last executing test programs:

7.893886238s ago: executing program 0 (id=16309):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000002345f3870000000005000000850000002e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x8008}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x4000, r2}, 0x18)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x3}, 0x4000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x10, 0x100000000002, 0x4)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$kcm(0x28, 0x5, 0x0)
close(r5)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x3f, 0x1, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r4, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001759983f1b958500a7b0f654f9cb0ecdac2246875885671000002a00", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)

7.646525712s ago: executing program 0 (id=16311):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=@base={0x10, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)

7.52549584s ago: executing program 0 (id=16312):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

6.986370711s ago: executing program 0 (id=16324):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f00000002c0), 0x161)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
close(r0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000010)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000640)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_clone(0x61000600, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r4}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.676758957s ago: executing program 1 (id=16323):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000008000000020000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\t\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00'], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r0}, &(0x7f0000000d00), &(0x7f0000000d40)='%-5lx  \x00'}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$kcm(0x10, 0x2, 0x4)
close(r2)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x19, &(0x7f0000000300)=[{&(0x7f0000000100)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190007000200060001c00200bc24eab556a705251e618294ff4051f60a84c9f4d4938037e786a6d00010000400000000000000c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4004004)

5.583035653s ago: executing program 1 (id=16326):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

4.665188007s ago: executing program 1 (id=16335):
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000140)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, r0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x10001}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close(r0)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x2a, 0x0, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x78, &(0x7f0000000040)=r3, 0x4)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8916, &(0x7f0000000000)={'wlan1\x00', @random="0200ff7fffff"})
socketpair(0x18, 0x4, 0x1, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000240)=ANY=[@ANYRES16=r6])
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000200000000dd0a00000000000073013b00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)
r7 = socket$kcm(0x22, 0x2, 0x21)
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x8004)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="1c000000210081044e81f782db44b9040200000000806c0100001500", 0x1c}], 0x1}, 0x0)
syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)

4.414527001s ago: executing program 2 (id=16337):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

3.831149016s ago: executing program 1 (id=16338):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

3.323132055s ago: executing program 2 (id=16340):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

3.222467071s ago: executing program 3 (id=16342):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

3.074863099s ago: executing program 3 (id=16343):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xa, &(0x7f00000002c0)=r2, 0x4)

2.959095856s ago: executing program 3 (id=16344):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0xc, 0x0, &(0x7f0000001fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socketpair(0x3d, 0x803, 0x7, &(0x7f0000000300))
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x3b5b74e9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0xf2, 0x0, 0x5d31, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc75, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0900010005000000020000020000000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={0x1, &(0x7f0000000500)="8f8f305d4255409ab24768f11c10a71a2f72d4ffb7c25dcf5bae085b534afb6ba9a74ce787b5d866776da7ce006d05d4b58e00e74d974b32a97d041a7b4bf0c7e08c198896bd8663735f0378e76b01bb76b565e848a09d044cb849f78019539e89a445b1a6789d519a79ec88c50b469c93576941eaf0c220db54121468203ed570"}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1d, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0e0180000004000000df668b4eeac7b0d22725475011c968262d60b2cc8febab3fa7612b107a9b7f6347015710d071e489bd8aaa75c32895dc3da6452a127fa5877e3ce6e3dbdca11eefe386896912254f234c8a9b32cf91941a295c55a998d62ae29973f582d0ed25731cf54a2f02cae224b17f46dd3d4ce08fb57992b411d431d2ed3b4f56eacb8cd3f56b7361d19a32c5162d0000000000000000000000000000000086228318b2f288c113a33c25a02572e31b6d8edb7adcc571420634642e072549fa5a7c6876590c43a4910f7fa3aa906d9812cbb372617ac5cb90b2826c0b36c3b4b24fded6885057ed25b554a8ce2796d241ac63bc1436e1913af378cdb3255991c9bd7405d5709c75ec69808b49349820fef0cccee5b75ffc1242233c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xc052fdaa5f61da4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb9d, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
close(r2)
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)

2.758799428s ago: executing program 1 (id=16346):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

2.72534335s ago: executing program 3 (id=16347):
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0xe, 0x10104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000140)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, r0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x10001}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close(r0)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x2a, 0x0, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x78, &(0x7f0000000040)=r3, 0x4)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8916, &(0x7f0000000000)={'wlan1\x00', @random="0200ff7fffff"})
socketpair(0x18, 0x4, 0x1, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000240)=ANY=[@ANYRES16=r6])
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000200000000dd0a00000000000073013b00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)
r7 = socket$kcm(0x22, 0x2, 0x21)
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x8004)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="1c000000210081044e81f782db44b9040200000000806c0100001500", 0x1c}], 0x1}, 0x0)
syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)

2.72467047s ago: executing program 4 (id=16348):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000008000000020000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\t\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x19, &(0x7f0000000300)=[{&(0x7f0000000100)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190007000200060001c00200bc24eab556a705251e618294ff4051f60a84c9f4d4938037e786a6d00010000400000000000000c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4004004)

2.369455951s ago: executing program 4 (id=16349):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x63, 0x1, 0x0, 0x0, 0x0, 0xce, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xc}, 0x118002, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x100000000000, 0xffffffffffffffff, 0xb)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x2, 0x1006, 0xff, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50) (fail_nth: 1)

