last executing test programs:

2.368473834s ago: executing program 3 (id=2341):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x8, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r3, &(0x7f0000000180), &(0x7f0000000540)=""/119}, 0x20) (fail_nth: 6)

1.797246555s ago: executing program 2 (id=2344):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000200), 0x4)
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f0000000100)=r2, 0x4)
r3 = socket$kcm(0x10, 0x3, 0x0)
write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd00005c0a"], 0xfe33)
syz_clone(0x411, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000012f46facb8f4f1a566403af421a4e6987e238aa26abca3ccc0fc61e5c5ab89e43adfa036f4472e743d6cae3a2c61e54ae2144c7f6f25e89cd7caddaa5b088ec7c3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
getpid()
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)="7a6066ca5f8de7f9acd4d6586a73605de98ef2c6f30e66739b054aa53d2fd0817ca567e120c9b99bbc6b3fd499a90e6d9b2d765c528c61869eca32ec152d9c90f5282dc0e012ffe51e8ecc94373f628ae2ab310600"/95, 0x5f}, {&(0x7f0000000a40)="aa1f5ce08abb2b2d8b2a4fdb6101b4d4d65024f52c6f5a208a56ba25ce8f86d820e20f43506581c26392042e1749c24990226c157590bf9e233041e4cb27eb7255e8c5e423277478a86a7734db3f7b9345036eea127ed0279a50e12206dfb014231f8d03496c95e7f649bb7d81c19886d9f8837fd3cdbfdd209e224f9e6ba0c41db40fe09a7fa8560f3ec18892da4308a86a8268b4c29c7c0ec72760d6eb61f7e0638ddde026bb71179f32be4f3aa4913963203ce3e6b64c320282f774025baf46e9313c2d9f9b414bc94f74476a5f9da2a1eca9c41b1a8a737b0d474c36bf63e5f2755f6dc8c120e57db25cc862234f616aac6c52e54b8059d0e4fc976b2c21fcc1f1089972109c126497b2abf60b6019965c24b1d2d000976c24fc1506aa185243002951302e95009746c51824737a522c311a4396569075e85968e0e9ad494f092e08f4348972a8b7e52d4a9f8489cd537fc887baaf2d69238e7403a69c2c5d451b8e45625793ac9deba5e9082d2042128a16d9efc3d19b6c61a52b8b872fd16ba15965411040d5de31979da6d668010913b712bdb7e152593331e771fba13d77cdb57b824f45ac5cd5f34fea9693d805dfce610963bc65b6b0d13d921f4dddc646519f048864ca6291de6c07be8502cf1f65241068686756ab333ea92ff0363f314683c946160746435a5ec3803958bdf701485ccbc9f6e13a34cfc5e87bb7156409c4f22e0a42a3ced43472839ffe92b4a9b10af20c865020b7d0d0508c8c8b5c561adf820ec192c9cfcad16a1d3f358dec3cb3e9219d611907bf4109165f38224b16f8e88d111ce2aa41d840dec3c28364636cae293d81dd86a177b72fa929330a84b3e83b58b9ffef75b87a737c813a47fea082e2ea66c3ba3570e04e025255da7b5ab22763a09b78eeeed417513d8017e925df337116c2fcbe88192b51c7ed37de87355f4cc98d0e71620440a4ac62df344baaea958d7edcd2ffffb9b26509293bf6f1590521343193d518f84660451a1e5fe1a902ecb2304a0dcbdb3911b0b9e5cc6677a729df3d0d81b2d75ab9a7e5091f4554dd2ea61945bfba619de69ad72704cde36929a0896f745622ded85147ef7b3e600cc49a43d79021c9892fcee2494d4b3dd6d5c46822306ef22d783520723569f68acfda16068935500fb495fab4fdd3cf9e50bee269e3906b800ca575306278415df6187a156efa3da0b4ca1cd67409c18ed434897cacd7d1c5064ee4dc54b37fa77cb514f520d0ccb77caa8c782c358379302cdbdea8ea337b346c9871d2ea270fbd087c629b3723207f46754b729888ea56430c9c4312e67ed08f75f28db59f83da3e91b40e8e6186bf3ba7428bdf5687813368e5001f42cc3c7ce218ffc78cc667c660bc1a04ea63e7b9ab5b2fa0b78734834fd62076cde44dc8c3769caeb8d0da5ac6af0922f04f276f22685965f1b0b321f504db5393677db5fce18bc0339a19fbdd1c8fc233e92529f14c78df09c39ea3074b95152399a895f2f2b1b6b394810902125120a5325fbfb9e9b84c713dcd2939d987c28d0d07b5de5680c9cab0d8858ea7525e4880e51569675e6cbae52ccb4dec990df8cf545e7c26c9808f11af8c0559cd38635d225c69c45e637512714b7fe55f3d0f024469e640624ed3e59337eb1de8be4a6b9d7f83905a5ffc44f2674a54a37afae5a3e4aae2fa9cd50ac8dce4835373bb10b2da1428dac80d5982c9b3492e820be2c0063948c56dc9bc4b3b68d8c54e22942117f83dcb272b2d62dfb54e91315627e4ffa3d03b6311ce493142d8f04cc794d284a64bacfcfb825ee8cc29b34ac69db207a36e1243fa7f2f90f4f5049505f870a6f1f2d2e5c654ce4a8eb3358808942f3f48512d22e2f575ceed1516704f3549617abf58285ddc73bf1784c4297a5ed944c9d82f0c299fe4e76ff993e86074a7dfdde2246330f35162f503fd753d20d22d05e4a6", 0x576}], 0x2, 0x0, 0x0, 0x10000000}, 0x4)

1.700371487s ago: executing program 3 (id=2345):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={&(0x7f0000000200), 0x949aa882490ebde6}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40c4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f807ee4636aad1b45472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a7548992993", 0x91}], 0x1}, 0x8011)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000000400), 0x1}, 0x0) (fail_nth: 3)

1.659384058s ago: executing program 0 (id=2347):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)
r2 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0xfffc}, {0x10000002, 0x0, 0x0, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x6e, &(0x7f0000000000)=r4, 0x10)
r5 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x84, 0x17, &(0x7f0000000000)=r8, 0x10)

1.314653594s ago: executing program 0 (id=2348):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071041b000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001800)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)

1.229055236s ago: executing program 0 (id=2349):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$kcm(0x2, 0x5, 0x84)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x1, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00e90000000000000000000000000000000000f5e7d74df40f620a7eb8d8ba76c0dbe4675c0568baad013c06a8bb559e892a8cfb2314c62c96cb2d0818f8506c188403289efdb15c774e5f584b3e151677a17b74d08555c13858ecbe3f6374301414cd67fb49b9e35f6932f94db0bccaf3a744329a6c44", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
write$cgroup_int(r0, &(0x7f0000000180)=0x1, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
recvmsg$kcm(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
recvmsg$kcm(r2, &(0x7f00000003c0)={0x0, 0x700, 0x0}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480))

1.157292068s ago: executing program 3 (id=2351):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000100)=0x8000000000000000, 0x12)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x14, &(0x7f00000001c0)=@raw=[@map_val={0x18, 0xf, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7b}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @map_fd={0x18, 0x1}, @generic={0x9e, 0xe, 0x8, 0x5, 0x6}, @jmp={0x5, 0x1, 0xc, 0xa, 0x9, 0xffffffffffffffc0, 0x8}, @ldst={0x0, 0x0, 0x3, 0xa, 0x1, 0xc, 0x10}], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf039, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xdd19}, 0x94)
r1 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

1.115211378s ago: executing program 3 (id=2352):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002a80)=[{&(0x7f0000002880)='{', 0x1}], 0x1}, 0x4005)
r1 = socket$kcm(0x10, 0x3, 0x0)
write$cgroup_subtree(r1, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd00005c0a"], 0xfe33)
recvmsg$kcm(r1, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000039c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/233, 0xe9}, {&(0x7f00000005c0)=""/194, 0xc2}, {&(0x7f00000006c0)=""/87, 0x57}, {&(0x7f0000000400)=""/211, 0xd3}, {&(0x7f0000000b00)=""/157, 0xffffff8c}, {&(0x7f00000008c0)=""/210, 0xd2}, {&(0x7f0000000280)=""/209, 0xd1}], 0x8}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42)
recvmsg$kcm(r1, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x411, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000012f46facb8f4f1a566403af421a4e6987e238aa26abca3ccc0fc61e5c5ab89e43adfa036f4472e743d6cae3a2c61e54ae2144c7f6f25e89cd7caddaa5b088ec7c3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xd, &(0x7f00000020c0)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b79f3b03000000000000850000000c000000b70700000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7030000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpid()
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)="7a6066ca5f8de7f9acd4d6586a73605de98ef2c6f30e66739b054aa53d2fd0817ca567e120c9b99bbc6b3fd499a90e6d9b2d765c528c61869eca32ec152d9c90f5282dc0e012ffe51e8ecc94373f628ae2ab310600"/95, 0x5f}, {&(0x7f0000000a40)="aa1f5ce08abb2b2d8b2a4fdb6101b4d4d65024f52c6f5a208a56ba25ce8f86d820e20f43506581c26392042e1749c24990226c157590bf9e233041e4cb27eb7255e8c5e423277478a86a7734db3f7b9345036eea127ed0279a50e12206dfb014231f8d03496c95e7f649bb7d81c19886d9f8837fd3cdbfdd209e224f9e6ba0c41db40fe09a7fa8560f3ec18892da4308a86a8268b4c29c7c0ec72760d6eb61f7e0638ddde026bb71179f32be4f3aa4913963203ce3e6b64c320282f774025baf46e9313c2d9f9b414bc94f74476a5f9da2a1eca9c41b1a8a737b0d474c36bf63e5f2755f6dc8c120e57db25cc862234f616aac6c52e54b8059d0e4fc976b2c21fcc1f1089972109c126497b2abf60b6019965c24b1d2d000976c24fc1506aa185243002951302e95009746c51824737a522c311a4396569075e85968e0e9ad494f092e08f4348972a8b7e52d4a9f8489cd537fc887baaf2d69238e7403a69c2c5d451b8e45625793ac9deba5e9082d2042128a16d9efc3d19b6c61a52b8b872fd16ba15965411040d5de31979da6d668010913b712bdb7e152593331e771fba13d77cdb57b824f45ac5cd5f34fea9693d805dfce610963bc65b6b0d13d921f4dddc646519f048864ca6291de6c07be8502cf1f65241068686756ab333ea92ff0363f314683c946160746435a5ec3803958bdf701485ccbc9f6e13a34cfc5e87bb7156409c4f22e0a42a3ced43472839ffe92b4a9b10af20c865020b7d0d0508c8c8b5c561adf820ec192c9cfcad16a1d3f358dec3cb3e9219d611907bf4109165f38224b16f8e88d111ce2aa41d840dec3c28364636cae293d81dd86a177b72fa929330a84b3e83b58b9ffef75b87a737c813a47fea082e2ea66c3ba3570e04e025255da7b5ab22763a09b78eeeed417513d8017e925df337116c2fcbe88192b51c7ed37de87355f4cc98d0e71620440a4ac62df344baaea958d7edcd2ffffb9b26509293bf6f1590521343193d518f84660451a1e5fe1a902ecb2304a0dcbdb3911b0b9e5cc6677a729df3d0d81b2d75ab9a7e5091f4554dd2ea61945bfba619de69ad72704cde36929a0896f745622ded85147ef7b3e600cc49a43d79021c9892fcee2494d4b3dd6d5c46822306ef22d783520723569f68acfda16068935500fb495fab4fdd3cf9e50bee269e3906b800ca575306278415df6187a156efa3da0b4ca1cd67409c18ed434897cacd7d1c5064ee4dc54b37fa77cb514f520d0ccb77caa8c782c358379302cdbdea8ea337b346c9871d2ea270fbd087c629b3723207f46754b729888ea56430c9c4312e67ed08f75f28db59f83da3e91b40e8e6186bf3ba7428bdf5687813368e5001f42cc3c7ce218ffc78cc667c660bc1a04ea63e7b9ab5b2fa0b78734834fd62076cde44dc8c3769caeb8d0da5ac6af0922f04f276f22685965f1b0b321f504db5393677db5fce18bc0339a19fbdd1c8fc233e92529f14c78df09c39ea3074b95152399a895f2f2b1b6b394810902125120a5325fbfb9e9b84c713dcd2939d987c28d0d07b5de5680c9cab0d8858ea7525e4880e51569675e6cbae52ccb4dec990df8cf545e7c26c9808f11af8c0559cd38635d225c69c45e637512714b7fe55f3d0f024469e640624ed3e59337eb1de8be4a6b9d7f83905a5ffc44f2674a54a37afae5a3e4aae2fa9cd50ac8dce4835373bb10b2da1428dac80d5982c9b3492e820be2c0063948c56dc9bc4b3b68d8c54e22942117f83dcb272b2d62dfb54e91315627e4ffa3d03b6311ce493142d8f04cc794d284a64bacfcfb825ee8cc29b34ac69db207a36e1243fa7f2f90f4f5049505f870a6f1f2d2e5c654ce4a8eb3358808942f3f48512d22e2f575ceed1516704f3549617abf58285ddc73bf1784c4297a5ed944c9d82f0c299fe4e76ff993e86074a7dfdde2246330f35162f503fd753d20d22d05e4a6", 0x576}], 0x2, 0x0, 0x0, 0x10000000}, 0x4)

972.778161ms ago: executing program 1 (id=2354):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x1000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1a, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000500000000000000aa8c000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000040000000001801000020756c3d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="00000000000000008500000075000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x6, 0x5}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000b40)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000001ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[@rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x30}, 0x2160)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x18, 0x7, 0x7f}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

902.567392ms ago: executing program 0 (id=2355):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002200)=""/275, 0x113}, {&(0x7f0000000600)=""/233, 0xe9}, {&(0x7f0000000f00)=""/4054, 0xfd6}, {&(0x7f0000000a40)=""/214, 0xd6}, {&(0x7f0000000500)=""/190, 0xbe}, {&(0x7f0000002080)=""/252, 0xfc}, {&(0x7f0000003340)=""/4084, 0xff4}, {&(0x7f0000001f00)=""/208, 0xd0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f00000005c0)=""/27, 0x1b}, {&(0x7f0000000700)=""/102, 0x66}], 0xb}, 0x40012100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0xa, 0x0, 0x0, 0x0, 0xfffffffffffffe98}, 0x10000)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

820.301884ms ago: executing program 2 (id=2356):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)
r2 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0xfffc}, {0x10000002, 0x0, 0x0, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x6e, &(0x7f0000000000)=r4, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000000)=r7, 0x10)

799.968494ms ago: executing program 1 (id=2357):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071041b000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001800)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)

749.021665ms ago: executing program 0 (id=2358):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x9, 0x664a1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x9, 0x2}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40c4)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f807ee4636aad1b45472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a7548992993", 0x91}], 0x1}, 0x8011)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000000400), 0x1}, 0x0)

638.986918ms ago: executing program 0 (id=2359):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000200), 0x4)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e272f750375ed08a56331dbf9ed7a15e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800020004000000bdad446b9bbc7ace5b0dd385dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff00"/137, 0x89}], 0x1}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
r4 = socket$kcm(0x10, 0x3, 0x0)
write$cgroup_subtree(r4, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd00005c0a"], 0xfe33)
syz_clone(0x411, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000012f46facb8f4f1a566403af421a4e6987e238aa26abca3ccc0fc61e5c5ab89e43adfa036f4472e743d6cae3a2c61e54ae2144c7f6f25e89cd7caddaa5b088ec7c3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
getpid()
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)="7a6066ca5f8de7f9acd4d6586a73605de98ef2c6f30e66739b054aa53d2fd0817ca567e120c9b99bbc6b3fd499a90e6d9b2d765c528c61869eca32ec152d9c90f5282dc0e012ffe51e8ecc94373f628ae2ab310600"/95, 0x5f}, {&(0x7f0000000a40)="aa1f5ce08abb2b2d8b2a4fdb6101b4d4d65024f52c6f5a208a56ba25ce8f86d820e20f43506581c26392042e1749c24990226c157590bf9e233041e4cb27eb7255e8c5e423277478a86a7734db3f7b9345036eea127ed0279a50e12206dfb014231f8d03496c95e7f649bb7d81c19886d9f8837fd3cdbfdd209e224f9e6ba0c41db40fe09a7fa8560f3ec18892da4308a86a8268b4c29c7c0ec72760d6eb61f7e0638ddde026bb71179f32be4f3aa4913963203ce3e6b64c320282f774025baf46e9313c2d9f9b414bc94f74476a5f9da2a1eca9c41b1a8a737b0d474c36bf63e5f2755f6dc8c120e57db25cc862234f616aac6c52e54b8059d0e4fc976b2c21fcc1f1089972109c126497b2abf60b6019965c24b1d2d000976c24fc1506aa185243002951302e95009746c51824737a522c311a4396569075e85968e0e9ad494f092e08f4348972a8b7e52d4a9f8489cd537fc887baaf2d69238e7403a69c2c5d451b8e45625793ac9deba5e9082d2042128a16d9efc3d19b6c61a52b8b872fd16ba15965411040d5de31979da6d668010913b712bdb7e152593331e771fba13d77cdb57b824f45ac5cd5f34fea9693d805dfce610963bc65b6b0d13d921f4dddc646519f048864ca6291de6c07be8502cf1f65241068686756ab333ea92ff0363f314683c946160746435a5ec3803958bdf701485ccbc9f6e13a34cfc5e87bb7156409c4f22e0a42a3ced43472839ffe92b4a9b10af20c865020b7d0d0508c8c8b5c561adf820ec192c9cfcad16a1d3f358dec3cb3e9219d611907bf4109165f38224b16f8e88d111ce2aa41d840dec3c28364636cae293d81dd86a177b72fa929330a84b3e83b58b9ffef75b87a737c813a47fea082e2ea66c3ba3570e04e025255da7b5ab22763a09b78eeeed417513d8017e925df337116c2fcbe88192b51c7ed37de87355f4cc98d0e71620440a4ac62df344baaea958d7edcd2ffffb9b26509293bf6f1590521343193d518f84660451a1e5fe1a902ecb2304a0dcbdb3911b0b9e5cc6677a729df3d0d81b2d75ab9a7e5091f4554dd2ea61945bfba619de69ad72704cde36929a0896f745622ded85147ef7b3e600cc49a43d79021c9892fcee2494d4b3dd6d5c46822306ef22d783520723569f68acfda16068935500fb495fab4fdd3cf9e50bee269e3906b800ca575306278415df6187a156efa3da0b4ca1cd67409c18ed434897cacd7d1c5064ee4dc54b37fa77cb514f520d0ccb77caa8c782c358379302cdbdea8ea337b346c9871d2ea270fbd087c629b3723207f46754b729888ea56430c9c4312e67ed08f75f28db59f83da3e91b40e8e6186bf3ba7428bdf5687813368e5001f42cc3c7ce218ffc78cc667c660bc1a04ea63e7b9ab5b2fa0b78734834fd62076cde44dc8c3769caeb8d0da5ac6af0922f04f276f22685965f1b0b321f504db5393677db5fce18bc0339a19fbdd1c8fc233e92529f14c78df09c39ea3074b95152399a895f2f2b1b6b394810902125120a5325fbfb9e9b84c713dcd2939d987c28d0d07b5de5680c9cab0d8858ea7525e4880e51569675e6cbae52ccb4dec990df8cf545e7c26c9808f11af8c0559cd38635d225c69c45e637512714b7fe55f3d0f024469e640624ed3e59337eb1de8be4a6b9d7f83905a5ffc44f2674a54a37afae5a3e4aae2fa9cd50ac8dce4835373bb10b2da1428dac80d5982c9b3492e820be2c0063948c56dc9bc4b3b68d8c54e22942117f83dcb272b2d62dfb54e91315627e4ffa3d03b6311ce493142d8f04cc794d284a64bacfcfb825ee8cc29b34ac69db207a36e1243fa7f2f90f4f5049505f870a6f1f2d2e5c654ce4a8eb3358808942f3f48512d22e2f575ceed1516704f3549617abf58285ddc73bf1784c4297a5ed944c9d82f0c299fe4e76ff993e86074a7dfdde2246330f35162f503fd753d20d22d05e4a6", 0x576}], 0x2, 0x0, 0x0, 0x10000000}, 0x4)

638.514437ms ago: executing program 2 (id=2360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xff00)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r2, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x400000000004, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffeffffffff}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67db3e6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b19abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f0000000000f8e10238d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x8, 0x0, 0xee, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r3, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
close(0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x800, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5}, 0x50)

638.332737ms ago: executing program 1 (id=2361):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000100)=0x8000000000000000, 0x12)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x14, &(0x7f00000001c0)=@raw=[@map_val={0x18, 0xf, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7b}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @map_fd={0x18, 0x1}, @generic={0x9e, 0xe, 0x8, 0x5, 0x6}, @jmp={0x5, 0x1, 0xc, 0xa, 0x9, 0xffffffffffffffc0, 0x8}, @ldst={0x0, 0x0, 0x3, 0xa, 0x1, 0xc, 0x10}], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf039, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xdd19}, 0x94)
r1 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

510.18415ms ago: executing program 1 (id=2362):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

459.535011ms ago: executing program 2 (id=2363):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$kcm(0x2, 0x5, 0x84)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x1, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00e90000000000000000000000000000000000f5e7d74df40f620a7eb8d8ba76c0dbe4675c0568baad013c06a8bb559e892a8cfb2314c62c96cb2d0818f8506c188403289efdb15c774e5f584b3e151677a17b74d08555c13858ecbe3f6374301414cd67fb49b9e35f6932f94db0bccaf3a744329a6c44", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x48)
write$cgroup_int(r0, &(0x7f0000000180)=0x1, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
recvmsg$kcm(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
recvmsg$kcm(r2, &(0x7f00000003c0)={0x0, 0x700, 0x0}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480))

