][T25307]  warn_alloc+0x246/0x340
[ 1431.234892][T25307]  ? __get_vm_area_node+0x125/0x370
[ 1431.240131][T25307]  ? zone_watermark_ok_safe+0x230/0x230
[ 1431.245809][T25307]  ? rcu_is_watching+0x15/0xb0
[ 1431.250620][T25307]  ? __get_vm_area_node+0x356/0x370
[ 1431.255945][T25307]  __vmalloc_node_range+0x393/0x1330
[ 1431.261263][T25307]  ? netlink_insert+0x109f/0x13a0
[ 1431.266428][T25307]  ? netlink_data_ready+0x10/0x10
[ 1431.271584][T25307]  ? free_vm_area+0x50/0x50
[ 1431.276234][T25307]  ? netlink_sendmsg+0x602/0xbf0
[ 1431.281381][T25307]  vmalloc+0x79/0x90
[ 1431.285398][T25307]  ? netlink_sendmsg+0x602/0xbf0
[ 1431.290460][T25307]  netlink_sendmsg+0x602/0xbf0
[ 1431.295274][T25307]  ? netlink_getsockopt+0x590/0x590
[ 1431.300508][T25307]  ? aa_sock_msg_perm+0x94/0x150
[ 1431.305494][T25307]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1431.310908][T25307]  ? security_socket_sendmsg+0x80/0xa0
[ 1431.316402][T25307]  sock_write_iter+0x2df/0x420
[ 1431.321202][T25307]  ? sock_read_iter+0x3e0/0x3e0
[ 1431.326271][T25307]  ? common_file_perm+0x198/0x1f0
[ 1431.331336][T25307]  vfs_write+0x46c/0x990
[ 1431.335711][T25307]  ? file_end_write+0x250/0x250
[ 1431.340688][T25307]  ? __fget_files+0x43d/0x4b0
[ 1431.345521][T25307]  ? __fdget_pos+0x1d8/0x330
[ 1431.350249][T25307]  ? ksys_write+0x75/0x260
[ 1431.354722][T25307]  ksys_write+0x150/0x260
[ 1431.359097][T25307]  ? __ia32_sys_read+0x90/0x90
[ 1431.363906][T25307]  ? lockdep_hardirqs_on+0x98/0x150
[ 1431.369149][T25307]  do_syscall_64+0x55/0xa0
[ 1431.373591][T25307]  ? clear_bhb_loop+0x40/0x90
[ 1431.378310][T25307]  ? clear_bhb_loop+0x40/0x90
[ 1431.383024][T25307]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1431.389034][T25307] RIP: 0033:0x7f9703d9ce59
[ 1431.393478][T25307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1431.413291][T25307] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1431.421910][T25307] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1431.430678][T25307] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[ 1431.439128][T25307] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1431.447220][T25307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1431.455303][T25307] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1431.463327][T25307]  </TASK>
[ 1431.495826][T25315] delete_channel: no stack
[ 1431.502195][T25315] delete_channel: no stack
[ 1431.507301][T25307] Mem-Info:
[ 1431.515582][T25307] active_anon:5428 inactive_anon:0 isolated_anon:0
[ 1431.515582][T25307]  active_file:19489 inactive_file:40478 isolated_file:0
[ 1431.515582][T25307]  unevictable:768 dirty:91 writeback:0
[ 1431.515582][T25307]  slab_reclaimable:11020 slab_unreclaimable:99314
[ 1431.515582][T25307]  mapped:25113 shmem:1361 pagetables:546
[ 1431.515582][T25307]  sec_pagetables:0 bounce:0
[ 1431.515582][T25307]  kernel_misc_reclaimable:0
[ 1431.515582][T25307]  free:1334233 free_pcp:9147 free_cma:0
[ 1431.565226][T25307] Node 0 active_anon:21712kB inactive_anon:0kB active_file:77956kB inactive_file:161716kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100452kB dirty:364kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10384kB pagetables:2184kB sec_pagetables:0kB all_unreclaimable? no
[ 1431.608862][T25307] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1431.610842][T25314] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1431.640510][T25307] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1431.640580][T25307] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1431.640626][T25307] Node 0 DMA32 free:1414624kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:21676kB inactive_anon:0kB active_file:77956kB inactive_file:160880kB unevictable:1536kB writepending:364kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:29388kB local_pcp:16080kB free_cma:0kB
[ 1431.640693][T25307] lowmem_reserve[]: 0 0 0 0 0
[ 1431.640735][T25307] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1431.640788][T25307] lowmem_reserve[]: 0 0 0 0 0
[ 1431.640838][T25307] Node 1 Normal free:3906948kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:7264kB local_pcp:0kB free_cma:0kB
[ 1431.640893][T25307] lowmem_reserve[]: 0 0 0 0 0
[ 1431.640935][T25307] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1431.641073][T25307] Node 0 DMA32: 2384*4kB (UM) 1526*8kB (UM) 1145*16kB (UME) 587*32kB (M) 732*64kB (UME) 488*128kB (UME) 217*256kB (UM) 112*512kB (UM) 45*1024kB (UME) 23*2048kB (ME) 254*4096kB (UM) = 1414624kB
[ 1431.641261][T25307] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1431.641392][T25307] Node 1 Normal: 207*4kB (UME) 39*8kB (UME) 41*16kB (UME) 242*32kB (UME) 81*64kB (UME) 26*128kB (UME) 3*256kB (UM) 2*512kB (UE) 2*1024kB (UE) 1*2048kB (E) 948*4096kB (M) = 3906948kB
[ 1431.641592][T25307] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1431.641615][T25307] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1431.641631][T25307] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1431.641647][T25307] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1431.641669][T25307] 61328 total pagecache pages
[ 1431.641677][T25307] 0 pages in swap cache
[ 1431.641686][T25307] Free swap  = 124996kB
[ 1431.641694][T25307] Total swap = 124996kB
[ 1431.641702][T25307] 2097051 pages RAM
[ 1431.641711][T25307] 0 pages HighMem/MovableOnly
[ 1431.641718][T25307] 416927 pages reserved
[ 1431.641727][T25307] 0 pages cma reserved
[ 1431.957367][T25319] netlink: 'syz.0.5718': attribute type 10 has an invalid length.
