last executing test programs:

9.551538533s ago: executing program 2 (id=2439):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73", 0xc0}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

9.313932666s ago: executing program 2 (id=2441):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, @perf_bp={0x0, 0x6}, 0x100000, 0xca, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000000c0)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2a24a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9877399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a8449f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000056c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137000059aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c072083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a00000000000000000000d550c9f15fbb2324a3f37dc4ba"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141607089f034d2f87e5890c6aab845013f2325f1a39019403178da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
syz_open_procfs$namespace(0x0, &(0x7f0000001000)='ns/pid_for_children\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000240)='ns/pid\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000002e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="00e3ff0000000000000000000100180000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/18], 0x50)

8.189836026s ago: executing program 2 (id=2445):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140), 0x40001) (async)
sendmsg$kcm(r0, &(0x7f0000000140), 0x40001)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33)

7.956256029s ago: executing program 2 (id=2448):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73", 0xc0}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

7.360564937s ago: executing program 2 (id=2450):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0xb4017ab080546832, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1f, &(0x7f0000000ac0), 0x90) (fail_nth: 2)

6.883522835s ago: executing program 2 (id=2454):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0xb4017ab080546832, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1f, &(0x7f0000000ac0), 0x90)

4.208955917s ago: executing program 1 (id=2467):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c", 0xc2}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

3.693518518s ago: executing program 1 (id=2468):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x4000800)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x401c5820, &(0x7f0000000000)=0x40f)
r2 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x801, 0x0, 0x2df, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000cb67be1278cdd88e44afa2434d1de00500"/40], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r5, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r5}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r6, 0x29, 0x24, &(0x7f00000000c0), 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000040)=']\\-\\!\x00')
r7 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, 0x0}, 0x3000c085)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000100ff12142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000400000004000000000000000800000042905f265f478eea690e6e509ef5602fe1a8abfce3e134a727be1fc1becfd7173e34812db0cfc9cb42358eaba4ca9c1687e8ec3b704994ea6da54ea881c52481aa799fffdcb68a8cff91ac630761fe368cac0fae2c299c92ffa818e104ad193b9c7fd0ece58eac3afab563971e973e6feba0b5a84d68deda0e80dc855151ea0873cccaf00f1fd012a9bc8e6d91075507e86bcd5dc90bafe3d1284733d9a736d462fd90bcb414960c759a2301390324d7eb601dc8dba995f4bc32679a6d120285ce28175dac1ecc4278701ea57030998207840457abc7b77e3841a7b2d47d2c9774db26af81ea99fc79066ecb68ade845c6367add2a65c748fa6c1aa7864015801eb4f378d46f81ed577899d937e0b3056023204854443cb5859c0e1c4844b6175a79b88475add528481c3051275606e25746934cb287d4f71ff1d82ff74c8a839c5dea15e3743b0611cb48f794ed8291fcfcb888a3", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=r10, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
r11 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r11}, 0x18)
ioctl$TUNGETVNETLE(r9, 0x800454dd, &(0x7f0000000380))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$kcm(r6, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000200)="f4000900062b2c25fe80070000e4c8030000000f230466cc00007a000000ad6e911b51818463b40065b841c4342c7557035896e741c884657ef8db2a2a75e614eb217dfed12e8fdbd7db1bba8511659add8b97972142b0e29b3eb9ef1bba558320ed1c74305eb8eb708ab7a6323ce90e1d33bfee42f7fb5f92ee0a2642960b7237272f2ce178934d99daf94f4b1d6dbe9ec3ba9b0c271836dc7e08b2dddacc9cba464573c503c2c4d318dffe2f7ec8e43e2fcb46f9f6f91dfae9d62bce0288db0b5d1a0f1e9fbebbb94c2331b79ede57d9f37e5c32f771c76eb9a60544461b5a40d4eb6ff2640fe70662ad0dbca6f68d83990b87dbba41eff925ec2caaa1c05667c1c9d964508aeeb9c29cf55d81d7830b", 0x111}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ec0800b9cca7480ef421000000e3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x4044)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000ffff0000000000000000850000002a00000085000000080000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.311904335s ago: executing program 3 (id=2470):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90724fc600d0003000a740100ff3582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000001180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r3, 0x1, 0xc, &(0x7f00000002c0), 0x4)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000140)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = getpid()
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000deffffff6a0a00ff00000000850000002b000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c5c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d26b5069f8a98f7dc8f772fd0e17c9b9101644f8c06b74635fc9f9de9ca3c0ec0cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583f76e412dff048f0000000000000000b2728a0481e9f0da43bb6cfb851cd364ff19002cc93c1c13ca67fdc6c238342033070000004a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad3e328a100000000b515a1000000000000140eb2e9c15b6c8f6198282df27badac8500bc7d202e099009ca515007e5f009735200040000001896d46cdac0abb841d9f96e2e6a19b7bf661c01800000d77d6165f253683cd8dc926518c699a2b14fb2bb40425dee631368340711a8c47318d5d13085938c3ec5c39b540b34157b0330aa16bd0998607f0ecea84919712d36"], &(0x7f0000000340)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xffff0000, 0xe, 0x0, &(0x7f00000003c0)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x2, 0x0, 0x0, 0x7fef, 0x82, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r6 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x9f, 0x9, 0xb8, 0xc0, 0x0, 0xcd16, 0x34090, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x400, 0x6, 0x4, 0x2, 0xff, 0x3, 0x8, 0x0, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r1, 0x1b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r4, r6, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe, 0x0, &(0x7f0000000400)="e4e647c9e0b8e9a2f2ab3026da58", 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.993142707s ago: executing program 0 (id=2471):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2a24a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9877399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a8449f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000056c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137000059aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c072083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a00000000000000000000d550c9f15fbb2324a3f37dc4ba"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141607089f034d2f87e5890c6aab845013f2325f1a39019403178da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x4, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="00e3ff0000000000000000000100180000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/18], 0x50)

2.535292851s ago: executing program 1 (id=2472):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="d4126700000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

2.316909863s ago: executing program 1 (id=2473):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="d4126700000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) (fail_nth: 2)

2.160400898s ago: executing program 3 (id=2474):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000003000000040000000108000001000000", @ANYRES32=r0], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f0000000900)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="d4126700000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

2.026362481s ago: executing program 0 (id=2475):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c", 0xc2}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

1.543760849s ago: executing program 0 (id=2476):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x408, 0xca, 0x0, 0x2, 0xfffffffffffffffc}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0x7, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x9, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000c8"], 0x0}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000200)=ANY=[@ANYRES8=r1, @ANYRES8=r5], 0x12)
r6 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0xb00, @mcast1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0xc}, 0xf7e5)
close(r6)

1.542374659s ago: executing program 3 (id=2483):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c", 0xc2}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

1.43222659s ago: executing program 1 (id=2477):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x14, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0xb4017ab080546832, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
r1 = socket$kcm(0xa, 0x1, 0x106)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x80, 0x0}, 0x2004c040)
sendmsg$kcm(r1, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @local, 0x0, 0xfffffffd}, 0x80, 0x0}, 0x20040010)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1f, &(0x7f0000000ac0), 0x90)

1.117922271s ago: executing program 0 (id=2478):
r0 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x27}, 0x80, 0x0}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73", 0xc0}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f000000000000010000000000000000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000ebffffff0000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r4, 0x2403, 0x1)
syz_clone(0x10222000, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000340)="ec81178d76e1554846228ba0c5e7bf418f22e61086e1a0c647351ec305d39674dea9d0d6baa71cd6baba7c1dd1e9668c3b939a69e085b218488c1a4d4b061f126791")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800cac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)
close(0x3)

1.110928641s ago: executing program 3 (id=2479):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000003c0)}, 0x4000800)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x401c5820, &(0x7f0000000000)=0x40f)
r2 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x801, 0x0, 0x2df, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000cb67be1278cdd88e44afa2434d1de00500"/40], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r5, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r5}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r6, 0x29, 0x24, &(0x7f00000000c0), 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000040)=']\\-\\!\x00')
r7 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, 0x0}, 0x3000c085)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000100ff12142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000400000004000000000000000800000042905f265f478eea690e6e509ef5602fe1a8abfce3e134a727be1fc1becfd7173e34812db0cfc9cb42358eaba4ca9c1687e8ec3b704994ea6da54ea881c52481aa799fffdcb68a8cff91ac630761fe368cac0fae2c299c92ffa818e104ad193b9c7fd0ece58eac3afab563971e973e6feba0b5a84d68deda0e80dc855151ea0873cccaf00f1fd012a9bc8e6d91075507e86bcd5dc90bafe3d1284733d9a736d462fd90bcb414960c759a2301390324d7eb601dc8dba995f4bc32679a6d120285ce28175dac1ecc4278701ea57030998207840457abc7b77e3841a7b2d47d2c9774db26af81ea99fc79066ecb68ade845c6367add2a65c748fa6c1aa7864015801eb4f378d46f81ed577899d937e0b3056023204854443cb5859c0e1c4844b6175a79b88475add528481c3051275606e25746934cb287d4f71ff1d82ff74c8a839c5dea15e3743b0611cb48f794ed8291fcfcb888a3", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=r10, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
r11 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r11}, 0x18)
ioctl$TUNGETVNETLE(r9, 0x800454dd, &(0x7f0000000380))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$kcm(r6, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000200)="f4000900062b2c25fe80070000e4c8030000000f230466cc00007a000000ad6e911b51818463b40065b841c4342c7557035896e741c884657ef8db2a2a75e614eb217dfed12e8fdbd7db1bba8511659add8b97972142b0e29b3eb9ef1bba558320ed1c74305eb8eb708ab7a6323ce90e1d33bfee42f7fb5f92ee0a2642960b7237272f2ce178934d99daf94f4b1d6dbe9ec3ba9b0c271836dc7e08b2dddacc9cba464573c503c2c4d318dffe2f7ec8e43e2fcb46f9f6f91dfae9d62bce0288db0b5d1a0f1e9fbebbb94c2331b79ede57d9f37e5c32f771c76eb9a60544461b5a40d4eb6ff2640fe70662ad0dbca6f68d83990b87dbba41eff925ec2caaa1c05667c1c9d964508aeeb9c29cf55d81d7830b", 0x111}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000011008188040f46ec0800b9cca7480ef421000000e3bd6efb440013030e001b000d000008ba8000001201", 0x2e}], 0x1}, 0x4044)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000ffff0000000000000000850000002a00000085000000080000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

436.075097ms ago: executing program 0 (id=2480):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, 0x0}, 0x20000810) (fail_nth: 2)

408.84858ms ago: executing program 3 (id=2481):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000), 0xfdef) (async)
r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r2, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0xf8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x8c, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xc, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c3}, 0x94) (async, rerun: 64)
r4 = socket$kcm(0x1e, 0x2, 0x0) (rerun: 64)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r5 = socket$kcm(0x1e, 0x4, 0x0) (async)
socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
setsockopt$sock_attach_bpf(r5, 0x1, 0x21, &(0x7f00000000c0), 0x4) (async)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[], 0xfdef)

370.283924ms ago: executing program 1 (id=2482):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2a24a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9877399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a8449f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000056c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137000059aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c072083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a00000000000000000000d550c9f15fbb2324a3f37dc4ba"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141607089f034d2f87e5890c6aab845013f2325f1a39019403178da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="00e3ff0000000000000000000100180000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/18], 0x50)

36.159637ms ago: executing program 3 (id=2484):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xa, [@fwd={0x3}]}, {0x0, [0x0, 0x0, 0x71, 0x0, 0x2e, 0x30, 0x0, 0x2e]}}, &(0x7f00000003c0)=""/4096, 0x2e, 0x1000, 0x0, 0x4dce}, 0x28)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="030000000400000000000a000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0xf, &(0x7f00000002c0), 0x161)
sendmsg$inet(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x31, &(0x7f0000000640)=r3, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_compaction_try_to_compact_pages\x00', r3, 0x0, 0x7}, 0x18)
r5 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r5, &(0x7f00000017c0)={&(0x7f00000002c0)=@pppoe={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'netpci0\x00'}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000340)="df0f36571aff3b10fa4cbff41ccaa4205aecefce6d305d0a1a93112665ab0e5499c8c1ab", 0x24}, {&(0x7f0000000400)="20cf89e4d9ed1be1fdf89dcc7d9efedfc46bc0f263392044bb4ca0a1bd45915953e02302f9e3c1e4cb7305cca553996d8ad4ca994e4afdd6fade11eb33f589226719c7bbe45d643fada93b1b8a0b200a6c43fd6462d84275d6c0337ca9030a1f8cfd247ecff19f28679c4df141cdf5b32408cfb57776650fe176e8900db55bebdc493e27b7cc100711e146427fd8c0c8e4edb2fe61f4cc0f1af750c67e16e7d676b71b0b7ae974d85048cac6476ccb1d8094c428f00107f52b80e19ab65c9af6b6af3a8ac5570b96321daecb34b1b9ed1b4c2cec521a03c8611b7c8974a058ac05fe6e1f4a4701f7f8cc20f2bce108d97c70a748ccba1a98a7c9b1ec07ab35", 0xff}, {&(0x7f0000000380)="1d818ae08b61ccfd4e2c9b", 0xb}], 0x3, &(0x7f0000002b80)=[{0x50, 0x10f, 0x9, "b46d395fc53fc292b8c24934a7b98374fc619a517fcfc67c44cecfe959c4319c1ca55d6a8081a53fd3b6479cd84b72e48878f814b23c6878ff421f5a"}, {0xf8, 0x116, 0x0, "aacb43c535e7938fe252f8f6ad243def171a73478791e9bcfc7fdf79b95f29c3d5e19f832e2fe38c7ef8540dabca6712436230ca941688619323f6c14d129557dc93e2a7cbaca4ebcf5b725d6d315223593ab119834807df6d3fa6197bb56593142710b1f30c9080fb07422df7841e664f1b12a0ad79dd59e35d45a6164801e78d0aa1eb0ed50e646fb908278bc9b1e79dc58d8ae8d1b63cac05fc7bcdcc80c0b72233e472d371d40fba163de93364e745aacd6f6c84846a31794449ebcda77c77534c3d9e0ae316f4376ece172bb280a861727adac4cc9893ab537c998c90ca133c39eb9a"}, {0x1010, 0x0, 0xd2, "51f91cf3aa2ce43ba533cc3f14d30bf15dd9303a3c0380fa923c961d245c8ba69d2e7ce67aa3df2f83103d8807781e131a1456096b5d5cc2c924331327eafe8d6e30e9810429c29e692c4a97ce3180d9ff478d2ed4c4329caead01e1577ed85540f5bae94182641f4c0476688cbd5048d70aa2b9abafa32c5e80730f2eda6e62c99e871703ee07688b14f888e26168a577d2deb0b58abea025dd1e66de2cee998c6c95b81df006b436381f0e61406803a83f77fec022fe06724d6847eb4c1585e01234eb68fff1b6a97172d8e0e91321d06f257b03b7a219fcadf602d9e8f3a963a66740666bfe937dac0e26c431b0efc8abba7bd2bc99b885673484730900715b09f305323543d009939548eaf896babadbdaa754772a336741d9191894b22b8997dd0e5a5a413467cc9c5c5de7ef4469e663249ffd18db911e62bd57cdf562e2eafdb0cd9cfa7868268fb395cd29d144b6ccc1cc770d4a166240fdd336aa801c1ea293b5318af194ccf39a013d29a498062ba27cd064b71843b29aa57cd56abb1f9134a268ac220bd83ad339f1af4f024dccb6fa906cffbd99bfc2eff5a5cad54167f539161de296e72a30fb3608827c3338415d09c0622793a650618599a3b4c2c3bf06a08f3eac8cc81eac7e613c959206417be8faf9f9d768f6f747382e33701d9e585c9aff5ea2c43e04c076fe4b4eb53d4fcbdbb89ca437d8d7acce767c53948c320e699fb50135000534c123a53f7bc7770745fde6477dc9acd13e40872a475f2bbfa8a377b12da7c0950b0677c635e8f1704e78a335e4c70edd8f50b6e3c127f03790c32e0eb8ef4e21e1319bcd848b2aecb986637bb3573e31077acb60a977eeb1b2b37de2a155d0df2707594c59de97352b1d2e2aea17f78ce3c6d214eca5465c00e8c855cbba13c390ef7f1228fc92fe2a76473eec62bd377e1e7feccfd1dfbd2ed62b07308df370cfa412626f3bb96bb3cc9097c982afd48b4878371d79c4c1280c679efc330eb1cd71ad577b6e6fa9cdeebf1f9bf7f81ae12adb1ca909308250860df15f4a575fecb0011221d32916fcbfdd7d08a26bf35a026ae007d22d558011f1bbb399183faf77b5f35255ae3115dbec1e48204d1bb9a136da2ae3c669beef6e59205db2c0f20eb0aca54b16cdd8a4516eb40690b33e6faddf079c53f004cc25b15ba8f8bfcc58fc715f93e489f0162a63932cf94f923c3b8fd3b6c16dbdc319f8c49e4fd4ebc155a507fdee18e41af457fbb9ea830ab19e365bb338d86a92e9cb8647fee6d04dad36388ca35e3792062a132288082672d97cc2f6998c77929cd6f2812fe608c2d44cae9b49ed0745396c0503c39ef0ebc3b4f6246d435d48998332cabfd878234ea3d999492879404f1939a1b0e31c89903e8c1dd71cccd9c7faf2d4e8a869e478a8d2a4999c820e1fcdb34f40fc2ac2f169075ae947f893a707ae04d87476d636a22264dbedb8a8a5970c151eb2e3633a78b358f53d6fc168b43cf49fae584f333d1ba6ccc162b7c6d74f17a5ebef267fcd4bfea7b1cd374715adb9c706b189bd621c56682fa8a0715c8a3254c73649ab90fd91a24d28a61860639960ba72387cb7574abe066aa40b96c2716f8d1572ec9d0433bc97bb5bcc21febb4ff5898278d41f4d2487510dc8cd9395258e3687306e5e28c4342266a0be1a6143693ac2405d08ece35213da0e502d31b23660d3237ec49c4dfca08527dac2d5e3eba549381c928d5a99618b73839a2957a39e4b383b4920f6491142961ad34c6540d39b9cb93b1f1c01921317b35cb00c67c6e9d0477ab261c873ae164f5ba7bf0fa13d2560a5c1c69d13892b70895dd864bdee0d531be72604fa1f46a1cb1bc6ec2390bbb5e72301c22b2fe103ab340f81d9346bdd464b291d486fa82521a777929bf039a1a17415a471aab44fb718ac21091c6ac5344aace8409a5c25f5a372033feb3dfde5abc2b72914c46080b1b5195ca912a79b1eb37cf5d9fd2bf47531629cc51f92e81b01953b0dca80288e6f8e6436618070723e285476bf23768c55f1e633f8900243b2b44a4cc934ea13b0d6a675511314ca59a1162cd3d2ee7d059df8b6792a7cb3b5311795dc2394ac59ed9d448094cfcb65c42c4a57faca990f28f04c8170c7ec7e2ddc176caa3d5c548bb3ad175eb0d4ab94942fe90a348b96142a9b367ee3c39f690dac1b1b531f45b0fb64f11b84120523e6ac0c5d3b483551870c92e7ec650f9f454a387f427bffe275b4cf48d3be3fce9bf329d4d894dd796552dc3e81e0e8ac2b673d5c7562a4a1548d5941fc8abb0e3718b26254908d22f83fbe8d2910386490e532683a135555677964f155dbe9327991c90055205f0d6890e62e4e67df1634bbb04d429a6121881c936a9090cccfcc83227739ef95211722987dd6d8a2e7c8c5d24956cb538b3b92c4f621a491da5b63ad2dcd4bce230e222ca85dd2d1c44521c396435e0b1a10e4547e5e384a718de3b6dadee3a2e26f16189fe1f452b6d1f418ea8fef2746b021bae0998b21a0937cd6870b81c58f4df30a204b9427be6fa27f173be7c1f6e84d1afa1b30c03fee3587ddf1360beafa338084a8dfab66ae5930a68792ecd49cbf47db07e2ae20e1db650ccba8bbd27d126e0b67f0c0d1e1b3a68584e4fca462369a57f1e2a95c5a41b79803347145de7aedff02c228cf9763883bbf2df44a110692da744f143283d787fd84010078e6232f4c14579d15615b95753565a13941d46d2d7a77842786dce1d2f5b92cfc12c2bd34dfa5353d7a80d3da90e6119e3d82e7cdc782c1e28124ebc8ecc9cf9377788fa9a1e45cbaef1fc42dde82642bcc21c9c7c6114fc69d434cb80b75c0a8e02f773d9960cd867e5764df694e710619d09688121f1ca72d90188e76e5e10e7aa8b1bc234c406ced5db0c19abc576b049e061feaa5353eeb43756e954184b9ad617896add062d7d5ca581c894a24a82e7bc7504f0ea3d7b00553fa3f97bbdd201e300fc886108b384e86a26920336e7f95711edf13845500cbbedb101bf9263f98b47d1b904cb609765d0bb849e56caad095721107e50e7ba3c0c384f57e7c56a3ee7f3f84ef597cbc56ca7883e3762cb66c020b532639088a306e0913de078b1e13ef0e6323af8fc3395634995b818a6c03b9bf9bb46d552ce3276b1d090addfb1011dd00e652c8b38d26dc421f360ddc69e5858a16d54cb820194e3e8fcdbbb34f172fa62783824d918f526c9649c4749a08ce662f9a09a0ce9ecefe6f8929b14e6c61b406e56d00da6f59ca711da03e9ed361b5269bcf9a8a7e0c68e0668e314764f2bb697b5fafd9b9cca05c959e01dfd7cff741efba8ba536ff2b2d93bf471ba944a2c574ccc9f0e3ea67dd6bfedbffca9ae927a4070fd592232eaf81618ab6bcb207d2f4f880e3f9c2d212e1745a93d0aedbd03aeb90534e42c334dfa02a543e51bd6e9468ab49475671ca1b3b9e7ff662eea5d035e1c92272345661889ac1d3f2cc2508ecae0fb45306b7403d257604d2b7bf7ef1475c3d8ba5df3afb776b067be86a4bd0de68a35460671a1070d68560f13269294fb11227dcba055a3c287e3d22a07831e22d557ef077d1a229e0ca8fb3cead60642086487e69a80b81a87aae03a3a91bdc7b5e85df9dac0c117f15ef2297880a58c8c738285de89530e840b7bd6f15bb93c868007193ac8758f90e75418207beac67e42e8d483cc4163f79379d7ebf471f6a0f857132466355cf2dc96149f305e45766c8cc755713b0972316db561501b8d0704e7b9ab41f68aaa162e845bd376def783b478bbf43edf040a011b2a50544acdd99666c635a687ba44df4941f99bba689de114eea3a6cad487d7279de1fbb843243a6a3d6f7f9b9a1e6772126d4aa8920d04c2df7d9f2a391941e6ec8f44e5214867012890a91e97c0e60f7e5ee90a2ed99d3dcbebdffef15094f4aaf257f1a29950b52e7bcc63f34d1635ca802615037685df703f0b518ef2db3635d7199bb5420a400f3140e3b68156270f9d6fe04e67c8ee97aa81d225c15d574603c987ea509575f6ac4ff166dcbce93bccedbad16a6903f4f60d77028b49dc505544f3bb950c5d60cb05f1e0ddf6637876015bd390df4fb5cf8b1c131e2d046b6f3e053b13039e91596b284f9d83c7725af8b36dcd92ee128e567cc9c5dcb63a56c1026bc1897dc2ac122c4bf38e1006d31aa7aac08c6f92baa7511c046136960e88a9e91f0bc7c4dc639364832a41781edf54da760f2270460aeb66ca8b86b19a6b7a44cf2e22ea1516cc2526c65585a59489c94d7ba50b2b45fd03b397cf45f9138d8f85e63ee185c3df55103ae208091efa28c5eec6dda827d9a3100f66b48561216a33d209d352867baeaa7ec3154a4ced746faffdefc6a7f15b6507fad41d83ea25946e4a8faea7ea2834d483f9eafedaaa581c45dbaa6ed7e53906b46c49efc312c071e62e17841a1ffdc824b256975d68438b96de18e59d9cc1183105264db744219aaa0086d77c7b1537a58510fbba88bda8d227f457ef33cb6485232b878f4374d6cdb6980df7542dedfd22251d4f5554961d4a140009cfb5cb6a1488c9cb9001e3b0d5d807aa3db2290066f4540f0675d661490fe5d5c4c2388b91839bd669c23faa7466d0b4f1854ed76a3879630df937ea2718f41ad63631e0a5d9e052536fb441eaa1a2f031d2fce9b8e1a38c1b70aac4e2984098573c47c8d403c1521e53201c265d43b1f81a9211c3ff3e033e6f06b177728ccf84f0815b526a3f7e25db70c88e98d54fc231747659bd27a2b3b2c22a266fada94abd398f8651dc91640b0d4ac1981e6214fb7ec134926ef339989fe2153979030ceb33fe0bdbf24c9f62839ac82f0c9c2ee2f827de75168c1f1d00325492590d3dd86c8da94e98d61b1e339f8e67f5bebbe0b4a04210d668f9ac78cbc3c41f1072ae0a4e527718c8e461a1f6e85005f0e7b62933e015d49d5c7f41a97050f42ab85ab6846f95098f120a1477baa43825634899aad69a3709a3fcb04238cae39a8ace3b892e3b4ad5248776fa963945301e544648b3c0819b22dfcf46fc81f2cf04a31992f8318b9c9b27487fa1462ba52b817dbfd7a368abd81d8590623138aa7c73a153bc3f7982c25c91e0c68e4eb1e64b460700e6e408cba1807bf3d485d8f369f0ca6f6d3ab738a9f1b3afea3ef2b975af3198954c056742c1daf2e971b18214623346a5c3c9271ba27344aba517bd7bbe594848b976bc3f6073517010680126edcc35525f4c107d579fd10c8c7142126c66689819333e27640f39fd4fdaf7b2a510ea31d3e9296b9296e347de3f0e3ad2bca4f9c4811c7ff8801fcdfd92c1fff73e6a2dcd28cee729522057dd7f3feff03b956b5f824cbaec3c6c12836bf0d7cdbcc66e298a7e7aca76ea46b247c868cb6dae4b8a9039baa4b10ea64304f5d9ce5ac18d8c119d0680952f042c20712da370874c3092127188817f872be077640d1f337389c26e07c7fa0732e63a3fcb5b0b8c25a2778c0a46b8f9baa914e8283bfbe0e14937687fe37b1da6c4c7bbf053a9bc12e95627e36ed44bf082962ef14e734559f75a58876ee828369b79cc1436362284b8f2382dcd19e5c16b2a083ed710b377c6df422d07ff1c26bfe29975ad37895d0512fee2a77dff7ea5c73e7ba1e2b845398d3e4b7225a7485f54d66673e9b359250d81b95da7d05c5adb1a4238de98974663e3900ac0af2c6a1c85ba17c5a380a9dc35df297de489551b57ac7d998a2e316aa0705a7aa461d14"}, {0x28, 0x110, 0x9, "0f6f707773403732543f09000000000000000000"}, {0x88, 0x114, 0x3, "de4c7046ef1dbb18d1114972acb2f1dae60a61ae890deb000f6132ed48b37b2130580db52ac26e94335a7ac9f39010ee3b97a8d2dbf2e5a00b4fadd60f87b548946c70ac70ef2f4dce24efab7792e70ffbc628c6c1727c6effd1075d96ac5834beb47bf847d6053001a67a5be17acb12626a"}, {0x90, 0x103, 0x57133a44, "275ac177b5eca0e93a8247351754e45d7f7a7708280d2a90bc3920fb34c8a401ca4b4044dcce09657683e715f3cddbd3a88044aa0dff026650f2909d1793899ca8f77124c29242ca25375740856d89b8127420df2a344135c40cf846b3363864d2802ccca599d6efa7a610a973db402e631a3617f92048f9467e43cd8f1f"}], 0x1298}, 0x80081)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x1000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0xa00}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff90, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x70}, [@ldst={0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)
syz_clone(0x2400, &(0x7f00000013c0)="60dbfe7c9c4f02ab288ed0278a11c8942a59b9afdfef066efec6fc4b285fb9334451ad168e475443c3fec937a623cb3a0b29d36fba51a73379e44ce287ee4353a6bd6d05872654940881b33988ca3e4b932da74b338a777901c90c6c077794a1bc7cd2843998e3021e63fc196653a6e66d734ec5ae715e358cbdf47d9fb66b260086524d00ccf53d5f9280969737a9b1566238f8c660bf4ec34ad211b17f6f9ed0e80529743b93b148631f858c02205b49", 0xb1, &(0x7f00000001c0), &(0x7f0000001480), &(0x7f00000014c0)="32219690f1beaad1aa5fb03debffcaa45bbafd47d8769f0697f1c4c7693de281e2decb4b4f4db74dc0450db96a8cae2f23ed0ac9799c04537c5f6b27a8cd051b601b70d41b8df57ce9a5d491615e44a9efbda35ce45460eef7dfcd9c8efe6e50d2db8842f054")