383.089372ms ago: executing program 1 (id=2364):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000200), 0x4)
socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f0000000100)=r2, 0x4)
r3 = socket$kcm(0x10, 0x3, 0x0)
write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091ef04e9befbbd00005c0a"], 0xfe33)
syz_clone(0x411, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000012f46facb8f4f1a566403af421a4e6987e238aa26abca3ccc0fc61e5c5ab89e43adfa036f4472e743d6cae3a2c61e54ae2144c7f6f25e89cd7caddaa5b088ec7c3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
getpid()
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)="7a6066ca5f8de7f9acd4d6586a73605de98ef2c6f30e66739b054aa53d2fd0817ca567e120c9b99bbc6b3fd499a90e6d9b2d765c528c61869eca32ec152d9c90f5282dc0e012ffe51e8ecc94373f628ae2ab310600"/95, 0x5f}, {&(0x7f0000000a40)="aa1f5ce08abb2b2d8b2a4fdb6101b4d4d65024f52c6f5a208a56ba25ce8f86d820e20f43506581c26392042e1749c24990226c157590bf9e233041e4cb27eb7255e8c5e423277478a86a7734db3f7b9345036eea127ed0279a50e12206dfb014231f8d03496c95e7f649bb7d81c19886d9f8837fd3cdbfdd209e224f9e6ba0c41db40fe09a7fa8560f3ec18892da4308a86a8268b4c29c7c0ec72760d6eb61f7e0638ddde026bb71179f32be4f3aa4913963203ce3e6b64c320282f774025baf46e9313c2d9f9b414bc94f74476a5f9da2a1eca9c41b1a8a737b0d474c36bf63e5f2755f6dc8c120e57db25cc862234f616aac6c52e54b8059d0e4fc976b2c21fcc1f1089972109c126497b2abf60b6019965c24b1d2d000976c24fc1506aa185243002951302e95009746c51824737a522c311a4396569075e85968e0e9ad494f092e08f4348972a8b7e52d4a9f8489cd537fc887baaf2d69238e7403a69c2c5d451b8e45625793ac9deba5e9082d2042128a16d9efc3d19b6c61a52b8b872fd16ba15965411040d5de31979da6d668010913b712bdb7e152593331e771fba13d77cdb57b824f45ac5cd5f34fea9693d805dfce610963bc65b6b0d13d921f4dddc646519f048864ca6291de6c07be8502cf1f65241068686756ab333ea92ff0363f314683c946160746435a5ec3803958bdf701485ccbc9f6e13a34cfc5e87bb7156409c4f22e0a42a3ced43472839ffe92b4a9b10af20c865020b7d0d0508c8c8b5c561adf820ec192c9cfcad16a1d3f358dec3cb3e9219d611907bf4109165f38224b16f8e88d111ce2aa41d840dec3c28364636cae293d81dd86a177b72fa929330a84b3e83b58b9ffef75b87a737c813a47fea082e2ea66c3ba3570e04e025255da7b5ab22763a09b78eeeed417513d8017e925df337116c2fcbe88192b51c7ed37de87355f4cc98d0e71620440a4ac62df344baaea958d7edcd2ffffb9b26509293bf6f1590521343193d518f84660451a1e5fe1a902ecb2304a0dcbdb3911b0b9e5cc6677a729df3d0d81b2d75ab9a7e5091f4554dd2ea61945bfba619de69ad72704cde36929a0896f745622ded85147ef7b3e600cc49a43d79021c9892fcee2494d4b3dd6d5c46822306ef22d783520723569f68acfda16068935500fb495fab4fdd3cf9e50bee269e3906b800ca575306278415df6187a156efa3da0b4ca1cd67409c18ed434897cacd7d1c5064ee4dc54b37fa77cb514f520d0ccb77caa8c782c358379302cdbdea8ea337b346c9871d2ea270fbd087c629b3723207f46754b729888ea56430c9c4312e67ed08f75f28db59f83da3e91b40e8e6186bf3ba7428bdf5687813368e5001f42cc3c7ce218ffc78cc667c660bc1a04ea63e7b9ab5b2fa0b78734834fd62076cde44dc8c3769caeb8d0da5ac6af0922f04f276f22685965f1b0b321f504db5393677db5fce18bc0339a19fbdd1c8fc233e92529f14c78df09c39ea3074b95152399a895f2f2b1b6b394810902125120a5325fbfb9e9b84c713dcd2939d987c28d0d07b5de5680c9cab0d8858ea7525e4880e51569675e6cbae52ccb4dec990df8cf545e7c26c9808f11af8c0559cd38635d225c69c45e637512714b7fe55f3d0f024469e640624ed3e59337eb1de8be4a6b9d7f83905a5ffc44f2674a54a37afae5a3e4aae2fa9cd50ac8dce4835373bb10b2da1428dac80d5982c9b3492e820be2c0063948c56dc9bc4b3b68d8c54e22942117f83dcb272b2d62dfb54e91315627e4ffa3d03b6311ce493142d8f04cc794d284a64bacfcfb825ee8cc29b34ac69db207a36e1243fa7f2f90f4f5049505f870a6f1f2d2e5c654ce4a8eb3358808942f3f48512d22e2f575ceed1516704f3549617abf58285ddc73bf1784c4297a5ed944c9d82f0c299fe4e76ff993e86074a7dfdde2246330f35162f503fd753d20d22d05e4a6", 0x576}], 0x2, 0x0, 0x0, 0x10000000}, 0x4)

231.464645ms ago: executing program 2 (id=2365):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x1000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1a, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000500000000000000aa8c000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000040000000001801000020756c3d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="00000000000000008500000075000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x6, 0x5}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000b40)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000001ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x9)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[@rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x30}, 0x2160)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x18, 0x7, 0x7f}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))

118.065638ms ago: executing program 3 (id=2366):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000002200)=""/275, 0x113}, {&(0x7f0000000600)=""/233, 0xe9}, {&(0x7f0000000f00)=""/4054, 0xfd6}, {&(0x7f0000000a40)=""/214, 0xd6}, {&(0x7f0000000500)=""/190, 0xbe}, {&(0x7f0000002080)=""/252, 0xfc}, {&(0x7f0000003340)=""/4084, 0xff4}, {&(0x7f0000001f00)=""/208, 0xd0}, {&(0x7f0000000240)=""/166, 0xa6}, {&(0x7f00000005c0)=""/27, 0x1b}, {0x0}, {&(0x7f0000000700)=""/102, 0x66}], 0xc}, 0x40012100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0xa, 0x0, 0x0, 0x0, 0xfffffffffffffe98}, 0x10000)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

61.022829ms ago: executing program 1 (id=2367):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff4c)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r0, @ANYRES64=r0, @ANYRES64=r0, @ANYRES64=r0, @ANYRES32=r0, @ANYRES32=r0], 0x48)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r3 = perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x6, 0x6, 0xf, 0xf8, 0x0, 0x2, 0x4, 0x8, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x7, 0x2, @perf_config_ext={0x10, 0x3}, 0x100008, 0x5, 0xa, 0x7, 0x7fffffffffffffff, 0xfffffff7, 0x4, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000005)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, &(0x7f0000001000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000240)='./cgroup.cpu/syz1\x00')
socketpair(0xb, 0x2, 0x99e1, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
close(r7)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r4}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000300)={0x0, 0x0})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'macsec0\x00'})
perf_event_open$cgroup(&(0x7f0000000180)={0x1, 0x80, 0x2, 0x48, 0x2, 0xd8, 0x0, 0x6, 0x10, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0xfff}, 0x0, 0x0, 0x8, 0x3, 0x6, 0x0, 0xb, 0x0, 0x48000, 0x0, 0x2}, r2, 0x5, r3, 0x4)
r8 = getpid()
r9 = perf_event_open(&(0x7f00000003c0)={0x4, 0x80, 0x4, 0x0, 0x0, 0x1, 0x0, 0x5, 0x120, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x8, 0x101}, 0x800, 0x8, 0x80000000, 0x4, 0x80, 0x40, 0x4, 0x0, 0x35ad, 0x0, 0xa}, 0x0, 0xc, r3, 0x0)
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x3, 0xff, 0x5, 0xe, 0x0, 0x8, 0xd4014, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x0, 0x9, 0x8, 0x4, 0x7, 0x880, 0x1, 0x0, 0x406d, 0x0, 0x4}, r8, 0xf, r9, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18030000fefff6ff00f6ffff7fdf8e2a851000000600000018100000b9a5c214847f752f3bd53af3203777ce394b3b38d949390bd1f27b563c5f2e1ad5154daad1722fc25dd302e8fccb0c6e9a6f4a75d5b2ed", @ANYRES32=r1, @ANYBLOB="00000000000000002500000003000000180000000000000000000000000000000a5200000300000057030000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0xb5)

36.165459ms ago: executing program 2 (id=2368):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)
r2 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x3, 0x0, 0xfffc}, {0x10000002, 0x0, 0x0, 0x9}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x6e, &(0x7f0000000000)=r4, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000000)=r7, 0x10)