[ 1431.972946][T25319] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5718'.
[ 1432.366298][T25333] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.5724'.
[ 1432.968842][T25337] netlink: 'syz.2.5725': attribute type 10 has an invalid length.
[ 1436.083907][T25343] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1436.507849][T25346] netlink: 'syz.2.5729': attribute type 10 has an invalid length.
[ 1436.517519][T25346] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5729'.
[ 1436.868107][T25351] netlink: 'syz.3.5730': attribute type 10 has an invalid length.
[ 1436.916398][T25351] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5730'.
[ 1437.015831][T25351] bridge0: port 3(ipvlan1) entered blocking state
[ 1437.031345][T25351] bridge0: port 3(ipvlan1) entered disabled state
[ 1437.200854][T25351] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1437.449162][T25365] delete_channel: no stack
[ 1437.460297][T25365] delete_channel: no stack
[ 1437.611615][T25372] netlink: 'syz.2.5737': attribute type 10 has an invalid length.
[ 1437.638464][T25373] netlink: 'syz.1.5738': attribute type 10 has an invalid length.
[ 1437.648932][T25373] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5738'.
[ 1437.659742][T25373] bridge0: port 3(ipvlan1) entered blocking state
[ 1437.667356][T25373] bridge0: port 3(ipvlan1) entered disabled state
[ 1437.692332][T25373] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1437.723997][T25376] netlink: 'syz.3.5739': attribute type 10 has an invalid length.
[ 1437.732539][T25376] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5739'.
[ 1438.118826][T25388] 
: renamed from vlan0 (while UP)
[ 1438.250342][T25389] netlink: 'syz.1.5742': attribute type 10 has an invalid length.
[ 1438.274709][T25389] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5742'.
[ 1438.288153][T25391] delete_channel: no stack
[ 1438.302139][T25391] delete_channel: no stack
[ 1438.307106][T25389] bridge0: port 3(ipvlan1) entered blocking state
[ 1438.325989][T25389] bridge0: port 3(ipvlan1) entered disabled state
[ 1438.345411][T25389] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1438.579140][T25398] netlink: 'syz.1.5748': attribute type 10 has an invalid length.
[ 1438.655050][T25400] netlink: 'syz.3.5750': attribute type 10 has an invalid length.
[ 1438.680960][T25400] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5750'.
[ 1438.732008][T25403] delete_channel: no stack
[ 1438.754610][T25403] delete_channel: no stack
[ 1438.994570][T25405] netlink: 'syz.1.5751': attribute type 10 has an invalid length.
[ 1439.009256][T25405] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5751'.
[ 1439.025614][T25405] bridge0: port 3(ipvlan1) entered blocking state
[ 1439.035991][T25405] bridge0: port 3(ipvlan1) entered disabled state
[ 1439.056725][T25405] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1439.158759][T25417] delete_channel: no stack
[ 1439.168500][T25417] delete_channel: no stack
[ 1439.439793][T25427] netlink: 'syz.1.5759': attribute type 10 has an invalid length.
[ 1439.616718][T25432] netlink: 'syz.1.5761': attribute type 10 has an invalid length.
[ 1439.637525][T25432] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5761'.
[ 1439.782538][T25435] netlink: 'syz.3.5762': attribute type 29 has an invalid length.
[ 1440.721628][T25448] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5766'.
[ 1440.732129][T25448] bridge0: port 2(ipvlan1) entered blocking state
[ 1440.743841][T25448] bridge0: port 2(ipvlan1) entered disabled state
[ 1440.778927][T25448] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1441.087589][T25456] delete_channel: no stack
[ 1441.101435][T25456] delete_channel: no stack
[ 1441.118684][T25461] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5771'.
[ 1441.463201][T25474] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5776'.
[ 1441.475523][T25474] bridge0: port 2(ipvlan1) entered blocking state
[ 1441.484325][T25474] bridge0: port 2(ipvlan1) entered disabled state
[ 1441.506707][T25474] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1441.832576][T25485] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5781'.