0s ago: executing program 0 (id=2485):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f00000023c0), 0x0, 0x100, 0x2000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x80, 0x3, 0x4, 0x0, 0x0, 0x6, 0x20202, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x100000001, 0x400}, 0x5010, 0x102, 0x9, 0x5, 0x8, 0x100, 0x9, 0x0, 0x200, 0x0, 0x7}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'netdevsim0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

426.344345][T11286]  should_fail_ex+0x39d/0x4d0
[  426.349210][T11286]  _copy_from_user+0x2f/0xe0
[  426.355172][T11286]  ___sys_sendmsg+0x159/0x290
[  426.360293][T11286]  ? __sys_sendmsg+0x270/0x270
[  426.365492][T11286]  __se_sys_sendmsg+0x1a5/0x270
[  426.370530][T11286]  ? __x64_sys_sendmsg+0x80/0x80
[  426.375729][T11286]  ? trace_sys_enter+0x1f/0x80
[  426.380945][T11286]  do_syscall_64+0x55/0xb0
[  426.385616][T11286]  ? clear_bhb_loop+0x40/0x90
[  426.390442][T11286]  ? clear_bhb_loop+0x40/0x90
[  426.396053][T11286]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  426.402800][T11286] RIP: 0033:0x7f028698eec9
[  426.407817][T11286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.429400][T11286] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  426.438125][T11286] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  426.446140][T11286] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000009
[  426.454367][T11286] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  426.462474][T11286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  426.470665][T11286] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  426.478981][T11286]  </TASK>
[  426.496550][T11292] validate_nla: 13 callbacks suppressed
[  426.496570][T11292] netlink: 'syz.3.1996': attribute type 29 has an invalid length.
[  426.520215][T11292] netlink: 'syz.3.1996': attribute type 29 has an invalid length.
[  426.721984][T11297] __nla_validate_parse: 9 callbacks suppressed
[  426.722007][T11297] netlink: 763 bytes leftover after parsing attributes in process `syz.3.1998'.
[  427.412806][T11317] netlink: 'syz.1.2005': attribute type 58 has an invalid length.
[  427.457712][T11317] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2005'.
[  427.549770][T11317] netlink: 'syz.1.2005': attribute type 3 has an invalid length.
[  427.566717][T11317] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2005'.
[  427.599637][T11317] netlink: 'syz.1.2005': attribute type 27 has an invalid length.
[  427.620409][T11323] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2007'.
[  427.703986][T11323] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2007'.
[  427.754446][T11323] netlink: 'syz.0.2007': attribute type 29 has an invalid length.
[  427.803146][T11323] netlink: 'syz.0.2007': attribute type 29 has an invalid length.
[  427.833188][T11327] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2010'.
[  427.877154][T11330] netlink: 'syz.0.2007': attribute type 29 has an invalid length.
[  427.911136][T11323] netlink: 'syz.0.2007': attribute type 29 has an invalid length.
[  428.237006][T11342] netlink: 'syz.0.2023': attribute type 21 has an invalid length.
[  428.245298][T11342] netlink: 16166 bytes leftover after parsing attributes in process `syz.0.2023'.
[  428.712585][T11355] FAULT_INJECTION: forcing a failure.
[  428.712585][T11355] name failslab, interval 1, probability 0, space 0, times 0
[  428.729837][T11355] CPU: 1 PID: 11355 Comm: syz.0.2020 Not tainted syzkaller #0
[  428.737586][T11355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  428.747923][T11355] Call Trace:
[  428.751309][T11355]  <TASK>
[  428.754319][T11355]  dump_stack_lvl+0x16c/0x230
[  428.759344][T11355]  ? show_regs_print_info+0x20/0x20
[  428.764599][T11355]  ? load_image+0x3b0/0x3b0
[  428.769329][T11355]  ? __might_sleep+0xe0/0xe0
[  428.773976][T11355]  ? __lock_acquire+0x7c80/0x7c80
[  428.779155][T11355]  should_fail_ex+0x39d/0x4d0
[  428.783900][T11355]  should_failslab+0x9/0x20
[  428.788888][T11355]  slab_pre_alloc_hook+0x59/0x310
[  428.794151][T11355]  ? __lock_acquire+0x1334/0x7c80
[  428.799269][T11355]  ? fib6_info_alloc+0x32/0xe0
[  428.804261][T11355]  ? fib6_info_alloc+0x32/0xe0
[  428.809254][T11355]  __kmem_cache_alloc_node+0x53/0x260
[  428.814695][T11355]  ? fib6_info_alloc+0x32/0xe0
[  428.819693][T11355]  __kmalloc+0xa4/0x240
[  428.823916][T11355]  fib6_info_alloc+0x32/0xe0
[  428.828607][T11355]  ip6_route_info_create+0x44f/0x1200
[  428.834217][T11355]  ? nla_memcpy+0x59/0xb0
[  428.838716][T11355]  ? nla_find+0x12a/0x150
[  428.843195][T11355]  inet6_rtm_newroute+0x4e6/0x1b40
[  428.848511][T11355]  ? ipv6_route_sysctl_table_size+0x50/0x50
[  428.854528][T11355]  ? rcu_is_watching+0x15/0xb0
[  428.859622][T11355]  ? trace_contention_end+0x39/0xe0
[  428.865070][T11355]  ? ipv6_route_sysctl_table_size+0x50/0x50
[  428.871024][T11355]  rtnetlink_rcv_msg+0x7c7/0xf10
[  428.876056][T11355]  ? rtnetlink_rcv_msg+0x1eb/0xf10
[  428.881252][T11355]  ? lockdep_hardirqs_on+0x98/0x150
[  428.886599][T11355]  ? rtnetlink_bind+0x80/0x80
[  428.891775][T11355]  ? perf_trace_preemptirq_template+0xa4/0x340
[  428.898491][T11355]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  428.904813][T11355]  ? lock_chain_count+0x20/0x20
[  428.909808][T11355]  ? __local_bh_enable_ip+0x12e/0x1c0
[  428.915362][T11355]  ? lockdep_hardirqs_on+0x98/0x150
[  428.920921][T11355]  ? __local_bh_enable_ip+0x12e/0x1c0
[  428.926381][T11355]  ? _local_bh_enable+0xa0/0xa0
[  428.931307][T11355]  ? __dev_queue_xmit+0x245/0x35a0
[  428.936587][T11355]  ? __dev_queue_xmit+0x1449/0x35a0
[  428.942507][T11355]  ? __dev_queue_xmit+0x245/0x35a0
[  428.947730][T11355]  ? ref_tracker_free+0x634/0x7d0
[  428.952850][T11355]  ? __copy_skb_header+0xa7/0x550
[  428.958158][T11355]  netlink_rcv_skb+0x216/0x480
[  428.963006][T11355]  ? rtnetlink_bind+0x80/0x80
[  428.967872][T11355]  ? netlink_ack+0x1110/0x1110
[  428.972850][T11355]  ? __lock_acquire+0x7c80/0x7c80
[  428.978048][T11355]  ? netlink_deliver_tap+0x2e/0x1b0
[  428.983793][T11355]  netlink_unicast+0x751/0x8d0
[  428.988954][T11355]  netlink_sendmsg+0x8c1/0xbe0
[  428.994458][T11355]  ? netlink_getsockopt+0x580/0x580
[  428.999787][T11355]  ? aa_sock_msg_perm+0x94/0x150
[  429.004950][T11355]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  429.010380][T11355]  ? security_socket_sendmsg+0x80/0xa0
[  429.016253][T11355]  ? netlink_getsockopt+0x580/0x580
[  429.021509][T11355]  ____sys_sendmsg+0x5bf/0x950
[  429.026473][T11355]  ? __asan_memset+0x22/0x40
[  429.031296][T11355]  ? __sys_sendmsg_sock+0x30/0x30
[  429.036758][T11355]  ? __import_iovec+0x5f2/0x860
[  429.042237][T11355]  ? import_iovec+0x73/0xa0
[  429.047121][T11355]  ___sys_sendmsg+0x220/0x290
[  429.051974][T11355]  ? __sys_sendmsg+0x270/0x270
[  429.057157][T11355]  ? __lock_acquire+0x7c80/0x7c80
[  429.062508][T11355]  __se_sys_sendmsg+0x1a5/0x270
[  429.067581][T11355]  ? __x64_sys_sendmsg+0x80/0x80
[  429.072871][T11355]  ? trace_sys_enter+0x1f/0x80
[  429.077885][T11355]  do_syscall_64+0x55/0xb0
[  429.082463][T11355]  ? clear_bhb_loop+0x40/0x90
[  429.087389][T11355]  ? clear_bhb_loop+0x40/0x90
[  429.092213][T11355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  429.098151][T11355] RIP: 0033:0x7f9768b8eec9
[  429.103166][T11355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.125785][T11355] RSP: 002b:00007f9769a16038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  429.134451][T11355] RAX: ffffffffffffffda RBX: 00007f9768de5fa0 RCX: 00007f9768b8eec9
[  429.142501][T11355] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[  429.150776][T11355] RBP: 00007f9769a16090 R08: 0000000000000000 R09: 0000000000000000
[  429.159631][T11355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.168196][T11355] R13: 00007f9768de6038 R14: 00007f9768de5fa0 R15: 00007ffd24f74cf8
[  429.176579][T11355]  </TASK>
[  429.315472][T11360] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2022'.
[  429.464720][T11363] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2024'.
[  429.575013][T11363] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2024'.
[  429.618614][T11376] FAULT_INJECTION: forcing a failure.
[  429.618614][T11376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.632719][T11376] CPU: 1 PID: 11376 Comm: syz.0.2029 Not tainted syzkaller #0
[  429.640427][T11376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  429.650807][T11376] Call Trace:
[  429.654157][T11376]  <TASK>
[  429.657234][T11376]  dump_stack_lvl+0x16c/0x230
[  429.662151][T11376]  ? show_regs_print_info+0x20/0x20
[  429.667499][T11376]  ? load_image+0x3b0/0x3b0
[  429.672048][T11376]  ? __lock_acquire+0x7c80/0x7c80
[  429.677187][T11376]  ? snprintf+0xdb/0x120
[  429.681495][T11376]  should_fail_ex+0x39d/0x4d0
[  429.686391][T11376]  _copy_to_user+0x2f/0xa0
[  429.690932][T11376]  simple_read_from_buffer+0xe7/0x150
[  429.696695][T11376]  proc_fail_nth_read+0x1e3/0x250
[  429.701868][T11376]  ? proc_fault_inject_write+0x340/0x340
[  429.707583][T11376]  ? fsnotify_perm+0x271/0x5e0
[  429.712484][T11376]  ? proc_fault_inject_write+0x340/0x340
[  429.718283][T11376]  vfs_read+0x27e/0x920
[  429.722479][T11376]  ? kernel_read+0x1e0/0x1e0
[  429.727112][T11376]  ? __fget_files+0x28/0x4d0
[  429.731728][T11376]  ? __fget_files+0x44a/0x4d0
[  429.736457][T11376]  ? __fdget_pos+0x2a3/0x330
[  429.741498][T11376]  ? ksys_read+0x75/0x250
[  429.745955][T11376]  ksys_read+0x147/0x250
[  429.750340][T11376]  ? vfs_write+0x940/0x940
[  429.754789][T11376]  ? trace_sys_enter+0x1f/0x80
[  429.759602][T11376]  do_syscall_64+0x55/0xb0
[  429.764261][T11376]  ? clear_bhb_loop+0x40/0x90
[  429.769018][T11376]  ? clear_bhb_loop+0x40/0x90
[  429.773748][T11376]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  429.779673][T11376] RIP: 0033:0x7f9768b8d8dc
[  429.784120][T11376] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  429.804452][T11376] RSP: 002b:00007f9769a16030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  429.813124][T11376] RAX: ffffffffffffffda RBX: 00007f9768de5fa0 RCX: 00007f9768b8d8dc
[  429.821871][T11376] RDX: 000000000000000f RSI: 00007f9769a160a0 RDI: 0000000000000003
[  429.831047][T11376] RBP: 00007f9769a16090 R08: 0000000000000000 R09: 0000000000000000
[  429.841056][T11376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.849215][T11376] R13: 00007f9768de6038 R14: 00007f9768de5fa0 R15: 00007ffd24f74cf8
[  429.857928][T11376]  </TASK>
[  429.991442][T11381] FAULT_INJECTION: forcing a failure.
[  429.991442][T11381] name failslab, interval 1, probability 0, space 0, times 0
[  430.009304][T11381] CPU: 0 PID: 11381 Comm: syz.0.2031 Not tainted syzkaller #0
[  430.017482][T11381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  430.027845][T11381] Call Trace:
[  430.031181][T11381]  <TASK>
[  430.034473][T11381]  dump_stack_lvl+0x16c/0x230
[  430.039668][T11381]  ? show_regs_print_info+0x20/0x20
[  430.045588][T11381]  ? load_image+0x3b0/0x3b0
[  430.050420][T11381]  ? __might_sleep+0xe0/0xe0
[  430.055073][T11381]  ? __lock_acquire+0x7c80/0x7c80
[  430.060616][T11381]  should_fail_ex+0x39d/0x4d0
[  430.065579][T11381]  should_failslab+0x9/0x20
[  430.070671][T11381]  slab_pre_alloc_hook+0x59/0x310
[  430.076381][T11381]  ? page_pool_create+0x71/0x5e0
[  430.081656][T11381]  __kmem_cache_alloc_node+0x53/0x260
[  430.087373][T11381]  ? page_pool_create+0x71/0x5e0
[  430.092791][T11381]  kmalloc_node_trace+0x26/0xe0
[  430.098171][T11381]  page_pool_create+0x71/0x5e0
[  430.103089][T11381]  bpf_test_run_xdp_live+0x1c1/0x1a20
[  430.108872][T11381]  ? bpf_dispatcher_change_prog+0xa76/0xcc0
[  430.116141][T11381]  ? __might_fault+0xaa/0x120
[  430.121563][T11381]  ? xdp_convert_md_to_buff+0x330/0x330
[  430.127466][T11381]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  430.135982][T11381]  ? xdp_convert_md_to_buff+0x5b/0x330
[  430.141773][T11381]  bpf_prog_test_run_xdp+0x76c/0xfa0
[  430.147682][T11381]  ? lockdep_hardirqs_on+0x98/0x150
[  430.153342][T11381]  ? dev_put+0x80/0x80
[  430.157698][T11381]  ? __fdget+0x19b/0x210
[  430.162275][T11381]  ? dev_put+0x80/0x80
[  430.166580][T11381]  bpf_prog_test_run+0x321/0x390
[  430.171585][T11381]  __sys_bpf+0x440/0x800
[  430.175975][T11381]  ? bpf_link_show_fdinfo+0x350/0x350
[  430.181763][T11381]  ? lock_chain_count+0x20/0x20
[  430.187128][T11381]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  430.193531][T11381]  __x64_sys_bpf+0x7c/0x90
[  430.198006][T11381]  do_syscall_64+0x55/0xb0
[  430.203019][T11381]  ? clear_bhb_loop+0x40/0x90
[  430.207785][T11381]  ? clear_bhb_loop+0x40/0x90
[  430.212831][T11381]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  430.219167][T11381] RIP: 0033:0x7f9768b8eec9
[  430.223976][T11381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.245634][T11381] RSP: 002b:00007f9769a16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  430.255145][T11381] RAX: ffffffffffffffda RBX: 00007f9768de5fa0 RCX: 00007f9768b8eec9
[  430.264044][T11381] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  430.272888][T11381] RBP: 00007f9769a16090 R08: 0000000000000000 R09: 0000000000000000
[  430.281404][T11381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.290387][T11381] R13: 00007f9768de6038 R14: 00007f9768de5fa0 R15: 00007ffd24f74cf8
[  430.298840][T11381]  </TASK>
[  431.486128][T11409] FAULT_INJECTION: forcing a failure.
[  431.486128][T11409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.500825][T11409] CPU: 1 PID: 11409 Comm: syz.3.2044 Not tainted syzkaller #0
[  431.508532][T11409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  431.518730][T11409] Call Trace:
[  431.522182][T11409]  <TASK>
[  431.525177][T11409]  dump_stack_lvl+0x16c/0x230
[  431.530450][T11409]  ? show_regs_print_info+0x20/0x20
[  431.535793][T11409]  ? load_image+0x3b0/0x3b0
[  431.540466][T11409]  ? __lock_acquire+0x7c80/0x7c80
[  431.545613][T11409]  ? snprintf+0xdb/0x120
[  431.549887][T11409]  should_fail_ex+0x39d/0x4d0
[  431.554848][T11409]  _copy_to_user+0x2f/0xa0
[  431.559481][T11409]  simple_read_from_buffer+0xe7/0x150
[  431.565314][T11409]  proc_fail_nth_read+0x1e3/0x250
[  431.570582][T11409]  ? proc_fault_inject_write+0x340/0x340
[  431.576466][T11409]  ? fsnotify_perm+0x271/0x5e0
[  431.581632][T11409]  ? proc_fault_inject_write+0x340/0x340
[  431.587834][T11409]  vfs_read+0x27e/0x920
[  431.592153][T11409]  ? kernel_read+0x1e0/0x1e0
[  431.597346][T11409]  ? __fget_files+0x28/0x4d0
[  431.601995][T11409]  ? __fget_files+0x44a/0x4d0
[  431.606819][T11409]  ? __fdget_pos+0x2a3/0x330
[  431.611465][T11409]  ? ksys_read+0x75/0x250
[  431.616090][T11409]  ksys_read+0x147/0x250
[  431.620366][T11409]  ? vfs_write+0x940/0x940
[  431.625167][T11409]  ? trace_sys_enter+0x1f/0x80
[  431.630014][T11409]  do_syscall_64+0x55/0xb0
[  431.634486][T11409]  ? clear_bhb_loop+0x40/0x90
[  431.639197][T11409]  ? clear_bhb_loop+0x40/0x90
[  431.643939][T11409]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  431.649879][T11409] RIP: 0033:0x7f82ba18d8dc
[  431.654331][T11409] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  431.674418][T11409] RSP: 002b:00007f82bafc3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  431.683318][T11409] RAX: ffffffffffffffda RBX: 00007f82ba3e5fa0 RCX: 00007f82ba18d8dc
[  431.691741][T11409] RDX: 000000000000000f RSI: 00007f82bafc30a0 RDI: 0000000000000004
[  431.699865][T11409] RBP: 00007f82bafc3090 R08: 0000000000000000 R09: 0000000000000000
[  431.708819][T11409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.718133][T11409] R13: 00007f82ba3e6038 R14: 00007f82ba3e5fa0 R15: 00007fff142cb7a8
[  431.727349][T11409]  </TASK>
[  431.770190][T11406] __nla_validate_parse: 3 callbacks suppressed
[  431.770228][T11406] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2041'.
[  431.841250][T11413] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2045'.
[  431.903318][T11406] validate_nla: 5 callbacks suppressed
[  431.903414][T11406] netlink: 'syz.2.2041': attribute type 29 has an invalid length.
[  431.964710][T11406] netlink: 'syz.2.2041': attribute type 29 has an invalid length.
[  431.982082][T11414] netlink: 'syz.2.2041': attribute type 29 has an invalid length.
[  431.993193][T11415] netlink: 'syz.2.2041': attribute type 29 has an invalid length.
[  432.501388][T11432] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2054'.
[  433.110029][T11455] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2064'.
[  433.660247][T11467] tap0: tun_chr_ioctl cmd 1074025677
[  433.666381][T11467] tap0: linktype set to 805
[  433.807625][T11473] FAULT_INJECTION: forcing a failure.
[  433.807625][T11473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.829366][T11473] CPU: 0 PID: 11473 Comm: syz.2.2073 Not tainted syzkaller #0
[  433.837092][T11473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  433.847459][T11473] Call Trace:
[  433.850782][T11473]  <TASK>
[  433.853764][T11473]  dump_stack_lvl+0x16c/0x230
[  433.858505][T11473]  ? show_regs_print_info+0x20/0x20
[  433.864207][T11473]  ? load_image+0x3b0/0x3b0
[  433.869199][T11473]  ? __might_fault+0xaa/0x120
[  433.873945][T11473]  ? __lock_acquire+0x7c80/0x7c80
[  433.879296][T11473]  should_fail_ex+0x39d/0x4d0
[  433.884227][T11473]  _copy_from_user+0x2f/0xe0
[  433.889571][T11473]  __sys_bpf+0x1e9/0x800
[  433.894051][T11473]  ? bpf_link_show_fdinfo+0x350/0x350
[  433.899586][T11473]  ? lock_chain_count+0x20/0x20
[  433.904504][T11473]  __x64_sys_bpf+0x7c/0x90
[  433.909138][T11473]  do_syscall_64+0x55/0xb0
[  433.913958][T11473]  ? clear_bhb_loop+0x40/0x90
[  433.918931][T11473]  ? clear_bhb_loop+0x40/0x90
[  433.923788][T11473]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  433.930429][T11473] RIP: 0033:0x7f30b138eec9
[  433.935278][T11473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.955278][T11473] RSP: 002b:00007f30b22c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  433.963868][T11473] RAX: ffffffffffffffda RBX: 00007f30b15e5fa0 RCX: 00007f30b138eec9
[  433.972061][T11473] RDX: 0000000000000020 RSI: 0000200000000bc0 RDI: 0000000000000008
[  433.980374][T11473] RBP: 00007f30b22c4090 R08: 0000000000000000 R09: 0000000000000000
[  433.988477][T11473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.996743][T11473] R13: 00007f30b15e6038 R14: 00007f30b15e5fa0 R15: 00007ffc13bc6ea8
[  434.004938][T11473]  </TASK>
[  434.033016][T11478] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2074'.
[  434.179131][T11482] netlink: 'syz.2.2075': attribute type 58 has an invalid length.