0s ago: executing program 3 (id=2369):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="040000000400"], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000bf0000000000000000008500000020000000850000007d00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000680)="e0b9547ed387dbe9abc89b6f5bff", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$ITER_CREATE(0x21, &(0x7f00000006c0), 0x8)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000700)=r0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525787cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6ad4c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dc938db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c98000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x33}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="1100000000000000004003000100000000000000000000001c00000000000000000f00fd08000000", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c0000000000000000078f0208000000", @ANYRES32=0x0, @ANYBLOB="a00500000000000000000000240000000000000000000000070000009404000044108800000000000000000000000000000000001100000000000000000000c2d63c67000000000000000000"], 0x98}, 0x0) (fail_nth: 5)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000300)="e02742e86c0d85ff9783763a0800", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ulticast mode
[  231.420800][ T8402] team_slave_0: entered allmulticast mode
[  231.429583][ T8402] team_slave_1: entered allmulticast mode
[  231.457215][ T8402] bridge0: port 3(team0) entered blocking state
[  231.463759][ T8402] bridge0: port 3(team0) entered forwarding state
[  231.627308][ T8418] netlink: 'syz.3.883': attribute type 10 has an invalid length.
[  231.680152][ T8418] bridge0: port 3(team0) entered disabled state
[  231.719002][ T8418] team0: left allmulticast mode
[  231.737214][ T8418] team_slave_0: left allmulticast mode
[  231.779393][ T8418] team_slave_1: left allmulticast mode
[  231.829440][ T8418] team0: left promiscuous mode
[  231.858900][ T8418] team_slave_0: left promiscuous mode
[  231.864952][ T8418] team_slave_1: left promiscuous mode
[  231.872492][ T8418] bridge0: port 3(team0) entered disabled state
[  231.892245][ T8418] batman_adv: batadv0: Adding interface: team0
[  231.898497][ T8418] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.929088][ T8418] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  231.948729][ T8419] netlink: 'syz.3.883': attribute type 10 has an invalid length.
[  231.963664][ T8419] netlink: 2 bytes leftover after parsing attributes in process `syz.3.883'.
[  231.980887][ T8419] team0: entered promiscuous mode
[  231.986050][ T8419] team_slave_0: entered promiscuous mode
[  231.995221][ T8419] team_slave_1: entered promiscuous mode
[  232.003655][ T8419] 8021q: adding VLAN 0 to HW filter on device team0
[  232.011179][ T8419] batman_adv: batadv0: Interface activated: team0
[  232.030471][ T8419] batman_adv: batadv0: Interface deactivated: team0
[  232.055614][ T8419] batman_adv: batadv0: Removing interface: team0
[  232.079771][ T8419] bridge0: port 3(team0) entered blocking state
[  232.093872][ T8419] bridge0: port 3(team0) entered disabled state
[  232.100703][ T8419] team0: entered allmulticast mode
[  232.106103][ T8419] team_slave_0: entered allmulticast mode
[  232.119947][ T8419] team_slave_1: entered allmulticast mode
[  232.143125][ T8419] bridge0: port 3(team0) entered blocking state
[  232.149635][ T8419] bridge0: port 3(team0) entered forwarding state
[  232.549858][ T8440] netlink: 'syz.1.891': attribute type 10 has an invalid length.
[  232.653718][ T8440] bridge0: port 3(team0) entered disabled state
[  232.679601][ T8442] netlink: 'syz.2.892': attribute type 29 has an invalid length.
[  232.697117][ T8440] team0: left allmulticast mode
[  232.702662][ T8440] C: left allmulticast mode
[  232.709970][ T8440] team_slave_1: left allmulticast mode
[  232.716119][ T8440] team0: left promiscuous mode
[  232.723859][ T8440] C: left promiscuous mode
[  232.729222][ T8440] team_slave_1: left promiscuous mode
[  232.736711][ T8440] bridge0: port 3(team0) entered disabled state
[  232.749846][ T8440] batman_adv: batadv0: Adding interface: team0
[  232.770112][ T8440] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.808604][ T8440] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  232.847035][ T8444] netlink: 'syz.1.891': attribute type 10 has an invalid length.
[  232.893775][ T8444] netlink: 2 bytes leftover after parsing attributes in process `syz.1.891'.
[  232.913263][ T8444] team0: entered promiscuous mode
[  232.928761][ T8444] C: entered promiscuous mode
[  232.934631][ T8444] team_slave_1: entered promiscuous mode
[  232.942928][ T8444] 8021q: adding VLAN 0 to HW filter on device team0
[  232.949898][ T8444] batman_adv: batadv0: Interface activated: team0
[  232.956573][ T8444] batman_adv: batadv0: Interface deactivated: team0
[  232.963495][ T8444] batman_adv: batadv0: Removing interface: team0
[  232.972376][ T8444] bridge0: port 3(team0) entered blocking state
[  232.979474][ T8444] bridge0: port 3(team0) entered disabled state
[  232.987138][ T8444] team0: entered allmulticast mode
[  232.993355][ T8444] C: entered allmulticast mode
[  232.998270][ T8444] team_slave_1: entered allmulticast mode
[  233.012324][ T8444] bridge0: port 3(team0) entered blocking state
[  233.018804][ T8444] bridge0: port 3(team0) entered forwarding state
[  233.031870][ T8442] netlink: 'syz.2.892': attribute type 29 has an invalid length.
[  233.046686][ T8445] netlink: 'syz.2.892': attribute type 29 has an invalid length.
[  233.056487][ T8449] netlink: 'syz.2.892': attribute type 29 has an invalid length.
[  233.068330][ T8453] netlink: 'syz.2.892': attribute type 29 has an invalid length.
[  233.157404][ T8457] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  233.180886][ T8457] bridge0: port 3(team0) entered disabled state
[  233.218133][ T8457] team0: left allmulticast mode
[  233.228396][ T8457] team_slave_0: left allmulticast mode
[  233.238129][ T8457] team_slave_1: left allmulticast mode
[  233.244875][ T8457] team0: left promiscuous mode
[  233.249810][ T8457] team_slave_0: left promiscuous mode
[  233.256880][ T8457] team_slave_1: left promiscuous mode
[  233.264034][ T8457] bridge0: port 3(team0) entered disabled state
[  233.279739][ T8457] batman_adv: batadv0: Adding interface: team0
[  233.287575][ T8457] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.321218][ T8457] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  233.337358][ T8458] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  233.358928][ T8458] netlink: 2 bytes leftover after parsing attributes in process `syz.3.895'.
[  233.375102][ T8458] team0: entered promiscuous mode
[  233.380323][ T8458] team_slave_0: entered promiscuous mode
[  233.386456][ T8458] team_slave_1: entered promiscuous mode
[  233.395326][ T8458] 8021q: adding VLAN 0 to HW filter on device team0
[  233.402602][ T8458] batman_adv: batadv0: Interface activated: team0
[  233.409232][ T8458] batman_adv: batadv0: Interface deactivated: team0
[  233.416136][ T8458] batman_adv: batadv0: Removing interface: team0
[  233.427343][ T8458] bridge0: port 3(team0) entered blocking state
[  233.441138][ T8458] bridge0: port 3(team0) entered disabled state
[  233.447814][ T8458] team0: entered allmulticast mode
[  233.453711][ T8458] team_slave_0: entered allmulticast mode
[  233.460258][ T8458] team_slave_1: entered allmulticast mode
[  233.469272][ T8458] bridge0: port 3(team0) entered blocking state
[  233.475772][ T8458] bridge0: port 3(team0) entered forwarding state
[  233.875806][ T8472] netlink: 'syz.1.901': attribute type 10 has an invalid length.
[  233.906986][ T8472] bridge0: port 3(team0) entered disabled state
[  233.933365][ T8472] team0: left allmulticast mode
[  233.939876][ T8472] C: left allmulticast mode
[  233.946677][ T8472] team_slave_1: left allmulticast mode
[  233.963554][ T8472] team0: left promiscuous mode
[  233.968865][ T8472] C: left promiscuous mode
[  233.979722][ T8472] team_slave_1: left promiscuous mode
[  233.987047][ T8472] bridge0: port 3(team0) entered disabled state
[  234.120037][ T8472] batman_adv: batadv0: Adding interface: team0
[  234.131213][ T8472] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.157830][ T8472] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  234.183849][ T8476] netlink: 2 bytes leftover after parsing attributes in process `syz.1.901'.
[  234.206201][ T8476] team0: entered promiscuous mode
[  234.225660][ T8476] C: entered promiscuous mode
[  234.241086][ T8476] team_slave_1: entered promiscuous mode
[  234.249445][ T8476] 8021q: adding VLAN 0 to HW filter on device team0
[  234.281367][ T8476] batman_adv: batadv0: Interface activated: team0
[  234.301972][ T8476] batman_adv: batadv0: Interface deactivated: team0
[  234.321310][ T8476] batman_adv: batadv0: Removing interface: team0
[  234.342910][ T8476] bridge0: port 3(team0) entered blocking state
[  234.349590][ T8476] bridge0: port 3(team0) entered disabled state
[  234.363582][ T8476] team0: entered allmulticast mode
[  234.368996][ T8476] C: entered allmulticast mode
[  234.377981][ T8476] team_slave_1: entered allmulticast mode
[  234.389562][ T8476] bridge0: port 3(team0) entered blocking state
[  234.396036][ T8476] bridge0: port 3(team0) entered forwarding state
[  234.497304][ T8486] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.905'.
[  235.769003][ T8511] bridge0: port 3(team0) entered disabled state
[  235.798230][ T8511] team0: left allmulticast mode
[  235.806477][ T8511] team_slave_0: left allmulticast mode
[  235.817674][ T8511] team_slave_1: left allmulticast mode
[  235.835632][ T8511] team0: left promiscuous mode
[  235.846860][ T8511] team_slave_0: left promiscuous mode
[  235.855724][ T8511] team_slave_1: left promiscuous mode
[  235.868938][ T8511] bridge0: port 3(team0) entered disabled state
[  235.894473][ T8511] batman_adv: batadv0: Adding interface: team0
[  235.904783][ T8511] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.943287][ T8511] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  235.974900][ T8515] netlink: 2 bytes leftover after parsing attributes in process `syz.0.915'.
[  235.999970][ T8515] team0: entered promiscuous mode
[  236.025963][ T8515] team_slave_0: entered promiscuous mode
[  236.041276][ T8515] team_slave_1: entered promiscuous mode
[  236.049368][ T8515] 8021q: adding VLAN 0 to HW filter on device team0
[  236.088831][ T8515] batman_adv: batadv0: Interface activated: team0
[  236.097165][ T8515] batman_adv: batadv0: Interface deactivated: team0
[  236.104484][ T8515] batman_adv: batadv0: Removing interface: team0
[  236.113239][ T8515] bridge0: port 3(team0) entered blocking state
[  236.129231][ T8515] bridge0: port 3(team0) entered disabled state
[  236.139750][ T8515] team0: entered allmulticast mode
[  236.150129][ T8515] team_slave_0: entered allmulticast mode
[  236.158170][ T8515] team_slave_1: entered allmulticast mode
[  236.175515][ T8515] bridge0: port 3(team0) entered blocking state
[  236.182020][ T8515] bridge0: port 3(team0) entered forwarding state
[  236.539498][ T8534] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.920'.
[  237.277820][ T8543] netlink: 830 bytes leftover after parsing attributes in process `syz.1.935'.
[  237.976683][ T8571] netlink: 132 bytes leftover after parsing attributes in process `syz.3.938'.
[  238.558882][ T8581] netlink: 830 bytes leftover after parsing attributes in process `syz.3.943'.
[  238.737864][ T8588] FAULT_INJECTION: forcing a failure.
[  238.737864][ T8588] name failslab, interval 1, probability 0, space 0, times 0
[  238.750944][ T8588] CPU: 0 PID: 8588 Comm: syz.3.947 Not tainted syzkaller #0
[  238.758276][ T8588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  238.768379][ T8588] Call Trace:
[  238.771693][ T8588]  <TASK>
[  238.774653][ T8588]  dump_stack_lvl+0x16c/0x230
[  238.779389][ T8588]  ? verify_lock_unused+0x140/0x140
[  238.784625][ T8588]  ? show_regs_print_info+0x20/0x20
[  238.789864][ T8588]  ? load_image+0x3b0/0x3b0
[  238.794410][ T8588]  ? tipc_send_group_bcast+0x79a/0xa70
[  238.799935][ T8588]  should_fail_ex+0x39d/0x4d0
[  238.804657][ T8588]  should_failslab+0x9/0x20
[  238.809203][ T8588]  slab_pre_alloc_hook+0x59/0x310
[  238.814271][ T8588]  ? do_raw_spin_lock+0x121/0x2c0
[  238.819358][ T8588]  ? tipc_nametbl_lookup_mcast_sockets+0x6b9/0xd10
[  238.825901][ T8588]  __kmem_cache_alloc_node+0x53/0x260
[  238.831321][ T8588]  ? tipc_nametbl_lookup_mcast_sockets+0x6b9/0xd10
[  238.837877][ T8588]  kmalloc_trace+0x2a/0xe0
[  238.842347][ T8588]  tipc_nametbl_lookup_mcast_sockets+0x6b9/0xd10
[  238.848721][ T8588]  ? tipc_nametbl_lookup_mcast_sockets+0x5b/0xd10
[  238.855179][ T8588]  tipc_sk_mcast_rcv+0x559/0xea0
[  238.860145][ T8588]  ? kmem_cache_alloc_node+0x17f/0x330
[  238.865636][ T8588]  ? tipc_sk_bind+0x2f0/0x2f0
[  238.870363][ T8588]  tipc_mcast_xmit+0x1091/0x16a0
[  238.875351][ T8588]  ? __might_fault+0xc6/0x120
[  238.880041][ T8588]  ? tipc_bcbase_xmit+0x9b0/0x9b0
[  238.885103][ T8588]  ? _copy_from_iter+0x2fe/0x1290
[  238.890150][ T8588]  ? slab_post_alloc_hook+0x8a/0x4d0
[  238.895459][ T8588]  ? rcu_is_watching+0x15/0xb0
[  238.900237][ T8588]  ? kmem_cache_alloc_node+0x17f/0x330
[  238.905715][ T8588]  ? copyout_mc+0x70/0x70
[  238.910079][ T8588]  ? __build_skb_around+0x255/0x3d0
[  238.915297][ T8588]  ? tipc_msg_build+0x3dd/0xe80
[  238.920152][ T8588]  ? __check_object_size+0x97/0xa30
[  238.925385][ T8588]  ? tipc_msg_build+0x458/0xe80
[  238.930251][ T8588]  ? __lock_acquire+0x7c80/0x7c80
[  238.935294][ T8588]  ? net_generic+0x1e/0x240
[  238.939807][ T8588]  ? tipc_group_bc_cong+0x15c/0x210
[  238.945016][ T8588]  tipc_send_group_bcast+0x79a/0xa70
[  238.950332][ T8588]  ? tipc_wait_for_connect+0x640/0x640
[  238.955814][ T8588]  ? wait_woken+0x180/0x180
[  238.960331][ T8588]  ? tipc_dest_list_purge+0x167/0x180
[  238.965711][ T8588]  __tipc_sendmsg+0x1cba/0x2940
[  238.970602][ T8588]  ? lock_acquire+0x1f2/0x410
[  238.975293][ T8588]  ? rht_unlock+0x1c0/0x1c0
[  238.979808][ T8588]  ? mark_lock+0x94/0x320
[  238.984162][ T8588]  ? mark_lock+0x94/0x320
[  238.988505][ T8588]  ? __lock_acquire+0x1260/0x7c80
[  238.993565][ T8588]  ? mark_lock+0x94/0x320
[  238.997910][ T8588]  ? __lock_acquire+0x1334/0x7c80
[  239.002953][ T8588]  ? verify_lock_unused+0x140/0x140
[  239.008265][ T8588]  ? aa_label_sk_perm+0x3ec/0x500
[  239.013316][ T8588]  ? verify_lock_unused+0x140/0x140
[  239.018535][ T8588]  ? verify_lock_unused+0x140/0x140
[  239.023772][ T8588]  __tipc_sendstream+0x101f/0x1260
[  239.028938][ T8588]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  239.034938][ T8588]  ? lock_chain_count+0x20/0x20
[  239.039803][ T8588]  ? tsk_advance_rx_queue+0x310/0x310
[  239.045194][ T8588]  ? __local_bh_enable_ip+0x12e/0x1c0
[  239.050580][ T8588]  ? _local_bh_enable+0xa0/0xa0
[  239.055447][ T8588]  tipc_send_packet+0x7c/0x90
[  239.060136][ T8588]  ? tipc_sk_send_ack+0x580/0x580
[  239.065177][ T8588]  ____sys_sendmsg+0x5bf/0x950
[  239.069963][ T8588]  ? __asan_memset+0x22/0x40
[  239.074564][ T8588]  ? __sys_sendmsg_sock+0x30/0x30
[  239.079598][ T8588]  ? __import_iovec+0x3fa/0x860
[  239.084465][ T8588]  ? import_iovec+0x73/0xa0
[  239.088998][ T8588]  ___sys_sendmsg+0x220/0x290
[  239.093724][ T8588]  ? __sys_sendmsg+0x270/0x270
[  239.098528][ T8588]  ? __lock_acquire+0x7c80/0x7c80
[  239.103586][ T8588]  __se_sys_sendmsg+0x1a5/0x270
[  239.108453][ T8588]  ? __x64_sys_sendmsg+0x80/0x80
[  239.113420][ T8588]  ? lockdep_hardirqs_on+0x98/0x150
[  239.118642][ T8588]  do_syscall_64+0x55/0xb0
[  239.123070][ T8588]  ? clear_bhb_loop+0x40/0x90
[  239.127770][ T8588]  ? clear_bhb_loop+0x40/0x90
[  239.132460][ T8588]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.138362][ T8588] RIP: 0033:0x7f24cb18eec9
[  239.142809][ T8588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.162422][ T8588] RSP: 002b:00007f24cc0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.170849][ T8588] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18eec9
[  239.178831][ T8588] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  239.186821][ T8588] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  239.194802][ T8588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.202950][ T8588] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  239.210944][ T8588]  </TASK>
[  239.449717][ T8599] validate_nla: 3 callbacks suppressed
[  239.449735][ T8599] netlink: 'syz.0.952': attribute type 10 has an invalid length.
[  239.473656][ T8599] bridge0: port 3(team0) entered disabled state
[  239.493700][ T8599] team0: left allmulticast mode
[  239.499341][ T8599] team_slave_0: left allmulticast mode
[  239.516661][ T8599] team_slave_1: left allmulticast mode
[  239.537604][ T8599] team0: left promiscuous mode
[  239.556066][ T8599] team_slave_0: left promiscuous mode
[  239.572047][ T8599] team_slave_1: left promiscuous mode
[  239.582405][ T8599] bridge0: port 3(team0) entered disabled state
[  239.623620][ T8599] batman_adv: batadv0: Adding interface: team0
[  239.630093][ T8599] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.665771][ T8599] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  239.683122][ T8604] netlink: 'syz.0.952': attribute type 10 has an invalid length.
[  239.699458][ T8604] netlink: 2 bytes leftover after parsing attributes in process `syz.0.952'.
[  239.716723][ T8604] team0: entered promiscuous mode
[  239.722262][ T8604] team_slave_0: entered promiscuous mode
[  239.729701][ T8604] team_slave_1: entered promiscuous mode
[  239.738870][ T8604] 8021q: adding VLAN 0 to HW filter on device team0
[  239.746404][ T8604] batman_adv: batadv0: Interface activated: team0
[  239.753347][ T8604] batman_adv: batadv0: Interface deactivated: team0
[  239.760201][ T8604] batman_adv: batadv0: Removing interface: team0
[  239.829938][ T8604] bridge0: port 3(team0) entered blocking state
[  239.836854][ T8604] bridge0: port 3(team0) entered disabled state
[  239.844812][ T8604] team0: entered allmulticast mode
[  239.850024][ T8604] team_slave_0: entered allmulticast mode
[  239.856032][ T8604] team_slave_1: entered allmulticast mode
[  239.864030][ T8604] bridge0: port 3(team0) entered blocking state
[  239.870412][ T8604] bridge0: port 3(team0) entered forwarding state
[  240.131895][ T8618] netlink: 830 bytes leftover after parsing attributes in process `syz.2.958'.
[  240.177199][ T8621] netlink: 152 bytes leftover after parsing attributes in process `syz.1.959'.
[  240.189675][ T8621] netlink: 6 bytes leftover after parsing attributes in process `syz.1.959'.
[  240.208501][ T8621] netlink: 'syz.1.959': attribute type 10 has an invalid length.
[  240.227956][ T8621] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.243499][ T8621] bridge_slave_1: left allmulticast mode
[  240.250852][ T8621] bridge_slave_1: left promiscuous mode
[  240.256748][ T8621] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.270391][ T8621] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  240.288841][ T8623] netlink: 132 bytes leftover after parsing attributes in process `syz.2.960'.
[  240.421942][ T8626] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.961'.
[  242.082725][ T8672] netlink: 'syz.1.975': attribute type 10 has an invalid length.
[  242.136603][ T8672] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  242.729380][ T8689] FAULT_INJECTION: forcing a failure.
[  242.729380][ T8689] name failslab, interval 1, probability 0, space 0, times 0
[  242.784706][ T8689] CPU: 1 PID: 8689 Comm: syz.2.983 Not tainted syzkaller #0
[  242.792086][ T8689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  242.802167][ T8689] Call Trace:
[  242.805494][ T8689]  <TASK>
[  242.808457][ T8689]  dump_stack_lvl+0x16c/0x230
[  242.813178][ T8689]  ? verify_lock_unused+0x140/0x140
[  242.818411][ T8689]  ? show_regs_print_info+0x20/0x20
[  242.823655][ T8689]  ? load_image+0x3b0/0x3b0
[  242.828194][ T8689]  ? mark_lock+0x94/0x320
[  242.832582][ T8689]  should_fail_ex+0x39d/0x4d0
[  242.837329][ T8689]  should_failslab+0x9/0x20
[  242.841885][ T8689]  slab_pre_alloc_hook+0x59/0x310
[  242.846957][ T8689]  ? nfc_genl_rcv_nl_event+0xa8/0x2b0
[  242.852385][ T8689]  __kmem_cache_alloc_node+0x53/0x260
[  242.857837][ T8689]  ? nfc_genl_rcv_nl_event+0xa8/0x2b0
[  242.863254][ T8689]  kmalloc_trace+0x2a/0xe0
[  242.867711][ T8689]  nfc_genl_rcv_nl_event+0xa8/0x2b0
[  242.872961][ T8689]  notifier_call_chain+0x197/0x390
[  242.878207][ T8689]  blocking_notifier_call_chain+0x6a/0x90
[  242.883977][ T8689]  netlink_release+0x1238/0x1a80
[  242.888975][ T8689]  ? netlink_release+0x109/0x1a80
[  242.894033][ T8689]  ? netlink_sock_destruct+0x190/0x190
[  242.899548][ T8689]  ? down_write+0x162/0x1f0
[  242.904087][ T8689]  ? down_read_killable+0x340/0x340
[  242.909338][ T8689]  sock_close+0xbd/0x230
[  242.913607][ T8689]  ? sock_mmap+0xa0/0xa0
[  242.917897][ T8689]  __fput+0x234/0x970
[  242.921944][ T8689]  __se_sys_close+0x15f/0x220
[  242.926658][ T8689]  do_syscall_64+0x55/0xb0
[  242.931116][ T8689]  ? clear_bhb_loop+0x40/0x90
[  242.935834][ T8689]  ? clear_bhb_loop+0x40/0x90
[  242.940552][ T8689]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  242.946491][ T8689] RIP: 0033:0x7f1c3e58eec9
[  242.950934][ T8689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.970575][ T8689] RSP: 002b:00007f1c3f48a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  242.979039][ T8689] RAX: ffffffffffffffda RBX: 00007f1c3e7e5fa0 RCX: 00007f1c3e58eec9
[  242.987058][ T8689] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  242.995096][ T8689] RBP: 00007f1c3f48a090 R08: 0000000000000000 R09: 0000000000000000
[  243.003157][ T8689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.011167][ T8689] R13: 00007f1c3e7e6038 R14: 00007f1c3e7e5fa0 R15: 00007ffcead26e08
[  243.019202][ T8689]  </TASK>
[  243.860821][ T8725] netlink: 'syz.2.995': attribute type 9 has an invalid length.
[  243.878054][ T8725] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.995'.
[  243.969960][ T8727] netlink: 'syz.2.995': attribute type 9 has an invalid length.
[  243.990768][ T8727] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.995'.
[  244.375622][ T8735] netlink: 'syz.2.998': attribute type 9 has an invalid length.
[  244.385446][ T8735] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.998'.
[  244.480505][ T8737] netlink: 'syz.2.998': attribute type 9 has an invalid length.
[  244.525912][ T8737] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.998'.
[  245.071525][ T8757] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1003'.
[  245.106461][ T8757] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1003'.
[  245.132890][ T8752] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1003'.