[ 1441.852249][T25485] bridge0: port 3(ipvlan1) entered blocking state
[ 1441.863894][T25485] bridge0: port 3(ipvlan1) entered disabled state
[ 1441.906462][T25485] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1443.299049][T25514] validate_nla: 13 callbacks suppressed
[ 1443.299111][T25514] netlink: 'syz.3.5791': attribute type 10 has an invalid length.
[ 1443.375409][T25514] __nla_validate_parse: 1 callbacks suppressed
[ 1443.375430][T25514] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5791'.
[ 1443.417253][T25514] bridge0: port 3(ipvlan1) entered blocking state
[ 1443.439530][T25514] bridge0: port 3(ipvlan1) entered disabled state
[ 1443.491529][T25514] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1443.635478][T25524] netlink: 'syz.3.5795': attribute type 10 has an invalid length.
[ 1443.649200][T25524] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5795'.
[ 1443.811984][T25531] netlink: 'syz.3.5797': attribute type 21 has an invalid length.
[ 1443.838201][T25531] netlink: 128 bytes leftover after parsing attributes in process `syz.3.5797'.
[ 1443.859658][T25531] netlink: 3 bytes leftover after parsing attributes in process `syz.3.5797'.
[ 1443.949189][T25531] FAULT_INJECTION: forcing a failure.
[ 1443.949189][T25531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1443.969949][T25531] CPU: 1 PID: 25531 Comm: syz.3.5797 Not tainted syzkaller #0
[ 1443.977847][T25531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1443.988330][T25531] Call Trace:
[ 1443.991638][T25531]  <TASK>
[ 1443.994696][T25531]  dump_stack_lvl+0x18c/0x250
[ 1443.999601][T25531]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1444.005811][T25531]  ? show_regs_print_info+0x20/0x20
[ 1444.011053][T25531]  ? load_image+0x420/0x420
[ 1444.015699][T25531]  should_fail_ex+0x39d/0x4d0
[ 1444.020484][T25531]  _copy_from_user+0x2f/0xe0
[ 1444.025117][T25531]  perf_copy_attr+0x16a/0x840
[ 1444.029827][T25531]  __se_sys_perf_event_open+0x11b/0x1c50
[ 1444.035692][T25531]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1444.041735][T25531]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 1444.047513][T25531]  ? __x64_sys_perf_event_open+0x20/0xc0
[ 1444.053169][T25531]  do_syscall_64+0x55/0xa0
[ 1444.057605][T25531]  ? clear_bhb_loop+0x40/0x90
[ 1444.062299][T25531]  ? clear_bhb_loop+0x40/0x90
[ 1444.066999][T25531]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1444.072995][T25531] RIP: 0033:0x7f0e67d9ce59
[ 1444.077441][T25531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1444.097191][T25531] RSP: 002b:00007f0e68c32028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 1444.105883][T25531] RAX: ffffffffffffffda RBX: 00007f0e68015fa0 RCX: 00007f0e67d9ce59
[ 1444.113868][T25531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 1444.121858][T25531] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1444.129841][T25531] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 1444.137830][T25531] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1444.146092][T25531]  </TASK>
[ 1444.199402][T25540] netlink: 'syz.0.5800': attribute type 10 has an invalid length.
[ 1444.347430][T25542] netlink: 'syz.1.5801': attribute type 21 has an invalid length.
[ 1444.367944][T25542] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5801'.
[ 1444.403144][T25542] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5801'.
[ 1444.699724][T25552] netlink: 'syz.3.5805': attribute type 10 has an invalid length.
[ 1444.707984][T25552] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5805'.
[ 1445.088409][T25572] netlink: 'syz.0.5812': attribute type 10 has an invalid length.
[ 1445.253995][T25576] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5814'.
[ 1445.425127][T25578] netlink: 'syz.0.5815': attribute type 10 has an invalid length.
[ 1445.445757][T25578] team0: Device hsr_slave_0 failed to register rx_handler
[ 1448.369042][T25582] netlink: 'syz.1.5817': attribute type 10 has an invalid length.
[ 1448.376954][T25582] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5817'.
[ 1448.572289][T25594] netlink: 'syz.1.5822': attribute type 10 has an invalid length.
[ 1448.597805][T25595] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1448.774841][T25597] netlink: 'syz.1.5823': attribute type 29 has an invalid length.
[ 1448.786841][T25597] netlink: 'syz.1.5823': attribute type 29 has an invalid length.
[ 1448.848712][T25601] netlink: 'syz.0.5831': attribute type 10 has an invalid length.
[ 1448.882062][T25597] netlink: 'syz.1.5823': attribute type 29 has an invalid length.
[ 1449.624292][T25615] netlink: 'syz.1.5830': attribute type 10 has an invalid length.
[ 1449.632736][T25615] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5830'.
[ 1449.875556][T25625] netlink: 'syz.1.5835': attribute type 10 has an invalid length.
[ 1450.410755][T25636] netlink: 'syz.3.5839': attribute type 10 has an invalid length.
[ 1450.438799][T25636] team0: Device hsr_slave_0 failed to register rx_handler
[ 1450.539907][T25640] netlink: 'syz.0.5841': attribute type 10 has an invalid length.
[ 1450.558756][T25640] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5841'.
[ 1450.858141][T25653] netlink: 156 bytes leftover after parsing attributes in process `syz.0.5847'.