[  434.188052][T11482] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2075'.
[  434.259874][T11483] netlink: 'syz.2.2075': attribute type 3 has an invalid length.
[  434.268899][T11483] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2075'.
[  434.520293][T11482] netlink: 'syz.2.2075': attribute type 27 has an invalid length.
[  434.924232][T11497] netlink: 'syz.1.2087': attribute type 58 has an invalid length.
[  434.933112][T11497] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2087'.
[  434.953651][T11497] netlink: 'syz.1.2087': attribute type 3 has an invalid length.
[  434.962939][T11497] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2087'.
[  434.984143][T11497] netlink: 'syz.1.2087': attribute type 27 has an invalid length.
[  435.289040][T11507] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2084'.
[  437.056407][T11563] __nla_validate_parse: 7 callbacks suppressed
[  437.064939][T11563] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2109'.
[  437.154997][T11567] validate_nla: 10 callbacks suppressed
[  437.155019][T11567] netlink: 'syz.2.2111': attribute type 58 has an invalid length.
[  437.172517][T11567] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2111'.
[  437.213542][T11569] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2112'.
[  437.239280][T11567] netlink: 'syz.2.2111': attribute type 3 has an invalid length.
[  437.266330][T11567] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2111'.
[  437.313662][T11569] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2112'.
[  437.371513][T11569] netlink: 'syz.0.2112': attribute type 29 has an invalid length.
[  437.419308][T11569] netlink: 'syz.0.2112': attribute type 29 has an invalid length.
[  437.464087][T11567] netlink: 'syz.2.2111': attribute type 27 has an invalid length.
[  437.481637][T11573] netlink: 'syz.0.2112': attribute type 29 has an invalid length.
[  437.514398][T11569] netlink: 'syz.0.2112': attribute type 29 has an invalid length.
[  438.468043][T11604] netlink: 'syz.0.2123': attribute type 3 has an invalid length.
[  438.476339][T11604] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2123'.
[  440.151889][T11596] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2120'.
[  440.166964][T11603] netlink: 'syz.0.2123': attribute type 58 has an invalid length.
[  440.185995][T11603] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2123'.
[  440.216363][T11604] netlink: 'syz.0.2123': attribute type 27 has an invalid length.
[  440.349855][T11613] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2126'.
[  440.422630][T11613] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2126'.
[  440.889145][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  440.897110][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  443.982983][T11664] validate_nla: 10 callbacks suppressed
[  443.983005][T11664] netlink: 'syz.3.2146': attribute type 4 has an invalid length.
[  444.019914][T11664] __nla_validate_parse: 5 callbacks suppressed
[  444.019933][T11664] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2146'.
[  445.864584][T11661] netlink: 'syz.3.2146': attribute type 10 has an invalid length.
[  445.888373][T11661] team0: left allmulticast mode
[  445.893497][T11661] team_slave_0: left allmulticast mode
[  445.899189][T11661] team_slave_1: left allmulticast mode
[  445.904734][T11661] geneve1: left allmulticast mode
[  445.912115][T11661] team0: left promiscuous mode
[  445.917299][T11661] team_slave_0: left promiscuous mode
[  445.923067][T11661] team_slave_1: left promiscuous mode
[  445.929049][T11661] geneve1: left promiscuous mode
[  445.934632][T11661] bridge0: port 3(team0) entered disabled state
[  445.946803][T11665] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2144'.
[  446.052640][T11674] netlink: 'syz.0.2149': attribute type 58 has an invalid length.
[  446.061495][T11674] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2149'.
[  446.110788][T11676] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2151'.
[  446.138985][T11674] netlink: 'syz.0.2149': attribute type 3 has an invalid length.
[  446.157019][T11676] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2151'.
[  446.162911][T11674] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2149'.
[  446.191561][T11676] netlink: 'syz.2.2151': attribute type 29 has an invalid length.
[  446.217537][T11676] netlink: 'syz.2.2151': attribute type 29 has an invalid length.
[  446.242035][T11674] netlink: 'syz.0.2149': attribute type 27 has an invalid length.
[  446.252192][T11679] netlink: 'syz.2.2151': attribute type 29 has an invalid length.
[  446.274262][T11676] netlink: 'syz.2.2151': attribute type 29 has an invalid length.
[  446.402442][T11685] netlink: 'syz.0.2161': attribute type 58 has an invalid length.
[  446.437908][T11685] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2161'.
[  446.515788][T11685] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2161'.
[  446.601098][T11694] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2156'.
[  446.937541][T11705] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2159'.
[  449.027895][T11753] validate_nla: 5 callbacks suppressed
[  449.027919][T11753] netlink: 'syz.1.2180': attribute type 58 has an invalid length.
[  449.053835][T11753] __nla_validate_parse: 3 callbacks suppressed
[  449.053854][T11753] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2180'.
[  449.075368][T11757] netlink: 'syz.0.2182': attribute type 10 has an invalid length.
[  449.093446][T11757] team_slave_0: left promiscuous mode
[  449.101596][T11757] ±ÿ: left promiscuous mode
[  449.106281][T11757] geneve1: left promiscuous mode
[  449.115103][T11757] dummy0: left promiscuous mode
[  449.142250][T11765] netlink: 'syz.1.2180': attribute type 3 has an invalid length.
[  449.147500][T11757] bond0: (slave team0): Releasing backup interface
[  449.155072][T11765] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2180'.
[  449.192725][T11757] batman_adv: batadv0: Adding interface: team0
[  449.225357][T11757] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  449.292724][T11757] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  449.335939][T11765] netlink: 'syz.1.2180': attribute type 27 has an invalid length.
[  449.401778][ T5792] Bluetooth: hci1: unexpected event 0x08 length: 15 > 4
[  449.420853][T11757] netlink: 'syz.0.2182': attribute type 4 has an invalid length.
[  449.440802][T11757] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2182'.
[  449.659972][T11774] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2186'.
[  450.447728][T11786] FAULT_INJECTION: forcing a failure.
[  450.447728][T11786] name failslab, interval 1, probability 0, space 0, times 0
[  450.473014][T11797] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2195'.
[  450.499555][T11786] CPU: 1 PID: 11786 Comm: syz.3.2192 Not tainted syzkaller #0
[  450.507298][T11786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  450.517759][T11786] Call Trace:
[  450.521197][T11786]  <TASK>
[  450.524310][T11786]  dump_stack_lvl+0x16c/0x230
[  450.529577][T11786]  ? show_regs_print_info+0x20/0x20
[  450.534848][T11786]  ? load_image+0x3b0/0x3b0
[  450.539408][T11786]  ? lockdep_hardirqs_on+0x98/0x150
[  450.544945][T11786]  ? __might_sleep+0xe0/0xe0
[  450.549958][T11786]  should_fail_ex+0x39d/0x4d0
[  450.555016][T11786]  should_failslab+0x9/0x20
[  450.559674][T11786]  slab_pre_alloc_hook+0x59/0x310
[  450.564786][T11786]  ? __lock_acquire+0x7c80/0x7c80
[  450.569901][T11786]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  450.576028][T11786]  ? dev_ethtool+0x11b/0x1720
[  450.580781][T11786]  __kmem_cache_alloc_node+0x53/0x260
[  450.586838][T11786]  ? __might_fault+0xaa/0x120
[  450.591575][T11786]  ? dev_ethtool+0x11b/0x1720
[  450.596581][T11786]  kmalloc_trace+0x2a/0xe0
[  450.601062][T11786]  dev_ethtool+0x11b/0x1720
[  450.605631][T11786]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  450.612038][T11786]  ? __lock_acquire+0x7c80/0x7c80
[  450.617124][T11786]  ? full_name_hash+0x27/0xe0
[  450.621955][T11786]  ? full_name_hash+0x92/0xe0
[  450.627068][T11786]  ? dev_load+0x21/0x1f0
[  450.631376][T11786]  dev_ioctl+0x4ca/0x1170
[  450.635775][T11786]  sock_do_ioctl+0x226/0x2f0
[  450.640517][T11786]  ? sock_show_fdinfo+0xb0/0xb0
[  450.645602][T11786]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  450.651839][T11786]  ? lock_chain_count+0x20/0x20
[  450.656936][T11786]  sock_ioctl+0x623/0x7a0
[  450.661432][T11786]  ? sock_poll+0x3d0/0x3d0
[  450.665921][T11786]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  450.672236][T11786]  ? sock_poll+0x3d0/0x3d0
[  450.676990][T11786]  __se_sys_ioctl+0xfd/0x170
[  450.681742][T11786]  do_syscall_64+0x55/0xb0
[  450.686306][T11786]  ? clear_bhb_loop+0x40/0x90
[  450.691045][T11786]  ? clear_bhb_loop+0x40/0x90
[  450.695786][T11786]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  450.701745][T11786] RIP: 0033:0x7f82ba18eec9
[  450.706215][T11786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.726282][T11786] RSP: 002b:00007f82bafc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  450.735017][T11786] RAX: ffffffffffffffda RBX: 00007f82ba3e5fa0 RCX: 00007f82ba18eec9
[  450.743219][T11786] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000026
[  450.751426][T11786] RBP: 00007f82bafc3090 R08: 0000000000000000 R09: 0000000000000000
[  450.759453][T11786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.767731][T11786] R13: 00007f82ba3e6038 R14: 00007f82ba3e5fa0 R15: 00007fff142cb7a8
[  450.776134][T11786]  </TASK>
[  450.818115][T11804] netlink: 'syz.1.2197': attribute type 58 has an invalid length.
[  450.826608][T11804] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2197'.
[  450.961706][T11806] netlink: 'syz.1.2197': attribute type 3 has an invalid length.
[  450.982204][T11806] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2197'.
[  451.274128][T11806] netlink: 'syz.1.2197': attribute type 27 has an invalid length.
[  451.413830][T11818] netlink: 'syz.2.2199': attribute type 10 has an invalid length.
[  451.552168][T11818] team0: left allmulticast mode
[  451.558137][T11818] ±ÿ: left allmulticast mode
[  451.562860][T11818] geneve1: left allmulticast mode
[  451.569293][T11818] mac80211_hwsim hwsim7 wlan1: left allmulticast mode
[  451.578813][T11818] team0: left promiscuous mode
[  451.594870][T11821] netlink: 'syz.2.2199': attribute type 4 has an invalid length.
[  451.605878][T11818] team_slave_0: left promiscuous mode
[  451.611734][T11821] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2199'.
[  451.624556][T11818] ±ÿ: left promiscuous mode
[  451.642776][T11818] geneve1: left promiscuous mode
[  451.651137][T11818] mac80211_hwsim hwsim7 wlan1: left promiscuous mode
[  451.661011][T11818] bridge0: port 3(team0) entered disabled state
[  451.985246][T11835] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2205'.
[  452.368127][ T5792] Bluetooth: hci2: unexpected event 0x08 length: 15 > 4
[  452.394496][T11841] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2209'.
[  452.985588][T11859] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  453.150094][T11863] team0: left promiscuous mode
[  453.154981][T11863] team_slave_0: left promiscuous mode
[  453.180597][T11863] team_slave_1: left promiscuous mode
[  453.194798][T11863] geneve1: left promiscuous mode
[  454.332084][T11884] __nla_validate_parse: 7 callbacks suppressed
[  454.332106][T11884] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2229'.
[  454.352481][T11886] validate_nla: 15 callbacks suppressed
[  454.352499][T11886] netlink: 'syz.2.2227': attribute type 58 has an invalid length.
[  454.372212][T11886] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2227'.
[  454.430534][T11886] netlink: 'syz.2.2227': attribute type 3 has an invalid length.
[  454.450373][T11886] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2227'.
[  454.496160][T11886] netlink: 'syz.2.2227': attribute type 27 has an invalid length.
[  454.573390][T11889] A link change request failed with some changes committed already. Interface Q±6ã×\b‹¡Y­4�� may have been left with an inconsistent configuration, please check.
[  455.120228][T11912] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2241'.
[  455.764710][T11917] bridge_slave_1: left allmulticast mode
[  455.788207][T11917] bridge_slave_1: left promiscuous mode
[  455.940164][T11917] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.302061][T11917] bridge_slave_0: left allmulticast mode
[  456.308267][T11917] bridge_slave_0: left promiscuous mode
[  456.315794][T11917] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.381924][T11917] bond0: (slave bridge0): Releasing backup interface
[  456.438965][T11935] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2250'.
[  456.623306][T11942] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2251'.
[  456.811183][T11942] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2251'.
[  456.952111][T11938] netlink: 'syz.3.2251': attribute type 29 has an invalid length.
[  457.014324][T11938] netlink: 'syz.3.2251': attribute type 29 has an invalid length.
[  457.075846][T11942] netlink: 'syz.3.2251': attribute type 29 has an invalid length.
[  457.139901][T11938] netlink: 'syz.3.2251': attribute type 29 has an invalid length.
[  457.874624][T11968] netlink: 'syz.3.2262': attribute type 21 has an invalid length.
[  457.893330][T11968] FAULT_INJECTION: forcing a failure.
[  457.893330][T11968] name failslab, interval 1, probability 0, space 0, times 0
[  457.898045][T11964] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2261'.
[  457.912968][T11968] CPU: 1 PID: 11968 Comm: syz.3.2262 Not tainted syzkaller #0
[  457.924151][T11968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  457.935162][T11968] Call Trace:
[  457.938700][T11968]  <TASK>
[  457.941801][T11968]  dump_stack_lvl+0x16c/0x230
[  457.946881][T11968]  ? show_regs_print_info+0x20/0x20
[  457.949539][T11971] FAULT_INJECTION: forcing a failure.
[  457.949539][T11971] name failslab, interval 1, probability 0, space 0, times 0
[  457.952178][T11968]  ? load_image+0x3b0/0x3b0
[  457.952237][T11968]  ? __might_sleep+0xe0/0xe0
[  457.952280][T11968]  ? __lock_acquire+0x7c80/0x7c80
[  457.980250][T11968]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[  457.986398][T11968]  should_fail_ex+0x39d/0x4d0
[  457.991208][T11968]  should_failslab+0x9/0x20
[  457.995825][T11968]  slab_pre_alloc_hook+0x59/0x310
[  458.001314][T11968]  kmem_cache_alloc_node+0x60/0x330
[  458.006653][T11968]  ? __alloc_skb+0x108/0x2c0
[  458.011414][T11968]  __alloc_skb+0x108/0x2c0
[  458.015983][T11968]  netlink_ack+0x376/0x1110
[  458.020675][T11968]  ? netlink_dump+0xde0/0xde0
[  458.025441][T11968]  ? perf_trace_lock+0x2ed/0x380
[  458.030609][T11968]  ? __copy_skb_header+0xa7/0x550
[  458.035969][T11968]  netlink_rcv_skb+0x29a/0x480
[  458.041372][T11968]  ? rtnetlink_bind+0x80/0x80
[  458.046274][T11968]  ? netlink_ack+0x1110/0x1110
[  458.051238][T11968]  ? __lock_acquire+0x7c80/0x7c80
[  458.056480][T11968]  ? netlink_deliver_tap+0x2e/0x1b0
[  458.061918][T11968]  netlink_unicast+0x751/0x8d0
[  458.066990][T11968]  netlink_sendmsg+0x8c1/0xbe0
[  458.071937][T11968]  ? netlink_getsockopt+0x580/0x580
[  458.077268][T11968]  ? aa_sock_msg_perm+0x94/0x150
[  458.082423][T11968]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  458.087814][T11968]  ? security_socket_sendmsg+0x80/0xa0
[  458.093565][T11968]  ? netlink_getsockopt+0x580/0x580
[  458.098882][T11968]  ____sys_sendmsg+0x5bf/0x950
[  458.104667][T11968]  ? __asan_memset+0x22/0x40
[  458.109384][T11968]  ? __sys_sendmsg_sock+0x30/0x30
[  458.114606][T11968]  ? __import_iovec+0x5f2/0x860
[  458.119613][T11968]  ? import_iovec+0x73/0xa0
[  458.124343][T11968]  ___sys_sendmsg+0x220/0x290
[  458.129293][T11968]  ? __sys_sendmsg+0x270/0x270
[  458.134346][T11968]  ? __lock_acquire+0x7c80/0x7c80
[  458.139607][T11968]  __se_sys_sendmsg+0x1a5/0x270
[  458.144573][T11968]  ? __x64_sys_sendmsg+0x80/0x80
[  458.149712][T11968]  ? trace_sys_enter+0x1f/0x80
[  458.154607][T11968]  do_syscall_64+0x55/0xb0
[  458.159168][T11968]  ? clear_bhb_loop+0x40/0x90
[  458.164047][T11968]  ? clear_bhb_loop+0x40/0x90
[  458.169009][T11968]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  458.175260][T11968] RIP: 0033:0x7f82ba18eec9
[  458.180349][T11968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.200310][T11968] RSP: 002b:00007f82bafc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  458.209076][T11968] RAX: ffffffffffffffda RBX: 00007f82ba3e5fa0 RCX: 00007f82ba18eec9
[  458.217320][T11968] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  458.225816][T11968] RBP: 00007f82bafc3090 R08: 0000000000000000 R09: 0000000000000000
[  458.233887][T11968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.242023][T11968] R13: 00007f82ba3e6038 R14: 00007f82ba3e5fa0 R15: 00007fff142cb7a8
[  458.250145][T11968]  </TASK>
[  458.253364][T11971] CPU: 0 PID: 11971 Comm: syz.2.2263 Not tainted syzkaller #0
[  458.261321][T11971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  458.271732][T11971] Call Trace:
[  458.275203][T11971]  <TASK>
[  458.278233][T11971]  dump_stack_lvl+0x16c/0x230
[  458.283161][T11971]  ? show_regs_print_info+0x20/0x20
[  458.288487][T11971]  ? load_image+0x3b0/0x3b0
[  458.293177][T11971]  ? __might_sleep+0xe0/0xe0
[  458.298043][T11971]  ? __lock_acquire+0x7c80/0x7c80
[  458.303323][T11971]  should_fail_ex+0x39d/0x4d0
[  458.308179][T11971]  should_failslab+0x9/0x20
[  458.312852][T11971]  slab_pre_alloc_hook+0x59/0x310
[  458.318011][T11971]  ? __lock_acquire+0x7c80/0x7c80
[  458.323100][T11971]  kmem_cache_alloc_node+0x60/0x330
[  458.328468][T11971]  ? __alloc_skb+0x108/0x2c0
[  458.333142][T11971]  __alloc_skb+0x108/0x2c0
[  458.337627][T11971]  netlink_sendmsg+0x65b/0xbe0
[  458.342578][T11971]  ? netlink_getsockopt+0x580/0x580
[  458.347923][T11971]  ? aa_sock_msg_perm+0x94/0x150
[  458.353192][T11971]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  458.358700][T11971]  ? security_socket_sendmsg+0x80/0xa0
[  458.364412][T11971]  ? netlink_getsockopt+0x580/0x580
[  458.369749][T11971]  ____sys_sendmsg+0x5bf/0x950
[  458.374580][T11971]  ? __asan_memset+0x22/0x40
[  458.379217][T11971]  ? __sys_sendmsg_sock+0x30/0x30
[  458.384288][T11971]  ? __import_iovec+0x3fa/0x860
[  458.389320][T11971]  ? import_iovec+0x73/0xa0
[  458.393980][T11971]  ___sys_sendmsg+0x220/0x290
[  458.398728][T11971]  ? __sys_sendmsg+0x270/0x270