[  246.242867][ T8782] netlink: 'syz.1.1013': attribute type 10 has an invalid length.
[  246.275480][ T8782] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1013'.
[  247.304718][ T8816] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1025'.
[  247.517721][ T8824] FAULT_INJECTION: forcing a failure.
[  247.517721][ T8824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.535996][ T8824] CPU: 1 PID: 8824 Comm: syz.1.1028 Not tainted syzkaller #0
[  247.543440][ T8824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  247.553520][ T8824] Call Trace:
[  247.556827][ T8824]  <TASK>
[  247.559780][ T8824]  dump_stack_lvl+0x16c/0x230
[  247.564513][ T8824]  ? show_regs_print_info+0x20/0x20
[  247.569743][ T8824]  ? load_image+0x3b0/0x3b0
[  247.574277][ T8824]  ? __might_fault+0xaa/0x120
[  247.578993][ T8824]  ? __lock_acquire+0x7c80/0x7c80
[  247.584081][ T8824]  should_fail_ex+0x39d/0x4d0
[  247.588812][ T8824]  _copy_from_user+0x2f/0xe0
[  247.593462][ T8824]  __sys_bpf+0x1e9/0x800
[  247.597740][ T8824]  ? bpf_link_show_fdinfo+0x350/0x350
[  247.603188][ T8824]  ? lock_chain_count+0x20/0x20
[  247.608082][ T8824]  __x64_sys_bpf+0x7c/0x90
[  247.612532][ T8824]  do_syscall_64+0x55/0xb0
[  247.616975][ T8824]  ? clear_bhb_loop+0x40/0x90
[  247.621682][ T8824]  ? clear_bhb_loop+0x40/0x90
[  247.626391][ T8824]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  247.632311][ T8824] RIP: 0033:0x7f956078eec9
[  247.636753][ T8824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.656401][ T8824] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  247.664849][ T8824] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  247.672852][ T8824] RDX: 0000000000000050 RSI: 0000200000000900 RDI: 000000000000000a
[  247.680851][ T8824] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  247.688848][ T8824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.696875][ T8824] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  247.704907][ T8824]  </TASK>
[  248.652604][ T8858] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1039'.
[  248.924987][ T8865] netlink: 'syz.3.1042': attribute type 1 has an invalid length.
[  248.940793][ T8865] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1042'.
[  249.020910][ T8870] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1041'.
[  249.080482][ T8870] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1041'.
[  249.113624][ T8867] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1041'.
[  251.335723][ T8946] FAULT_INJECTION: forcing a failure.
[  251.335723][ T8946] name failslab, interval 1, probability 0, space 0, times 0
[  251.369746][ T8946] CPU: 0 PID: 8946 Comm: syz.2.1073 Not tainted syzkaller #0
[  251.377253][ T8946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  251.387408][ T8946] Call Trace:
[  251.390758][ T8946]  <TASK>
[  251.393767][ T8946]  dump_stack_lvl+0x16c/0x230
[  251.398556][ T8946]  ? show_regs_print_info+0x20/0x20
[  251.403843][ T8946]  ? load_image+0x3b0/0x3b0
[  251.408435][ T8946]  ? __might_sleep+0xe0/0xe0
[  251.413104][ T8946]  ? __lock_acquire+0x7c80/0x7c80
[  251.418228][ T8946]  should_fail_ex+0x39d/0x4d0
[  251.423008][ T8946]  should_failslab+0x9/0x20
[  251.427581][ T8946]  slab_pre_alloc_hook+0x59/0x310
[  251.432707][ T8946]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  251.438516][ T8946]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  251.444321][ T8946]  __kmem_cache_alloc_node+0x53/0x260
[  251.449791][ T8946]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  251.455583][ T8946]  __kmalloc+0xa4/0x240
[  251.459844][ T8946]  tomoyo_realpath_from_path+0xe3/0x5d0
[  251.465516][ T8946]  tomoyo_path_number_perm+0x1ea/0x590
[  251.471040][ T8946]  ? tomoyo_path_number_perm+0x1ba/0x590
[  251.476743][ T8946]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  251.482292][ T8946]  ? ksys_write+0x1c1/0x250
[  251.487033][ T8946]  ? __fget_files+0x28/0x4d0
[  251.491763][ T8946]  security_file_ioctl+0x70/0xa0
[  251.496803][ T8946]  __se_sys_ioctl+0x48/0x170
[  251.501472][ T8946]  do_syscall_64+0x55/0xb0
[  251.505954][ T8946]  ? clear_bhb_loop+0x40/0x90
[  251.510700][ T8946]  ? clear_bhb_loop+0x40/0x90
[  251.515511][ T8946]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  251.521468][ T8946] RIP: 0033:0x7f1c3e58eec9
[  251.525967][ T8946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.545640][ T8946] RSP: 002b:00007f1c3f48a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.554162][ T8946] RAX: ffffffffffffffda RBX: 00007f1c3e7e5fa0 RCX: 00007f1c3e58eec9
[  251.562190][ T8946] RDX: 0000200000000080 RSI: 0000000000008924 RDI: 0000000000000006
[  251.570219][ T8946] RBP: 00007f1c3f48a090 R08: 0000000000000000 R09: 0000000000000000
[  251.578255][ T8946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.586291][ T8946] R13: 00007f1c3e7e6038 R14: 00007f1c3e7e5fa0 R15: 00007ffcead26e08
[  251.594364][ T8946]  </TASK>
[  251.600397][ T8946] ERROR: Out of memory at tomoyo_realpath_from_path.
[  251.608329][ T8946] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  251.619527][ T8946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.629979][ T8946] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  251.648290][ T8946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.694323][ T8983] __nla_validate_parse: 1 callbacks suppressed
[  252.694339][ T8983] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1085'.
[  252.723418][ T8982] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1086'.
[  253.083264][ T8999] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  253.094670][ T8999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.129473][ T8999] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  253.154059][ T8999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.557858][ T9012] netlink: 'syz.3.1096': attribute type 10 has an invalid length.
[  253.570071][ T9012] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1096'.
[  253.619910][ T9014] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  253.651921][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.677193][ T9014] batman_adv: The newly added mac address (00:00:00:20:00:00) already exists on: batadv_slave_0
[  253.704315][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.954726][ T9020] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1100'.
[  254.331492][ T9030] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1102'.
[  254.601302][ T9042] netlink: 'syz.3.1107': attribute type 10 has an invalid length.
[  254.609229][ T9042] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1107'.
[  255.213713][ T9055] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1112'.
[  255.807459][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.817490][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  256.356084][ T9093] netlink: 'syz.1.1120': attribute type 10 has an invalid length.
[  256.376393][ T9093] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1120'.
[  256.823875][ T9111] FAULT_INJECTION: forcing a failure.
[  256.823875][ T9111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.841497][ T9111] CPU: 0 PID: 9111 Comm: syz.3.1128 Not tainted syzkaller #0
[  256.848943][ T9111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  256.859049][ T9111] Call Trace:
[  256.862360][ T9111]  <TASK>
[  256.865308][ T9111]  dump_stack_lvl+0x16c/0x230
[  256.870019][ T9111]  ? show_regs_print_info+0x20/0x20
[  256.875241][ T9111]  ? load_image+0x3b0/0x3b0
[  256.879770][ T9111]  ? __might_fault+0xaa/0x120
[  256.884479][ T9111]  ? __lock_acquire+0x7c80/0x7c80
[  256.889542][ T9111]  should_fail_ex+0x39d/0x4d0
[  256.894263][ T9111]  _copy_from_user+0x2f/0xe0
[  256.898884][ T9111]  __sys_bpf+0x1e9/0x800
[  256.903164][ T9111]  ? bpf_link_show_fdinfo+0x350/0x350
[  256.908591][ T9111]  ? lock_chain_count+0x20/0x20
[  256.913481][ T9111]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  256.919503][ T9111]  __x64_sys_bpf+0x7c/0x90
[  256.923955][ T9111]  do_syscall_64+0x55/0xb0
[  256.928402][ T9111]  ? clear_bhb_loop+0x40/0x90
[  256.933196][ T9111]  ? clear_bhb_loop+0x40/0x90
[  256.937907][ T9111]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  256.943827][ T9111] RIP: 0033:0x7f24cb18eec9
[  256.948274][ T9111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.967918][ T9111] RSP: 002b:00007f24cc0ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  256.976369][ T9111] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18eec9
[  256.984365][ T9111] RDX: 0000000000000050 RSI: 00002000000000c0 RDI: 000000000000000a
[  256.992359][ T9111] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  257.000354][ T9111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.008352][ T9111] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  257.016377][ T9111]  </TASK>
[  257.445512][ T9118] netlink: 'syz.0.1131': attribute type 10 has an invalid length.
[  257.469918][ T9118] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1131'.
[  257.976432][ T9138] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1138'.
[  258.383526][ T9149] netlink: 'syz.1.1143': attribute type 10 has an invalid length.
[  258.410717][ T9149] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1143'.
[  258.471273][ T9148] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1142'.
[  258.940260][ T9168] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1150'.
[  259.303017][ T9183] netlink: 'syz.1.1154': attribute type 10 has an invalid length.
[  259.316629][ T9183] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1154'.
[  260.259843][ T9208] netlink: 'syz.1.1164': attribute type 17 has an invalid length.
[  260.279290][ T9208] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1164'.
[  262.229634][ T9254] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1176'.
[  262.979655][ T9280] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1187'.
[  263.028726][ T9282] FAULT_INJECTION: forcing a failure.
[  263.028726][ T9282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.053520][ T9282] CPU: 0 PID: 9282 Comm: syz.0.1191 Not tainted syzkaller #0
[  263.060977][ T9282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  263.071100][ T9282] Call Trace:
[  263.074417][ T9282]  <TASK>
[  263.077376][ T9282]  dump_stack_lvl+0x16c/0x230
[  263.082117][ T9282]  ? show_regs_print_info+0x20/0x20
[  263.087376][ T9282]  ? load_image+0x3b0/0x3b0
[  263.091926][ T9282]  ? __might_fault+0xaa/0x120
[  263.096642][ T9282]  ? __lock_acquire+0x7c80/0x7c80
[  263.101712][ T9282]  should_fail_ex+0x39d/0x4d0
[  263.106443][ T9282]  _copy_from_user+0x2f/0xe0
[  263.111083][ T9282]  __sys_bpf+0x1e9/0x800
[  263.115380][ T9282]  ? bpf_link_show_fdinfo+0x350/0x350
[  263.120808][ T9282]  ? lock_chain_count+0x20/0x20
[  263.125714][ T9282]  __x64_sys_bpf+0x7c/0x90
[  263.130185][ T9282]  do_syscall_64+0x55/0xb0
[  263.134638][ T9282]  ? clear_bhb_loop+0x40/0x90
[  263.139347][ T9282]  ? clear_bhb_loop+0x40/0x90
[  263.144052][ T9282]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  263.149967][ T9282] RIP: 0033:0x7f2f4e38eec9
[  263.154406][ T9282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.174039][ T9282] RSP: 002b:00007f2f4f198038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.182527][ T9282] RAX: ffffffffffffffda RBX: 00007f2f4e5e5fa0 RCX: 00007f2f4e38eec9
[  263.190537][ T9282] RDX: 0000000000000050 RSI: 00002000000000c0 RDI: 000000000000000a
[  263.198543][ T9282] RBP: 00007f2f4f198090 R08: 0000000000000000 R09: 0000000000000000
[  263.206547][ T9282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.214547][ T9282] R13: 00007f2f4e5e6038 R14: 00007f2f4e5e5fa0 R15: 00007ffd25943818
[  263.222571][ T9282]  </TASK>
[  263.989493][ T9309] netlink: 'syz.2.1201': attribute type 17 has an invalid length.
[  264.010711][ T9309] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1201'.
[  264.344945][ T9320] netlink: 'syz.1.1206': attribute type 41 has an invalid length.
[  265.793953][ T9356] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1211'.
[  266.491456][ T9366] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1220'.
[  267.024050][ T9380] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1221'.
[  267.796471][ T9399] netlink: 'syz.2.1229': attribute type 10 has an invalid length.
[  267.821070][ T9399] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1229'.
[  268.215409][ T9410] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1232'.
[  269.417932][ T9436] netlink: 'syz.3.1240': attribute type 10 has an invalid length.
[  269.433059][ T9436] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1240'.
[  270.075484][ T9442] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1244'.
[  271.767587][ T9470] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1247'.
[  273.699944][ T9517] netlink: 'syz.2.1266': attribute type 29 has an invalid length.
[  273.750497][ T9517] netlink: 'syz.2.1266': attribute type 29 has an invalid length.
[  273.761342][ T9521] netlink: 'syz.2.1266': attribute type 29 has an invalid length.
[  273.932635][ T9517] netlink: 'syz.2.1266': attribute type 29 has an invalid length.
[  273.946531][ T9517] netlink: 'syz.2.1266': attribute type 29 has an invalid length.
[  274.192508][ T9533] FAULT_INJECTION: forcing a failure.
[  274.192508][ T9533] name failslab, interval 1, probability 0, space 0, times 0
[  274.236876][ T9533] CPU: 0 PID: 9533 Comm: syz.2.1270 Not tainted syzkaller #0
[  274.244321][ T9533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  274.254416][ T9533] Call Trace:
[  274.257725][ T9533]  <TASK>
[  274.260704][ T9533]  dump_stack_lvl+0x16c/0x230
[  274.265435][ T9533]  ? show_regs_print_info+0x20/0x20
[  274.270677][ T9533]  ? load_image+0x3b0/0x3b0
[  274.275223][ T9533]  ? __might_sleep+0xe0/0xe0
[  274.279878][ T9533]  ? __lock_acquire+0x7c80/0x7c80
[  274.284950][ T9533]  should_fail_ex+0x39d/0x4d0
[  274.289683][ T9533]  should_failslab+0x9/0x20
[  274.294235][ T9533]  slab_pre_alloc_hook+0x59/0x310
[  274.299307][ T9533]  ? xfrm_state_walk_done+0x43/0x180
[  274.304637][ T9533]  kmem_cache_alloc_node+0x60/0x330
[  274.309899][ T9533]  ? __alloc_skb+0x108/0x2c0
[  274.314531][ T9533]  __alloc_skb+0x108/0x2c0
[  274.319002][ T9533]  pfkey_sendmsg+0xcc7/0x1050
[  274.323747][ T9533]  ? pfkey_release+0x320/0x320
[  274.328589][ T9533]  ? aa_sock_msg_perm+0x94/0x150
[  274.333567][ T9533]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  274.338890][ T9533]  ? security_socket_sendmsg+0x80/0xa0
[  274.344373][ T9533]  ? pfkey_release+0x320/0x320
[  274.349160][ T9533]  ____sys_sendmsg+0x5bf/0x950
[  274.353974][ T9533]  ? __asan_memset+0x22/0x40
[  274.358583][ T9533]  ? __sys_sendmsg_sock+0x30/0x30
[  274.363642][ T9533]  ? __import_iovec+0x5f2/0x860
[  274.368520][ T9533]  ? import_iovec+0x73/0xa0
[  274.373048][ T9533]  ___sys_sendmsg+0x220/0x290
[  274.377746][ T9533]  ? __sys_sendmsg+0x270/0x270
[  274.382558][ T9533]  ? __lock_acquire+0x7c80/0x7c80
[  274.387629][ T9533]  __se_sys_sendmsg+0x1a5/0x270
[  274.392506][ T9533]  ? __x64_sys_sendmsg+0x80/0x80
[  274.397488][ T9533]  ? lockdep_hardirqs_on+0x98/0x150
[  274.402721][ T9533]  do_syscall_64+0x55/0xb0
[  274.407156][ T9533]  ? clear_bhb_loop+0x40/0x90
[  274.411845][ T9533]  ? clear_bhb_loop+0x40/0x90
[  274.416540][ T9533]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  274.422447][ T9533] RIP: 0033:0x7f1c3e58eec9
[  274.426871][ T9533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.446492][ T9533] RSP: 002b:00007f1c3f48a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.454922][ T9533] RAX: ffffffffffffffda RBX: 00007f1c3e7e5fa0 RCX: 00007f1c3e58eec9
[  274.462918][ T9533] RDX: 0000000000000000 RSI: 0000200000003780 RDI: 0000000000000004
[  274.470889][ T9533] RBP: 00007f1c3f48a090 R08: 0000000000000000 R09: 0000000000000000
[  274.478869][ T9533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.486848][ T9533] R13: 00007f1c3e7e6038 R14: 00007f1c3e7e5fa0 R15: 00007ffcead26e08
[  274.494841][ T9533]  </TASK>
[  275.921809][ T9578] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1283'.
[  277.329381][ T9619] sctp: [Deprecated]: syz.0.1301 (pid 9619) Use of struct sctp_assoc_value in delayed_ack socket option.
[  277.329381][ T9619] Use struct sctp_sack_info instead
[  277.364394][ T9619] netlink: 'syz.0.1301': attribute type 2 has an invalid length.
[  277.379516][ T9619] netlink: 17267 bytes leftover after parsing attributes in process `syz.0.1301'.
[  277.960503][ T9630] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1305'.
[  278.182556][ T9640] netlink: 'syz.1.1310': attribute type 29 has an invalid length.
[  278.220043][ T9640] netlink: 'syz.1.1310': attribute type 29 has an invalid length.
[  278.265613][ T9644] netlink: 'syz.1.1310': attribute type 29 has an invalid length.
[  278.369383][ T9640] netlink: 'syz.1.1310': attribute type 29 has an invalid length.
[  278.382776][ T9640] netlink: 'syz.1.1310': attribute type 29 has an invalid length.
[  278.406134][ T9651] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1311'.
[  278.809427][ T9663] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1318'.
[  279.409161][ T9684] netlink: 'syz.0.1326': attribute type 29 has an invalid length.
[  279.422427][ T9684] netlink: 'syz.0.1326': attribute type 29 has an invalid length.
[  279.438229][ T9684] netlink: 'syz.0.1326': attribute type 29 has an invalid length.
[  279.454375][ T9684] netlink: 'syz.0.1326': attribute type 29 has an invalid length.
[  279.978798][ T9702] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1329'.
[  281.383857][ T9746] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1348'.
[  282.405519][ T9785] validate_nla: 13 callbacks suppressed
[  282.405538][ T9785] netlink: 'syz.2.1361': attribute type 10 has an invalid length.
[  282.420108][ T9785] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1361'.
[  282.592028][ T9791] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1360'.
[  282.854919][ T9800] netlink: 'syz.1.1366': attribute type 29 has an invalid length.
[  282.877780][ T9800] netlink: 'syz.1.1366': attribute type 29 has an invalid length.
[  282.903919][ T9802] netlink: 'syz.1.1366': attribute type 29 has an invalid length.
[  282.928460][ T9800] netlink: 'syz.1.1366': attribute type 29 has an invalid length.
[  282.948175][ T9800] netlink: 'syz.1.1366': attribute type 29 has an invalid length.
[  283.526032][ T9822] netlink: 'syz.3.1375': attribute type 29 has an invalid length.
[  283.544021][ T9822] netlink: 'syz.3.1375': attribute type 29 has an invalid length.
[  283.559333][ T9822] netlink: 'syz.3.1375': attribute type 29 has an invalid length.
[  283.572917][ T9822] netlink: 'syz.3.1375': attribute type 29 has an invalid length.
[  284.205433][ T9850] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1382'.
[  285.261313][ T9881] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1394'.
[  285.278319][ T9881] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1394'.
[  285.479082][ T9888] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1397'.
[  285.845564][ T9898] bridge0: port 3(team0) entered disabled state
[  285.872692][ T9898] team0: left allmulticast mode
[  285.878857][ T9898] team_slave_0: left allmulticast mode
[  285.891883][ T9898] team_slave_1: left allmulticast mode
[  285.898843][ T9898] team0: left promiscuous mode
[  285.908141][ T9898] team_slave_0: left promiscuous mode
[  285.914119][ T9898] team_slave_1: left promiscuous mode
[  285.923946][ T9898] bridge0: port 3(team0) entered disabled state
[  285.939877][ T9898] batman_adv: batadv0: Adding interface: team0
[  285.950674][ T9898] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.996709][ T9898] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  286.587847][ T9924] FAULT_INJECTION: forcing a failure.
[  286.587847][ T9924] name failslab, interval 1, probability 0, space 0, times 0
[  286.603578][ T9924] CPU: 1 PID: 9924 Comm: syz.0.1408 Not tainted syzkaller #0
[  286.611023][ T9924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  286.621112][ T9924] Call Trace:
[  286.624440][ T9924]  <TASK>
[  286.627404][ T9924]  dump_stack_lvl+0x16c/0x230
[  286.632171][ T9924]  ? show_regs_print_info+0x20/0x20
[  286.637421][ T9924]  ? load_image+0x3b0/0x3b0
[  286.642077][ T9924]  ? __lock_acquire+0x7c80/0x7c80
[  286.647146][ T9924]  should_fail_ex+0x39d/0x4d0
[  286.651860][ T9924]  should_failslab+0x9/0x20
[  286.656404][ T9924]  slab_pre_alloc_hook+0x59/0x310
[  286.661472][ T9924]  ? sk_prot_alloc+0xe7/0x210
[  286.666209][ T9924]  ? sk_prot_alloc+0xe7/0x210
[  286.670901][ T9924]  __kmem_cache_alloc_node+0x53/0x260
[  286.676294][ T9924]  ? sk_prot_alloc+0xe7/0x210
[  286.680983][ T9924]  __kmalloc+0xa4/0x240
[  286.685169][ T9924]  sk_prot_alloc+0xe7/0x210
[  286.689683][ T9924]  ? sk_alloc+0x24/0x360
[  286.693935][ T9924]  sk_alloc+0x3a/0x360
[  286.698012][ T9924]  ? bpf_ctx_init+0x163/0x1a0
[  286.702712][ T9924]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  286.708293][ T9924]  bpf_prog_test_run_skb+0x39a/0x11c0
[  286.713688][ T9924]  ? __fget_files+0x28/0x4d0
[  286.718307][ T9924]  ? cpu_online+0x60/0x60
[  286.722656][ T9924]  bpf_prog_test_run+0x321/0x390
[  286.727609][ T9924]  __sys_bpf+0x440/0x800
[  286.731865][ T9924]  ? bpf_link_show_fdinfo+0x350/0x350
[  286.737262][ T9924]  ? lock_chain_count+0x20/0x20
[  286.742131][ T9924]  __x64_sys_bpf+0x7c/0x90
[  286.746559][ T9924]  do_syscall_64+0x55/0xb0
[  286.750995][ T9924]  ? clear_bhb_loop+0x40/0x90
[  286.755687][ T9924]  ? clear_bhb_loop+0x40/0x90
[  286.760371][ T9924]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  286.766271][ T9924] RIP: 0033:0x7f2f4e38eec9
[  286.770701][ T9924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.790328][ T9924] RSP: 002b:00007f2f4f198038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  286.798770][ T9924] RAX: ffffffffffffffda RBX: 00007f2f4e5e5fa0 RCX: 00007f2f4e38eec9
[  286.806761][ T9924] RDX: 0000000000000050 RSI: 0000200000000240 RDI: 000000000000000a
[  286.814763][ T9924] RBP: 00007f2f4f198090 R08: 0000000000000000 R09: 0000000000000000
[  286.822751][ T9924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.830735][ T9924] R13: 00007f2f4e5e6038 R14: 00007f2f4e5e5fa0 R15: 00007ffd25943818
[  286.838728][ T9924]  </TASK>
[  287.238980][ T9930] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1411'.
[  287.492225][ T9945] validate_nla: 10 callbacks suppressed
[  287.492241][ T9945] netlink: 'syz.1.1414': attribute type 10 has an invalid length.
[  287.520318][ T9945] bridge0: port 3(team0) entered disabled state
[  287.552722][ T9945] team0: left allmulticast mode
[  287.571975][ T9945] C: left allmulticast mode
[  287.582138][ T9945] team_slave_1: left allmulticast mode
[  287.594567][ T9945] team0: left promiscuous mode
[  287.600228][ T9945] C: left promiscuous mode
[  287.605313][ T9945] team_slave_1: left promiscuous mode