[ 1451.015515][T25660] FAULT_INJECTION: forcing a failure.
[ 1451.015515][T25660] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.058061][T25660] CPU: 0 PID: 25660 Comm: syz.3.5850 Not tainted syzkaller #0
[ 1451.065599][T25660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1451.075857][T25660] Call Trace:
[ 1451.079159][T25660]  <TASK>
[ 1451.082104][T25660]  dump_stack_lvl+0x18c/0x250
[ 1451.086816][T25660]  ? show_regs_print_info+0x20/0x20
[ 1451.092044][T25660]  ? load_image+0x420/0x420
[ 1451.096750][T25660]  should_fail_ex+0x39d/0x4d0
[ 1451.101542][T25660]  should_failslab+0x9/0x20
[ 1451.106244][T25660]  slab_pre_alloc_hook+0x59/0x310
[ 1451.111381][T25660]  kmem_cache_alloc+0x5a/0x2d0
[ 1451.116171][T25660]  ? skb_clone+0x1eb/0x370
[ 1451.120692][T25660]  skb_clone+0x1eb/0x370
[ 1451.125034][T25660]  __netlink_deliver_tap+0x41c/0x830
[ 1451.130369][T25660]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1451.135673][T25660]  netlink_deliver_tap+0x19c/0x1b0
[ 1451.140984][T25660]  netlink_dump+0x94b/0xe50
[ 1451.145514][T25660]  ? netlink_lookup+0x200/0x200
[ 1451.150416][T25660]  ? slab_free_freelist_hook+0x130/0x1a0
[ 1451.156071][T25660]  ? netlink_recvmsg+0x5e7/0xe60
[ 1451.161028][T25660]  ? kmem_cache_free+0xf8/0x270
[ 1451.165902][T25660]  netlink_recvmsg+0x693/0xe60
[ 1451.170787][T25660]  ? netlink_sendmsg+0xbf0/0xbf0
[ 1451.175835][T25660]  ? aa_af_perm+0x330/0x330
[ 1451.180498][T25660]  ? __lock_acquire+0x1273/0x7d40
[ 1451.185638][T25660]  ? verify_lock_unused+0x140/0x140
[ 1451.191040][T25660]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1451.196350][T25660]  ? security_socket_recvmsg+0x89/0xb0
[ 1451.201845][T25660]  ? netlink_sendmsg+0xbf0/0xbf0
[ 1451.206887][T25660]  ____sys_recvmsg+0x2ce/0x5e0
[ 1451.211874][T25660]  ? __sys_recvmsg_sock+0x50/0x50
[ 1451.216963][T25660]  ? import_iovec+0x73/0xa0
[ 1451.221506][T25660]  ___sys_recvmsg+0x216/0x590
[ 1451.226304][T25660]  ? __sys_recvmsg+0x2a0/0x2a0
[ 1451.231097][T25660]  ? ksys_write+0x1c4/0x260
[ 1451.235640][T25660]  ? __fget_files+0x43d/0x4b0
[ 1451.240344][T25660]  __x64_sys_recvmsg+0x20c/0x2e0
[ 1451.245295][T25660]  ? ___sys_recvmsg+0x590/0x590
[ 1451.250196][T25660]  ? lockdep_hardirqs_on+0x98/0x150
[ 1451.255415][T25660]  do_syscall_64+0x55/0xa0
[ 1451.259933][T25660]  ? clear_bhb_loop+0x40/0x90
[ 1451.264710][T25660]  ? clear_bhb_loop+0x40/0x90
[ 1451.269621][T25660]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1451.275622][T25660] RIP: 0033:0x7f0e67d9ce59
[ 1451.280054][T25660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1451.299773][T25660] RSP: 002b:00007f0e68c32028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1451.308492][T25660] RAX: ffffffffffffffda RBX: 00007f0e68015fa0 RCX: 00007f0e67d9ce59
[ 1451.316575][T25660] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[ 1451.324742][T25660] RBP: 00007f0e68c32090 R08: 0000000000000000 R09: 0000000000000000
[ 1451.333077][T25660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.341059][T25660] R13: 00007f0e68016038 R14: 00007f0e68015fa0 R15: 00007fff4c61a8c8
[ 1451.349055][T25660]  </TASK>
[ 1451.375591][T25662] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5853'.
[ 1451.529312][T25667] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5851'.
[ 1451.554287][T25667] bridge0: port 2(ipvlan1) entered blocking state
[ 1451.571991][T25667] bridge0: port 2(ipvlan1) entered disabled state
[ 1451.613002][T25667] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1452.092417][T25688] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5860'.
[ 1452.112822][T25688] bridge0: port 3(ipvlan1) entered blocking state
[ 1452.163740][T25688] bridge0: port 3(ipvlan1) entered disabled state
[ 1452.229197][T25688] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1452.630170][T25698] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5864'.
[ 1452.811665][T25706] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5867'.
[ 1452.829912][T25706] bridge0: port 2(ipvlan1) entered blocking state
[ 1452.840054][T25706] bridge0: port 2(ipvlan1) entered disabled state
[ 1452.858808][T25706] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1453.028179][T25713] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5871'.
[ 1453.144592][T25715] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5872'.