[  458.403695][T11971]  ? __lock_acquire+0x7c80/0x7c80
[  458.408931][T11971]  __se_sys_sendmsg+0x1a5/0x270
[  458.413880][T11971]  ? __x64_sys_sendmsg+0x80/0x80
[  458.419032][T11971]  ? trace_sys_enter+0x1f/0x80
[  458.423933][T11971]  do_syscall_64+0x55/0xb0
[  458.428519][T11971]  ? clear_bhb_loop+0x40/0x90
[  458.433256][T11971]  ? clear_bhb_loop+0x40/0x90
[  458.438001][T11971]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  458.444061][T11971] RIP: 0033:0x7f30b138eec9
[  458.448568][T11971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.468499][T11971] RSP: 002b:00007f30b22a3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  458.477069][T11971] RAX: ffffffffffffffda RBX: 00007f30b15e6090 RCX: 00007f30b138eec9
[  458.485314][T11971] RDX: 0000000000008080 RSI: 0000200000000940 RDI: 0000000000000007
[  458.493388][T11971] RBP: 00007f30b22a3090 R08: 0000000000000000 R09: 0000000000000000
[  458.501452][T11971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.509779][T11971] R13: 00007f30b15e6128 R14: 00007f30b15e6090 R15: 00007ffc13bc6ea8
[  458.518197][T11971]  </TASK>
[  458.706581][T11973] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2265'.
[  458.798674][T11973] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2265'.
[  458.859993][T11973] netlink: 'syz.1.2265': attribute type 29 has an invalid length.
[  458.892444][T11973] netlink: 'syz.1.2265': attribute type 29 has an invalid length.
[  459.269574][ T5792] Bluetooth: hci2: unexpected event 0x08 length: 15 > 4
[  459.384243][T11991] __nla_validate_parse: 4 callbacks suppressed
[  459.384266][T11991] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2274'.
[  459.648789][T12003] validate_nla: 8 callbacks suppressed
[  459.648811][T12003] netlink: 'syz.2.2278': attribute type 21 has an invalid length.
[  459.804670][T12005] netlink: 'syz.3.2279': attribute type 58 has an invalid length.
[  459.813448][T12005] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2279'.
[  459.835997][T12005] netlink: 'syz.3.2279': attribute type 3 has an invalid length.
[  459.856806][T12005] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2279'.
[  460.174838][T12005] netlink: 'syz.3.2279': attribute type 27 has an invalid length.
[  460.608746][T12015] bridge_slave_1: left allmulticast mode
[  460.628885][T12015] bridge_slave_1: left promiscuous mode
[  460.673064][T12015] bridge0: port 2(bridge_slave_1) entered disabled state
[  460.829689][ T5792] Bluetooth: hci0: unexpected event 0x07 length: 15 < 255
[  460.860526][T12015] bridge_slave_0: left allmulticast mode
[  460.870635][T12015] bridge_slave_0: left promiscuous mode
[  460.909918][T12015] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.117692][T12015] bond0: (slave bridge0): Releasing backup interface
[  461.170394][T12025] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2286'.
[  461.265954][T12028] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2287'.
[  461.377177][T12030] netlink: 'syz.1.2288': attribute type 21 has an invalid length.
[  462.224814][T12051] FAULT_INJECTION: forcing a failure.
[  462.224814][T12051] name failslab, interval 1, probability 0, space 0, times 0
[  462.258011][T12051] CPU: 1 PID: 12051 Comm: syz.2.2298 Not tainted syzkaller #0
[  462.265658][T12051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  462.276213][T12051] Call Trace:
[  462.279805][T12051]  <TASK>
[  462.282910][T12051]  dump_stack_lvl+0x16c/0x230
[  462.287947][T12051]  ? show_regs_print_info+0x20/0x20
[  462.293214][T12051]  ? load_image+0x3b0/0x3b0
[  462.298002][T12051]  ? __might_sleep+0xe0/0xe0
[  462.303582][T12051]  ? __lock_acquire+0x7c80/0x7c80
[  462.309033][T12051]  should_fail_ex+0x39d/0x4d0
[  462.313979][T12051]  should_failslab+0x9/0x20
[  462.318551][T12051]  slab_pre_alloc_hook+0x59/0x310
[  462.323626][T12051]  ? tomoyo_encode+0x28b/0x540
[  462.328534][T12051]  ? tomoyo_encode+0x28b/0x540
[  462.333458][T12051]  __kmem_cache_alloc_node+0x53/0x260
[  462.338964][T12051]  ? tomoyo_encode+0x28b/0x540
[  462.344230][T12051]  __kmalloc+0xa4/0x240
[  462.349056][T12051]  tomoyo_encode+0x28b/0x540
[  462.354104][T12051]  tomoyo_realpath_from_path+0x592/0x5d0
[  462.359887][T12051]  tomoyo_path_number_perm+0x1ea/0x590
[  462.365565][T12051]  ? tomoyo_path_number_perm+0x1ba/0x590
[  462.371497][T12051]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  462.376987][T12051]  ? ksys_write+0x1c1/0x250
[  462.381650][T12051]  ? __fget_files+0x28/0x4d0
[  462.386322][T12051]  security_file_ioctl+0x70/0xa0
[  462.391621][T12051]  __se_sys_ioctl+0x48/0x170
[  462.396479][T12051]  do_syscall_64+0x55/0xb0
[  462.401181][T12051]  ? clear_bhb_loop+0x40/0x90
[  462.405905][T12051]  ? clear_bhb_loop+0x40/0x90
[  462.410647][T12051]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  462.416574][T12051] RIP: 0033:0x7f30b138eec9
[  462.421027][T12051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.441205][T12051] RSP: 002b:00007f30b22c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  462.449794][T12051] RAX: ffffffffffffffda RBX: 00007f30b15e5fa0 RCX: 00007f30b138eec9
[  462.457884][T12051] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000004
[  462.466175][T12051] RBP: 00007f30b22c4090 R08: 0000000000000000 R09: 0000000000000000
[  462.474302][T12051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.482568][T12051] R13: 00007f30b15e6038 R14: 00007f30b15e5fa0 R15: 00007ffc13bc6ea8
[  462.490680][T12051]  </TASK>
[  462.582231][T12051] ERROR: Out of memory at tomoyo_realpath_from_path.
[  462.623387][T12050] netlink: 763 bytes leftover after parsing attributes in process `syz.3.2297'.
[  462.983222][T12063] netlink: 'syz.3.2300': attribute type 21 has an invalid length.
[  463.762771][T12080] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2304'.
[  463.922125][T12080] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2304'.
[  463.956037][T12080] netlink: 'syz.3.2304': attribute type 29 has an invalid length.
[  463.970310][T12080] netlink: 'syz.3.2304': attribute type 29 has an invalid length.
[  463.990427][T12080] netlink: 'syz.3.2304': attribute type 29 has an invalid length.
[  464.007356][T12080] netlink: 'syz.3.2304': attribute type 29 has an invalid length.
[  464.153273][T12088] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2310'.
[  464.412189][T12104] FAULT_INJECTION: forcing a failure.
[  464.412189][T12104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  464.429425][T12104] CPU: 1 PID: 12104 Comm: syz.1.2315 Not tainted syzkaller #0
[  464.437606][T12104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  464.447890][T12104] Call Trace:
[  464.451221][T12104]  <TASK>
[  464.454260][T12104]  dump_stack_lvl+0x16c/0x230
[  464.459020][T12104]  ? show_regs_print_info+0x20/0x20
[  464.464377][T12104]  ? load_image+0x3b0/0x3b0
[  464.469200][T12104]  ? __might_fault+0xaa/0x120
[  464.473937][T12104]  ? __lock_acquire+0x7c80/0x7c80
[  464.479203][T12104]  should_fail_ex+0x39d/0x4d0
[  464.483944][T12104]  _copy_from_iter+0x1d3/0x1290
[  464.488909][T12104]  ? __virt_addr_valid+0x18c/0x540
[  464.494177][T12104]  ? __lock_acquire+0x7c80/0x7c80
[  464.499377][T12104]  ? copyout_mc+0x70/0x70
[  464.503872][T12104]  ? __virt_addr_valid+0x18c/0x540
[  464.509138][T12104]  ? __virt_addr_valid+0x18c/0x540
[  464.514304][T12104]  ? __virt_addr_valid+0x469/0x540
[  464.519453][T12104]  ? __check_object_size+0x506/0xa30
[  464.524878][T12104]  kernfs_fop_write_iter+0x1a4/0x520
[  464.530213][T12104]  vfs_write+0x43b/0x940
[  464.535012][T12104]  ? file_end_write+0x250/0x250
[  464.539892][T12104]  ? __fget_files+0x44a/0x4d0
[  464.544812][T12104]  ? __fdget_pos+0x2a3/0x330
[  464.549570][T12104]  ? ksys_write+0x75/0x250
[  464.554078][T12104]  ksys_write+0x147/0x250
[  464.558472][T12104]  ? __ia32_sys_read+0x90/0x90
[  464.563294][T12104]  ? trace_sys_enter+0x1f/0x80
[  464.568092][T12104]  do_syscall_64+0x55/0xb0
[  464.572677][T12104]  ? clear_bhb_loop+0x40/0x90
[  464.577462][T12104]  ? clear_bhb_loop+0x40/0x90
[  464.582170][T12104]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.588176][T12104] RIP: 0033:0x7f028698eec9
[  464.592881][T12104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.612791][T12104] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  464.621421][T12104] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  464.629684][T12104] RDX: 000000000000000a RSI: 0000200000000000 RDI: 0000000000000004
[  464.637672][T12104] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  464.646033][T12104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.654152][T12104] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  464.662545][T12104]  </TASK>
[  464.869347][T12111] netlink: 'syz.0.2317': attribute type 10 has an invalid length.
[  464.878660][T12111] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2317'.
[  464.893834][T12111] team0: entered promiscuous mode
[  464.915729][T12111] team_slave_0: entered promiscuous mode
[  464.924061][T12111] ±ÿ: entered promiscuous mode
[  464.938159][T12111] geneve1: entered promiscuous mode
[  464.944601][T12111] dummy0: entered promiscuous mode
[  464.965338][T12111] team0: entered allmulticast mode
[  464.979590][T12111] team_slave_0: entered allmulticast mode
[  464.986134][T12111] ±ÿ: entered allmulticast mode
[  464.992132][T12111] geneve1: entered allmulticast mode
[  465.005932][T12111] dummy0: entered allmulticast mode
[  465.016271][T12111] 8021q: adding VLAN 0 to HW filter on device team0
[  465.024955][T12111] batman_adv: batadv0: Interface activated: team0
[  465.038348][T12111] batman_adv: batadv0: Interface deactivated: team0
[  465.045458][T12111] batman_adv: batadv0: Removing interface: team0
[  465.063678][T12111] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  465.105758][T12107] tun0: tun_chr_ioctl cmd 1074025677
[  465.145758][T12107] tun0: linktype set to 776
[  465.383323][T12121] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2321'.
[  465.488242][T12121] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2321'.
[  465.581993][T12121] netlink: 'syz.3.2321': attribute type 29 has an invalid length.
[  465.612411][T12121] netlink: 'syz.3.2321': attribute type 29 has an invalid length.
[  465.658070][T12131] netlink: 'syz.3.2321': attribute type 29 has an invalid length.
[  465.668921][T12132] netlink: 'syz.3.2321': attribute type 29 has an invalid length.
[  466.090002][T12142] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2329'.
[  466.542361][T12154] netlink: 'syz.0.2333': attribute type 2 has an invalid length.
[  467.032449][   T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  467.047683][   T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  467.063588][   T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  467.074664][   T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  467.089248][   T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  467.099068][   T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  467.187027][ T3438] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.294403][ T3438] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.340452][T12164] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2336'.
[  467.391919][T12164] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2336'.
[  467.461006][T12164] netlink: 'syz.2.2336': attribute type 29 has an invalid length.
[  467.473929][ T3438] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.513073][T12164] netlink: 'syz.2.2336': attribute type 29 has an invalid length.
[  467.566081][T12169] netlink: 'syz.1.2338': attribute type 1 has an invalid length.
[  467.590939][T12169] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.2338'.
[  467.605375][ T3438] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.629137][T12165] netlink: 'syz.2.2336': attribute type 29 has an invalid length.
[  467.646144][T12173] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2339'.
[  467.892773][T12159] chnl_net:caif_netlink_parms(): no params data found
[  468.755759][T12197] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2344'.
[  468.821826][T12206] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2347'.
[  468.833649][T12197] team0: entered promiscuous mode
[  468.842653][T12197] team_slave_0: entered promiscuous mode
[  468.858262][T12197] team_slave_1: entered promiscuous mode
[  468.867756][T12197] geneve1: entered promiscuous mode
[  468.874114][T12197] team0: entered allmulticast mode
[  468.885639][T12197] team_slave_0: entered allmulticast mode
[  468.898364][T12197] team_slave_1: entered allmulticast mode
[  468.935294][T12197] geneve1: entered allmulticast mode
[  468.948217][T12197] 8021q: adding VLAN 0 to HW filter on device team0
[  469.001534][T12197] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  469.182745][T12188] tun0: tun_chr_ioctl cmd 1074025677
[  469.196802][   T50] Bluetooth: hci2: command tx timeout
[  469.223064][T12188] tun0: linktype set to 776
[  469.292667][T12211] FAULT_INJECTION: forcing a failure.
[  469.292667][T12211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.317816][T12211] CPU: 0 PID: 12211 Comm: syz.0.2348 Not tainted syzkaller #0
[  469.326071][T12211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  469.336980][T12211] Call Trace:
[  469.340307][T12211]  <TASK>
[  469.343302][T12211]  dump_stack_lvl+0x16c/0x230
[  469.352502][T12211]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  469.359461][T12211]  ? show_regs_print_info+0x20/0x20
[  469.365615][T12211]  ? load_image+0x3b0/0x3b0
[  469.370543][T12211]  should_fail_ex+0x39d/0x4d0
[  469.375504][T12211]  _copy_to_user+0x2f/0xa0
[  469.380616][T12211]  simple_read_from_buffer+0xe7/0x150
[  469.386337][T12211]  proc_fail_nth_read+0x1e3/0x250
[  469.392891][T12211]  ? proc_fault_inject_write+0x340/0x340
[  469.399203][T12211]  ? fsnotify_perm+0x271/0x5e0
[  469.404379][T12211]  ? proc_fault_inject_write+0x340/0x340
[  469.410983][T12211]  vfs_read+0x27e/0x920
[  469.415399][T12211]  ? kernel_read+0x1e0/0x1e0
[  469.420044][T12211]  ? __fget_files+0x28/0x4d0
[  469.424774][T12211]  ? __fget_files+0x44a/0x4d0
[  469.430127][T12211]  ? __fdget_pos+0x2a3/0x330
[  469.434928][T12211]  ? ksys_read+0x75/0x250
[  469.439292][T12211]  ksys_read+0x147/0x250
[  469.443769][T12211]  ? vfs_write+0x940/0x940
[  469.448268][T12211]  ? trace_sys_enter+0x1f/0x80
[  469.453339][T12211]  do_syscall_64+0x55/0xb0
[  469.458012][T12211]  ? clear_bhb_loop+0x40/0x90
[  469.462939][T12211]  ? clear_bhb_loop+0x40/0x90
[  469.467863][T12211]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  469.474229][T12211] RIP: 0033:0x7f9768b8d8dc
[  469.478943][T12211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  469.499497][T12211] RSP: 002b:00007f9769a16030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  469.508444][T12211] RAX: ffffffffffffffda RBX: 00007f9768de5fa0 RCX: 00007f9768b8d8dc
[  469.516624][T12211] RDX: 000000000000000f RSI: 00007f9769a160a0 RDI: 000000000000000d
[  469.524945][T12211] RBP: 00007f9769a16090 R08: 0000000000000000 R09: 0000000000000000
[  469.533172][T12211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.541612][T12211] R13: 00007f9768de6038 R14: 00007f9768de5fa0 R15: 00007ffd24f74cf8
[  469.550097][T12211]  </TASK>
[  469.570124][T12159] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.581349][T12159] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.591452][T12159] bridge_slave_0: entered allmulticast mode
[  469.601085][T12159] bridge_slave_0: entered promiscuous mode
[  469.647350][T12159] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.665220][T12159] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.681712][T12159] bridge_slave_1: entered allmulticast mode
[  469.708414][T12159] bridge_slave_1: entered promiscuous mode
[  469.928222][T12225] validate_nla: 4 callbacks suppressed
[  469.928251][T12225] netlink: 'syz.0.2351': attribute type 58 has an invalid length.
[  469.978705][T12227] netlink: 'syz.0.2351': attribute type 3 has an invalid length.
[  469.992395][T12225] __nla_validate_parse: 1 callbacks suppressed
[  469.992414][T12225] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2351'.
[  470.009881][T12227] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2351'.
[  470.081856][T12224] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2349'.
[  470.162318][T12159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  470.312151][T12159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  470.495457][T12243] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2357'.
[  470.610618][T12243] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2357'.
[  470.667686][T12243] netlink: 'syz.2.2357': attribute type 29 has an invalid length.
[  470.893655][T12159] team0: Port device team_slave_0 added
[  470.903079][T12243] netlink: 'syz.2.2357': attribute type 29 has an invalid length.
[  470.979958][T12159] team0: Port device team_slave_1 added
[  470.988027][T12245] netlink: 'syz.2.2357': attribute type 29 has an invalid length.
[  471.001918][T12246] netlink: 'syz.2.2357': attribute type 29 has an invalid length.
[  471.092345][T12159] batman_adv: batadv0: Adding interface: batadv_slave_0
[  471.099557][T12159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  471.133429][T12159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  471.151373][T12159] batman_adv: batadv0: Adding interface: batadv_slave_1
[  471.158973][T12159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  471.186359][T12159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  471.286739][   T50] Bluetooth: hci2: command tx timeout
[  472.144629][T12254] netlink: 'syz.2.2358': attribute type 10 has an invalid length.
[  472.179885][T12254] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2358'.
[  472.207026][T12254] team0: entered promiscuous mode
[  472.212441][T12254] team_slave_0: entered promiscuous mode
[  472.236917][T12254] ±ÿ: entered promiscuous mode
[  472.242127][T12254] geneve1: entered promiscuous mode
[  472.258950][T12254] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  472.274323][T12254] team0: entered allmulticast mode
[  472.287255][T12254] ±ÿ: entered allmulticast mode
[  472.292378][T12254] geneve1: entered allmulticast mode
[  472.301254][T12254] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  472.315569][T12254] 8021q: adding VLAN 0 to HW filter on device team0
[  472.325838][T12254] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  472.347985][T12260] tun0: tun_chr_ioctl cmd 1074025677