[  287.611383][ T9945] bridge0: port 3(team0) entered disabled state
[  287.622334][ T9945] batman_adv: batadv0: Adding interface: team0
[  287.628774][ T9945] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.654394][ T9945] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  287.845286][ T9957] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.1417'.
[  288.577569][ T9977] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1423'.
[  288.671086][ T9982] netlink: 'syz.1.1426': attribute type 10 has an invalid length.
[  288.867560][ T9989] netlink: 'syz.0.1437': attribute type 10 has an invalid length.
[  288.891748][ T9989] bridge0: port 3(team0) entered disabled state
[  288.907612][ T9989] team0: left allmulticast mode
[  288.913195][ T9989] team_slave_0: left allmulticast mode
[  288.918719][ T9989] team_slave_1: left allmulticast mode
[  288.924537][ T9989] team0: left promiscuous mode
[  288.929370][ T9989] team_slave_0: left promiscuous mode
[  288.935865][ T9989] team_slave_1: left promiscuous mode
[  288.942397][ T9989] bridge0: port 3(team0) entered disabled state
[  288.954246][ T9989] batman_adv: batadv0: Adding interface: team0
[  288.960963][ T9989] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.986494][ T9989] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  289.656811][T10020] FAULT_INJECTION: forcing a failure.
[  289.656811][T10020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.670707][T10020] CPU: 0 PID: 10020 Comm: syz.1.1441 Not tainted syzkaller #0
[  289.678215][T10020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  289.688301][T10020] Call Trace:
[  289.691602][T10020]  <TASK>
[  289.694550][T10020]  dump_stack_lvl+0x16c/0x230
[  289.699271][T10020]  ? show_regs_print_info+0x20/0x20
[  289.704522][T10020]  ? load_image+0x3b0/0x3b0
[  289.709060][T10020]  ? __might_fault+0xaa/0x120
[  289.713760][T10020]  ? __lock_acquire+0x7c80/0x7c80
[  289.718827][T10020]  should_fail_ex+0x39d/0x4d0
[  289.723566][T10020]  _copy_to_user+0x2f/0xa0
[  289.728364][T10020]  bpf_test_finish+0x24b/0x620
[  289.733200][T10020]  ? convert___skb_to_skb+0x590/0x590
[  289.738616][T10020]  ? convert_skb_to___skb+0x420/0x420
[  289.744054][T10020]  ? bpf_test_init+0x134/0x150
[  289.748891][T10020]  bpf_prog_test_run_xdp+0x7fa/0xfa0
[  289.754254][T10020]  ? dev_put+0x80/0x80
[  289.758395][T10020]  ? dev_put+0x80/0x80
[  289.762510][T10020]  bpf_prog_test_run+0x321/0x390
[  289.767482][T10020]  __sys_bpf+0x440/0x800
[  289.771750][T10020]  ? bpf_link_show_fdinfo+0x350/0x350
[  289.777179][T10020]  ? lock_chain_count+0x20/0x20
[  289.782066][T10020]  __x64_sys_bpf+0x7c/0x90
[  289.786509][T10020]  do_syscall_64+0x55/0xb0
[  289.790969][T10020]  ? clear_bhb_loop+0x40/0x90
[  289.795667][T10020]  ? clear_bhb_loop+0x40/0x90
[  289.800370][T10020]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  289.806288][T10020] RIP: 0033:0x7f956078eec9
[  289.810721][T10020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.830362][T10020] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  289.838831][T10020] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  289.846830][T10020] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  289.854824][T10020] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  289.862826][T10020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.870822][T10020] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  289.878849][T10020]  </TASK>
[  289.895331][T10025] netlink: 'syz.2.1442': attribute type 10 has an invalid length.
[  290.086647][T10030] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1444'.
[  290.746785][T10058] FAULT_INJECTION: forcing a failure.
[  290.746785][T10058] name failslab, interval 1, probability 0, space 0, times 0
[  290.760281][T10058] CPU: 1 PID: 10058 Comm: syz.1.1453 Not tainted syzkaller #0
[  290.767827][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  290.777914][T10058] Call Trace:
[  290.781222][T10058]  <TASK>
[  290.784176][T10058]  dump_stack_lvl+0x16c/0x230
[  290.788882][T10058]  ? show_regs_print_info+0x20/0x20
[  290.794115][T10058]  ? load_image+0x3b0/0x3b0
[  290.798631][T10058]  ? __might_sleep+0xe0/0xe0
[  290.803245][T10058]  ? __lock_acquire+0x7c80/0x7c80
[  290.808284][T10058]  should_fail_ex+0x39d/0x4d0
[  290.813083][T10058]  should_failslab+0x9/0x20
[  290.817598][T10058]  slab_pre_alloc_hook+0x59/0x310
[  290.822636][T10058]  ? kobject_get_path+0xc3/0x2c0
[  290.827590][T10058]  ? kobject_get_path+0xc3/0x2c0
[  290.832556][T10058]  __kmem_cache_alloc_node+0x53/0x260
[  290.837968][T10058]  ? kobject_get_path+0xc3/0x2c0
[  290.842936][T10058]  __kmalloc+0xa4/0x240
[  290.847127][T10058]  kobject_get_path+0xc3/0x2c0
[  290.851915][T10058]  kobject_uevent_env+0x28a/0x8c0
[  290.856945][T10058]  ? sysfs_remove_group+0x26e/0x2a0
[  290.862167][T10058]  __kobject_del+0xd2/0x300
[  290.866681][T10058]  ? kobject_put+0x22d/0x470
[  290.871286][T10058]  kobject_put+0x239/0x470
[  290.875733][T10058]  netdev_queue_update_kobjects+0x3ed/0x480
[  290.881665][T10058]  netif_set_real_num_tx_queues+0x183/0x8e0
[  290.887576][T10058]  ? _raw_spin_unlock+0x40/0x40
[  290.892496][T10058]  __tun_detach+0xbcd/0x1500
[  290.897116][T10058]  __tun_chr_ioctl+0xc3f/0x1fd0
[  290.901981][T10058]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  290.908147][T10058]  ? tun_flow_create+0x310/0x310
[  290.913117][T10058]  ? bpf_lsm_file_free_security+0x10/0x10
[  290.918860][T10058]  ? bpf_lsm_file_ioctl+0x9/0x10
[  290.923906][T10058]  ? security_file_ioctl+0x80/0xa0
[  290.929064][T10058]  ? tun_chr_poll+0x630/0x630
[  290.933754][T10058]  __se_sys_ioctl+0xfd/0x170
[  290.938361][T10058]  do_syscall_64+0x55/0xb0
[  290.942790][T10058]  ? clear_bhb_loop+0x40/0x90
[  290.947469][T10058]  ? clear_bhb_loop+0x40/0x90
[  290.952151][T10058]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.958081][T10058] RIP: 0033:0x7f956078eec9
[  290.962507][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.982122][T10058] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.990549][T10058] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  290.998533][T10058] RDX: 0000200000000100 RSI: 00000000400454d9 RDI: 0000000000000006
[  291.006517][T10058] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  291.014514][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.022498][T10058] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  291.030494][T10058]  </TASK>
[  291.063237][T10060] netlink: 'syz.2.1454': attribute type 10 has an invalid length.
[  291.894254][T10082] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1459'.
[  292.272026][T10094] netlink: 'syz.1.1465': attribute type 10 has an invalid length.
[  293.341715][T10123] netlink: 'syz.2.1475': attribute type 10 has an invalid length.
[  293.537972][T10128] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1478'.
[  294.782579][T10157] netlink: 'syz.2.1485': attribute type 10 has an invalid length.
[  295.912075][T10199] netlink: 'syz.1.1499': attribute type 10 has an invalid length.
[  297.460087][T10230] netlink: 'syz.0.1510': attribute type 10 has an invalid length.
[  297.824958][T10248] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1512'.
[  298.719544][T10267] netlink: 'syz.0.1521': attribute type 10 has an invalid length.
[  299.235912][T10288] netlink: 'syz.0.1531': attribute type 10 has an invalid length.
[  299.373263][T10292] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1529'.
[  300.076116][T10318] netlink: 'syz.1.1540': attribute type 10 has an invalid length.
[  301.487862][T10342] netlink: 'syz.3.1549': attribute type 10 has an invalid length.
[  301.519626][T10342] bridge0: port 3(team0) entered disabled state
[  301.540012][T10342] team0: left allmulticast mode
[  301.550271][T10342] team_slave_0: left allmulticast mode
[  301.556555][T10342] team_slave_1: left allmulticast mode
[  301.580253][T10342] team0: left promiscuous mode
[  301.595813][T10342] team_slave_0: left promiscuous mode
[  301.606424][T10342] team_slave_1: left promiscuous mode
[  301.614065][T10342] bridge0: port 3(team0) entered disabled state
[  301.627163][T10349] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1545'.
[  301.628777][T10342] batman_adv: batadv0: Adding interface: team0
[  301.643136][T10342] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.669143][T10342] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  302.603479][T10381] netlink: 'syz.1.1561': attribute type 10 has an invalid length.
[  303.450388][T10410] netlink: 'syz.1.1572': attribute type 10 has an invalid length.
[  304.345980][T10435] netlink: 'syz.2.1581': attribute type 10 has an invalid length.
[  305.607208][T10466] netlink: 'syz.1.1592': attribute type 10 has an invalid length.
[  305.775021][T10469] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1593'.
[  306.466287][T10492] netlink: 'syz.1.1602': attribute type 10 has an invalid length.
[  307.422625][T10505] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1605'.
[  308.215796][T10534] netlink: 144316 bytes leftover after parsing attributes in process `syz.2.1616'.
[  308.231118][T10534] netlink: 'syz.2.1616': attribute type 29 has an invalid length.
[  308.240356][T10534] netlink: 'syz.2.1616': attribute type 29 has an invalid length.
[  311.569542][T10553] FAULT_INJECTION: forcing a failure.
[  311.569542][T10553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.629619][T10551] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1620'.
[  311.639546][T10553] CPU: 1 PID: 10553 Comm: syz.2.1621 Not tainted syzkaller #0
[  311.647034][T10553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  311.657201][T10553] Call Trace:
[  311.660489][T10553]  <TASK>
[  311.663428][T10553]  dump_stack_lvl+0x16c/0x230
[  311.668133][T10553]  ? show_regs_print_info+0x20/0x20
[  311.673353][T10553]  ? load_image+0x3b0/0x3b0
[  311.677872][T10553]  ? __lock_acquire+0x7c80/0x7c80
[  311.682909][T10553]  ? snprintf+0xdb/0x120
[  311.687161][T10553]  should_fail_ex+0x39d/0x4d0
[  311.691852][T10553]  _copy_to_user+0x2f/0xa0
[  311.696294][T10553]  simple_read_from_buffer+0xe7/0x150
[  311.701698][T10553]  proc_fail_nth_read+0x1e3/0x250
[  311.706755][T10553]  ? proc_fault_inject_write+0x340/0x340
[  311.712418][T10553]  ? fsnotify_perm+0x271/0x5e0
[  311.717199][T10553]  ? proc_fault_inject_write+0x340/0x340
[  311.722874][T10553]  vfs_read+0x27e/0x920
[  311.727045][T10553]  ? kernel_read+0x1e0/0x1e0
[  311.731642][T10553]  ? __fget_files+0x28/0x4d0
[  311.736241][T10553]  ? __fget_files+0x44a/0x4d0
[  311.740934][T10553]  ? __fdget_pos+0x2a3/0x330
[  311.745531][T10553]  ? ksys_read+0x75/0x250
[  311.749874][T10553]  ksys_read+0x147/0x250
[  311.754133][T10553]  ? vfs_write+0x940/0x940
[  311.758567][T10553]  ? lockdep_hardirqs_on+0x98/0x150
[  311.763795][T10553]  do_syscall_64+0x55/0xb0
[  311.768239][T10553]  ? clear_bhb_loop+0x40/0x90
[  311.772931][T10553]  ? clear_bhb_loop+0x40/0x90
[  311.777616][T10553]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.783516][T10553] RIP: 0033:0x7f1c3e58d8dc
[  311.787946][T10553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  311.807566][T10553] RSP: 002b:00007f1c3f48a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  311.815984][T10553] RAX: ffffffffffffffda RBX: 00007f1c3e7e5fa0 RCX: 00007f1c3e58d8dc
[  311.823958][T10553] RDX: 000000000000000f RSI: 00007f1c3f48a0a0 RDI: 0000000000000004
[  311.831939][T10553] RBP: 00007f1c3f48a090 R08: 0000000000000000 R09: 0000000000000000
[  311.839915][T10553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.847892][T10553] R13: 00007f1c3e7e6038 R14: 00007f1c3e7e5fa0 R15: 00007ffcead26e08
[  311.855889][T10553]  </TASK>
[  312.269912][T10576] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1629'.
[  312.373423][T10577] netlink: 'syz.0.1628': attribute type 21 has an invalid length.
[  312.381909][T10577] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1628'.
[  312.391675][T10577] netlink: 'syz.0.1628': attribute type 4 has an invalid length.
[  312.878083][T10596] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1632'.
[  313.128162][T10603] FAULT_INJECTION: forcing a failure.
[  313.128162][T10603] name failslab, interval 1, probability 0, space 0, times 0
[  313.142363][T10603] CPU: 0 PID: 10603 Comm: syz.1.1637 Not tainted syzkaller #0
[  313.149862][T10603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  313.159940][T10603] Call Trace:
[  313.163255][T10603]  <TASK>
[  313.166203][T10603]  dump_stack_lvl+0x16c/0x230
[  313.170898][T10603]  ? show_regs_print_info+0x20/0x20
[  313.176163][T10603]  ? load_image+0x3b0/0x3b0
[  313.180710][T10603]  ? __might_sleep+0xe0/0xe0
[  313.185327][T10603]  ? __lock_acquire+0x7c80/0x7c80
[  313.190370][T10603]  should_fail_ex+0x39d/0x4d0
[  313.195084][T10603]  should_failslab+0x9/0x20
[  313.199601][T10603]  slab_pre_alloc_hook+0x59/0x310
[  313.204650][T10603]  ? apparmor_sk_alloc_security+0x77/0x100
[  313.210473][T10603]  __kmem_cache_alloc_node+0x53/0x260
[  313.215863][T10603]  ? apparmor_sk_alloc_security+0x77/0x100
[  313.221686][T10603]  kmalloc_trace+0x2a/0xe0
[  313.226119][T10603]  apparmor_sk_alloc_security+0x77/0x100
[  313.231764][T10603]  security_sk_alloc+0x6e/0xa0
[  313.236544][T10603]  sk_prot_alloc+0x101/0x210
[  313.241147][T10603]  ? sk_alloc+0x24/0x360
[  313.245411][T10603]  sk_alloc+0x3a/0x360
[  313.249486][T10603]  ? bpf_ctx_init+0x163/0x1a0
[  313.254177][T10603]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  313.259737][T10603]  bpf_prog_test_run_skb+0x39a/0x11c0
[  313.265125][T10603]  ? __fget_files+0x28/0x4d0
[  313.269740][T10603]  ? cpu_online+0x60/0x60
[  313.274082][T10603]  bpf_prog_test_run+0x321/0x390
[  313.279031][T10603]  __sys_bpf+0x440/0x800
[  313.283280][T10603]  ? bpf_link_show_fdinfo+0x350/0x350
[  313.288675][T10603]  ? lock_chain_count+0x20/0x20
[  313.293572][T10603]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  313.299571][T10603]  __x64_sys_bpf+0x7c/0x90
[  313.304023][T10603]  do_syscall_64+0x55/0xb0
[  313.308482][T10603]  ? clear_bhb_loop+0x40/0x90
[  313.313184][T10603]  ? clear_bhb_loop+0x40/0x90
[  313.317909][T10603]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.323826][T10603] RIP: 0033:0x7f956078eec9
[  313.328264][T10603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.347971][T10603] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  313.356395][T10603] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  313.364384][T10603] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  313.372355][T10603] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  313.380337][T10603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.388311][T10603] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  313.396303][T10603]  </TASK>
[  314.003952][T10627] netlink: 'syz.3.1646': attribute type 10 has an invalid length.
[  314.283516][T10639] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1648'.
[  314.325625][T10641] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1651'.
[  315.407285][T10663] netlink: 'syz.2.1658': attribute type 10 has an invalid length.
[  316.584166][T10672] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1661'.
[  317.302817][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.309265][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  318.642865][T10732] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1678'.
[  319.951439][T10770] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1689'.
[  321.406681][T10816] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1704'.
[  321.807644][T10827] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1707'.
[  322.434920][T10845] netlink: 'syz.0.1713': attribute type 29 has an invalid length.
[  322.443436][T10845] netlink: 'syz.0.1713': attribute type 29 has an invalid length.
[  322.453038][T10845] netlink: 'syz.0.1713': attribute type 29 has an invalid length.
[  322.466271][T10845] netlink: 'syz.0.1713': attribute type 29 has an invalid length.
[  322.477773][T10845] netlink: 'syz.0.1713': attribute type 29 has an invalid length.
[  323.086663][T10869] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1723'.
[  323.301653][T10873] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1732'.
[  323.472789][T10879] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1724'.
[  323.529264][T10882] netlink: 'syz.0.1725': attribute type 29 has an invalid length.
[  323.551000][T10882] netlink: 'syz.0.1725': attribute type 29 has an invalid length.
[  323.577032][T10882] netlink: 'syz.0.1725': attribute type 29 has an invalid length.
[  323.594142][T10882] netlink: 'syz.0.1725': attribute type 29 has an invalid length.
[  323.609182][T10882] netlink: 'syz.0.1725': attribute type 29 has an invalid length.
[  324.039047][T10899] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1734'.
[  325.196675][T10949] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1747'.
[  325.813518][T10972] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1751'.
[  327.400081][T11016] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1765'.
[  328.182302][T11023] validate_nla: 4 callbacks suppressed
[  328.182320][T11023] netlink: 'syz.1.1774': attribute type 10 has an invalid length.
[  328.383979][T11029] netlink: 'syz.3.1768': attribute type 29 has an invalid length.
[  328.400123][T11029] netlink: 'syz.3.1768': attribute type 29 has an invalid length.
[  328.409402][T11029] netlink: 'syz.3.1768': attribute type 29 has an invalid length.
[  328.429980][T11029] netlink: 'syz.3.1768': attribute type 29 has an invalid length.
[  328.800216][T11045] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1775'.
[  329.109274][T11061] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1780'.
[  329.175585][T11064] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1779'.
[  329.922325][T11088] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1788'.
[  330.086392][T11093] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1789'.
[  330.421379][T11101] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1791'.
[  330.512144][T11104] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1792'.
[  331.046648][T11126] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1799'.
[  331.492102][T11144] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1809'.
[  331.505986][T11145] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1802'.
[  332.237254][T11165] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1807'.
[  334.155223][T11230] __nla_validate_parse: 3 callbacks suppressed
[  334.155241][T11230] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1829'.
[  334.157064][T11228] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1830'.
[  335.580423][T11275] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1841'.
[  335.716132][T11282] FAULT_INJECTION: forcing a failure.
[  335.716132][T11282] name failslab, interval 1, probability 0, space 0, times 0
[  335.729679][T11282] CPU: 0 PID: 11282 Comm: syz.1.1845 Not tainted syzkaller #0
[  335.737205][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  335.747292][T11282] Call Trace:
[  335.750584][T11282]  <TASK>
[  335.753525][T11282]  dump_stack_lvl+0x16c/0x230
[  335.758224][T11282]  ? show_regs_print_info+0x20/0x20
[  335.763446][T11282]  ? load_image+0x3b0/0x3b0
[  335.767971][T11282]  ? __local_bh_enable_ip+0x12e/0x1c0
[  335.773441][T11282]  ? lockdep_hardirqs_on+0x98/0x150
[  335.778670][T11282]  ? __local_bh_enable_ip+0x12e/0x1c0
[  335.784063][T11282]  should_fail_ex+0x39d/0x4d0
[  335.788767][T11282]  should_failslab+0x9/0x20
[  335.793289][T11282]  slab_pre_alloc_hook+0x59/0x310
[  335.798331][T11282]  ? sctp_get_port_local+0xe47/0x1610
[  335.803721][T11282]  ? sctp_add_bind_addr+0x8c/0x360
[  335.808846][T11282]  __kmem_cache_alloc_node+0x53/0x260
[  335.814272][T11282]  ? sctp_add_bind_addr+0x8c/0x360
[  335.819416][T11282]  kmalloc_trace+0x2a/0xe0
[  335.823876][T11282]  sctp_add_bind_addr+0x8c/0x360
[  335.828860][T11282]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  335.834360][T11282]  sctp_do_bind+0x614/0x9a0
[  335.838905][T11282]  sctp_connect_new_asoc+0x256/0x690
[  335.844218][T11282]  ? __sctp_connect+0xd20/0xd20
[  335.849098][T11282]  ? mark_lock+0x94/0x320
[  335.853442][T11282]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  335.859275][T11282]  __sctp_connect+0x5a2/0xd20
[  335.863975][T11282]  ? sctp_send_asconf+0x170/0x170
[  335.869035][T11282]  ? __local_bh_enable_ip+0x12e/0x1c0
[  335.874429][T11282]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  335.880014][T11282]  ? security_sctp_bind_connect+0x89/0xb0
[  335.885746][T11282]  sctp_setsockopt_connectx+0x104/0x1a0
[  335.891312][T11282]  sctp_setsockopt+0x6d8/0x11e0
[  335.896293][T11282]  ? sock_common_recvmsg+0x1b0/0x1b0
[  335.901606][T11282]  do_sock_setsockopt+0x175/0x1a0
[  335.906646][T11282]  ? __fdget+0x180/0x210
[  335.910898][T11282]  __x64_sys_setsockopt+0x184/0x200
[  335.916128][T11282]  do_syscall_64+0x55/0xb0
[  335.920557][T11282]  ? clear_bhb_loop+0x40/0x90
[  335.925275][T11282]  ? clear_bhb_loop+0x40/0x90
[  335.929956][T11282]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.935852][T11282] RIP: 0033:0x7f956078eec9
[  335.940271][T11282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.960032][T11282] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  335.968475][T11282] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  335.976482][T11282] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000003
[  335.984478][T11282] RBP: 00007f9561651090 R08: 000000000000002c R09: 0000000000000000
[  335.992466][T11282] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.000453][T11282] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  336.008464][T11282]  </TASK>
[  336.140730][T11284] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1846'.
[  336.213045][T11286] netlink: 'syz.1.1847': attribute type 25 has an invalid length.
[  336.221017][T11286] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.1847'.
[  336.949172][T11315] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1855'.
[  336.967583][T11314] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1856'.
[  337.889550][T11344] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[  337.973002][T11348] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1865'.
[  338.861176][T11359] netlink: 'syz.0.1869': attribute type 10 has an invalid length.
[  339.169123][T11377] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1874'.
[  339.321842][T11381] netlink: 'syz.3.1877': attribute type 21 has an invalid length.
[  339.899374][T11398] netlink: 'syz.3.1881': attribute type 10 has an invalid length.
[  341.065414][T11434] netlink: 'syz.3.1893': attribute type 10 has an invalid length.
[  341.377306][T11447] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1897'.