[ 1453.165527][T25715] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1453.452673][T25726] validate_nla: 10 callbacks suppressed
[ 1453.452698][T25726] netlink: 'syz.0.5878': attribute type 10 has an invalid length.
[ 1453.658943][T25734] netlink: 'syz.2.5880': attribute type 10 has an invalid length.
[ 1454.176420][T25759] netlink: 'syz.3.5891': attribute type 10 has an invalid length.
[ 1454.323039][T25765] netlink: 'syz.0.5893': attribute type 10 has an invalid length.
[ 1454.333820][T25765] bridge0: port 2(ipvlan1) entered blocking state
[ 1454.342968][T25765] bridge0: port 2(ipvlan1) entered disabled state
[ 1454.371651][T25765] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1454.551929][T25770] netlink: 'syz.1.5895': attribute type 10 has an invalid length.
[ 1455.119515][T25785] netlink: 'syz.1.5902': attribute type 10 has an invalid length.
[ 1455.127646][T25785] __nla_validate_parse: 3 callbacks suppressed
[ 1455.127663][T25785] netlink: 55 bytes leftover after parsing attributes in process `syz.1.5902'.
[ 1455.207583][T25789] FAULT_INJECTION: forcing a failure.
[ 1455.207583][T25789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1455.256915][T25789] CPU: 1 PID: 25789 Comm: syz.0.5904 Not tainted syzkaller #0
[ 1455.264569][T25789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1455.274662][T25789] Call Trace:
[ 1455.278160][T25789]  <TASK>
[ 1455.281123][T25789]  dump_stack_lvl+0x18c/0x250
[ 1455.285857][T25789]  ? show_regs_print_info+0x20/0x20
[ 1455.291093][T25789]  ? load_image+0x420/0x420
[ 1455.295876][T25789]  ? __might_fault+0xaa/0x120
[ 1455.300614][T25789]  ? __lock_acquire+0x7d40/0x7d40
[ 1455.305688][T25789]  should_fail_ex+0x39d/0x4d0
[ 1455.310506][T25789]  _copy_from_user+0x2f/0xe0
[ 1455.315133][T25789]  ___sys_sendmsg+0x1c7/0x360
[ 1455.319837][T25789]  ? get_pid_task+0x20/0x1e0
[ 1455.324580][T25789]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1455.329407][T25789]  ? __lock_acquire+0x7d40/0x7d40
[ 1455.334628][T25789]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1455.339512][T25789]  ? __x64_sys_sendmsg+0x80/0x80
[ 1455.344614][T25789]  ? lockdep_hardirqs_on+0x98/0x150
[ 1455.349934][T25789]  do_syscall_64+0x55/0xa0
[ 1455.354458][T25789]  ? clear_bhb_loop+0x40/0x90
[ 1455.359188][T25789]  ? clear_bhb_loop+0x40/0x90
[ 1455.363895][T25789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1455.369897][T25789] RIP: 0033:0x7f9703d9ce59
[ 1455.374434][T25789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1455.394502][T25789] RSP: 002b:00007f9704c37028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1455.403181][T25789] RAX: ffffffffffffffda RBX: 00007f9704015fa0 RCX: 00007f9703d9ce59
[ 1455.411380][T25789] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[ 1455.419650][T25789] RBP: 00007f9704c37090 R08: 0000000000000000 R09: 0000000000000000
[ 1455.427911][T25789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1455.435906][T25789] R13: 00007f9704016038 R14: 00007f9704015fa0 R15: 00007ffec6016e88
[ 1455.443960][T25789]  </TASK>
[ 1455.526641][    C1] ==================================================================
[ 1455.526656][    C1] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900
[ 1455.526687][    C1] Write of size 56 at addr ffff88804e875b90 by task syz.2.5905/25792
[ 1455.526703][    C1] 
[ 1455.526710][    C1] CPU: 1 PID: 25792 Comm: syz.2.5905 Not tainted syzkaller #0
[ 1455.526728][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1455.526739][    C1] Call Trace:
[ 1455.526746][    C1]  <#DB>
[ 1455.526754][    C1]  dump_stack_lvl+0x18c/0x250
[ 1455.526784][    C1]  ? __lock_acquire+0x7d40/0x7d40
[ 1455.526807][    C1]  ? show_regs_print_info+0x20/0x20
[ 1455.526835][    C1]  ? load_image+0x420/0x420
[ 1455.526861][    C1]  ? _raw_spin_lock_irqsave+0xc0/0x100
[ 1455.526889][    C1]  ? __virt_addr_valid+0x18c/0x540
[ 1455.526913][    C1]  ? __virt_addr_valid+0x469/0x540
[ 1455.526939][    C1]  print_report+0xa8/0x210
[ 1455.526965][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.526984][    C1]  kasan_report+0x117/0x150
[ 1455.527011][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.527047][    C1]  kasan_check_range+0x241/0x290
[ 1455.527069][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.527093][    C1]  __asan_memcpy+0x40/0x70