[  472.361404][T12260] tun0: linktype set to 776
[  472.415716][T12279] netlink: 'syz.1.2361': attribute type 3 has an invalid length.
[  472.429400][T12279] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2361'.
[  472.465345][T12159] hsr_slave_0: entered promiscuous mode
[  472.568347][T12159] hsr_slave_1: entered promiscuous mode
[  472.592128][T12159] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  472.610941][T12159] Cannot create hsr debugfs directory
[  472.625014][T12271] netlink: 'syz.1.2361': attribute type 58 has an invalid length.
[  472.635446][T12271] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2361'.
[  472.648634][T12276] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2362'.
[  472.673966][T12279] netlink: 'syz.1.2361': attribute type 27 has an invalid length.
[  472.868015][T12287] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2365'.
[  472.992078][ T3438] hsr_slave_1: left promiscuous mode
[  473.002781][ T3438] bridge_slave_1: left allmulticast mode
[  473.013711][ T3438] bridge_slave_1: left promiscuous mode
[  473.022436][ T3438] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.048689][ T3438] bridge_slave_0: left allmulticast mode
[  473.055955][ T3438] bridge_slave_0: left promiscuous mode
[  473.081941][ T3438] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.131506][ T3438] veth1_macvtap: left promiscuous mode
[  473.138235][ T3438] veth0_macvtap: left promiscuous mode
[  473.144543][ T3438] veth1_vlan: left promiscuous mode
[  473.356923][   T50] Bluetooth: hci2: command tx timeout
[  473.420591][T12298] FAULT_INJECTION: forcing a failure.
[  473.420591][T12298] name failslab, interval 1, probability 0, space 0, times 0
[  473.456732][T12298] CPU: 0 PID: 12298 Comm: syz.1.2368 Not tainted syzkaller #0
[  473.464488][T12298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  473.475061][T12298] Call Trace:
[  473.478390][T12298]  <TASK>
[  473.481464][T12298]  dump_stack_lvl+0x16c/0x230
[  473.486538][T12298]  ? show_regs_print_info+0x20/0x20
[  473.491895][T12298]  ? load_image+0x3b0/0x3b0
[  473.496462][T12298]  ? __might_sleep+0xe0/0xe0
[  473.501210][T12298]  ? __lock_acquire+0x7c80/0x7c80
[  473.506283][T12298]  should_fail_ex+0x39d/0x4d0
[  473.511007][T12298]  should_failslab+0x9/0x20
[  473.515639][T12298]  slab_pre_alloc_hook+0x59/0x310
[  473.520731][T12298]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  473.526502][T12298]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  473.532344][T12298]  __kmem_cache_alloc_node+0x53/0x260
[  473.537956][T12298]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  473.543849][T12298]  __kmalloc+0xa4/0x240
[  473.548493][T12298]  tomoyo_realpath_from_path+0xe3/0x5d0
[  473.554218][T12298]  tomoyo_path_number_perm+0x1ea/0x590
[  473.559746][T12298]  ? tomoyo_path_number_perm+0x1ba/0x590
[  473.565543][T12298]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  473.571038][T12298]  ? ksys_write+0x1c1/0x250
[  473.575620][T12298]  ? __fget_files+0x28/0x4d0
[  473.580331][T12298]  security_file_ioctl+0x70/0xa0
[  473.585397][T12298]  __se_sys_ioctl+0x48/0x170
[  473.590224][T12298]  do_syscall_64+0x55/0xb0
[  473.594770][T12298]  ? clear_bhb_loop+0x40/0x90
[  473.599653][T12298]  ? clear_bhb_loop+0x40/0x90
[  473.604412][T12298]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  473.610352][T12298] RIP: 0033:0x7f028698eec9
[  473.614897][T12298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.634969][T12298] RSP: 002b:00007f0287860038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  473.643518][T12298] RAX: ffffffffffffffda RBX: 00007f0286be6180 RCX: 00007f028698eec9
[  473.651835][T12298] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000007
[  473.659850][T12298] RBP: 00007f0287860090 R08: 0000000000000000 R09: 0000000000000000
[  473.668133][T12298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.676421][T12298] R13: 00007f0286be6218 R14: 00007f0286be6180 R15: 00007ffd9bbeaa48
[  473.684714][T12298]  </TASK>
[  473.690011][T12298] ERROR: Out of memory at tomoyo_realpath_from_path.
[  473.730057][ T3438] team0 (unregistering): Port device geneve1 removed
[  473.775855][ T3438] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  474.329656][ T3438] team0 (unregistering): Port device team_slave_1 removed
[  474.381131][ T3438] team0 (unregistering): Port device team_slave_0 removed
[  474.435341][ T3438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  474.964717][ T3438] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  474.974516][ T3438] bond0 (unregistering): Released all slaves
[  475.059678][T12287] validate_nla: 1 callbacks suppressed
[  475.059699][T12287] netlink: 'syz.2.2365': attribute type 29 has an invalid length.
[  475.107219][T12307] __nla_validate_parse: 1 callbacks suppressed
[  475.107241][T12307] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2371'.
[  475.436681][   T50] Bluetooth: hci2: command tx timeout
[  475.882132][T12159] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  475.898458][T12159] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  475.909743][T12159] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  475.925390][T12159] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  476.060669][T12159] 8021q: adding VLAN 0 to HW filter on device bond0
[  476.089097][T12159] 8021q: adding VLAN 0 to HW filter on device team0
[  476.104479][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.112041][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  476.130869][ T7149] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.138149][ T7149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  476.422413][T12159] 8021q: adding VLAN 0 to HW filter on device batadv0
[  476.495604][T12159] veth0_vlan: entered promiscuous mode
[  476.515873][T12159] veth1_vlan: entered promiscuous mode
[  476.571626][T12159] veth0_macvtap: entered promiscuous mode
[  476.584649][T12159] veth1_macvtap: entered promiscuous mode
[  476.621202][T12159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.636991][T12159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.650919][T12159] batman_adv: batadv0: Interface activated: batadv_slave_0
[  476.671582][T12159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.684971][T12159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.699696][T12159] batman_adv: batadv0: Interface activated: batadv_slave_1
[  476.722525][T12159] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.734949][T12159] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.748448][T12159] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.757988][T12159] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  476.864395][ T1002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.883296][ T1002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.938001][ T7155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.946272][ T7155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.174005][T12355] FAULT_INJECTION: forcing a failure.
[  477.174005][T12355] name failslab, interval 1, probability 0, space 0, times 0
[  477.206666][T12355] CPU: 1 PID: 12355 Comm: syz.3.2328 Not tainted syzkaller #0
[  477.214314][T12355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  477.224674][T12355] Call Trace:
[  477.228198][T12355]  <TASK>
[  477.231349][T12355]  dump_stack_lvl+0x16c/0x230
[  477.236691][T12355]  ? show_regs_print_info+0x20/0x20
[  477.242307][T12355]  ? load_image+0x3b0/0x3b0
[  477.246983][T12355]  ? __might_sleep+0xe0/0xe0
[  477.251635][T12355]  ? __lock_acquire+0x7c80/0x7c80
[  477.257276][T12355]  should_fail_ex+0x39d/0x4d0
[  477.262338][T12355]  should_failslab+0x9/0x20
[  477.266900][T12355]  slab_pre_alloc_hook+0x59/0x310
[  477.272600][T12355]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  477.278713][T12355]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  477.285435][T12355]  __kmem_cache_alloc_node+0x53/0x260
[  477.291850][T12355]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  477.298676][T12355]  __kmalloc+0xa4/0x240
[  477.303957][T12355]  tomoyo_realpath_from_path+0xe3/0x5d0
[  477.310657][T12355]  tomoyo_path_number_perm+0x1ea/0x590
[  477.316888][T12355]  ? tomoyo_path_number_perm+0x1ba/0x590
[  477.322744][T12355]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  477.328508][T12355]  ? ksys_write+0x1c1/0x250
[  477.333184][T12355]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  477.339530][T12355]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  477.346107][T12355]  security_file_ioctl+0x70/0xa0
[  477.351397][T12355]  __se_sys_ioctl+0x48/0x170
[  477.356302][T12355]  do_syscall_64+0x55/0xb0
[  477.360891][T12355]  ? clear_bhb_loop+0x40/0x90
[  477.365752][T12355]  ? clear_bhb_loop+0x40/0x90
[  477.370756][T12355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  477.377066][T12355] RIP: 0033:0x7f4981d8eec9
[  477.381643][T12355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.402206][T12355] RSP: 002b:00007f4982bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  477.411010][T12355] RAX: ffffffffffffffda RBX: 00007f4981fe5fa0 RCX: 00007f4981d8eec9
[  477.419207][T12355] RDX: 0000200000000100 RSI: 00000000400454ca RDI: 000000000000000a
[  477.428034][T12355] RBP: 00007f4982bbf090 R08: 0000000000000000 R09: 0000000000000000
[  477.436108][T12355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.444216][T12355] R13: 00007f4981fe6038 R14: 00007f4981fe5fa0 R15: 00007fffc8b60838
[  477.452360][T12355]  </TASK>
[  477.591290][T12355] ERROR: Out of memory at tomoyo_realpath_from_path.
[  477.892069][ T5792] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  477.903056][ T5792] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  477.914591][ T5792] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  477.937994][ T5792] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  477.946145][ T5792] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  477.957976][ T5792] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  478.456170][T12377] netlink: 'syz.3.2373': attribute type 10 has an invalid length.
[  478.479430][T12377] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2373'.
[  478.508211][T12377] team0: entered promiscuous mode
[  478.513979][T12377] team_slave_0: entered promiscuous mode
[  478.596901][T12377] team_slave_1: entered promiscuous mode
[  478.620379][T12377] team0: entered allmulticast mode
[  478.638444][T12377] team_slave_0: entered allmulticast mode
[  478.658487][T12377] team_slave_1: entered allmulticast mode
[  478.685447][T12377] bridge0: port 3(team0) entered blocking state
[  478.732931][T12377] bridge0: port 3(team0) entered disabled state
[  478.791472][T12377] bridge0: port 3(team0) entered blocking state
[  478.798835][T12377] bridge0: port 3(team0) entered forwarding state
[  478.882891][T12376] tun0: tun_chr_ioctl cmd 1074025677
[  478.890170][T12376] tun0: linktype set to 776
[  478.904781][T12388] netlink: 'syz.2.2376': attribute type 33 has an invalid length.
[  478.912936][T12388] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2376'.
[  479.121891][ T1002] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.293394][T12402] netlink: 'syz.3.2378': attribute type 3 has an invalid length.
[  479.304609][T12402] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2378'.
[  479.468768][T12408] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2379'.
[  479.513853][T12408] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2379'.
[  479.555572][T12408] netlink: 'syz.2.2379': attribute type 29 has an invalid length.
[  480.006561][ T5792] Bluetooth: hci4: command tx timeout
[  481.687220][T12400] netlink: 'syz.3.2378': attribute type 58 has an invalid length.
[  481.695120][T12400] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2378'.
[  481.752860][ T1002] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.792518][T12408] netlink: 'syz.2.2379': attribute type 29 has an invalid length.
[  481.813663][T12431] FAULT_INJECTION: forcing a failure.
[  481.813663][T12431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.830519][T12431] CPU: 1 PID: 12431 Comm: syz.3.2383 Not tainted syzkaller #0
[  481.838490][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  481.848852][T12431] Call Trace:
[  481.852181][T12431]  <TASK>
[  481.855485][T12431]  dump_stack_lvl+0x16c/0x230
[  481.860430][T12431]  ? show_regs_print_info+0x20/0x20
[  481.865695][T12431]  ? load_image+0x3b0/0x3b0
[  481.870258][T12431]  ? __lock_acquire+0x7c80/0x7c80
[  481.875416][T12431]  ? snprintf+0xdb/0x120
[  481.879720][T12431]  should_fail_ex+0x39d/0x4d0
[  481.884461][T12431]  _copy_to_user+0x2f/0xa0
[  481.889141][T12431]  simple_read_from_buffer+0xe7/0x150
[  481.894696][T12431]  proc_fail_nth_read+0x1e3/0x250
[  481.899969][T12431]  ? proc_fault_inject_write+0x340/0x340
[  481.906208][T12431]  ? fsnotify_perm+0x271/0x5e0
[  481.911107][T12431]  ? proc_fault_inject_write+0x340/0x340
[  481.917235][T12431]  vfs_read+0x27e/0x920
[  481.921470][T12431]  ? kernel_read+0x1e0/0x1e0
[  481.926142][T12431]  ? __fget_files+0x28/0x4d0
[  481.930925][T12431]  ? __fget_files+0x44a/0x4d0
[  481.935943][T12431]  ? __fdget_pos+0x2a3/0x330
[  481.940694][T12431]  ? ksys_read+0x75/0x250
[  481.945096][T12431]  ksys_read+0x147/0x250
[  481.949416][T12431]  ? vfs_write+0x940/0x940
[  481.954087][T12431]  ? trace_sys_enter+0x1f/0x80
[  481.959193][T12431]  do_syscall_64+0x55/0xb0
[  481.963667][T12431]  ? clear_bhb_loop+0x40/0x90
[  481.968579][T12431]  ? clear_bhb_loop+0x40/0x90
[  481.973598][T12431]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  481.979785][T12431] RIP: 0033:0x7f4981d8d8dc
[  481.984721][T12431] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  482.005457][T12431] RSP: 002b:00007f4982bbf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  482.014399][T12431] RAX: ffffffffffffffda RBX: 00007f4981fe5fa0 RCX: 00007f4981d8d8dc
[  482.022602][T12431] RDX: 000000000000000f RSI: 00007f4982bbf0a0 RDI: 0000000000000010
[  482.030707][T12431] RBP: 00007f4982bbf090 R08: 0000000000000000 R09: 0000000000000000
[  482.038838][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.047833][T12431] R13: 00007f4981fe6038 R14: 00007f4981fe5fa0 R15: 00007fffc8b60838
[  482.056344][T12431]  </TASK>
[  482.081014][ T5792] Bluetooth: hci4: command tx timeout
[  482.135856][ T1002] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.288946][T12442] FAULT_INJECTION: forcing a failure.
[  482.288946][T12442] name failslab, interval 1, probability 0, space 0, times 0
[  482.378306][T12442] CPU: 0 PID: 12442 Comm: syz.3.2387 Not tainted syzkaller #0
[  482.386197][T12442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  482.397441][T12442] Call Trace:
[  482.400952][T12442]  <TASK>
[  482.404026][T12442]  dump_stack_lvl+0x16c/0x230
[  482.408770][T12442]  ? show_regs_print_info+0x20/0x20
[  482.414206][T12442]  ? load_image+0x3b0/0x3b0
[  482.419223][T12442]  ? __might_sleep+0xe0/0xe0
[  482.424474][T12442]  ? __lock_acquire+0x7c80/0x7c80
[  482.429851][T12442]  should_fail_ex+0x39d/0x4d0
[  482.434785][T12442]  should_failslab+0x9/0x20
[  482.439828][T12442]  slab_pre_alloc_hook+0x59/0x310
[  482.444953][T12442]  ? __lock_acquire+0x7c80/0x7c80
[  482.450426][T12442]  kmem_cache_alloc_node+0x60/0x330
[  482.456181][T12442]  ? __alloc_skb+0x108/0x2c0
[  482.461090][T12442]  __alloc_skb+0x108/0x2c0
[  482.465894][T12442]  netlink_sendmsg+0x65b/0xbe0
[  482.470953][T12442]  ? netlink_getsockopt+0x580/0x580
[  482.476219][T12442]  ? aa_sock_msg_perm+0x94/0x150
[  482.481297][T12442]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  482.486908][T12442]  ? security_socket_sendmsg+0x80/0xa0
[  482.492772][T12442]  ? netlink_getsockopt+0x580/0x580
[  482.498030][T12442]  ____sys_sendmsg+0x5bf/0x950
[  482.503391][T12442]  ? __asan_memset+0x22/0x40
[  482.508036][T12442]  ? __sys_sendmsg_sock+0x30/0x30
[  482.513132][T12442]  ? __import_iovec+0x5f2/0x860
[  482.518131][T12442]  ? import_iovec+0x73/0xa0
[  482.522876][T12442]  ___sys_sendmsg+0x220/0x290
[  482.527624][T12442]  ? __sys_sendmsg+0x270/0x270
[  482.532481][T12442]  ? __lock_acquire+0x7c80/0x7c80
[  482.537817][T12442]  __se_sys_sendmsg+0x1a5/0x270
[  482.543284][T12442]  ? __x64_sys_sendmsg+0x80/0x80
[  482.548926][T12442]  ? trace_sys_enter+0x1f/0x80
[  482.553931][T12442]  do_syscall_64+0x55/0xb0
[  482.558680][T12442]  ? clear_bhb_loop+0x40/0x90
[  482.563582][T12442]  ? clear_bhb_loop+0x40/0x90
[  482.568315][T12442]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  482.574516][T12442] RIP: 0033:0x7f4981d8eec9
[  482.579179][T12442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.599797][T12442] RSP: 002b:00007f4982bbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  482.608612][T12442] RAX: ffffffffffffffda RBX: 00007f4981fe5fa0 RCX: 00007f4981d8eec9
[  482.616907][T12442] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  482.624938][T12442] RBP: 00007f4982bbf090 R08: 0000000000000000 R09: 0000000000000000
[  482.633064][T12442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.641882][T12442] R13: 00007f4981fe6038 R14: 00007f4981fe5fa0 R15: 00007fffc8b60838
[  482.650392][T12442]  </TASK>
[  482.909296][ T1002] bond0: (slave netdevsim0): Releasing backup interface
[  482.924934][ T1002] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.081923][T12367] chnl_net:caif_netlink_parms(): no params data found
[  483.114403][T12453] netlink: 'syz.2.2391': attribute type 58 has an invalid length.
[  483.135775][T12453] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2391'.
[  483.153469][T12457] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2393'.
[  483.214250][T12457] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2393'.
[  483.225684][T12453] netlink: 'syz.2.2391': attribute type 3 has an invalid length.
[  483.249858][T12453] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2391'.
[  483.333440][T12457] netlink: 'syz.3.2393': attribute type 29 has an invalid length.
[  483.455082][T12457] netlink: 'syz.3.2393': attribute type 29 has an invalid length.
[  483.518137][T12462] netlink: 'syz.3.2393': attribute type 29 has an invalid length.
[  483.522289][T12471] FAULT_INJECTION: forcing a failure.
[  483.522289][T12471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.538117][T12465] netlink: 'syz.3.2393': attribute type 29 has an invalid length.
[  483.539620][T12471] CPU: 1 PID: 12471 Comm: syz.1.2396 Not tainted syzkaller #0