[  341.680158][T11460] netlink: 207508 bytes leftover after parsing attributes in process `syz.2.1900'.
[  341.849339][T11466] netlink: 'syz.2.1902': attribute type 2 has an invalid length.
[  341.871486][T11466] netlink: 'syz.2.1902': attribute type 8 has an invalid length.
[  341.881472][T11466] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1902'.
[  342.478593][T11474] netlink: 'syz.1.1904': attribute type 10 has an invalid length.
[  342.750017][T11489] netlink: 'syz.2.1909': attribute type 21 has an invalid length.
[  342.822681][T11498] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1911'.
[  342.893394][T11498] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1911'.
[  342.957237][T11494] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1911'.
[  342.973271][T11500] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1911'.
[  343.257746][T11512] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1914'.
[  343.588395][T11520] netlink: 'syz.1.1918': attribute type 10 has an invalid length.
[  344.120402][T11536] netlink: 'syz.1.1923': attribute type 21 has an invalid length.
[  344.561674][T11552] netlink: 'syz.1.1928': attribute type 10 has an invalid length.
[  345.133296][T11573] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1932'.
[  345.285395][T11583] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1935'.
[  345.337303][T11585] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1936'.
[  345.467771][T11589] netlink: 'syz.1.1938': attribute type 10 has an invalid length.
[  346.359231][T11623] FAULT_INJECTION: forcing a failure.
[  346.359231][T11623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.377450][T11623] CPU: 0 PID: 11623 Comm: syz.1.1949 Not tainted syzkaller #0
[  346.384966][T11623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  346.395056][T11623] Call Trace:
[  346.398366][T11623]  <TASK>
[  346.401331][T11623]  dump_stack_lvl+0x16c/0x230
[  346.406056][T11623]  ? show_regs_print_info+0x20/0x20
[  346.411301][T11623]  ? load_image+0x3b0/0x3b0
[  346.415853][T11623]  ? __might_fault+0xaa/0x120
[  346.420570][T11623]  ? __lock_acquire+0x7c80/0x7c80
[  346.425674][T11623]  ? __virt_addr_valid+0x18c/0x540
[  346.430838][T11623]  should_fail_ex+0x39d/0x4d0
[  346.435577][T11623]  _copy_from_user+0x2f/0xe0
[  346.440205][T11623]  bpf_prog_test_run_skb+0x259/0x11c0
[  346.445622][T11623]  ? __fget_files+0x28/0x4d0
[  346.450251][T11623]  ? __fget_files+0x44a/0x4d0
[  346.455010][T11623]  ? cpu_online+0x60/0x60
[  346.459377][T11623]  bpf_prog_test_run+0x321/0x390
[  346.464352][T11623]  __sys_bpf+0x440/0x800
[  346.468645][T11623]  ? bpf_link_show_fdinfo+0x350/0x350
[  346.474095][T11623]  ? lock_chain_count+0x20/0x20
[  346.479038][T11623]  __x64_sys_bpf+0x7c/0x90
[  346.483486][T11623]  do_syscall_64+0x55/0xb0
[  346.487926][T11623]  ? clear_bhb_loop+0x40/0x90
[  346.492628][T11623]  ? clear_bhb_loop+0x40/0x90
[  346.497318][T11623]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  346.503223][T11623] RIP: 0033:0x7f956078eec9
[  346.507649][T11623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.527274][T11623] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  346.535699][T11623] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  346.543683][T11623] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  346.551665][T11623] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  346.559648][T11623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.567636][T11623] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  346.575640][T11623]  </TASK>
[  346.855632][T11634] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1953'.
[  347.351490][T11657] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1958'.
[  347.820272][T11675] FAULT_INJECTION: forcing a failure.
[  347.820272][T11675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.833577][T11675] CPU: 1 PID: 11675 Comm: syz.1.1965 Not tainted syzkaller #0
[  347.841063][T11675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  347.851123][T11675] Call Trace:
[  347.854405][T11675]  <TASK>
[  347.857342][T11675]  dump_stack_lvl+0x16c/0x230
[  347.862045][T11675]  ? show_regs_print_info+0x20/0x20
[  347.867261][T11675]  ? load_image+0x3b0/0x3b0
[  347.871773][T11675]  ? __might_fault+0xaa/0x120
[  347.876455][T11675]  ? __lock_acquire+0x7c80/0x7c80
[  347.881492][T11675]  should_fail_ex+0x39d/0x4d0
[  347.886199][T11675]  _copy_to_user+0x2f/0xa0
[  347.890633][T11675]  bpf_test_finish+0x24b/0x620
[  347.895427][T11675]  ? convert___skb_to_skb+0x590/0x590
[  347.900814][T11675]  ? convert_skb_to___skb+0x420/0x420
[  347.906215][T11675]  ? rcuref_put_slowpath+0x101/0x150
[  347.911507][T11675]  ? rep_movs_alternative+0x4a/0x90
[  347.916721][T11675]  bpf_prog_test_run_xdp+0x7fa/0xfa0
[  347.922022][T11675]  ? dev_put+0x80/0x80
[  347.926111][T11675]  ? dev_put+0x80/0x80
[  347.930184][T11675]  bpf_prog_test_run+0x321/0x390
[  347.935127][T11675]  __sys_bpf+0x440/0x800
[  347.939422][T11675]  ? bpf_link_show_fdinfo+0x350/0x350
[  347.944828][T11675]  ? lock_chain_count+0x20/0x20
[  347.949701][T11675]  __x64_sys_bpf+0x7c/0x90
[  347.954125][T11675]  do_syscall_64+0x55/0xb0
[  347.958560][T11675]  ? clear_bhb_loop+0x40/0x90
[  347.963278][T11675]  ? clear_bhb_loop+0x40/0x90
[  347.967980][T11675]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  347.973899][T11675] RIP: 0033:0x7f956078eec9
[  347.978336][T11675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.997965][T11675] RSP: 002b:00007f9561651038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  348.006401][T11675] RAX: ffffffffffffffda RBX: 00007f95609e5fa0 RCX: 00007f956078eec9
[  348.014379][T11675] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  348.022359][T11675] RBP: 00007f9561651090 R08: 0000000000000000 R09: 0000000000000000
[  348.030334][T11675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.038314][T11675] R13: 00007f95609e6038 R14: 00007f95609e5fa0 R15: 00007ffd31320458
[  348.046313][T11675]  </TASK>
[  348.880863][ T5102] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  348.900852][ T5102] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  348.909630][ T5102] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  348.919371][ T5102] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  348.927922][ T5102] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  348.935627][ T5102] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  349.049575][ T5791] bond0: (slave syz_tun): Releasing backup interface
[  349.405568][T11693] chnl_net:caif_netlink_parms(): no params data found
[  349.569792][T11693] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.577421][T11693] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.584863][T11693] bridge_slave_0: entered allmulticast mode
[  349.592953][T11693] bridge_slave_0: entered promiscuous mode
[  349.602062][T11693] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.609258][T11693] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.616565][T11693] bridge_slave_1: entered allmulticast mode
[  349.624769][T11693] bridge_slave_1: entered promiscuous mode
[  349.659954][T11693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.677283][T11693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.718908][T11693] team0: Port device team_slave_0 added
[  349.727610][T11693] team0: Port device team_slave_1 added
[  349.759100][T11693] batman_adv: batadv0: Adding interface: batadv_slave_0
[  349.766229][T11693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.792631][T11693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  349.807300][T11693] batman_adv: batadv0: Adding interface: batadv_slave_1
[  349.814577][T11693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.840634][T11693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.892667][T11693] hsr_slave_0: entered promiscuous mode
[  349.899777][T11693] hsr_slave_1: entered promiscuous mode
[  349.906104][T11693] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  349.913932][T11693] Cannot create hsr debugfs directory
[  350.039239][T11693] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.198612][T11693] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.298097][T11720] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1974'.
[  350.398323][T11693] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.529071][T11693] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.708045][T11693] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  350.719268][T11693] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  350.731370][T11693] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  350.744360][T11693] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  350.782052][T11728] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  350.791849][T11728] IPv6: NLM_F_CREATE should be set when creating new route
[  350.803910][T11728] IPv6: NLM_F_CREATE should be set when creating new route
[  350.812526][T11728] IPv6: NLM_F_CREATE should be set when creating new route
[  351.010709][ T5102] Bluetooth: hci4: command tx timeout
[  351.106653][T11693] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.246314][T11693] 8021q: adding VLAN 0 to HW filter on device team0
[  351.302072][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.309212][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  351.342641][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.349803][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  351.523011][T11693] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  351.993565][T11693] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.099473][T11693] veth0_vlan: entered promiscuous mode
[  352.125862][T11693] veth1_vlan: entered promiscuous mode
[  352.196931][T11693] veth0_macvtap: entered promiscuous mode
[  352.218707][T11693] veth1_macvtap: entered promiscuous mode
[  352.244433][T11693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  352.257315][T11693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.271318][T11693] batman_adv: batadv0: Interface activated: batadv_slave_0
[  352.299272][T11693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.320060][T11693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.331568][T11693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.343261][T11693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.353455][T11693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.369184][T11693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.386307][T11693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.397129][T11693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.414133][T11693] batman_adv: batadv0: Interface activated: batadv_slave_1
[  352.435204][T11693] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.446761][T11693] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.456985][T11693] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.466303][T11693] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  352.562302][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.567370][T11760] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1987'.
[  352.570156][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.602465][T11760] netlink: 'syz.3.1987': attribute type 12 has an invalid length.
[  352.611731][T11760] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1987'.
[  352.717085][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.743913][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.090906][ T5102] Bluetooth: hci4: command tx timeout
[  353.757095][T11797] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1998'.
[  354.772925][T11824] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2005'.
[  355.009853][T11831] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.2010'.
[  355.170894][ T5799] Bluetooth: hci4: command tx timeout
[  355.699255][T11860] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  355.706633][T11860] IPv6: NLM_F_CREATE should be set when creating new route
[  355.713915][T11860] IPv6: NLM_F_CREATE should be set when creating new route
[  355.721207][T11860] IPv6: NLM_F_CREATE should be set when creating new route
[  355.879403][T11864] FAULT_INJECTION: forcing a failure.
[  355.879403][T11864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.901053][T11864] CPU: 1 PID: 11864 Comm: syz.1.2022 Not tainted syzkaller #0
[  355.908590][T11864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  355.918684][T11864] Call Trace:
[  355.922095][T11864]  <TASK>
[  355.925070][T11864]  dump_stack_lvl+0x16c/0x230
[  355.929787][T11864]  ? show_regs_print_info+0x20/0x20
[  355.935111][T11864]  ? load_image+0x3b0/0x3b0
[  355.939678][T11864]  ? __might_fault+0xaa/0x120
[  355.944381][T11864]  ? __lock_acquire+0x7c80/0x7c80
[  355.949453][T11864]  ? seqcount_lockdep_reader_access+0x160/0x1c0
[  355.955754][T11864]  should_fail_ex+0x39d/0x4d0
[  355.960482][T11864]  _copy_from_user+0x2f/0xe0
[  355.965119][T11864]  __sys_bpf+0x1e9/0x800
[  355.969397][T11864]  ? bpf_link_show_fdinfo+0x350/0x350
[  355.974817][T11864]  ? lock_chain_count+0x20/0x20
[  355.979692][T11864]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  355.985709][T11864]  __x64_sys_bpf+0x7c/0x90
[  355.990306][T11864]  do_syscall_64+0x55/0xb0
[  355.994754][T11864]  ? clear_bhb_loop+0x40/0x90
[  355.999461][T11864]  ? clear_bhb_loop+0x40/0x90
[  356.004167][T11864]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  356.010091][T11864] RIP: 0033:0x7fabb198eec9
[  356.014535][T11864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.034170][T11864] RSP: 002b:00007fabb2910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  356.042616][T11864] RAX: ffffffffffffffda RBX: 00007fabb1be5fa0 RCX: 00007fabb198eec9
[  356.050617][T11864] RDX: 0000000000000094 RSI: 0000200000000080 RDI: 0000000000000005
[  356.058705][T11864] RBP: 00007fabb2910090 R08: 0000000000000000 R09: 0000000000000000
[  356.066704][T11864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.074698][T11864] R13: 00007fabb1be6038 R14: 00007fabb1be5fa0 R15: 00007ffce4badcc8
[  356.082717][T11864]  </TASK>
[  356.639051][T11866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2024'.
[  357.111220][T11885] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2028'.
[  357.237701][T11889] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2031'.
[  357.247073][ T5799] Bluetooth: hci4: command tx timeout
[  357.650216][T11901] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  357.657774][T11901] IPv6: NLM_F_CREATE should be set when creating new route
[  357.669507][T11901] IPv6: NLM_F_CREATE should be set when creating new route
[  357.683088][T11901] IPv6: NLM_F_CREATE should be set when creating new route
[  359.081666][T11922] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2042'.
[  359.380138][T11932] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2044'.
[  360.524340][T11968] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2054'.
[  362.087115][T11989] FAULT_INJECTION: forcing a failure.
[  362.087115][T11989] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.107785][T11989] CPU: 1 PID: 11989 Comm: syz.3.2060 Not tainted syzkaller #0
[  362.115347][T11989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  362.125448][T11989] Call Trace:
[  362.128767][T11989]  <TASK>
[  362.131744][T11989]  dump_stack_lvl+0x16c/0x230
[  362.136468][T11989]  ? show_regs_print_info+0x20/0x20
[  362.141711][T11989]  ? load_image+0x3b0/0x3b0
[  362.146303][T11989]  ? __might_fault+0xaa/0x120
[  362.151029][T11989]  ? __lock_acquire+0x7c80/0x7c80
[  362.156101][T11989]  should_fail_ex+0x39d/0x4d0
[  362.160844][T11989]  _copy_from_iter+0x1d3/0x1290
[  362.165752][T11989]  ? trace_event_raw_event_lock_acquire+0x2a0/0x2a0
[  362.172390][T11989]  ? copyout_mc+0x70/0x70
[  362.176783][T11989]  tun_get_user+0x1e2/0x3bf0
[  362.181429][T11989]  ? aa_file_perm+0x120/0xec0
[  362.186155][T11989]  ? aa_file_perm+0x3e8/0xec0
[  362.190872][T11989]  ? rcu_read_unlock+0xa0/0xa0
[  362.195677][T11989]  ? tun_get+0x1c/0x2e0
[  362.199850][T11989]  ? __lock_acquire+0x7c80/0x7c80
[  362.204910][T11989]  ? tun_get+0x1c/0x2e0
[  362.209120][T11989]  tun_chr_write_iter+0x119/0x200
[  362.214188][T11989]  vfs_write+0x43b/0x940
[  362.218486][T11989]  ? file_end_write+0x250/0x250
[  362.223386][T11989]  ? __fget_files+0x44a/0x4d0
[  362.228121][T11989]  ? __fdget_pos+0x1d8/0x330
[  362.232759][T11989]  ? ksys_write+0x75/0x250
[  362.237217][T11989]  ksys_write+0x147/0x250
[  362.241597][T11989]  ? __ia32_sys_read+0x90/0x90
[  362.246407][T11989]  ? lockdep_hardirqs_on+0x98/0x150
[  362.251693][T11989]  do_syscall_64+0x55/0xb0
[  362.256172][T11989]  ? clear_bhb_loop+0x40/0x90
[  362.260905][T11989]  ? clear_bhb_loop+0x40/0x90
[  362.265625][T11989]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.271564][T11989] RIP: 0033:0x7f24cb18eec9
[  362.276015][T11989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.295667][T11989] RSP: 002b:00007f24cc08c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  362.304132][T11989] RAX: ffffffffffffffda RBX: 00007f24cb3e6090 RCX: 00007f24cb18eec9
[  362.312144][T11989] RDX: 00000000fffffe14 RSI: 0000200000000840 RDI: 0000000000000008
[  362.320167][T11989] RBP: 00007f24cc08c090 R08: 0000000000000000 R09: 0000000000000000
[  362.328179][T11989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.336191][T11989] R13: 00007f24cb3e6128 R14: 00007f24cb3e6090 R15: 00007ffdc3912d28
[  362.344217][T11989]  </TASK>
[  362.827488][T12003] FAULT_INJECTION: forcing a failure.
[  362.827488][T12003] name failslab, interval 1, probability 0, space 0, times 0
[  362.840459][T12003] CPU: 1 PID: 12003 Comm: syz.1.2066 Not tainted syzkaller #0
[  362.847986][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  362.858088][T12003] Call Trace:
[  362.861404][T12003]  <TASK>
[  362.864372][T12003]  dump_stack_lvl+0x16c/0x230
[  362.869122][T12003]  ? show_regs_print_info+0x20/0x20
[  362.874370][T12003]  ? load_image+0x3b0/0x3b0
[  362.878925][T12003]  ? __might_sleep+0xe0/0xe0
[  362.883574][T12003]  ? __lock_acquire+0x7c80/0x7c80
[  362.888648][T12003]  should_fail_ex+0x39d/0x4d0
[  362.893383][T12003]  should_failslab+0x9/0x20
[  362.897932][T12003]  slab_pre_alloc_hook+0x59/0x310
[  362.903010][T12003]  ? __lock_acquire+0x7c80/0x7c80
[  362.908076][T12003]  kmem_cache_alloc_node+0x60/0x330
[  362.913366][T12003]  ? __alloc_skb+0x108/0x2c0
[  362.918012][T12003]  __alloc_skb+0x108/0x2c0
[  362.922502][T12003]  netlink_sendmsg+0x65b/0xbe0
[  362.927311][T12003]  ? netlink_getsockopt+0x580/0x580
[  362.932548][T12003]  ? aa_sock_msg_perm+0x94/0x150
[  362.937518][T12003]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.942847][T12003]  ? security_socket_sendmsg+0x80/0xa0
[  362.948335][T12003]  ? netlink_getsockopt+0x580/0x580
[  362.953553][T12003]  ____sys_sendmsg+0x5bf/0x950
[  362.958344][T12003]  ? __asan_memset+0x22/0x40
[  362.962953][T12003]  ? __sys_sendmsg_sock+0x30/0x30
[  362.967995][T12003]  ? __import_iovec+0x5f2/0x860
[  362.972872][T12003]  ? import_iovec+0x73/0xa0
[  362.977393][T12003]  ___sys_sendmsg+0x220/0x290
[  362.982103][T12003]  ? __sys_sendmsg+0x270/0x270
[  362.986899][T12003]  ? __lock_acquire+0x7c80/0x7c80
[  362.991963][T12003]  __se_sys_sendmsg+0x1a5/0x270
[  362.996842][T12003]  ? __x64_sys_sendmsg+0x80/0x80
[  363.001820][T12003]  ? lockdep_hardirqs_on+0x98/0x150
[  363.007049][T12003]  do_syscall_64+0x55/0xb0
[  363.011481][T12003]  ? clear_bhb_loop+0x40/0x90
[  363.016167][T12003]  ? clear_bhb_loop+0x40/0x90
[  363.020867][T12003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  363.026771][T12003] RIP: 0033:0x7fabb198eec9
[  363.031195][T12003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.050847][T12003] RSP: 002b:00007fabb2910038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.059270][T12003] RAX: ffffffffffffffda RBX: 00007fabb1be5fa0 RCX: 00007fabb198eec9
[  363.067251][T12003] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  363.075228][T12003] RBP: 00007fabb2910090 R08: 0000000000000000 R09: 0000000000000000
[  363.083221][T12003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.091202][T12003] R13: 00007fabb1be6038 R14: 00007fabb1be5fa0 R15: 00007ffce4badcc8
[  363.099195][T12003]  </TASK>
[  364.027088][T12038] C: renamed from team_slave_0 (while UP)
[  364.057208][T12038] netlink: 'syz.0.2080': attribute type 4 has an invalid length.
[  364.085982][T12038] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  364.251853][T12048] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2082'.
[  364.261487][T12048] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2082'.
[  364.271011][T12044] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2082'.
[  364.287440][T12048] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2082'.
[  364.911273][T12071] netlink: 17267 bytes leftover after parsing attributes in process `syz.2.2092'.
[  365.501254][T12092] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2100'.
[  365.961749][T12107] FAULT_INJECTION: forcing a failure.
[  365.961749][T12107] name failslab, interval 1, probability 0, space 0, times 0
[  365.986433][T12107] CPU: 1 PID: 12107 Comm: syz.0.2111 Not tainted syzkaller #0
[  365.993979][T12107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  366.004065][T12107] Call Trace:
[  366.007377][T12107]  <TASK>
[  366.010338][T12107]  dump_stack_lvl+0x16c/0x230
[  366.015067][T12107]  ? show_regs_print_info+0x20/0x20
[  366.020316][T12107]  ? load_image+0x3b0/0x3b0
[  366.024869][T12107]  ? __might_sleep+0xe0/0xe0
[  366.029509][T12107]  ? __lock_acquire+0x7c80/0x7c80
[  366.034574][T12107]  should_fail_ex+0x39d/0x4d0
[  366.039303][T12107]  should_failslab+0x9/0x20
[  366.043863][T12107]  slab_pre_alloc_hook+0x59/0x310
[  366.048946][T12107]  ? d_instantiate+0x6f/0x90
[  366.053684][T12107]  kmem_cache_alloc+0x5a/0x2e0
[  366.058492][T12107]  ? alloc_empty_file+0x9e/0x1d0
[  366.063484][T12107]  alloc_empty_file+0x9e/0x1d0
[  366.068293][T12107]  alloc_file+0x5c/0x600
[  366.072585][T12107]  alloc_file_pseudo+0x17e/0x200
[  366.077559][T12107]  ? alloc_empty_backing_file+0xe0/0xe0
[  366.083142][T12107]  ? __lock_acquire+0x7c80/0x7c80
[  366.088208][T12107]  ? __local_bh_enable_ip+0x12e/0x1c0
[  366.093608][T12107]  ? _local_bh_enable+0xa0/0xa0
[  366.098486][T12107]  anon_inode_getfile+0xc5/0x1a0
[  366.103466][T12107]  bpf_link_prime+0xa6/0x1d0
[  366.108087][T12107]  bpf_xdp_link_attach+0x227/0x6d0
[  366.113247][T12107]  ? dev_xdp_prog+0x100/0x100
[  366.117964][T12107]  ? __lock_acquire+0x7c80/0x7c80
[  366.123035][T12107]  ? __fget_files+0x44a/0x4d0
[  366.127746][T12107]  ? attach_type_to_prog_type+0x330/0x3a0
[  366.133519][T12107]  ? bpf_prog_attach_check_attach_type+0x2d8/0x440
[  366.140055][T12107]  link_create+0x3ff/0x720
[  366.144506][T12107]  __sys_bpf+0x479/0x800
[  366.148783][T12107]  ? bpf_link_show_fdinfo+0x350/0x350