[ 1455.527120][    C1]  __bpf_get_stackid+0x6bf/0x900
[ 1455.527158][    C1]  bpf_get_stackid_pe+0x343/0x410
[ 1455.527192][    C1]  bpf_prog_ebdd8313a69a195f+0x30/0x45
[ 1455.527216][    C1]  bpf_overflow_handler+0x1fc/0x510
[ 1455.527239][    C1]  ? irq_work_queue+0xbc/0x140
[ 1455.527263][    C1]  ? __perf_event_overflow+0x4f1/0x630
[ 1455.527282][    C1]  ? bpf_overflow_handler+0xde/0x510
[ 1455.527307][    C1]  ? tp_perf_event_destroy+0x20/0x20
[ 1455.527342][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 1455.527369][    C1]  __perf_event_overflow+0x447/0x630
[ 1455.527402][    C1]  perf_swevent_event+0x319/0x570
[ 1455.527437][    C1]  ? perf_tp_event+0x1520/0x1520
[ 1455.527456][    C1]  ? trace_call_bpf+0x5e9/0x6c0
[ 1455.527482][    C1]  ? trace_call_bpf+0xc3/0x6c0
[ 1455.527524][    C1]  perf_bp_event+0x319/0x430
[ 1455.527554][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[ 1455.527574][    C1]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1455.527642][    C1]  ? lock_acquire+0x2c2/0x420
[ 1455.527676][    C1]  hw_breakpoint_exceptions_notify+0x23e/0x670
[ 1455.527707][    C1]  notifier_call_chain+0x197/0x380
[ 1455.527739][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[ 1455.527762][    C1]  atomic_notifier_call_chain+0xda/0x180
[ 1455.527787][    C1]  notify_die+0x145/0x1a0
[ 1455.527812][    C1]  ? srcu_init_notifier_head+0x90/0x90
[ 1455.527846][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1455.527873][    C1]  notify_debug+0x2e/0x50
[ 1455.527892][    C1]  exc_debug+0xde/0x140
[ 1455.527916][    C1]  asm_exc_debug+0x1e/0x40
[ 1455.527937][    C1] RIP: 0010:__import_iovec+0x190/0x850
[ 1455.527958][    C1] Code: 99 b6 fd 48 c7 03 00 00 00 00 4c 89 fb e9 d3 04 00 00 4d 85 e4 0f 88 5d 05 00 00 0f 01 cb 0f ae e8 4d 8b 7c 24 08 49 8b 1c 24 <31> ff 4c 89 fe e8 06 66 5e fd 4d 85 ff 0f 88 4d 05 00 00 e8 b8 61
[ 1455.527973][    C1] RSP: 0018:ffffc9001030faa0 EFLAGS: 00040206
[ 1455.527991][    C1] RAX: 1ffff92002061fac RBX: 0000200000000200 RCX: 0000000000000002
[ 1455.528005][    C1] RDX: ffff8880247b8000 RSI: 0000000000000001 RDI: 0000000000000001
[ 1455.528016][    C1] RBP: 0000000000000008 R08: ffffc9001030fd60 R09: ffffc9001030fe30
[ 1455.528028][    C1] R10: ffffc9001030fe70 R11: fffff52002061fd0 R12: 0000200000000300
[ 1455.528041][    C1] R13: dffffc0000000000 R14: ffffc9001030fcc0 R15: 0000000000000039
[ 1455.528077][    C1]  </#DB>
[ 1455.528083][    C1]  <TASK>
[ 1455.528106][    C1]  import_iovec+0x73/0xa0
[ 1455.528132][    C1]  ___sys_sendmsg+0x256/0x360
[ 1455.528161][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1455.528256][    C1]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1455.528280][    C1]  ? __x64_sys_sendmsg+0x80/0x80
[ 1455.528325][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[ 1455.528352][    C1]  do_syscall_64+0x55/0xa0
[ 1455.528367][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1455.528388][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1455.528412][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1455.528442][    C1] RIP: 0033:0x7f5773b9ce59
[ 1455.528458][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1455.528473][    C1] RSP: 002b:00007f5774af1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1455.528491][    C1] RAX: ffffffffffffffda RBX: 00007f5773e15fa0 RCX: 00007f5773b9ce59
[ 1455.528504][    C1] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000010
[ 1455.528515][    C1] RBP: 00007f5773c32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1455.528527][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1455.528538][    C1] R13: 00007f5773e16038 R14: 00007f5773e15fa0 R15: 00007ffe736af918
[ 1455.528575][    C1]  </TASK>
[ 1455.528581][    C1] 
[ 1455.528585][    C1] Allocated by task 25792:
[ 1455.528594][    C1]  kasan_set_track+0x4e/0x70
[ 1455.528612][    C1]  __kasan_kmalloc+0x8f/0xa0
[ 1455.528629][    C1]  __kmalloc_node+0xb4/0x230
[ 1455.528650][    C1]  bpf_map_area_alloc+0x5e/0x110
[ 1455.528671][    C1]  prealloc_elems_and_freelist+0x86/0x1c0
[ 1455.528690][    C1]  stack_map_alloc+0x33a/0x4c0
[ 1455.528707][    C1]  map_create+0x877/0x12f0
[ 1455.528723][    C1]  __sys_bpf+0x651/0x890
[ 1455.528738][    C1]  __x64_sys_bpf+0x7c/0x90
[ 1455.528753][    C1]  do_syscall_64+0x55/0xa0