[  483.555235][T12471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  483.565434][T12471] Call Trace:
[  483.568756][T12471]  <TASK>
[  483.571731][T12471]  dump_stack_lvl+0x16c/0x230
[  483.576563][T12471]  ? show_regs_print_info+0x20/0x20
[  483.581918][T12471]  ? load_image+0x3b0/0x3b0
[  483.586551][T12471]  ? __lock_acquire+0x7c80/0x7c80
[  483.591789][T12471]  should_fail_ex+0x39d/0x4d0
[  483.596609][T12471]  _copy_from_user+0x2f/0xe0
[  483.601238][T12471]  __copy_msghdr+0x3bb/0x580
[  483.606061][T12471]  ___sys_sendmsg+0x1a6/0x290
[  483.610791][T12471]  ? __sys_sendmsg+0x270/0x270
[  483.615693][T12471]  ? __lock_acquire+0x7c80/0x7c80
[  483.620862][T12471]  __se_sys_sendmsg+0x1a5/0x270
[  483.625838][T12471]  ? __x64_sys_sendmsg+0x80/0x80
[  483.630931][T12471]  ? trace_sys_enter+0x1f/0x80
[  483.635765][T12471]  do_syscall_64+0x55/0xb0
[  483.640411][T12471]  ? clear_bhb_loop+0x40/0x90
[  483.645120][T12471]  ? clear_bhb_loop+0x40/0x90
[  483.650386][T12471]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  483.656513][T12471] RIP: 0033:0x7f028698eec9
[  483.661624][T12471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.681829][T12471] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.690575][T12471] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  483.698685][T12471] RDX: 0000000000000000 RSI: 0000200000000a00 RDI: 0000000000000003
[  483.706713][T12471] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  483.714813][T12471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.722988][T12471] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  483.731022][T12471]  </TASK>
[  483.784982][T12367] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.807305][T12367] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.833696][T12367] bridge_slave_0: entered allmulticast mode
[  483.857581][T12367] bridge_slave_0: entered promiscuous mode
[  483.910957][T12475] FAULT_INJECTION: forcing a failure.
[  483.910957][T12475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.946843][T12475] CPU: 0 PID: 12475 Comm: syz.1.2397 Not tainted syzkaller #0
[  483.954531][T12475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  483.964648][T12475] Call Trace:
[  483.967974][T12475]  <TASK>
[  483.971044][T12475]  dump_stack_lvl+0x16c/0x230
[  483.976061][T12475]  ? show_regs_print_info+0x20/0x20
[  483.981863][T12475]  ? load_image+0x3b0/0x3b0
[  483.986925][T12475]  ? __lock_acquire+0x7c80/0x7c80
[  483.992117][T12475]  should_fail_ex+0x39d/0x4d0
[  483.996988][T12475]  _copy_from_user+0x2f/0xe0
[  484.001830][T12475]  __copy_msghdr+0x3bb/0x580
[  484.006697][T12475]  ___sys_sendmsg+0x1a6/0x290
[  484.011740][T12475]  ? __sys_sendmsg+0x270/0x270
[  484.016806][T12475]  ? __lock_acquire+0x7c80/0x7c80
[  484.021918][T12475]  __se_sys_sendmsg+0x1a5/0x270
[  484.027132][T12475]  ? __x64_sys_sendmsg+0x80/0x80
[  484.032494][T12475]  ? trace_sys_enter+0x1f/0x80
[  484.037507][T12475]  do_syscall_64+0x55/0xb0
[  484.042252][T12475]  ? clear_bhb_loop+0x40/0x90
[  484.047775][T12475]  ? clear_bhb_loop+0x40/0x90
[  484.053114][T12475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  484.059318][T12475] RIP: 0033:0x7f028698eec9
[  484.063928][T12475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.084801][T12475] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  484.094398][T12475] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  484.102611][T12475] RDX: 0000000000000000 RSI: 0000200000000a00 RDI: 0000000000000003
[  484.111999][T12475] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  484.120529][T12475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.130124][T12475] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  484.138939][T12475]  </TASK>
[  484.167093][ T5792] Bluetooth: hci4: command tx timeout
[  484.320603][T12367] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.364051][T12367] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.413061][T12367] bridge_slave_1: entered allmulticast mode
[  484.467073][T12367] bridge_slave_1: entered promiscuous mode
[  484.780455][T12484] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2399'.
[  484.890284][T12367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.972034][T12367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.407891][T12367] team0: Port device team_slave_0 added
[  485.458196][T12367] team0: Port device team_slave_1 added
[  485.712970][T12367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  485.756460][T12367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  485.840176][T12367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  485.873930][T12367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  485.907432][T12367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  485.967473][T12367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  486.165604][T12522] FAULT_INJECTION: forcing a failure.
[  486.165604][T12522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.187355][T12522] CPU: 0 PID: 12522 Comm: syz.3.2410 Not tainted syzkaller #0
[  486.195042][T12522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  486.207274][T12522] Call Trace:
[  486.210605][T12522]  <TASK>
[  486.213588][T12522]  dump_stack_lvl+0x16c/0x230
[  486.218513][T12522]  ? show_regs_print_info+0x20/0x20
[  486.223863][T12522]  ? load_image+0x3b0/0x3b0
[  486.228859][T12522]  ? __lock_acquire+0x7c80/0x7c80
[  486.234052][T12522]  should_fail_ex+0x39d/0x4d0
[  486.239244][T12522]  _copy_from_user+0x2f/0xe0
[  486.243988][T12522]  __copy_msghdr+0x3bb/0x580
[  486.248840][T12522]  ___sys_sendmsg+0x1a6/0x290
[  486.253715][T12522]  ? __sys_sendmsg+0x270/0x270
[  486.258567][T12522]  ? __lock_acquire+0x7c80/0x7c80
[  486.263864][T12522]  __se_sys_sendmsg+0x1a5/0x270
[  486.268784][T12522]  ? __x64_sys_sendmsg+0x80/0x80
[  486.274094][T12522]  ? trace_sys_enter+0x1f/0x80
[  486.279023][T12522]  do_syscall_64+0x55/0xb0
[  486.283557][T12522]  ? clear_bhb_loop+0x40/0x90
[  486.289078][T12522]  ? clear_bhb_loop+0x40/0x90
[  486.293980][T12522]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  486.299956][T12522] RIP: 0033:0x7f4981d8eec9
[  486.304460][T12522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.324652][T12522] RSP: 002b:00007f4982bbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.333224][T12522] RAX: ffffffffffffffda RBX: 00007f4981fe5fa0 RCX: 00007f4981d8eec9
[  486.341487][T12522] RDX: e07e872420dfefca RSI: 0000200000000100 RDI: 0000000000000003
[  486.349874][T12522] RBP: 00007f4982bbf090 R08: 0000000000000000 R09: 0000000000000000
[  486.358444][T12522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.366641][T12522] R13: 00007f4981fe6038 R14: 00007f4981fe5fa0 R15: 00007fffc8b60838
[  486.374931][T12522]  </TASK>
[  486.420873][ T5792] Bluetooth: hci4: command tx timeout
[  487.072521][T12523] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2408'.
[  487.103168][T12528] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2411'.
[  487.134923][T12367] hsr_slave_0: entered promiscuous mode
[  487.148219][T12367] hsr_slave_1: entered promiscuous mode
[  487.166957][T12367] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  487.186557][T12367] Cannot create hsr debugfs directory
[  487.229595][T12530] netlink: 'syz.1.2412': attribute type 3 has an invalid length.
[  487.246640][T12530] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2412'.
[  487.757057][T12544] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2414'.
[  487.794968][T12547] netlink: 'syz.3.2417': attribute type 3 has an invalid length.
[  487.830665][T12547] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2417'.
[  487.932190][ T5792] Bluetooth: hci0: unexpected event 0x07 length: 15 < 255
[  487.989986][T12547] netlink: 'syz.3.2417': attribute type 27 has an invalid length.
[  488.131378][T12547] bond0: (slave bond_slave_0): Releasing backup interface
[  488.255543][T12550] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.2418'.
[  488.266061][T12550] netlink: 6324 bytes leftover after parsing attributes in process `syz.1.2418'.
[  488.299312][T12550] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2418'.
[  488.386683][ T1002] hsr_slave_1: left promiscuous mode
[  488.445637][ T1002] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  488.472333][ T1002] batman_adv: batadv0: Removing interface: batadv_slave_0
[  488.558064][ T1002] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  488.566230][ T1002] batman_adv: batadv0: Removing interface: batadv_slave_1
[  488.618862][ T1002] veth1_macvtap: left promiscuous mode
[  488.624609][ T1002] veth0_macvtap: left promiscuous mode
[  488.633148][ T1002] veth1_vlan: left allmulticast mode
[  488.650401][ T1002] veth1_vlan: left promiscuous mode
[  489.484810][T12572] netlink: 'syz.3.2429': attribute type 3 has an invalid length.
[  489.493777][T12572] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2429'.
[  489.551492][ T1002] geneve1 (unregistering): left promiscuous mode
[  489.558538][ T1002] geneve1 (unregistering): left allmulticast mode
[  489.569180][ T1002] team0 (unregistering): Port device geneve1 removed
[  489.706292][ T1002] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  490.008000][ T1002] ±ÿ (unregistering): left promiscuous mode
[  490.014362][ T1002] ±ÿ (unregistering): left allmulticast mode
[  490.022877][ T1002] team0 (unregistering): Port device 
2
6±ÿ removed
[  490.070865][ T1002] team_slave_0 (unregistering): left promiscuous mode
[  490.080227][ T1002] team_slave_0 (unregistering): left allmulticast mode
[  490.088572][ T1002] team0 (unregistering): Port device team_slave_0 removed
[  490.144228][ T1002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  490.437532][ T1002] dummy0 (unregistering): left promiscuous mode
[  490.444327][ T1002] dummy0 (unregistering): left allmulticast mode
[  490.452964][ T1002] team0 (unregistering): Port device dummy0 removed
[  490.747283][ T1002] bond0 (unregistering): Released all slaves
[  490.834071][T12566] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2421'.
[  490.877577][T12572] netlink: 'syz.3.2429': attribute type 27 has an invalid length.
[  490.887042][T12573] veth1_vlan: left allmulticast mode
[  490.894210][T12573] macvlan0: left promiscuous mode
[  490.899765][T12573] macvlan0: left allmulticast mode
[  491.092959][T12576] netlink: 'syz.3.2431': attribute type 3 has an invalid length.
[  491.217703][T12576] netlink: 'syz.3.2431': attribute type 27 has an invalid length.
[  491.537073][T12586] FAULT_INJECTION: forcing a failure.
[  491.537073][T12586] name failslab, interval 1, probability 0, space 0, times 0
[  491.550688][T12586] CPU: 1 PID: 12586 Comm: syz.1.2425 Not tainted syzkaller #0
[  491.558305][T12586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  491.568684][T12586] Call Trace:
[  491.572080][T12586]  <TASK>
[  491.575085][T12586]  dump_stack_lvl+0x16c/0x230
[  491.579993][T12586]  ? show_regs_print_info+0x20/0x20
[  491.585414][T12586]  ? load_image+0x3b0/0x3b0
[  491.590037][T12586]  ? __might_sleep+0xe0/0xe0
[  491.594767][T12586]  ? __lock_acquire+0x7c80/0x7c80
[  491.599914][T12586]  should_fail_ex+0x39d/0x4d0
[  491.604680][T12586]  should_failslab+0x9/0x20
[  491.609583][T12586]  slab_pre_alloc_hook+0x59/0x310
[  491.614737][T12586]  ? __get_vm_area_node+0x125/0x370
[  491.620054][T12586]  __kmem_cache_alloc_node+0x53/0x260
[  491.625458][T12586]  ? __get_vm_area_node+0x125/0x370
[  491.631149][T12586]  kmalloc_node_trace+0x26/0xe0
[  491.636030][T12586]  __get_vm_area_node+0x125/0x370
[  491.641107][T12586]  __vmalloc_node_range+0x36e/0x1320
[  491.646506][T12586]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  491.652230][T12586]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  491.657983][T12586]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  491.663987][T12586]  ? free_vm_area+0x50/0x50
[  491.668510][T12586]  ? lockdep_hardirqs_on+0x98/0x150
[  491.673850][T12586]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  491.679442][T12586]  __vmalloc+0x7a/0x90
[  491.683628][T12586]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  491.689230][T12586]  bpf_prog_alloc_no_stats+0x47/0x440
[  491.694730][T12586]  ? bpf_prog_alloc+0x2b/0x1b0
[  491.699701][T12586]  bpf_prog_alloc+0x3d/0x1b0
[  491.704316][T12586]  bpf_prog_load+0x6b8/0x16d0
[  491.709099][T12586]  ? map_freeze+0x420/0x420
[  491.713982][T12586]  ? __might_fault+0xaa/0x120
[  491.718876][T12586]  ? __lock_acquire+0x7c80/0x7c80
[  491.723971][T12586]  ? __might_fault+0xaa/0x120
[  491.728961][T12586]  ? __might_fault+0xc6/0x120
[  491.733683][T12586]  ? __might_fault+0xaa/0x120
[  491.738377][T12586]  ? bpf_lsm_bpf+0x9/0x10
[  491.742736][T12586]  ? security_bpf+0x7e/0xa0
[  491.747445][T12586]  __sys_bpf+0x55a/0x800
[  491.751717][T12586]  ? bpf_link_show_fdinfo+0x350/0x350
[  491.757357][T12586]  ? lock_chain_count+0x20/0x20
[  491.762499][T12586]  __x64_sys_bpf+0x7c/0x90
[  491.767572][T12586]  do_syscall_64+0x55/0xb0
[  491.772026][T12586]  ? clear_bhb_loop+0x40/0x90
[  491.776754][T12586]  ? clear_bhb_loop+0x40/0x90
[  491.781635][T12586]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  491.788028][T12586] RIP: 0033:0x7f028698eec9
[  491.792578][T12586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.813453][T12586] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  491.821923][T12586] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  491.830036][T12586] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[  491.838214][T12586] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  491.846205][T12586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.854200][T12586] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  491.862395][T12586]  </TASK>
[  491.915412][T12586] warn_alloc: 1 callbacks suppressed
[  491.915458][T12586] syz.1.2425: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  491.975580][T12586] CPU: 0 PID: 12586 Comm: syz.1.2425 Not tainted syzkaller #0
[  491.983400][T12586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  491.993700][T12586] Call Trace:
[  491.997158][T12586]  <TASK>
[  492.000318][T12586]  dump_stack_lvl+0x16c/0x230
[  492.005255][T12586]  ? show_regs_print_info+0x20/0x20
[  492.010524][T12586]  ? load_image+0x3b0/0x3b0
[  492.015076][T12586]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  492.021804][T12586]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  492.028714][T12586]  warn_alloc+0x210/0x300
[  492.033895][T12586]  ? __get_vm_area_node+0x125/0x370
[  492.039250][T12586]  ? zone_watermark_ok_safe+0x230/0x230
[  492.045130][T12586]  ? rcu_is_watching+0x15/0xb0
[  492.050333][T12586]  ? __get_vm_area_node+0x356/0x370
[  492.055604][T12586]  __vmalloc_node_range+0x393/0x1320
[  492.061139][T12586]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  492.067110][T12586]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  492.073163][T12586]  ? free_vm_area+0x50/0x50
[  492.077720][T12586]  ? lockdep_hardirqs_on+0x98/0x150
[  492.082997][T12586]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  492.088662][T12586]  __vmalloc+0x7a/0x90
[  492.092795][T12586]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  492.099021][T12586]  bpf_prog_alloc_no_stats+0x47/0x440
[  492.104819][T12586]  ? bpf_prog_alloc+0x2b/0x1b0
[  492.109885][T12586]  bpf_prog_alloc+0x3d/0x1b0
[  492.114810][T12586]  bpf_prog_load+0x6b8/0x16d0
[  492.119564][T12586]  ? map_freeze+0x420/0x420
[  492.124137][T12586]  ? __might_fault+0xaa/0x120
[  492.129064][T12586]  ? __lock_acquire+0x7c80/0x7c80
[  492.134152][T12586]  ? __might_fault+0xaa/0x120
[  492.138975][T12586]  ? __might_fault+0xc6/0x120
[  492.143708][T12586]  ? __might_fault+0xaa/0x120
[  492.148438][T12586]  ? bpf_lsm_bpf+0x9/0x10
[  492.152924][T12586]  ? security_bpf+0x7e/0xa0
[  492.157491][T12586]  __sys_bpf+0x55a/0x800
[  492.161794][T12586]  ? bpf_link_show_fdinfo+0x350/0x350
[  492.167634][T12586]  ? lock_chain_count+0x20/0x20
[  492.172739][T12586]  __x64_sys_bpf+0x7c/0x90
[  492.177307][T12586]  do_syscall_64+0x55/0xb0
[  492.181792][T12586]  ? clear_bhb_loop+0x40/0x90
[  492.186534][T12586]  ? clear_bhb_loop+0x40/0x90
[  492.191334][T12586]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  492.197538][T12586] RIP: 0033:0x7f028698eec9
[  492.202702][T12586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.222935][T12586] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  492.231833][T12586] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  492.240563][T12586] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[  492.248576][T12586] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  492.256600][T12586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.264866][T12586] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  492.273423][T12586]  </TASK>
[  492.310732][T12586] Mem-Info:
[  492.314563][T12586] active_anon:13942 inactive_anon:0 isolated_anon:0
[  492.314563][T12586]  active_file:18526 inactive_file:40027 isolated_file:0
[  492.314563][T12586]  unevictable:768 dirty:184 writeback:0
[  492.314563][T12586]  slab_reclaimable:10291 slab_unreclaimable:90758
[  492.314563][T12586]  mapped:24954 shmem:9814 pagetables:545
[  492.314563][T12586]  sec_pagetables:0 bounce:0
[  492.314563][T12586]  kernel_misc_reclaimable:0
[  492.314563][T12586]  free:1341926 free_pcp:10574 free_cma:0
[  492.443212][T12586] Node 0 active_anon:54568kB inactive_anon:0kB active_file:74104kB inactive_file:159904kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99916kB dirty:736kB writeback:0kB shmem:36820kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10848kB pagetables:2180kB sec_pagetables:0kB all_unreclaimable? no
[  492.486750][T12586] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  492.540005][T12586] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  492.636828][T12586] lowmem_reserve[]: 0 2525 2526 2526 2526
[  492.661264][T12586] Node 0 DMA32 free:1449036kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:50020kB inactive_anon:0kB active_file:74104kB inactive_file:158584kB unevictable:1536kB writepending:736kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:34100kB local_pcp:15492kB free_cma:0kB
[  492.695753][T12603] __nla_validate_parse: 2 callbacks suppressed
[  492.695770][T12603] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2428'.
[  492.739578][T12586] lowmem_reserve[]: 0 0 1 1 1
[  492.744515][T12586] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  492.812268][T12586] lowmem_reserve[]: 0 0 0 0 0