[  366.154210][T12107]  ? lock_chain_count+0x20/0x20
[  366.159100][T12107]  __x64_sys_bpf+0x7c/0x90
[  366.163546][T12107]  do_syscall_64+0x55/0xb0
[  366.168001][T12107]  ? clear_bhb_loop+0x40/0x90
[  366.172700][T12107]  ? clear_bhb_loop+0x40/0x90
[  366.177408][T12107]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  366.183316][T12107] RIP: 0033:0x7f2f4e38eec9
[  366.187753][T12107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.207406][T12107] RSP: 002b:00007f2f4f198038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  366.215844][T12107] RAX: ffffffffffffffda RBX: 00007f2f4e5e5fa0 RCX: 00007f2f4e38eec9
[  366.223840][T12107] RDX: 0000000000000040 RSI: 0000200000000240 RDI: 000000000000001c
[  366.231830][T12107] RBP: 00007f2f4f198090 R08: 0000000000000000 R09: 0000000000000000
[  366.239903][T12107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.247903][T12107] R13: 00007f2f4e5e6038 R14: 00007f2f4e5e5fa0 R15: 00007ffd25943818
[  366.255925][T12107]  </TASK>
[  366.813868][T12130] netlink: 'syz.2.2110': attribute type 3 has an invalid length.
[  366.846350][T12130] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2110'.
[  366.896230][T12135] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2113'.
[  367.721623][T12161] FAULT_INJECTION: forcing a failure.
[  367.721623][T12161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.738020][T12161] CPU: 1 PID: 12161 Comm: syz.1.2124 Not tainted syzkaller #0
[  367.745565][T12161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.755649][T12161] Call Trace:
[  367.758949][T12161]  <TASK>
[  367.761912][T12161]  dump_stack_lvl+0x16c/0x230
[  367.766611][T12161]  ? show_regs_print_info+0x20/0x20
[  367.771837][T12161]  ? load_image+0x3b0/0x3b0
[  367.776372][T12161]  ? __lock_acquire+0x7c80/0x7c80
[  367.781427][T12161]  should_fail_ex+0x39d/0x4d0
[  367.786222][T12161]  _copy_from_user+0x2f/0xe0
[  367.790835][T12161]  __copy_msghdr+0x3bb/0x580
[  367.795481][T12161]  ___sys_sendmsg+0x1a6/0x290
[  367.800187][T12161]  ? __sys_sendmsg+0x270/0x270
[  367.804991][T12161]  ? __lock_acquire+0x7c80/0x7c80
[  367.810062][T12161]  __se_sys_sendmsg+0x1a5/0x270
[  367.814942][T12161]  ? perf_trace_preemptirq_template+0x281/0x340
[  367.821219][T12161]  ? __x64_sys_sendmsg+0x80/0x80
[  367.826222][T12161]  ? lockdep_hardirqs_on+0x98/0x150
[  367.831457][T12161]  do_syscall_64+0x55/0xb0
[  367.835897][T12161]  ? clear_bhb_loop+0x40/0x90
[  367.840589][T12161]  ? clear_bhb_loop+0x40/0x90
[  367.845287][T12161]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  367.851195][T12161] RIP: 0033:0x7fabb198eec9
[  367.855626][T12161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.875245][T12161] RSP: 002b:00007fabb2910038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.883674][T12161] RAX: ffffffffffffffda RBX: 00007fabb1be5fa0 RCX: 00007fabb198eec9
[  367.891655][T12161] RDX: 0000000000000000 RSI: 0000200000001780 RDI: 0000000000000004
[  367.899635][T12161] RBP: 00007fabb2910090 R08: 0000000000000000 R09: 0000000000000000
[  367.907611][T12161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.915585][T12161] R13: 00007fabb1be6038 R14: 00007fabb1be5fa0 R15: 00007ffce4badcc8
[  367.923573][T12161]  </TASK>
[  368.535634][T12178] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2131'.
[  368.541723][T12180] FAULT_INJECTION: forcing a failure.
[  368.541723][T12180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.575865][T12180] CPU: 0 PID: 12180 Comm: syz.0.2132 Not tainted syzkaller #0
[  368.583479][T12180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  368.593582][T12180] Call Trace:
[  368.596890][T12180]  <TASK>
[  368.599848][T12180]  dump_stack_lvl+0x16c/0x230
[  368.604566][T12180]  ? show_regs_print_info+0x20/0x20
[  368.609886][T12180]  ? load_image+0x3b0/0x3b0
[  368.614422][T12180]  ? __lock_acquire+0x7c80/0x7c80
[  368.619477][T12180]  ? snprintf+0xdb/0x120
[  368.623762][T12180]  should_fail_ex+0x39d/0x4d0
[  368.628487][T12180]  _copy_to_user+0x2f/0xa0
[  368.632955][T12180]  simple_read_from_buffer+0xe7/0x150
[  368.638377][T12180]  proc_fail_nth_read+0x1e3/0x250
[  368.643449][T12180]  ? proc_fault_inject_write+0x340/0x340
[  368.649120][T12180]  ? fsnotify_perm+0x271/0x5e0
[  368.653944][T12180]  ? proc_fault_inject_write+0x340/0x340
[  368.659630][T12180]  vfs_read+0x27e/0x920
[  368.663832][T12180]  ? kernel_read+0x1e0/0x1e0
[  368.668452][T12180]  ? __fget_files+0x28/0x4d0
[  368.673076][T12180]  ? __fget_files+0x44a/0x4d0
[  368.677781][T12180]  ? __fdget_pos+0x2a3/0x330
[  368.682404][T12180]  ? ksys_read+0x75/0x250
[  368.686755][T12180]  ksys_read+0x147/0x250
[  368.691073][T12180]  ? vfs_write+0x940/0x940
[  368.695510][T12180]  ? lockdep_hardirqs_on+0x98/0x150
[  368.700732][T12180]  do_syscall_64+0x55/0xb0
[  368.705160][T12180]  ? clear_bhb_loop+0x40/0x90
[  368.709850][T12180]  ? clear_bhb_loop+0x40/0x90
[  368.714540][T12180]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  368.720485][T12180] RIP: 0033:0x7f2f4e38d8dc
[  368.725022][T12180] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  368.744748][T12180] RSP: 002b:00007f2f4f198030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.753266][T12180] RAX: ffffffffffffffda RBX: 00007f2f4e5e5fa0 RCX: 00007f2f4e38d8dc
[  368.761252][T12180] RDX: 000000000000000f RSI: 00007f2f4f1980a0 RDI: 0000000000000004
[  368.769324][T12180] RBP: 00007f2f4f198090 R08: 0000000000000000 R09: 0000000000000000
[  368.777312][T12180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.785302][T12180] R13: 00007f2f4e5e6038 R14: 00007f2f4e5e5fa0 R15: 00007ffd25943818
[  368.793310][T12180]  </TASK>
[  369.065700][T12194] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2136'.
[  369.487752][T12208] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2142'.
[  369.938251][T12212] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2143'.
[  369.952854][T12211] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2143'.
[  370.145230][T12217] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2145'.
[  370.470733][T12232] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2151'.
[  370.813565][T12240] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2162'.
[  370.868204][T12242] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2154'.
[  371.426802][T12253] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2158'.
[  372.237644][T12277] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2166'.
[  372.293953][T12280] netlink: 'syz.2.2168': attribute type 29 has an invalid length.
[  372.305850][T12280] netlink: 'syz.2.2168': attribute type 29 has an invalid length.
[  372.319802][T12280] netlink: 'syz.2.2168': attribute type 29 has an invalid length.
[  372.334675][T12280] netlink: 'syz.2.2168': attribute type 29 has an invalid length.
[  373.013696][T12307] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2175'.
[  373.025628][T12306] netlink: 'syz.1.2177': attribute type 29 has an invalid length.
[  373.081353][T12306] netlink: 'syz.1.2177': attribute type 29 has an invalid length.
[  373.089696][T12309] netlink: 'syz.1.2177': attribute type 29 has an invalid length.
[  373.141479][T12306] netlink: 'syz.1.2177': attribute type 29 has an invalid length.
[  373.696575][T12322] FAULT_INJECTION: forcing a failure.
[  373.696575][T12322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.710043][T12322] CPU: 1 PID: 12322 Comm: syz.1.2180 Not tainted syzkaller #0
[  373.717531][T12322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  373.727602][T12322] Call Trace:
[  373.730895][T12322]  <TASK>
[  373.733839][T12322]  dump_stack_lvl+0x16c/0x230
[  373.738535][T12322]  ? show_regs_print_info+0x20/0x20
[  373.743747][T12322]  ? load_image+0x3b0/0x3b0
[  373.748283][T12322]  ? __might_fault+0xaa/0x120
[  373.752967][T12322]  ? __lock_acquire+0x7c80/0x7c80
[  373.758002][T12322]  should_fail_ex+0x39d/0x4d0
[  373.762697][T12322]  _copy_from_user+0x2f/0xe0
[  373.767289][T12322]  __sys_bpf+0x1e9/0x800
[  373.771541][T12322]  ? bpf_link_show_fdinfo+0x350/0x350
[  373.777016][T12322]  ? lock_chain_count+0x20/0x20
[  373.781883][T12322]  __x64_sys_bpf+0x7c/0x90
[  373.786310][T12322]  do_syscall_64+0x55/0xb0
[  373.790741][T12322]  ? clear_bhb_loop+0x40/0x90
[  373.795421][T12322]  ? clear_bhb_loop+0x40/0x90
[  373.800186][T12322]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  373.806083][T12322] RIP: 0033:0x7fabb198eec9
[  373.810518][T12322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.830565][T12322] RSP: 002b:00007fabb2910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  373.838994][T12322] RAX: ffffffffffffffda RBX: 00007fabb1be5fa0 RCX: 00007fabb198eec9
[  373.846987][T12322] RDX: 0000000000000050 RSI: 00002000000000c0 RDI: 000000000000000a
[  373.854984][T12322] RBP: 00007fabb2910090 R08: 0000000000000000 R09: 0000000000000000
[  373.863006][T12322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.871086][T12322] R13: 00007fabb1be6038 R14: 00007fabb1be5fa0 R15: 00007ffce4badcc8
[  373.879088][T12322]  </TASK>
[  374.294095][T12337] netlink: 'syz.3.2187': attribute type 29 has an invalid length.
[  374.314507][T12337] netlink: 'syz.3.2187': attribute type 29 has an invalid length.
[  375.221828][T12366] __nla_validate_parse: 1 callbacks suppressed
[  375.221847][T12366] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2195'.
[  375.261159][T12367] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2195'.
[  375.280391][T12367] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  375.289257][T12366] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  375.305608][T12367] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  375.315987][T12366] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  375.669313][T12375] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2198'.
[  376.169001][T12391] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2202'.
[  376.182347][T12392] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2199'.
[  376.250726][T12390] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2199'.
[  376.687680][T12404] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2205'.
[  377.062481][T12412] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2209'.
[  377.102346][T12414] FAULT_INJECTION: forcing a failure.
[  377.102346][T12414] name failslab, interval 1, probability 0, space 0, times 0
[  377.122588][T12414] CPU: 1 PID: 12414 Comm: syz.2.2208 Not tainted syzkaller #0
[  377.130114][T12414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  377.140331][T12414] Call Trace:
[  377.143644][T12414]  <TASK>
[  377.146612][T12414]  dump_stack_lvl+0x16c/0x230
[  377.151336][T12414]  ? show_regs_print_info+0x20/0x20
[  377.156664][T12414]  ? load_image+0x3b0/0x3b0
[  377.161230][T12414]  ? __might_sleep+0xe0/0xe0
[  377.165856][T12414]  ? __lock_acquire+0x7c80/0x7c80
[  377.171007][T12414]  should_fail_ex+0x39d/0x4d0
[  377.175738][T12414]  should_failslab+0x9/0x20
[  377.180284][T12414]  slab_pre_alloc_hook+0x59/0x310
[  377.185353][T12414]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  377.190948][T12414]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  377.196550][T12414]  __kmem_cache_alloc_node+0x53/0x260
[  377.201959][T12414]  ? __lock_acquire+0x7c80/0x7c80
[  377.207019][T12414]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  377.212607][T12414]  __kmalloc+0xa4/0x240
[  377.216827][T12414]  bpf_prog_test_run_skb+0x22c/0x11c0
[  377.222238][T12414]  ? __fget_files+0x28/0x4d0
[  377.226855][T12414]  ? __fget_files+0x44a/0x4d0
[  377.231562][T12414]  ? cpu_online+0x60/0x60
[  377.235964][T12414]  bpf_prog_test_run+0x321/0x390
[  377.240918][T12414]  __sys_bpf+0x440/0x800
[  377.245168][T12414]  ? bpf_link_show_fdinfo+0x350/0x350
[  377.250561][T12414]  ? lock_chain_count+0x20/0x20
[  377.255425][T12414]  __x64_sys_bpf+0x7c/0x90
[  377.259855][T12414]  do_syscall_64+0x55/0xb0
[  377.264304][T12414]  ? clear_bhb_loop+0x40/0x90
[  377.269013][T12414]  ? clear_bhb_loop+0x40/0x90
[  377.273719][T12414]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.279634][T12414] RIP: 0033:0x7f1c3e58eec9
[  377.284084][T12414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.303813][T12414] RSP: 002b:00007f1c3f48a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  377.312238][T12414] RAX: ffffffffffffffda RBX: 00007f1c3e7e5fa0 RCX: 00007f1c3e58eec9
[  377.320228][T12414] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  377.328218][T12414] RBP: 00007f1c3f48a090 R08: 0000000000000000 R09: 0000000000000000
[  377.336203][T12414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.344185][T12414] R13: 00007f1c3e7e6038 R14: 00007f1c3e7e5fa0 R15: 00007ffcead26e08
[  377.352189][T12414]  </TASK>
[  377.670082][T12425] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2220'.
[  377.708886][T12426] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2212'.
[  377.837999][T12428] validate_nla: 7 callbacks suppressed
[  377.838018][T12428] netlink: 'syz.3.2214': attribute type 29 has an invalid length.
[  377.901315][T12428] netlink: 'syz.3.2214': attribute type 29 has an invalid length.
[  377.909500][T12435] netlink: 'syz.3.2214': attribute type 29 has an invalid length.
[  377.931563][T12428] netlink: 'syz.3.2214': attribute type 29 has an invalid length.
[  377.952368][T12428] netlink: 'syz.3.2214': attribute type 29 has an invalid length.
[  378.614597][T12453] netlink: 'syz.2.2218': attribute type 3 has an invalid length.
[  378.704568][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.712839][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  378.849231][T12464] netlink: 'syz.0.2225': attribute type 29 has an invalid length.
[  378.857771][T12464] netlink: 'syz.0.2225': attribute type 29 has an invalid length.
[  378.868426][T12464] netlink: 'syz.0.2225': attribute type 29 has an invalid length.
[  378.897798][T12464] netlink: 'syz.0.2225': attribute type 29 has an invalid length.
[  379.812772][T12490] erspan0: refused to change device tx_queue_len
[  379.819761][T12490] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  380.673518][T12519] __nla_validate_parse: 14 callbacks suppressed
[  380.673542][T12519] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2243'.
[  380.957227][T12531] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2245'.
[  381.001344][T12533] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2247'.
[  381.383555][T12545] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2250'.
[  381.959453][T12555] veth0_vlan: entered allmulticast mode
[  382.199440][T12555] veth0_vlan: left promiscuous mode
[  382.375844][T12555] veth0_vlan: entered promiscuous mode
[  382.423073][T12555] team0: Device veth0_vlan failed to register rx_handler
[  382.442350][T12570] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2258'.
[  382.757124][T12555] syz.1.2254 (12555) used greatest stack depth: 17672 bytes left
[  383.153459][T12588] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2261'.
[  384.204480][T12613] FAULT_INJECTION: forcing a failure.
[  384.204480][T12613] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.252707][T12613] CPU: 0 PID: 12613 Comm: syz.1.2271 Not tainted syzkaller #0
[  384.260329][T12613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  384.270534][T12613] Call Trace:
[  384.273936][T12613]  <TASK>
[  384.277444][T12613]  dump_stack_lvl+0x16c/0x230
[  384.282306][T12613]  ? show_regs_print_info+0x20/0x20
[  384.287645][T12613]  ? load_image+0x3b0/0x3b0
[  384.292322][T12613]  ? __lock_acquire+0x7c80/0x7c80
[  384.297494][T12613]  ? snprintf+0xdb/0x120
[  384.301910][T12613]  should_fail_ex+0x39d/0x4d0
[  384.306738][T12613]  _copy_to_user+0x2f/0xa0
[  384.311271][T12613]  simple_read_from_buffer+0xe7/0x150
[  384.316796][T12613]  proc_fail_nth_read+0x1e3/0x250
[  384.321943][T12613]  ? proc_fault_inject_write+0x340/0x340
[  384.327698][T12613]  ? fsnotify_perm+0x271/0x5e0
[  384.332571][T12613]  ? proc_fault_inject_write+0x340/0x340
[  384.338311][T12613]  vfs_read+0x27e/0x920
[  384.342597][T12613]  ? kernel_read+0x1e0/0x1e0
[  384.347377][T12613]  ? __fget_files+0x28/0x4d0
[  384.352065][T12613]  ? __fget_files+0x44a/0x4d0
[  384.356903][T12613]  ? __fdget_pos+0x2a3/0x330
[  384.361711][T12613]  ? ksys_read+0x75/0x250
[  384.366191][T12613]  ksys_read+0x147/0x250
[  384.370677][T12613]  ? vfs_write+0x940/0x940
[  384.375402][T12613]  ? lockdep_hardirqs_on+0x98/0x150
[  384.380860][T12613]  do_syscall_64+0x55/0xb0
[  384.385402][T12613]  ? clear_bhb_loop+0x40/0x90
[  384.390203][T12613]  ? clear_bhb_loop+0x40/0x90
[  384.395036][T12613]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  384.401155][T12613] RIP: 0033:0x7fabb198d8dc
[  384.405662][T12613] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  384.425360][T12613] RSP: 002b:00007fabb2910030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  384.433881][T12613] RAX: ffffffffffffffda RBX: 00007fabb1be5fa0 RCX: 00007fabb198d8dc
[  384.441954][T12613] RDX: 000000000000000f RSI: 00007fabb29100a0 RDI: 0000000000000005
[  384.450027][T12613] RBP: 00007fabb2910090 R08: 0000000000000000 R09: 0000000000000000
[  384.458099][T12613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.466151][T12613] R13: 00007fabb1be6038 R14: 00007fabb1be5fa0 R15: 00007ffce4badcc8
[  384.474316][T12613]  </TASK>
[  384.492417][T12617] validate_nla: 6 callbacks suppressed
[  384.492435][T12617] netlink: 'syz.3.2272': attribute type 29 has an invalid length.
[  384.506846][T12617] netlink: 'syz.3.2272': attribute type 29 has an invalid length.
[  384.517408][T12617] netlink: 'syz.3.2272': attribute type 29 has an invalid length.
[  384.526152][T12617] netlink: 'syz.3.2272': attribute type 29 has an invalid length.
[  384.535098][T12617] netlink: 'syz.3.2272': attribute type 29 has an invalid length.
[  385.145670][T12638] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2276'.
[  385.278213][T12644] netlink: 'syz.2.2281': attribute type 29 has an invalid length.
[  385.300369][T12644] netlink: 'syz.2.2281': attribute type 29 has an invalid length.
[  385.341269][T12648] netlink: 'syz.2.2281': attribute type 29 has an invalid length.
[  385.360273][T12644] netlink: 'syz.2.2281': attribute type 29 has an invalid length.
[  385.369216][T12644] netlink: 'syz.2.2281': attribute type 29 has an invalid length.
[  387.158927][T12691] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2295'.
[  387.192299][T12686] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2294'.
[  388.160435][T12718] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2303'.
[  389.374387][T12740] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2311'.
[  390.807838][T12769] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2321'.
[  391.045280][T12774] validate_nla: 15 callbacks suppressed
[  391.045303][T12774] netlink: 'syz.3.2323': attribute type 29 has an invalid length.
[  391.079744][T12774] netlink: 'syz.3.2323': attribute type 29 has an invalid length.
[  391.099381][T12774] netlink: 'syz.3.2323': attribute type 29 has an invalid length.
[  391.110125][T12774] netlink: 'syz.3.2323': attribute type 29 has an invalid length.
[  391.119196][T12774] netlink: 'syz.3.2323': attribute type 29 has an invalid length.
[  391.331445][T12779] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2324'.
[  391.934643][T12802] netlink: 'syz.1.2332': attribute type 29 has an invalid length.
[  391.943816][T12802] netlink: 'syz.1.2332': attribute type 29 has an invalid length.
[  391.953772][T12802] netlink: 'syz.1.2332': attribute type 29 has an invalid length.
[  391.971747][T12802] netlink: 'syz.1.2332': attribute type 29 has an invalid length.
[  391.981409][T12802] netlink: 'syz.1.2332': attribute type 29 has an invalid length.
[  392.269190][T12815] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2334'.
[  392.636774][T12826] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2337'.
[  392.678742][T12829] FAULT_INJECTION: forcing a failure.
[  392.678742][T12829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.711074][T12829] CPU: 0 PID: 12829 Comm: syz.3.2341 Not tainted syzkaller #0
[  392.718620][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  392.728744][T12829] Call Trace:
[  392.732088][T12829]  <TASK>
[  392.735069][T12829]  dump_stack_lvl+0x16c/0x230
[  392.739833][T12829]  ? show_regs_print_info+0x20/0x20
[  392.745095][T12829]  ? load_image+0x3b0/0x3b0
[  392.749674][T12829]  ? __lock_acquire+0x7c80/0x7c80
[  392.754769][T12829]  ? snprintf+0xdb/0x120
[  392.759096][T12829]  should_fail_ex+0x39d/0x4d0
[  392.763865][T12829]  _copy_to_user+0x2f/0xa0
[  392.768348][T12829]  simple_read_from_buffer+0xe7/0x150
[  392.773813][T12829]  proc_fail_nth_read+0x1e3/0x250
[  392.778918][T12829]  ? proc_fault_inject_write+0x340/0x340
[  392.784663][T12829]  ? fsnotify_perm+0x271/0x5e0
[  392.789505][T12829]  ? proc_fault_inject_write+0x340/0x340
[  392.795214][T12829]  vfs_read+0x27e/0x920
[  392.799451][T12829]  ? kernel_read+0x1e0/0x1e0
[  392.804106][T12829]  ? __fget_files+0x28/0x4d0
[  392.808766][T12829]  ? __fget_files+0x44a/0x4d0
[  392.813549][T12829]  ? __fdget_pos+0x2a3/0x330
[  392.818203][T12829]  ? ksys_read+0x75/0x250
[  392.822641][T12829]  ksys_read+0x147/0x250
[  392.826959][T12829]  ? vfs_write+0x940/0x940
[  392.831456][T12829]  ? lockdep_hardirqs_on+0x98/0x150
[  392.836739][T12829]  do_syscall_64+0x55/0xb0
[  392.841210][T12829]  ? clear_bhb_loop+0x40/0x90
[  392.845939][T12829]  ? clear_bhb_loop+0x40/0x90
[  392.850689][T12829]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  392.856654][T12829] RIP: 0033:0x7f24cb18d8dc
[  392.861132][T12829] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  392.880815][T12829] RSP: 002b:00007f24cc0ad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  392.889302][T12829] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18d8dc
[  392.897332][T12829] RDX: 000000000000000f RSI: 00007f24cc0ad0a0 RDI: 0000000000000006
[  392.905361][T12829] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  392.913405][T12829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.921430][T12829] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  392.929518][T12829]  </TASK>
[  393.300338][T12837] FAULT_INJECTION: forcing a failure.
[  393.300338][T12837] name failslab, interval 1, probability 0, space 0, times 0
[  393.323351][T12837] CPU: 0 PID: 12837 Comm: syz.3.2345 Not tainted syzkaller #0
[  393.330866][T12837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.340946][T12837] Call Trace:
[  393.344255][T12837]  <TASK>
[  393.347217][T12837]  dump_stack_lvl+0x16c/0x230
[  393.351957][T12837]  ? show_regs_print_info+0x20/0x20
[  393.357207][T12837]  ? load_image+0x3b0/0x3b0
[  393.361748][T12837]  ? __might_sleep+0xe0/0xe0
[  393.366372][T12837]  ? __lock_acquire+0x7c80/0x7c80
[  393.371448][T12837]  should_fail_ex+0x39d/0x4d0
[  393.376162][T12837]  should_failslab+0x9/0x20