[ 1455.528767][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1455.528786][    C1] 
[ 1455.528789][    C1] The buggy address belongs to the object at ffff88804e875b80
[ 1455.528789][    C1]  which belongs to the cache kmalloc-cg-64 of size 64
[ 1455.528803][    C1] The buggy address is located 16 bytes inside of
[ 1455.528803][    C1]  allocated 40-byte region [ffff88804e875b80, ffff88804e875ba8)
[ 1455.528820][    C1] 
[ 1455.528824][    C1] The buggy address belongs to the physical page:
[ 1455.528832][    C1] page:ffffea00013a1d40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4e875
[ 1455.528850][    C1] memcg:ffff88802b854e01
[ 1455.528858][    C1] anon flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 1455.528874][    C1] page_type: 0xffffffff()
[ 1455.528890][    C1] raw: 00fff00000000800 ffff888017c4da00 ffffea0001eee980 0000000000000005
[ 1455.528907][    C1] raw: 0000000000000000 0000000080200020 00000001ffffffff ffff88802b854e01
[ 1455.528915][    C1] page dumped because: kasan: bad access detected
[ 1455.528923][    C1] page_owner tracks the page as allocated
[ 1455.528930][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 24429, tgid 24429 (syz.2.5418), ts 1358635184182, free_ts 1357380149620
[ 1455.528960][    C1]  post_alloc_hook+0x1c1/0x200
[ 1455.528983][    C1]  get_page_from_freelist+0x1951/0x19e0
[ 1455.528998][    C1]  __alloc_pages+0x1f0/0x460
[ 1455.529012][    C1]  alloc_slab_page+0x5d/0x160
[ 1455.529027][    C1]  new_slab+0x87/0x2d0
[ 1455.529040][    C1]  ___slab_alloc+0xc5d/0x12f0
[ 1455.529063][    C1]  __kmem_cache_alloc_node+0x19e/0x250
[ 1455.529085][    C1]  kmalloc_trace+0x2a/0xe0
[ 1455.529106][    C1]  alloc_fdtable+0xca/0x2c0
[ 1455.529125][    C1]  dup_fd+0x786/0xa50
[ 1455.529143][    C1]  unshare_files+0x8a/0x140
[ 1455.529160][    C1]  do_coredump+0x16f5/0x24d0
[ 1455.529176][    C1]  get_signal+0x1133/0x13f0
[ 1455.529190][    C1]  arch_do_signal_or_restart+0xc2/0x800
[ 1455.529214][    C1]  exit_to_user_mode_loop+0x70/0x110
[ 1455.529236][    C1]  exit_to_user_mode_prepare+0xee/0x180
[ 1455.529257][    C1] page last free stack trace:
[ 1455.529262][    C1]  free_unref_page_prepare+0x7b2/0x8c0
[ 1455.529286][    C1]  free_unref_page_list+0xbe/0x860
[ 1455.529308][    C1]  release_pages+0x1f7a/0x2200
[ 1455.529325][    C1]  tlb_flush_mmu+0x379/0x510
[ 1455.529347][    C1]  tlb_finish_mmu+0xf9/0x220
[ 1455.529369][    C1]  exit_mmap+0x428/0xb90
[ 1455.529389][    C1]  __mmput+0x118/0x3c0
[ 1455.529403][    C1]  exit_mm+0x24a/0x350
[ 1455.529424][    C1]  do_exit+0x8dd/0x2460
[ 1455.529453][    C1]  do_group_exit+0x21b/0x2d0
[ 1455.529475][    C1]  get_signal+0x12fc/0x13f0
[ 1455.529489][    C1]  arch_do_signal_or_restart+0xc2/0x800
[ 1455.529511][    C1]  exit_to_user_mode_loop+0x70/0x110
[ 1455.529532][    C1]  exit_to_user_mode_prepare+0xee/0x180
[ 1455.529552][    C1]  irqentry_exit_to_user_mode+0x9/0x30
[ 1455.529571][    C1]  exc_page_fault+0x8c/0x100
[ 1455.529590][    C1] 
[ 1455.529593][    C1] Memory state around the buggy address:
[ 1455.529602][    C1]  ffff88804e875a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1455.529612][    C1]  ffff88804e875b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1455.529623][    C1] >ffff88804e875b80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 1455.529631][    C1]                                   ^
[ 1455.529639][    C1]  ffff88804e875c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1455.529650][    C1]  ffff88804e875c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1455.529658][    C1] ==================================================================
[ 1455.529669][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1455.529676][    C1] CPU: 1 PID: 25792 Comm: syz.2.5905 Not tainted syzkaller #0
[ 1455.529692][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1455.529700][    C1] Call Trace:
[ 1455.529707][    C1]  <#DB>
[ 1455.529714][    C1]  dump_stack_lvl+0x18c/0x250
[ 1455.529745][    C1]  ? show_regs_print_info+0x20/0x20
[ 1455.529771][    C1]  ? load_image+0x420/0x420
[ 1455.529814][    C1]  panic+0x2dc/0x730
[ 1455.529835][    C1]  ? __lock_acquire+0x7d40/0x7d40
[ 1455.529861][    C1]  ? bpf_jit_dump+0xd0/0xd0