[  492.817751][T12586] Node 1 Normal free:3902788kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:14592kB local_pcp:9312kB free_cma:0kB
[  492.873790][T12586] lowmem_reserve[]: 0 0 0 0 0
[  492.898872][T12586] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  492.933567][T12586] Node 0 DMA32: 709*4kB (UME) 994*8kB (UME) 649*16kB (UME) 880*32kB (UME) 170*64kB (UME) 84*128kB (UM) 76*256kB (UME) 43*512kB (UME) 18*1024kB (UM) 4*2048kB (UME) 326*4096kB (M) = 1474356kB
[  492.968056][T12586] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  492.981566][T12586] Node 1 Normal: 219*4kB (UME) 51*8kB (UME) 32*16kB (UME) 108*32kB (UME) 39*64kB (UE) 6*128kB (UME) 0*256kB 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 949*4096kB (M) = 3902788kB
[  493.006557][T12586] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  493.016367][T12586] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  493.099580][T12586] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  493.147416][T12586] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  493.186672][T12586] 63401 total pagecache pages
[  493.191441][T12586] 0 pages in swap cache
[  493.195719][T12586] Free swap  = 124996kB
[  493.216680][T12586] Total swap = 124996kB
[  493.220921][T12586] 2097051 pages RAM
[  493.224774][T12586] 0 pages HighMem/MovableOnly
[  493.249845][T12367] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  493.257993][T12586] 416136 pages reserved
[  493.262264][T12586] 0 pages cma reserved
[  493.281582][T12367] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  493.300700][T12367] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  493.330380][T12367] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  493.487341][T12619] netlink: 763 bytes leftover after parsing attributes in process `syz.2.2433'.
[  493.570664][T12616] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2432'.
[  493.584652][T12616] veth1_vlan: left allmulticast mode
[  493.593848][T12616] macvlan0: left allmulticast mode
[  493.725139][T12630] netlink: 'syz.2.2436': attribute type 3 has an invalid length.
[  493.733648][T12367] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.766152][T12630] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2436'.
[  493.784070][T12367] 8021q: adding VLAN 0 to HW filter on device team0
[  493.815125][T12630] netlink: 'syz.2.2436': attribute type 27 has an invalid length.
[  493.838898][ T1002] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.846453][ T1002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  493.892744][ T1002] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.901102][ T1002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.242786][T12647] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2440'.
[  494.429717][T12647] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2440'.
[  494.590280][T12647] netlink: 'syz.1.2440': attribute type 29 has an invalid length.
[  494.629065][T12659] FAULT_INJECTION: forcing a failure.
[  494.629065][T12659] name failslab, interval 1, probability 0, space 0, times 0
[  494.648566][T12647] netlink: 'syz.1.2440': attribute type 29 has an invalid length.
[  494.660430][T12659] CPU: 1 PID: 12659 Comm: syz.3.2442 Not tainted syzkaller #0
[  494.668079][T12659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  494.678287][T12659] Call Trace:
[  494.681614][T12659]  <TASK>
[  494.684601][T12659]  dump_stack_lvl+0x16c/0x230
[  494.689335][T12659]  ? show_regs_print_info+0x20/0x20
[  494.694592][T12659]  ? load_image+0x3b0/0x3b0
[  494.699152][T12659]  ? __might_sleep+0xe0/0xe0
[  494.703881][T12659]  ? __lock_acquire+0x7c80/0x7c80
[  494.708943][T12659]  ? mark_lock+0x94/0x320
[  494.713421][T12659]  should_fail_ex+0x39d/0x4d0
[  494.719498][T12659]  should_failslab+0x9/0x20
[  494.724232][T12659]  slab_pre_alloc_hook+0x59/0x310
[  494.729406][T12659]  ? __get_vm_area_node+0x125/0x370
[  494.734675][T12659]  __kmem_cache_alloc_node+0x53/0x260
[  494.736311][T12654] netlink: 'syz.1.2440': attribute type 29 has an invalid length.
[  494.740110][T12659]  ? __get_vm_area_node+0x125/0x370
[  494.740143][T12659]  kmalloc_node_trace+0x26/0xe0
[  494.740175][T12659]  __get_vm_area_node+0x125/0x370
[  494.740208][T12659]  __vmalloc_node_range+0x36e/0x1320
[  494.769324][T12659]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  494.775340][T12659]  ? mark_lock+0x94/0x320
[  494.779911][T12659]  ? __lock_acquire+0x1334/0x7c80
[  494.785332][T12659]  ? verify_lock_unused+0x140/0x140
[  494.790590][T12659]  ? free_vm_area+0x50/0x50
[  494.795238][T12659]  ? end_current_label_crit_section+0x170/0x170
[  494.801897][T12659]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  494.807502][T12659]  __vmalloc+0x7a/0x90
[  494.811955][T12659]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  494.817565][T12659]  bpf_prog_alloc_no_stats+0x47/0x440
[  494.823098][T12659]  ? bpf_prog_alloc+0x2b/0x1b0
[  494.827928][T12659]  bpf_prog_alloc+0x3d/0x1b0
[  494.832744][T12659]  bpf_prog_load+0x6b8/0x16d0
[  494.837656][T12659]  ? map_freeze+0x420/0x420
[  494.842274][T12659]  ? __might_fault+0xaa/0x120
[  494.847106][T12659]  ? __lock_acquire+0x7c80/0x7c80
[  494.852183][T12659]  ? file_end_write+0x159/0x250
[  494.857175][T12659]  ? __might_fault+0xaa/0x120
[  494.862167][T12659]  ? __might_fault+0xc6/0x120
[  494.867058][T12659]  ? __might_fault+0xaa/0x120
[  494.871791][T12659]  ? bpf_lsm_bpf+0x9/0x10
[  494.876253][T12659]  ? security_bpf+0x7e/0xa0
[  494.880809][T12659]  __sys_bpf+0x55a/0x800
[  494.885197][T12659]  ? bpf_link_show_fdinfo+0x350/0x350
[  494.890647][T12659]  ? lock_chain_count+0x20/0x20
[  494.895553][T12659]  __x64_sys_bpf+0x7c/0x90
[  494.900108][T12659]  do_syscall_64+0x55/0xb0
[  494.904571][T12659]  ? clear_bhb_loop+0x40/0x90
[  494.909419][T12659]  ? clear_bhb_loop+0x40/0x90
[  494.914610][T12659]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  494.920811][T12659] RIP: 0033:0x7f4981d8eec9
[  494.925355][T12659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.945368][T12659] RSP: 002b:00007f4982bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  494.953950][T12659] RAX: ffffffffffffffda RBX: 00007f4981fe5fa0 RCX: 00007f4981d8eec9
[  494.961988][T12659] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[  494.970384][T12659] RBP: 00007f4982bbf090 R08: 0000000000000000 R09: 0000000000000000
[  494.978667][T12659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.987081][T12659] R13: 00007f4981fe6038 R14: 00007f4981fe5fa0 R15: 00007fffc8b60838
[  494.995157][T12659]  </TASK>
[  495.022958][T12647] netlink: 'syz.1.2440': attribute type 29 has an invalid length.
[  495.090421][T12367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  495.205314][T12367] veth0_vlan: entered promiscuous mode
[  495.273238][T12367] veth1_vlan: entered promiscuous mode
[  495.403993][T12367] veth0_macvtap: entered promiscuous mode
[  495.428010][T12667] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2444'.
[  495.476701][T12367] veth1_macvtap: entered promiscuous mode
[  495.519140][T12367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.546342][T12367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.587773][T12674] netlink: 'syz.3.2447': attribute type 3 has an invalid length.
[  495.610142][T12367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.625309][T12674] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2447'.
[  495.632264][T12367] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.649246][T12367] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.671168][T12367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  495.709281][T12367] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.722829][T12679] FAULT_INJECTION: forcing a failure.
[  495.722829][T12679] name failslab, interval 1, probability 0, space 0, times 0
[  495.740788][T12367] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.750299][T12367] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  495.761596][T12679] CPU: 0 PID: 12679 Comm: syz.1.2449 Not tainted syzkaller #0
[  495.769231][T12679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  495.779425][T12679] Call Trace:
[  495.782745][T12679]  <TASK>
[  495.785721][T12679]  dump_stack_lvl+0x16c/0x230
[  495.790554][T12679]  ? show_regs_print_info+0x20/0x20
[  495.795816][T12679]  ? load_image+0x3b0/0x3b0
[  495.800561][T12679]  ? __might_sleep+0xe0/0xe0
[  495.805312][T12679]  ? __lock_acquire+0x7c80/0x7c80
[  495.810460][T12679]  should_fail_ex+0x39d/0x4d0
[  495.815399][T12679]  should_failslab+0x9/0x20
[  495.819963][T12679]  slab_pre_alloc_hook+0x59/0x310
[  495.825331][T12679]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  495.831000][T12679]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  495.836631][T12679]  __kmem_cache_alloc_node+0x53/0x260
[  495.842316][T12679]  ? __lock_acquire+0x7c80/0x7c80
[  495.847415][T12679]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  495.853332][T12679]  __kmalloc+0xa4/0x240
[  495.857999][T12679]  bpf_prog_test_run_skb+0x22c/0x11c0
[  495.863452][T12679]  ? __fget_files+0x28/0x4d0
[  495.868196][T12679]  ? __fget_files+0x44a/0x4d0
[  495.873040][T12679]  ? cpu_online+0x60/0x60
[  495.877438][T12679]  bpf_prog_test_run+0x321/0x390
[  495.882455][T12679]  __sys_bpf+0x440/0x800
[  495.886762][T12679]  ? bpf_link_show_fdinfo+0x350/0x350
[  495.892306][T12679]  ? lock_chain_count+0x20/0x20
[  495.897320][T12679]  __x64_sys_bpf+0x7c/0x90
[  495.901892][T12679]  do_syscall_64+0x55/0xb0
[  495.906374][T12679]  ? clear_bhb_loop+0x40/0x90
[  495.912164][T12679]  ? clear_bhb_loop+0x40/0x90
[  495.917103][T12679]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.923338][T12679] RIP: 0033:0x7f028698eec9
[  495.928509][T12679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.949487][T12679] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  495.958163][T12679] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  495.966560][T12679] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  495.974929][T12679] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  495.983129][T12679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.991333][T12679] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  495.999758][T12679]  </TASK>
[  496.004012][T12367] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.034653][T12674] netlink: 'syz.3.2447': attribute type 27 has an invalid length.
[  496.238629][ T1002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.281266][T12694] FAULT_INJECTION: forcing a failure.
[  496.281266][T12694] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.286488][ T1002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.312268][T12694] CPU: 0 PID: 12694 Comm: syz.2.2450 Not tainted syzkaller #0
[  496.319993][T12694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  496.330184][T12694] Call Trace:
[  496.333592][T12694]  <TASK>
[  496.336561][T12694]  dump_stack_lvl+0x16c/0x230
[  496.341393][T12694]  ? show_regs_print_info+0x20/0x20
[  496.346923][T12694]  ? load_image+0x3b0/0x3b0
[  496.351652][T12694]  ? __might_fault+0xaa/0x120
[  496.356574][T12694]  ? __lock_acquire+0x7c80/0x7c80
[  496.361659][T12694]  should_fail_ex+0x39d/0x4d0
[  496.366580][T12694]  _copy_from_user+0x2f/0xe0
[  496.371440][T12694]  sctp_setsockopt+0x19e/0x11e0
[  496.376444][T12694]  ? sock_common_recvmsg+0x1b0/0x1b0
[  496.381808][T12694]  do_sock_setsockopt+0x175/0x1a0
[  496.386999][T12694]  ? __fdget+0x180/0x210
[  496.388893][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.391480][T12694]  __x64_sys_setsockopt+0x184/0x200
[  496.400848][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.405642][T12694]  do_syscall_64+0x55/0xb0
[  496.405677][T12694]  ? clear_bhb_loop+0x40/0x90
[  496.422701][T12694]  ? clear_bhb_loop+0x40/0x90
[  496.427527][T12694]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.433484][T12694] RIP: 0033:0x7f30b138eec9
[  496.438050][T12694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.457904][T12694] RSP: 002b:00007f30b22c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  496.466623][T12694] RAX: ffffffffffffffda RBX: 00007f30b15e5fa0 RCX: 00007f30b138eec9
[  496.474818][T12694] RDX: 000000000000001f RSI: 0000000000000084 RDI: 0000000000000003
[  496.483023][T12694] RBP: 00007f30b22c4090 R08: 0000000000000090 R09: 0000000000000000
[  496.491047][T12694] R10: 0000200000000ac0 R11: 0000000000000246 R12: 0000000000000001
[  496.499347][T12694] R13: 00007f30b15e6038 R14: 00007f30b15e5fa0 R15: 00007ffc13bc6ea8
[  496.507589][T12694]  </TASK>
[  496.574961][T12697] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2452'.
[  496.682661][T12697] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2452'.
[  496.738699][T12697] netlink: 'syz.1.2452': attribute type 29 has an invalid length.
[  496.798501][T12697] netlink: 'syz.1.2452': attribute type 29 has an invalid length.
[  497.637225][   T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  497.650688][   T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  497.663703][   T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  497.686939][   T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  497.704320][   T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  497.712952][   T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  497.857552][T12735] FAULT_INJECTION: forcing a failure.
[  497.857552][T12735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  497.899543][T12735] CPU: 1 PID: 12735 Comm: syz.0.2459 Not tainted syzkaller #0
[  497.907367][T12735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  497.917739][T12735] Call Trace:
[  497.921122][T12735]  <TASK>
[  497.924540][T12735]  dump_stack_lvl+0x16c/0x230
[  497.930318][T12735]  ? show_regs_print_info+0x20/0x20
[  497.935774][T12735]  ? load_image+0x3b0/0x3b0
[  497.940450][T12735]  ? __lock_acquire+0x7c80/0x7c80
[  497.947120][T12735]  should_fail_ex+0x39d/0x4d0
[  497.953055][T12735]  _copy_from_user+0x2f/0xe0
[  497.958055][T12735]  __copy_msghdr+0x3bb/0x580
[  497.962995][T12735]  ___sys_sendmsg+0x1a6/0x290
[  497.967753][T12735]  ? __sys_sendmsg+0x270/0x270
[  497.972953][T12735]  ? __lock_acquire+0x7c80/0x7c80
[  497.978348][T12735]  __se_sys_sendmsg+0x1a5/0x270
[  497.983487][T12735]  ? __x64_sys_sendmsg+0x80/0x80
[  497.989258][T12735]  ? trace_sys_enter+0x1f/0x80
[  497.994443][T12735]  do_syscall_64+0x55/0xb0
[  497.999630][T12735]  ? clear_bhb_loop+0x40/0x90
[  498.004555][T12735]  ? clear_bhb_loop+0x40/0x90
[  498.009302][T12735]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  498.015452][T12735] RIP: 0033:0x7f9bed78eec9
[  498.020041][T12735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.042092][T12735] RSP: 002b:00007f9bee6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  498.051261][T12735] RAX: ffffffffffffffda RBX: 00007f9bed9e5fa0 RCX: 00007f9bed78eec9
[  498.059369][T12735] RDX: 0000000020044818 RSI: 00002000000009c0 RDI: 0000000000000003
[  498.067917][T12735] RBP: 00007f9bee6b8090 R08: 0000000000000000 R09: 0000000000000000
[  498.076172][T12735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  498.084829][T12735] R13: 00007f9bed9e6038 R14: 00007f9bed9e5fa0 R15: 00007ffc99f318d8
[  498.092977][T12735]  </TASK>
[  498.142026][T12738] __nla_validate_parse: 2 callbacks suppressed
[  498.142046][T12738] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2462'.
[  498.656882][T12743] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2462'.
[  498.811898][T12755] validate_nla: 6 callbacks suppressed
[  498.811931][T12755] netlink: 'syz.0.2464': attribute type 3 has an invalid length.
[  498.837771][T12755] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2464'.
[  498.902292][T12755] netlink: 'syz.0.2464': attribute type 27 has an invalid length.
[  499.015180][ T5792] Bluetooth: hci2: unexpected event 0x04 length: 15 > 10
[  499.019028][T12755] bond0: (slave bond_slave_0): Releasing backup interface
[  499.263979][ T3438] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  499.369362][T12727] chnl_net:caif_netlink_parms(): no params data found
[  499.543655][ T3438] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  499.749835][ T3438] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  499.838818][ T5792] Bluetooth: hci3: command tx timeout
[  499.970964][ T3438] bond0: (slave netdevsim0): Releasing backup interface
[  500.000466][ T3438] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.145282][T12727] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.164490][T12780] netlink: 'syz.1.2468': attribute type 3 has an invalid length.
[  500.176616][T12727] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.183950][T12727] bridge_slave_0: entered allmulticast mode
[  500.207120][T12780] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2468'.
[  500.237986][T12727] bridge_slave_0: entered promiscuous mode
[  500.264453][T12727] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.286889][T12727] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.294291][T12727] bridge_slave_1: entered allmulticast mode
[  500.344240][T12727] bridge_slave_1: entered promiscuous mode
[  500.408843][T12786] netlink: 'syz.3.2470': attribute type 1 has an invalid length.
[  500.426750][T12786] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2470'.
[  500.476154][T12780] netlink: 'syz.1.2468': attribute type 27 has an invalid length.
[  500.501728][T12786] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2470'.
[  500.539853][T12727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  500.648826][T12727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  501.038098][ T5792] Bluetooth: hci2: command tx timeout
[  501.301356][T12727] team0: Port device team_slave_0 added
[  501.305507][T12800] FAULT_INJECTION: forcing a failure.
[  501.305507][T12800] name failslab, interval 1, probability 0, space 0, times 0
[  501.353737][T12727] team0: Port device team_slave_1 added
[  501.360514][T12800] CPU: 0 PID: 12800 Comm: syz.1.2473 Not tainted syzkaller #0
[  501.360547][T12800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  501.360562][T12800] Call Trace:
[  501.360582][T12800]  <TASK>
[  501.360593][T12800]  dump_stack_lvl+0x16c/0x230
[  501.360636][T12800]  ? show_regs_print_info+0x20/0x20
[  501.360669][T12800]  ? load_image+0x3b0/0x3b0
[  501.360697][T12800]  ? __might_sleep+0xe0/0xe0
[  501.407579][T12800]  ? __lock_acquire+0x7c80/0x7c80
[  501.412942][T12800]  ? mark_lock+0x94/0x320
[  501.417600][T12800]  should_fail_ex+0x39d/0x4d0
[  501.422631][T12800]  should_failslab+0x9/0x20