[  393.380707][T12837]  slab_pre_alloc_hook+0x59/0x310
[  393.385782][T12837]  ? lock_chain_count+0x20/0x20
[  393.390668][T12837]  kmem_cache_alloc_node+0x60/0x330
[  393.395898][T12837]  ? __local_bh_enable_ip+0x12e/0x1c0
[  393.401291][T12837]  ? __alloc_skb+0x108/0x2c0
[  393.405918][T12837]  __alloc_skb+0x108/0x2c0
[  393.410354][T12837]  sock_wmalloc+0xaa/0x120
[  393.414807][T12837]  l2tp_ip_sendmsg+0x1cc/0x15e0
[  393.419667][T12837]  ? sock_rps_record_flow+0x19/0x400
[  393.424963][T12837]  ? inet_send_prepare+0x260/0x260
[  393.430092][T12837]  ? inet_sendmsg+0x7c/0x2f0
[  393.434693][T12837]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  393.439999][T12837]  ? inet_send_prepare+0x260/0x260
[  393.445127][T12837]  ____sys_sendmsg+0x5bf/0x950
[  393.449913][T12837]  ? __asan_memset+0x22/0x40
[  393.454511][T12837]  ? __sys_sendmsg_sock+0x30/0x30
[  393.459572][T12837]  ? __import_iovec+0x5f2/0x860
[  393.464440][T12837]  ? import_iovec+0x73/0xa0
[  393.468958][T12837]  ___sys_sendmsg+0x220/0x290
[  393.473658][T12837]  ? __sys_sendmsg+0x270/0x270
[  393.478456][T12837]  ? __lock_acquire+0x7c80/0x7c80
[  393.483512][T12837]  __se_sys_sendmsg+0x1a5/0x270
[  393.488377][T12837]  ? perf_trace_preemptirq_template+0x281/0x340
[  393.494632][T12837]  ? __x64_sys_sendmsg+0x80/0x80
[  393.499589][T12837]  ? lockdep_hardirqs_on+0x98/0x150
[  393.504820][T12837]  do_syscall_64+0x55/0xb0
[  393.509247][T12837]  ? clear_bhb_loop+0x40/0x90
[  393.513934][T12837]  ? clear_bhb_loop+0x40/0x90
[  393.518626][T12837]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  393.524612][T12837] RIP: 0033:0x7f24cb18eec9
[  393.529030][T12837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.548643][T12837] RSP: 002b:00007f24cc0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.557068][T12837] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18eec9
[  393.565064][T12837] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000004
[  393.573068][T12837] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  393.581057][T12837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.589042][T12837] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  393.597036][T12837]  </TASK>
[  393.603099][T12843] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2344'.
[  394.063140][T12863] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.2352'.
[  394.437576][T12880] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.2359'.
[  394.629159][T12887] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.2364'.
[  395.076204][T12903] FAULT_INJECTION: forcing a failure.
[  395.076204][T12903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  395.076815][T12903] 
[  395.076822][T12903] ======================================================
[  395.076828][T12903] WARNING: possible circular locking dependency detected
[  395.076847][T12903] syzkaller #0 Not tainted
[  395.076856][T12903] ------------------------------------------------------
[  395.076862][T12903] syz.3.2369/12903 is trying to acquire lock:
[  395.076871][T12903] ffffffff8cd24160 (console_owner){-...}-{0:0}, at: console_flush_all+0x10f/0xd00
[  395.076922][T12903] 
[  395.076922][T12903] but task is already holding lock:
[  395.076927][T12903] ffff8880b8f3c218 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  395.076975][T12903] 
[  395.076975][T12903] which lock already depends on the new lock.
[  395.076975][T12903] 
[  395.076981][T12903] 
[  395.076981][T12903] the existing dependency chain (in reverse order) is:
[  395.076987][T12903] 
[  395.076987][T12903] -> #5 (&rq->__lock){-.-.}-{2:2}:
[  395.077009][T12903]        _raw_spin_lock_nested+0x32/0x50
[  395.077029][T12903]        raw_spin_rq_lock_nested+0x2a/0x140
[  395.077053][T12903]        task_fork_fair+0x62/0x1f0
[  395.077069][T12903]        sched_cgroup_fork+0x333/0x3c0
[  395.077085][T12903]        copy_process+0x21e4/0x3d70
[  395.077101][T12903]        kernel_clone+0x21b/0x840
[  395.077118][T12903]        user_mode_thread+0xde/0x130
[  395.077136][T12903]        rest_init+0x27/0x300
[  395.077153][T12903]        arch_call_rest_init+0xe/0x10
[  395.077173][T12903]        start_kernel+0x459/0x4e0
[  395.077191][T12903]        x86_64_start_reservations+0x2a/0x30
[  395.077209][T12903]        copy_bootdata+0x0/0xe0
[  395.077224][T12903]        secondary_startup_64_no_verify+0x179/0x17b
[  395.077248][T12903] 
[  395.077248][T12903] -> #4 (&p->pi_lock){-.-.}-{2:2}:
[  395.077270][T12903]        _raw_spin_lock_irqsave+0xa8/0xf0
[  395.077287][T12903]        try_to_wake_up+0x60/0x1140
[  395.077314][T12903]        kick_pool+0x320/0x420
[  395.077328][T12903]        create_worker+0x5c0/0x7b0
[  395.077346][T12903]        workqueue_init+0x306/0x670
[  395.077361][T12903]        kernel_init_freeable+0x3a0/0x570
[  395.077381][T12903]        kernel_init+0x1d/0x1c0
[  395.077397][T12903]        ret_from_fork+0x48/0x80
[  395.077417][T12903]        ret_from_fork_asm+0x11/0x20
[  395.077441][T12903] 
[  395.077441][T12903] -> #3 (&pool->lock){-.-.}-{2:2}:
[  395.077463][T12903]        _raw_spin_lock+0x2e/0x40
[  395.077478][T12903]        __queue_work+0x69f/0x1020
[  395.077493][T12903]        queue_work_on+0x121/0x1e0
[  395.077507][T12903]        rpm_suspend+0x10bc/0x1a90
[  395.077524][T12903]        __pm_runtime_idle+0x12f/0x1a0
[  395.077541][T12903]        __device_attach+0x33f/0x400
[  395.077559][T12903]        bus_probe_device+0x180/0x260
[  395.077603][T12903]        device_add+0x85b/0xc20
[  395.077627][T12903]        serial_base_port_add+0x2f2/0x420
[  395.077645][T12903]        serial_core_register_port+0x36d/0x2320
[  395.077673][T12903]        serial8250_register_8250_port+0x15ec/0x1f10
[  395.077713][T12903]        serial_pnp_probe+0x549/0x730
[  395.077733][T12903]        pnp_device_probe+0x305/0x4b0
[  395.077755][T12903]        really_probe+0x25b/0xb40
[  395.077774][T12903]        __driver_probe_device+0x18c/0x330
[  395.077794][T12903]        driver_probe_device+0x4f/0x420
[  395.077814][T12903]        __driver_attach+0x44e/0x6f0
[  395.077833][T12903]        bus_for_each_dev+0x22d/0x2a0
[  395.077850][T12903]        bus_add_driver+0x340/0x640
[  395.077866][T12903]        driver_register+0x23a/0x310
[  395.077886][T12903]        serial8250_init+0x9a/0x170
[  395.077905][T12903]        do_one_initcall+0x1fd/0x750
[  395.077928][T12903]        do_initcall_level+0x137/0x1f0
[  395.077948][T12903]        do_initcalls+0x69/0xd0
[  395.077968][T12903]        kernel_init_freeable+0x3d2/0x570
[  395.077989][T12903]        kernel_init+0x1d/0x1c0
[  395.078005][T12903]        ret_from_fork+0x48/0x80
[  395.078025][T12903]        ret_from_fork_asm+0x11/0x20
[  395.078049][T12903] 
[  395.078049][T12903] -> #2 (&dev->power.lock){-...}-{2:2}:
[  395.078073][T12903]        _raw_spin_lock_irqsave+0xa8/0xf0
[  395.078091][T12903]        __pm_runtime_resume+0x10f/0x170
[  395.078108][T12903]        __uart_start+0x171/0x3e0
[  395.078135][T12903]        uart_write+0x449/0x5d0
[  395.078162][T12903]        n_tty_write+0xd27/0x11d0
[  395.078186][T12903]        file_tty_write+0x54b/0x980
[  395.078206][T12903]        vfs_write+0x43b/0x940
[  395.078228][T12903]        ksys_write+0x147/0x250
[  395.078250][T12903]        do_syscall_64+0x55/0xb0
[  395.078272][T12903]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  395.078291][T12903] 
[  395.078291][T12903] -> #1 (&port_lock_key){-.-.}-{2:2}:
[  395.078314][T12903]        _raw_spin_lock_irqsave+0xa8/0xf0
[  395.078332][T12903]        serial8250_console_write+0x16d/0x17a0
[  395.078356][T12903]        console_flush_all+0x6cd/0xd00
[  395.078377][T12903]        console_unlock+0xae/0x340
[  395.078398][T12903]        vprintk_emit+0x477/0x600
[  395.078417][T12903]        _printk+0xd0/0x110
[  395.078434][T12903]        register_console+0x91b/0xe60
[  395.078455][T12903]        univ8250_console_init+0x45/0x50
[  395.078473][T12903]        console_init+0x17b/0x5e0
[  395.078493][T12903]        start_kernel+0x2c0/0x4e0
[  395.078513][T12903]        x86_64_start_reservations+0x2a/0x30
[  395.078531][T12903]        copy_bootdata+0x0/0xe0
[  395.078546][T12903]        secondary_startup_64_no_verify+0x179/0x17b
[  395.078571][T12903] 
[  395.078571][T12903] -> #0 (console_owner){-...}-{0:0}:
[  395.078601][T12903]        __lock_acquire+0x2ddb/0x7c80
[  395.078621][T12903]        lock_acquire+0x197/0x410
[  395.078638][T12903]        console_flush_all+0x693/0xd00
[  395.078659][T12903]        console_unlock+0xae/0x340
[  395.078679][T12903]        vprintk_emit+0x477/0x600
[  395.078699][T12903]        _printk+0xd0/0x110
[  395.078715][T12903]        should_fail_ex+0x37e/0x4d0
[  395.078738][T12903]        strncpy_from_user+0x36/0x2e0
[  395.078753][T12903]        strncpy_from_user_nofault+0x71/0x140
[  395.078777][T12903]        bpf_probe_read_user_str+0x2a/0x70
[  395.078805][T12903]        bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  395.078822][T12903]        bpf_trace_run4+0x379/0x420
[  395.078839][T12903]        __bpf_trace_sched_switch+0x17b/0x1e0
[  395.078862][T12903]        __traceiter_sched_switch+0x93/0xc0
[  395.078879][T12903]        __schedule+0x2197/0x44d0
[  395.078902][T12903]        preempt_schedule_irq+0xb5/0x140
[  395.078944][T12903]        irqentry_exit+0x67/0x70
[  395.078980][T12903]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  395.078998][T12903]        kasan_check_range+0x1bd/0x290
[  395.079016][T12903]        tomoyo_check_acl+0x2d8/0x3f0
[  395.079037][T12903]        tomoyo_check_inet_address+0x453/0x8a0
[  395.079062][T12903]        tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  395.079087][T12903]        security_socket_sendmsg+0x70/0xa0
[  395.079102][T12903]        ____sys_sendmsg+0x533/0x950
[  395.079126][T12903]        ___sys_sendmsg+0x220/0x290
[  395.079149][T12903]        __se_sys_sendmsg+0x1a5/0x270
[  395.079172][T12903]        do_syscall_64+0x55/0xb0
[  395.079192][T12903]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  395.079208][T12903] 
[  395.079208][T12903] other info that might help us debug this:
[  395.079208][T12903] 
[  395.079212][T12903] Chain exists of:
[  395.079212][T12903]   console_owner --> &p->pi_lock --> &rq->__lock
[  395.079212][T12903] 
[  395.079236][T12903]  Possible unsafe locking scenario:
[  395.079236][T12903] 
[  395.079240][T12903]        CPU0                    CPU1
[  395.079244][T12903]        ----                    ----
[  395.079248][T12903]   lock(&rq->__lock);
[  395.079257][T12903]                                lock(&p->pi_lock);
[  395.079268][T12903]                                lock(&rq->__lock);
[  395.079278][T12903]   lock(console_owner);
[  395.079288][T12903] 
[  395.079288][T12903]  *** DEADLOCK ***
[  395.079288][T12903] 
[  395.079291][T12903] 5 locks held by syz.3.2369/12903:
[  395.079301][T12903]  #0: ffffffff8d3515b0 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_check_inet_address+0x273/0x8a0
[  395.079349][T12903]  #1: ffff8880b8f3c218 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  395.079396][T12903]  #2: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0xfd/0x420
[  395.079435][T12903]  #3: ffffffff8cd24240 (console_lock){+.+.}-{0:0}, at: _printk+0xd0/0x110
[  395.079472][T12903]  #4: ffffffff8cc0ba50 (console_srcu){....}-{0:0}, at: console_flush_all+0x10f/0xd00
[  395.079514][T12903] 
[  395.079514][T12903] stack backtrace:
[  395.079520][T12903] CPU: 1 PID: 12903 Comm: syz.3.2369 Not tainted syzkaller #0
[  395.079536][T12903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  395.079546][T12903] Call Trace:
[  395.079552][T12903]  <TASK>
[  395.079559][T12903]  dump_stack_lvl+0x16c/0x230
[  395.079587][T12903]  ? load_image+0x3b0/0x3b0
[  395.079605][T12903]  ? show_regs_print_info+0x20/0x20
[  395.079632][T12903]  ? print_circular_bug+0x12b/0x1a0
[  395.079655][T12903]  check_noncircular+0x2bd/0x3c0
[  395.079680][T12903]  ? print_deadlock_bug+0x5d0/0x5d0
[  395.079699][T12903]  ? lockdep_lock+0xe0/0x220
[  395.079724][T12903]  __lock_acquire+0x2ddb/0x7c80
[  395.079757][T12903]  ? verify_lock_unused+0x140/0x140
[  395.079789][T12903]  lock_acquire+0x197/0x410
[  395.079807][T12903]  ? console_flush_all+0x10f/0xd00
[  395.079831][T12903]  ? __lock_acquire+0x7c80/0x7c80
[  395.079849][T12903]  ? do_raw_spin_lock+0x121/0x2c0
[  395.079871][T12903]  ? read_lock_is_recursive+0x20/0x20
[  395.079891][T12903]  ? __rwlock_init+0x150/0x150
[  395.079914][T12903]  ? do_raw_spin_unlock+0x121/0x230
[  395.079939][T12903]  console_flush_all+0x693/0xd00
[  395.079959][T12903]  ? console_flush_all+0x10f/0xd00
[  395.079998][T12903]  ? console_flush_all+0x10f/0xd00
[  395.080028][T12903]  ? is_console_locked+0x20/0x20
[  395.080049][T12903]  ? perf_event_update_userpage+0x5af/0x6d0
[  395.080075][T12903]  console_unlock+0xae/0x340
[  395.080098][T12903]  ? other_cpu_in_panic+0xf0/0xf0
[  395.080120][T12903]  ? __lock_acquire+0x1260/0x7c80
[  395.080146][T12903]  vprintk_emit+0x477/0x600
[  395.080169][T12903]  ? printk_sprint+0x460/0x460
[  395.080191][T12903]  ? __lock_acquire+0x1260/0x7c80
[  395.080218][T12903]  _printk+0xd0/0x110
[  395.080240][T12903]  ? load_image+0x3b0/0x3b0
[  395.080257][T12903]  ? __lock_acquire+0x1334/0x7c80
[  395.080285][T12903]  should_fail_ex+0x37e/0x4d0
[  395.080312][T12903]  strncpy_from_user+0x36/0x2e0
[  395.080333][T12903]  strncpy_from_user_nofault+0x71/0x140
[  395.080361][T12903]  bpf_probe_read_user_str+0x2a/0x70
[  395.080391][T12903]  bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  395.080410][T12903]  bpf_trace_run4+0x379/0x420
[  395.080428][T12903]  ? bpf_trace_run4+0xfd/0x420
[  395.080447][T12903]  ? bpf_trace_run3+0x400/0x400
[  395.080468][T12903]  ? __bpf_trace_sched_switch+0x160/0x1e0
[  395.080508][T12903]  __bpf_trace_sched_switch+0x17b/0x1e0
[  395.080530][T12903]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  395.080553][T12903]  ? __lock_acquire+0x7bc1/0x7c80
[  395.080571][T12903]  ? local_clock+0x20/0x20
[  395.080593][T12903]  ? tracing_record_taskinfo_sched_switch+0x7d/0x360
[  395.080613][T12903]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  395.080631][T12903]  __traceiter_sched_switch+0x93/0xc0
[  395.080647][T12903]  __schedule+0x2197/0x44d0
[  395.080685][T12903]  ? mark_lock+0x94/0x320
[  395.080703][T12903]  ? __lock_acquire+0x1334/0x7c80
[  395.080722][T12903]  ? asan.module_dtor+0x20/0x20
[  395.080739][T12903]  ? mark_lock+0x94/0x320
[  395.080756][T12903]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  395.080772][T12903]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  395.080791][T12903]  ? preempt_schedule_irq+0xaa/0x140
[  395.080812][T12903]  preempt_schedule_irq+0xb5/0x140
[  395.080832][T12903]  ? preempt_schedule_notrace+0x110/0x110
[  395.080858][T12903]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  395.080878][T12903]  irqentry_exit+0x67/0x70
[  395.080900][T12903]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  395.080915][T12903] RIP: 0010:kasan_check_range+0x1bd/0x290
[  395.080934][T12903] Code: 4d 01 f3 49 8d 5c 24 07 4d 85 e4 49 0f 49 dc 48 83 e3 f8 49 29 dc 74 12 41 80 3b 00 0f 85 a6 00 00 00 49 ff c3 49 ff cc 75 ee <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 45 84 ff 75 61 41 f7 c7 00 ff 00
[  395.080947][T12903] RSP: 0018:ffffc9000c6376d8 EFLAGS: 00000256
[  395.080959][T12903] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff83db1588
[  395.080969][T12903] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801bf170c8
[  395.080978][T12903] RBP: ffff88801bf17090 R08: ffff88801bf170cf R09: 1ffff110037e2e19
[  395.080990][T12903] R10: dffffc0000000000 R11: ffffed10037e2e1a R12: 0000000000000001
[  395.081001][T12903] R13: 00000000000000d5 R14: ffffed10037e2e1a R15: 1ffff110037e2e19
[  395.081014][T12903]  ? tomoyo_check_acl+0x2d8/0x3f0
[  395.081038][T12903]  tomoyo_check_acl+0x2d8/0x3f0
[  395.081058][T12903]  ? tomoyo_check_unix_acl+0x130/0x130
[  395.081082][T12903]  tomoyo_check_inet_address+0x453/0x8a0
[  395.081104][T12903]  ? __kmalloc+0xb4/0x240
[  395.081124][T12903]  ? tomoyo_check_inet_address+0x273/0x8a0
[  395.081148][T12903]  ? tomoyo_check_unix_address+0x7a0/0x7a0
[  395.081169][T12903]  ? perf_trace_preemptirq_template+0xa4/0x340
[  395.081190][T12903]  ? irqentry_enter+0x3b/0x50
[  395.081225][T12903]  tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  395.081265][T12903]  security_socket_sendmsg+0x70/0xa0
[  395.081280][T12903]  ____sys_sendmsg+0x533/0x950
[  395.081304][T12903]  ? __sys_sendmsg_sock+0x30/0x30
[  395.081322][T12903]  ? __import_iovec+0x5f2/0x860
[  395.081345][T12903]  ? import_iovec+0x73/0xa0
[  395.081365][T12903]  ___sys_sendmsg+0x220/0x290
[  395.081386][T12903]  ? __sys_sendmsg+0x270/0x270
[  395.081413][T12903]  ? __lock_acquire+0x7c80/0x7c80
[  395.081438][T12903]  __se_sys_sendmsg+0x1a5/0x270
[  395.081459][T12903]  ? __x64_sys_sendmsg+0x80/0x80
[  395.081484][T12903]  ? lockdep_hardirqs_on+0x98/0x150
[  395.081506][T12903]  do_syscall_64+0x55/0xb0
[  395.081522][T12903]  ? clear_bhb_loop+0x40/0x90
[  395.081536][T12903]  ? clear_bhb_loop+0x40/0x90
[  395.081550][T12903]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  395.081563][T12903] RIP: 0033:0x7f24cb18eec9
[  395.081574][T12903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.081590][T12903] RSP: 002b:00007f24cc0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  395.081602][T12903] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18eec9
[  395.081612][T12903] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 000000000000000c
[  395.081621][T12903] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  395.081629][T12903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.081637][T12903] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  395.081653][T12903]  </TASK>
[  396.486136][T12903] CPU: 1 PID: 12903 Comm: syz.3.2369 Not tainted syzkaller #0
[  396.493586][T12903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  396.503635][T12903] Call Trace:
[  396.506909][T12903]  <TASK>
[  396.509835][T12903]  dump_stack_lvl+0x16c/0x230
[  396.514529][T12903]  ? show_regs_print_info+0x20/0x20
[  396.519722][T12903]  ? load_image+0x3b0/0x3b0
[  396.524239][T12903]  ? __lock_acquire+0x1334/0x7c80
[  396.529263][T12903]  should_fail_ex+0x39d/0x4d0
[  396.533939][T12903]  strncpy_from_user+0x36/0x2e0
[  396.538789][T12903]  strncpy_from_user_nofault+0x71/0x140
[  396.544358][T12903]  bpf_probe_read_user_str+0x2a/0x70
[  396.549648][T12903]  bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  396.555112][T12903]  bpf_trace_run4+0x379/0x420
[  396.559789][T12903]  ? bpf_trace_run4+0xfd/0x420
[  396.564559][T12903]  ? bpf_trace_run3+0x400/0x400
[  396.569402][T12903]  ? __bpf_trace_sched_switch+0x160/0x1e0
[  396.575120][T12903]  __bpf_trace_sched_switch+0x17b/0x1e0
[  396.580666][T12903]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  396.586989][T12903]  ? __lock_acquire+0x7bc1/0x7c80
[  396.592005][T12903]  ? local_clock+0x20/0x20
[  396.596416][T12903]  ? tracing_record_taskinfo_sched_switch+0x7d/0x360
[  396.603104][T12903]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  396.609427][T12903]  __traceiter_sched_switch+0x93/0xc0
[  396.614789][T12903]  __schedule+0x2197/0x44d0
[  396.619313][T12903]  ? mark_lock+0x94/0x320
[  396.623643][T12903]  ? __lock_acquire+0x1334/0x7c80
[  396.628667][T12903]  ? asan.module_dtor+0x20/0x20
[  396.633519][T12903]  ? mark_lock+0x94/0x320
[  396.637863][T12903]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  396.643839][T12903]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  396.649992][T12903]  ? preempt_schedule_irq+0xaa/0x140
[  396.655454][T12903]  preempt_schedule_irq+0xb5/0x140
[  396.660564][T12903]  ? preempt_schedule_notrace+0x110/0x110
[  396.666278][T12903]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  396.672079][T12903]  irqentry_exit+0x67/0x70
[  396.676495][T12903]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  396.682474][T12903] RIP: 0010:kasan_check_range+0x1bd/0x290
[  396.688197][T12903] Code: 4d 01 f3 49 8d 5c 24 07 4d 85 e4 49 0f 49 dc 48 83 e3 f8 49 29 dc 74 12 41 80 3b 00 0f 85 a6 00 00 00 49 ff c3 49 ff cc 75 ee <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 45 84 ff 75 61 41 f7 c7 00 ff 00
[  396.707828][T12903] RSP: 0018:ffffc9000c6376d8 EFLAGS: 00000256
[  396.713890][T12903] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff83db1588
[  396.721866][T12903] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801bf170c8
[  396.729832][T12903] RBP: ffff88801bf17090 R08: ffff88801bf170cf R09: 1ffff110037e2e19
[  396.737798][T12903] R10: dffffc0000000000 R11: ffffed10037e2e1a R12: 0000000000000001
[  396.745766][T12903] R13: 00000000000000d5 R14: ffffed10037e2e1a R15: 1ffff110037e2e19
[  396.753825][T12903]  ? tomoyo_check_acl+0x2d8/0x3f0
[  396.758859][T12903]  tomoyo_check_acl+0x2d8/0x3f0
[  396.763726][T12903]  ? tomoyo_check_unix_acl+0x130/0x130
[  396.769188][T12903]  tomoyo_check_inet_address+0x453/0x8a0
[  396.774827][T12903]  ? __kmalloc+0xb4/0x240
[  396.779155][T12903]  ? tomoyo_check_inet_address+0x273/0x8a0
[  396.785062][T12903]  ? tomoyo_check_unix_address+0x7a0/0x7a0
[  396.790880][T12903]  ? perf_trace_preemptirq_template+0xa4/0x340
[  396.797027][T12903]  ? irqentry_enter+0x3b/0x50
[  396.801713][T12903]  tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  396.807977][T12903]  security_socket_sendmsg+0x70/0xa0
[  396.813276][T12903]  ____sys_sendmsg+0x533/0x950
[  396.818067][T12903]  ? __sys_sendmsg_sock+0x30/0x30
[  396.823110][T12903]  ? __import_iovec+0x5f2/0x860
[  396.827975][T12903]  ? import_iovec+0x73/0xa0
[  396.832480][T12903]  ___sys_sendmsg+0x220/0x290
[  396.837248][T12903]  ? __sys_sendmsg+0x270/0x270
[  396.842016][T12903]  ? __lock_acquire+0x7c80/0x7c80
[  396.847061][T12903]  __se_sys_sendmsg+0x1a5/0x270
[  396.852001][T12903]  ? __x64_sys_sendmsg+0x80/0x80
[  396.856948][T12903]  ? lockdep_hardirqs_on+0x98/0x150
[  396.862151][T12903]  do_syscall_64+0x55/0xb0
[  396.866578][T12903]  ? clear_bhb_loop+0x40/0x90
[  396.871266][T12903]  ? clear_bhb_loop+0x40/0x90
[  396.875940][T12903]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  396.881830][T12903] RIP: 0033:0x7f24cb18eec9
[  396.886240][T12903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.905846][T12903] RSP: 002b:00007f24cc0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  396.914338][T12903] RAX: ffffffffffffffda RBX: 00007f24cb3e5fa0 RCX: 00007f24cb18eec9
[  396.922317][T12903] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 000000000000000c
[  396.930291][T12903] RBP: 00007f24cc0ad090 R08: 0000000000000000 R09: 0000000000000000
[  396.938253][T12903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.946218][T12903] R13: 00007f24cb3e6038 R14: 00007f24cb3e5fa0 R15: 00007ffdc3912d28
[  396.954190][T12903]  </TASK>
[  397.052597][T12900] veth1_macvtap: left promiscuous mode