[ 1455.529893][    C1]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1455.529915][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1455.529942][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.529963][    C1]  check_panic_on_warn+0x84/0xa0
[ 1455.529985][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.530006][    C1]  end_report+0x6f/0x130
[ 1455.530026][    C1]  kasan_report+0x128/0x150
[ 1455.530053][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.530087][    C1]  kasan_check_range+0x241/0x290
[ 1455.530108][    C1]  ? __bpf_get_stackid+0x6bf/0x900
[ 1455.530132][    C1]  __asan_memcpy+0x40/0x70
[ 1455.530158][    C1]  __bpf_get_stackid+0x6bf/0x900
[ 1455.530195][    C1]  bpf_get_stackid_pe+0x343/0x410
[ 1455.530229][    C1]  bpf_prog_ebdd8313a69a195f+0x30/0x45
[ 1455.530252][    C1]  bpf_overflow_handler+0x1fc/0x510
[ 1455.530274][    C1]  ? irq_work_queue+0xbc/0x140
[ 1455.530298][    C1]  ? __perf_event_overflow+0x4f1/0x630
[ 1455.530316][    C1]  ? bpf_overflow_handler+0xde/0x510
[ 1455.530340][    C1]  ? tp_perf_event_destroy+0x20/0x20
[ 1455.530376][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 1455.530402][    C1]  __perf_event_overflow+0x447/0x630
[ 1455.530442][    C1]  perf_swevent_event+0x319/0x570
[ 1455.530468][    C1]  ? perf_tp_event+0x1520/0x1520
[ 1455.530486][    C1]  ? trace_call_bpf+0x5e9/0x6c0
[ 1455.530511][    C1]  ? trace_call_bpf+0xc3/0x6c0
[ 1455.530553][    C1]  perf_bp_event+0x319/0x430
[ 1455.530583][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[ 1455.530604][    C1]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[ 1455.530670][    C1]  ? lock_acquire+0x2c2/0x420
[ 1455.530703][    C1]  hw_breakpoint_exceptions_notify+0x23e/0x670
[ 1455.530733][    C1]  notifier_call_chain+0x197/0x380
[ 1455.530760][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[ 1455.530786][    C1]  atomic_notifier_call_chain+0xda/0x180
[ 1455.530812][    C1]  notify_die+0x145/0x1a0
[ 1455.530838][    C1]  ? srcu_init_notifier_head+0x90/0x90
[ 1455.530873][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1455.530899][    C1]  notify_debug+0x2e/0x50
[ 1455.530916][    C1]  exc_debug+0xde/0x140
[ 1455.530940][    C1]  asm_exc_debug+0x1e/0x40
[ 1455.530958][    C1] RIP: 0010:__import_iovec+0x190/0x850
[ 1455.530976][    C1] Code: 99 b6 fd 48 c7 03 00 00 00 00 4c 89 fb e9 d3 04 00 00 4d 85 e4 0f 88 5d 05 00 00 0f 01 cb 0f ae e8 4d 8b 7c 24 08 49 8b 1c 24 <31> ff 4c 89 fe e8 06 66 5e fd 4d 85 ff 0f 88 4d 05 00 00 e8 b8 61
[ 1455.530990][    C1] RSP: 0018:ffffc9001030faa0 EFLAGS: 00040206
[ 1455.531004][    C1] RAX: 1ffff92002061fac RBX: 0000200000000200 RCX: 0000000000000002
[ 1455.531016][    C1] RDX: ffff8880247b8000 RSI: 0000000000000001 RDI: 0000000000000001
[ 1455.531028][    C1] RBP: 0000000000000008 R08: ffffc9001030fd60 R09: ffffc9001030fe30
[ 1455.531040][    C1] R10: ffffc9001030fe70 R11: fffff52002061fd0 R12: 0000200000000300
[ 1455.531053][    C1] R13: dffffc0000000000 R14: ffffc9001030fcc0 R15: 0000000000000039
[ 1455.531090][    C1]  </#DB>
[ 1455.531095][    C1]  <TASK>
[ 1455.531118][    C1]  import_iovec+0x73/0xa0
[ 1455.531142][    C1]  ___sys_sendmsg+0x256/0x360
[ 1455.531171][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1455.531267][    C1]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1455.531290][    C1]  ? __x64_sys_sendmsg+0x80/0x80
[ 1455.531335][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[ 1455.531363][    C1]  do_syscall_64+0x55/0xa0
[ 1455.531379][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1455.531399][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1455.531423][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1455.531451][    C1] RIP: 0033:0x7f5773b9ce59
[ 1455.531466][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1455.531480][    C1] RSP: 002b:00007f5774af1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1455.531496][    C1] RAX: ffffffffffffffda RBX: 00007f5773e15fa0 RCX: 00007f5773b9ce59
[ 1455.531508][    C1] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000010
[ 1455.531519][    C1] RBP: 00007f5773c32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1455.531530][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1455.531541][    C1] R13: 00007f5773e16038 R14: 00007f5773e15fa0 R15: 00007ffe736af918
[ 1455.531578][    C1]  </TASK>
[ 1455.532117][    C1] Kernel Offset: disabled