[  501.427562][T12800]  slab_pre_alloc_hook+0x59/0x310
[  501.432985][T12800]  ? __get_vm_area_node+0x125/0x370
[  501.438269][T12800]  __kmem_cache_alloc_node+0x53/0x260
[  501.443822][T12800]  ? __get_vm_area_node+0x125/0x370
[  501.449092][T12800]  kmalloc_node_trace+0x26/0xe0
[  501.454102][T12800]  __get_vm_area_node+0x125/0x370
[  501.459294][T12800]  __vmalloc_node_range+0x36e/0x1320
[  501.464924][T12800]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  501.470557][T12800]  ? mark_lock+0x94/0x320
[  501.475133][T12800]  ? __lock_acquire+0x1334/0x7c80
[  501.480227][T12800]  ? verify_lock_unused+0x140/0x140
[  501.485584][T12800]  ? free_vm_area+0x50/0x50
[  501.490140][T12800]  ? end_current_label_crit_section+0x170/0x170
[  501.496481][T12800]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  501.502324][T12800]  __vmalloc+0x7a/0x90
[  501.506437][T12800]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  501.512025][T12800]  bpf_prog_alloc_no_stats+0x47/0x440
[  501.517427][T12800]  ? bpf_prog_alloc+0x2b/0x1b0
[  501.522210][T12800]  bpf_prog_alloc+0x3d/0x1b0
[  501.527111][T12800]  bpf_prog_load+0x6b8/0x16d0
[  501.532519][T12800]  ? map_freeze+0x420/0x420
[  501.537355][T12800]  ? __might_fault+0xaa/0x120
[  501.542507][T12800]  ? __lock_acquire+0x7c80/0x7c80
[  501.548315][T12800]  ? file_end_write+0x159/0x250
[  501.553742][T12800]  ? __might_fault+0xaa/0x120
[  501.558534][T12800]  ? __might_fault+0xc6/0x120
[  501.563598][T12800]  ? __might_fault+0xaa/0x120
[  501.568863][T12800]  ? bpf_lsm_bpf+0x9/0x10
[  501.573833][T12800]  ? security_bpf+0x7e/0xa0
[  501.578398][T12800]  __sys_bpf+0x55a/0x800
[  501.583478][T12800]  ? bpf_link_show_fdinfo+0x350/0x350
[  501.589175][T12800]  ? lock_chain_count+0x20/0x20
[  501.594378][T12800]  __x64_sys_bpf+0x7c/0x90
[  501.599178][T12800]  do_syscall_64+0x55/0xb0
[  501.604431][T12800]  ? clear_bhb_loop+0x40/0x90
[  501.609255][T12800]  ? clear_bhb_loop+0x40/0x90
[  501.614138][T12800]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  501.620167][T12800] RIP: 0033:0x7f028698eec9
[  501.624890][T12800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.645508][T12800] RSP: 002b:00007f02878a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  501.654443][T12800] RAX: ffffffffffffffda RBX: 00007f0286be5fa0 RCX: 00007f028698eec9
[  501.662656][T12800] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  501.670858][T12800] RBP: 00007f02878a2090 R08: 0000000000000000 R09: 0000000000000000
[  501.679031][T12800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.687167][T12800] R13: 00007f0286be6038 R14: 00007f0286be5fa0 R15: 00007ffd9bbeaa48
[  501.695200][T12800]  </TASK>
[  501.749326][T12727] batman_adv: batadv0: Adding interface: batadv_slave_0
[  501.761492][T12727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  501.806195][T12727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  501.925476][ T5792] Bluetooth: hci3: command tx timeout
[  501.995665][T12727] batman_adv: batadv0: Adding interface: batadv_slave_1
[  502.049433][T12727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.104298][T12727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  502.188115][ T5792] Bluetooth: hci4: unexpected event 0x04 length: 15 > 10
[  502.335025][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  502.352882][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  502.847709][T12727] hsr_slave_0: entered promiscuous mode
[  502.882200][T12727] hsr_slave_1: entered promiscuous mode
[  502.899663][T12727] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  502.924990][T12727] Cannot create hsr debugfs directory
[  502.992925][T12823] netlink: 'syz.3.2479': attribute type 27 has an invalid length.
[  503.099639][T12827] FAULT_INJECTION: forcing a failure.
[  503.099639][T12827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.152183][T12827] CPU: 0 PID: 12827 Comm: syz.0.2480 Not tainted syzkaller #0
[  503.159905][T12827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  503.170095][T12827] Call Trace:
[  503.173416][T12827]  <TASK>
[  503.176387][T12827]  dump_stack_lvl+0x16c/0x230
[  503.181210][T12827]  ? show_regs_print_info+0x20/0x20
[  503.186493][T12827]  ? load_image+0x3b0/0x3b0
[  503.191224][T12827]  ? __lock_acquire+0x7c80/0x7c80
[  503.196320][T12827]  should_fail_ex+0x39d/0x4d0
[  503.201075][T12827]  _copy_from_user+0x2f/0xe0
[  503.205802][T12827]  __copy_msghdr+0x3bb/0x580
[  503.210544][T12827]  ___sys_sendmsg+0x1a6/0x290
[  503.215468][T12827]  ? __sys_sendmsg+0x270/0x270
[  503.220491][T12827]  ? __lock_acquire+0x7c80/0x7c80
[  503.225771][T12827]  __se_sys_sendmsg+0x1a5/0x270
[  503.230857][T12827]  ? __x64_sys_sendmsg+0x80/0x80
[  503.235959][T12827]  ? trace_sys_enter+0x1f/0x80
[  503.240772][T12827]  do_syscall_64+0x55/0xb0
[  503.245311][T12827]  ? clear_bhb_loop+0x40/0x90
[  503.250282][T12827]  ? clear_bhb_loop+0x40/0x90
[  503.255065][T12827]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  503.261162][T12827] RIP: 0033:0x7f9bed78eec9
[  503.265599][T12827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.285680][T12827] RSP: 002b:00007f9bee6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  503.294132][T12827] RAX: ffffffffffffffda RBX: 00007f9bed9e5fa0 RCX: 00007f9bed78eec9
[  503.302126][T12827] RDX: 0000000020000810 RSI: 0000200000000100 RDI: 0000000000000003
[  503.310390][T12827] RBP: 00007f9bee6b8090 R08: 0000000000000000 R09: 0000000000000000
[  503.318579][T12827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.326678][T12827] R13: 00007f9bed9e6038 R14: 00007f9bed9e5fa0 R15: 00007ffc99f318d8
[  503.334707][T12827]  </TASK>
[  503.619565][T12839] netlink: 'syz.3.2484': attribute type 9 has an invalid length.
[  503.640152][T12839] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2484'.
[  503.835438][T12843] netlink: 'syz.3.2484': attribute type 9 has an invalid length.
[  503.871228][T12843] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2484'.
[  503.997733][ T5792] Bluetooth: hci3: command tx timeout
[  504.237196][ T5792] Bluetooth: hci4: command tx timeout
[  504.267889][ T3438] 
[  504.270412][ T3438] ======================================================
[  504.277554][ T3438] WARNING: possible circular locking dependency detected
[  504.285326][ T3438] syzkaller #0 Not tainted
[  504.289792][ T3438] ------------------------------------------------------
[  504.297375][ T3438] kworker/u4:7/3438 is trying to acquire lock:
[  504.303926][ T3438] ffff88807cd80d00 (team->team_lock_key#3){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  504.313769][ T3438] 
[  504.313769][ T3438] but task is already holding lock:
[  504.321269][ T3438] ffff88805cdf8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  504.331987][ T3438] 
[  504.331987][ T3438] which lock already depends on the new lock.
[  504.331987][ T3438] 
[  504.342564][ T3438] 
[  504.342564][ T3438] the existing dependency chain (in reverse order) is:
[  504.352071][ T3438] 
[  504.352071][ T3438] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  504.359856][ T3438]        __mutex_lock+0x129/0xcc0
[  504.365043][ T3438]        ieee80211_open+0x144/0x200
[  504.370383][ T3438]        __dev_open+0x2bc/0x430
[  504.375262][ T3438]        dev_open+0xab/0x170
[  504.379978][ T3438]        team_add_slave+0xae7/0x2660
[  504.385305][ T3438]        do_setlink+0xe14/0x3fb0
[  504.390654][ T3438]        rtnl_newlink+0x175b/0x2020
[  504.396155][ T3438]        rtnetlink_rcv_msg+0x7c7/0xf10
[  504.402417][ T3438]        netlink_rcv_skb+0x216/0x480
[  504.407947][ T3438]        netlink_unicast+0x751/0x8d0
[  504.413554][ T3438]        netlink_sendmsg+0x8c1/0xbe0
[  504.418943][ T3438]        ____sys_sendmsg+0x5bf/0x950
[  504.424366][ T3438]        ___sys_sendmsg+0x220/0x290
[  504.429717][ T3438]        __se_sys_sendmsg+0x1a5/0x270
[  504.435136][ T3438]        do_syscall_64+0x55/0xb0
[  504.440110][ T3438]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.446551][ T3438] 
[  504.446551][ T3438] -> #0 (team->team_lock_key#3){+.+.}-{3:3}:
[  504.455003][ T3438]        __lock_acquire+0x2ddb/0x7c80
[  504.460511][ T3438]        lock_acquire+0x197/0x410
[  504.465697][ T3438]        __mutex_lock+0x129/0xcc0
[  504.470773][ T3438]        team_del_slave+0x32/0x1c0
[  504.475952][ T3438]        team_device_event+0x28d/0xa20
[  504.481791][ T3438]        notifier_call_chain+0x197/0x390
[  504.487739][ T3438]        unregister_netdevice_many_notify+0xf36/0x1810
[  504.494974][ T3438]        unregister_netdevice_queue+0x324/0x360
[  504.501268][ T3438]        _cfg80211_unregister_wdev+0x16b/0x580
[  504.507575][ T3438]        ieee80211_remove_interfaces+0x496/0x680
[  504.514028][ T3438]        ieee80211_unregister_hw+0x5d/0x2a0
[  504.519963][ T3438]        mac80211_hwsim_del_radio+0x274/0x450
[  504.526142][ T3438]        hwsim_exit_net+0x585/0x640
[  504.531474][ T3438]        cleanup_net+0x6f4/0xb90
[  504.536634][ T3438]        process_scheduled_works+0xa45/0x15b0
[  504.543059][ T3438]        worker_thread+0xa55/0xfc0
[  504.548425][ T3438]        kthread+0x2fa/0x390
[  504.553301][ T3438]        ret_from_fork+0x48/0x80
[  504.558647][ T3438]        ret_from_fork_asm+0x11/0x20
[  504.564045][ T3438] 
[  504.564045][ T3438] other info that might help us debug this:
[  504.564045][ T3438] 
[  504.574375][ T3438]  Possible unsafe locking scenario:
[  504.574375][ T3438] 
[  504.582221][ T3438]        CPU0                    CPU1
[  504.587744][ T3438]        ----                    ----
[  504.593132][ T3438]   lock(&rdev->wiphy.mtx);
[  504.597861][ T3438]                                lock(team->team_lock_key#3);
[  504.605572][ T3438]                                lock(&rdev->wiphy.mtx);
[  504.612888][ T3438]   lock(team->team_lock_key#3);
[  504.617938][ T3438] 
[  504.617938][ T3438]  *** DEADLOCK ***
[  504.617938][ T3438] 
[  504.626191][ T3438] 5 locks held by kworker/u4:7/3438:
[  504.631697][ T3438]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  504.642782][ T3438]  #1: ffffc9000c787d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  504.653690][ T3438]  #2: ffffffff8dfae850 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[  504.663293][ T3438]  #3: ffffffff8dfbb688 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  504.673259][ T3438]  #4: ffff88805cdf8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  504.684365][ T3438] 
[  504.684365][ T3438] stack backtrace:
[  504.690382][ T3438] CPU: 1 PID: 3438 Comm: kworker/u4:7 Not tainted syzkaller #0
[  504.697966][ T3438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  504.708262][ T3438] Workqueue: netns cleanup_net
[  504.713243][ T3438] Call Trace:
[  504.716627][ T3438]  <TASK>
[  504.719688][ T3438]  dump_stack_lvl+0x16c/0x230
[  504.724404][ T3438]  ? load_image+0x3b0/0x3b0
[  504.728959][ T3438]  ? show_regs_print_info+0x20/0x20
[  504.734184][ T3438]  ? print_circular_bug+0x12b/0x1a0
[  504.739644][ T3438]  check_noncircular+0x2bd/0x3c0
[  504.744660][ T3438]  ? print_deadlock_bug+0x5d0/0x5d0
[  504.749899][ T3438]  ? lockdep_lock+0xe0/0x220
[  504.754511][ T3438]  ? __lock_acquire+0x1334/0x7c80
[  504.759750][ T3438]  ? _find_first_zero_bit+0xd3/0x100
[  504.765253][ T3438]  __lock_acquire+0x2ddb/0x7c80
[  504.770136][ T3438]  ? verify_lock_unused+0x140/0x140
[  504.775368][ T3438]  ? verify_lock_unused+0x140/0x140
[  504.780592][ T3438]  lock_acquire+0x197/0x410
[  504.785113][ T3438]  ? team_del_slave+0x32/0x1c0
[  504.789977][ T3438]  ? __might_sleep+0xe0/0xe0
[  504.794587][ T3438]  ? read_lock_is_recursive+0x20/0x20
[  504.800069][ T3438]  __mutex_lock+0x129/0xcc0
[  504.804680][ T3438]  ? team_del_slave+0x32/0x1c0
[  504.810334][ T3438]  ? __lock_acquire+0x7c80/0x7c80
[  504.815458][ T3438]  ? rcu_is_watching+0x15/0xb0
[  504.820240][ T3438]  ? trace_contention_end+0x39/0xe0
[  504.825569][ T3438]  ? __mutex_lock+0x304/0xcc0
[  504.830619][ T3438]  ? team_del_slave+0x32/0x1c0
[  504.835398][ T3438]  ? mutex_lock_nested+0x20/0x20
[  504.840447][ T3438]  ? bond_netdev_event+0xe1/0xef0
[  504.845497][ T3438]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  504.851272][ T3438]  ? bond_ipsec_offload_ok+0x410/0x410
[  504.856801][ T3438]  team_del_slave+0x32/0x1c0
[  504.861509][ T3438]  team_device_event+0x28d/0xa20
[  504.866641][ T3438]  notifier_call_chain+0x197/0x390
[  504.871782][ T3438]  unregister_netdevice_many_notify+0xf36/0x1810
[  504.878230][ T3438]  ? lock_chain_count+0x20/0x20
[  504.883314][ T3438]  ? unregister_netdevice_many+0x20/0x20
[  504.889159][ T3438]  ? kernfs_remove_by_name_ns+0x117/0x150
[  504.895037][ T3438]  ? __lock_acquire+0x7c80/0x7c80
[  504.900183][ T3438]  unregister_netdevice_queue+0x324/0x360
[  504.905960][ T3438]  ? list_netdevice+0x730/0x730
[  504.910937][ T3438]  ? kernfs_remove_by_name_ns+0x117/0x150
[  504.916782][ T3438]  _cfg80211_unregister_wdev+0x16b/0x580
[  504.922829][ T3438]  ieee80211_remove_interfaces+0x496/0x680
[  504.929346][ T3438]  ? ieee80211_do_stop+0x1db0/0x1db0
[  504.934927][ T3438]  ? rcu_is_watching+0x15/0xb0
[  504.939902][ T3438]  ieee80211_unregister_hw+0x5d/0x2a0
[  504.945431][ T3438]  mac80211_hwsim_del_radio+0x274/0x450
[  504.951049][ T3438]  ? rhashtable_remove_fast+0xbf0/0xbf0
[  504.956667][ T3438]  hwsim_exit_net+0x585/0x640
[  504.961370][ T3438]  ? hwsim_init_net+0x90/0x90
[  504.966330][ T3438]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  504.972611][ T3438]  cleanup_net+0x6f4/0xb90
[  504.977234][ T3438]  ? ops_free_list+0x3b0/0x3b0
[  504.982282][ T3438]  ? _raw_spin_unlock_irq+0x23/0x50
[  504.987627][ T3438]  ? process_scheduled_works+0x957/0x15b0
[  504.993394][ T3438]  ? process_scheduled_works+0x957/0x15b0
[  504.999326][ T3438]  process_scheduled_works+0xa45/0x15b0
[  505.005083][ T3438]  ? assign_work+0x400/0x400
[  505.009801][ T3438]  ? assign_work+0x39e/0x400
[  505.014588][ T3438]  worker_thread+0xa55/0xfc0
[  505.019307][ T3438]  kthread+0x2fa/0x390
[  505.023521][ T3438]  ? pr_cont_work+0x560/0x560
[  505.028372][ T3438]  ? kthread_blkcg+0xd0/0xd0
[  505.033099][ T3438]  ret_from_fork+0x48/0x80
[  505.037689][ T3438]  ? kthread_blkcg+0xd0/0xd0
[  505.042537][ T3438]  ret_from_fork_asm+0x11/0x20
[  505.047360][ T3438]  </TASK>
[  505.074114][ T3438] mac80211_hwsim hwsim7 wlan1 (unregistering): left promiscuous mode
[  505.090507][ T3438] mac80211_hwsim hwsim7 wlan1 (unregistering): left allmulticast mode
[  505.109954][T12861] netlink: 'syz.3.2486': attribute type 3 has an invalid length.
[  505.110377][ T3438] team0: Port device wlan1 removed
[  505.119792][T12861] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2486'.
[  505.159661][T12861] netlink: 'syz.3.2486': attribute type 27 has an invalid length.
[  505.278382][ T3438] hsr_slave_0: left promiscuous mode
[  505.284687][ T3438] hsr_slave_1: left promiscuous mode
[  505.297828][ T3438] veth1_macvtap: left promiscuous mode
[  505.303802][ T3438] veth0_macvtap: left promiscuous mode
[  505.312917][ T3438] veth1_vlan: left promiscuous mode
[  505.421932][ T3438] geneve1 (unregistering): left promiscuous mode
[  505.431371][ T3438] geneve1 (unregistering): left allmulticast mode
[  505.439362][ T3438] team0 (unregistering): Port device geneve1 removed
[  505.463477][ T3438] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  505.537583][ T3438] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  505.733147][ T3438] ±ÿ (unregistering): left promiscuous mode
[  505.739922][ T3438] ±ÿ (unregistering): left allmulticast mode
[  505.748117][ T3438] team0 (unregistering): Port device 
2
6±ÿ removed
[  505.777743][ T3438] team_slave_0 (unregistering): left promiscuous mode
[  505.785399][ T3438] team0 (unregistering): Port device team_slave_0 removed
[  505.817038][ T3438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  505.908760][ T3438] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  506.061946][ T3438] bond0 (unregistering): Released all slaves
[  506.076851][ T5792] Bluetooth: hci3: command tx timeout
[  506.427715][T12727] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  506.440430][T12727] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  506.460189][T12727] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  506.483723][T12727] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  506.593467][T12727] 8021q: adding VLAN 0 to HW filter on device bond0
[  506.620733][T12727] 8021q: adding VLAN 0 to HW filter on device team0
[  506.641767][ T7146] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.649101][ T7146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  506.670008][ T7155] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.677603][ T7155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  506.962427][T12727] 8021q: adding VLAN 0 to HW filter on device batadv0
[  507.022118][T12727] veth0_vlan: entered promiscuous mode
[  507.035316][T12727] veth1_vlan: entered promiscuous mode
[  507.101109][T12727] veth0_macvtap: entered promiscuous mode
[  507.115449][T12727] veth1_macvtap: entered promiscuous mode
[  507.138141][T12727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.149309][T12727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.160348][T12727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.171461][T12727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.184536][T12727] batman_adv: batadv0: Interface activated: batadv_slave_0
[  507.203730][T12727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  507.216808][T12727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.227846][T12727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  507.240468][T12727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.253367][T12727] batman_adv: batadv0: Interface activated: batadv_slave_1
[  507.272648][T12727] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  507.284896][T12727] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  507.298287][T12727] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  507.310876][T12727] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  507.360431][T12727] ieee80211 phy19: Selected rate control algorithm 'minstrel_ht'
[  507.398353][ T7155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.418117][T12727] ieee80211 phy20: Selected rate control algorithm 'minstrel_ht'
[  507.430505][ T7155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  507.464210][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.474445][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50