2.227892929s ago: executing program 2 (id=16350):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f00000002c0), 0x161)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
close(r0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000010)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000640)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_clone(0x61000600, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r4}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.898045708s ago: executing program 3 (id=16351):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000180)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f00000002c0)=0x7172e9e0, 0x12)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000000)={0x1, 0x6, [@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, @broadcast, @random="e045b53daa01", @random="4fa448460feb", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}]})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x63, 0x1, 0x0, 0x0, 0x0, 0xce, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xc}, 0x118002, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x100000000000, 0xffffffffffffffff, 0xb)
socket$kcm(0x29, 0x6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x2, 0x1006, 0xff, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)

1.634517674s ago: executing program 1 (id=16352):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

1.560130468s ago: executing program 4 (id=16353):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffd, 0x0, 0xe9c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
r2 = socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(r2, 0x29, 0x14, &(0x7f0000000100), 0x120)
close(r0)
perf_event_open(&(0x7f0000000240)={0x8, 0x80, 0x4, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0, 0x7e674f9da07d633b}, 0x100008, 0xa0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x29, 0x36, 0x0, 0xa4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)

1.300117093s ago: executing program 4 (id=16354):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xa, &(0x7f00000002c0)=r2, 0x4)

1.193313649s ago: executing program 4 (id=16355):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

1.104020015s ago: executing program 0 (id=16356):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008000000", @ANYBLOB='\x00'/17, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x10000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x400, 0x1}, 0x10200, 0x0, 0x0, 0x0, 0x0, 0xffff0000, 0x0, 0x0, 0xffffffff, 0x0, 0xfffffffffffffff1}, 0x0, 0x20000000000, r0, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000140))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={0xffffffffffffffff, 0x18000000000002a0, 0x32, 0x0, &(0x7f0000000000)="b9ff0300600d698dff062cf008004de7f9c7643600000002007af5f3da11ee93aa1a014409a65ca947348c5352c0c05cb77a", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000b80))
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000080))
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000002100)=[{&(0x7f0000002200)=""/285, 0x11d}, {&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f00000006c0)=""/191, 0xbf}, {&(0x7f00000008c0)=""/213, 0xd5}, {&(0x7f0000002340)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/211, 0xd3}, {&(0x7f0000000280)=""/216, 0xd8}, {&(0x7f0000000b00)=""/176, 0xb0}, {&(0x7f0000000a40)=""/140, 0x8c}], 0x9}, 0x40002140)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x80001, 0x0)
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000240)=0xed0a)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0), 0xc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000080)="5c00000011006bec9e3be35c6e17aa31076b876c0d000000ba090000160af3653c001ac00400020208000200030001002c000000eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000000ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$inet(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000dc0)="bbb53d1c2917aa5a50aeab0f23c898303daa50f88ce59cc7efac1098fdfddf0e530873ccb47d9b5ce32ba5ec7a8488c78fecb1340178f128e86592ed21c3449bcaab2c63be3bc279dc4d379d308d2e98f52f16267c4d46bb4879181b260fb13d6b1de595e7fbfae1", 0x68}, {&(0x7f0000000540)="24d599978ca1d827e95d4fab8a4e95d06b0fbbb39ba4e950e7b8d46df1f8ad4fc218d03307c38ff6", 0x28}, {&(0x7f0000000e40)="c61c02863968513fa0fe00a96893f1e910cc93bbd7a75f3d2d9497d81c896290e80175d8832555ca8cc62b70e9e70128239ef9ad2824766ca54831a899fd67203d7b56c13a612ea647aa1cc76fa42716e7bbbfb81331c8ade6a774e6cd7180267bd41ec04cfa8d35118b8d78da36d8fbea8b618c5670bc43640d6c383427bef8566a1e", 0x83}, {&(0x7f0000000f80)="37b29ba66c54e4578397238ab999a0efaa70ff9617e250f4ca5b5c1259c92d8331e3e19b9510601318cd2e44889c788bbe28481edf01abc10dd5a352790205422165f9305a30082dc8a184ccdc443a315b444eb0b059e2e10e849a451003dd2a661f4076efcc261a42a6cc9f5d3696bc2eebacf4dc8416c34af3dfdecefbf9f052ed70052a882d32260b5e051af3b3718fdc6b4ec7be3bddc5d503a134bcf23a179f500956016035fcf7143da188d89c007ceca81066e2990c4bb923f997d093aa92fcd414bf4a5931f447f6a9b750b3a23b1f53d3d87ff31e05fdf98a99b4f011dd9463fb19bdae44ca4e9cbce96131101580daa053fc2eb04f44533d35be", 0xff}, {&(0x7f0000001080)="10d4690e86dba602d028e51d33229d683fca3f6283fa7e00e469450113b90bd180b0d483ff368ab15656f4571c56a7067c782737e988fd751ddacfd73248f7cde3fcba84eafba8c6aa104472b055043a362d371ebffe1012244be9dfca7399ac83efaeb0024b74006eab12a4beb4d1c55d6e0a87a442a3a437b4a0d20f19e184b539bb08f5ffaa4c1b027cc7a82215c859154d5c30c72f8e2b9c8170b4eed3bd82b2f9e386aa", 0xa6}, {&(0x7f0000001200)="eb5df375066ce04c37b0cbe72da77c1e8f11bf4825968db1fe339edfbcd0e446a3ae5b24270466d661e280f87f81f0ed9e60c851992fbd6179776328d4b9441f111c5d4d3078a9c889e85898fed9c4f5f442d14986cf917093ec312a65d4548420f869c7532e5c5214698523520bf15038caeeb04b79580bda9fe288fd12dac38f71247af3508fbe46640ffb15078b115c8c817bb852fadf4088a3b237545f8b6a33a06db795879b27d769c72d900e32ebf62f71e807a0e0a3811b754296349ddee58acf74e399439ad1fea4cca7d013c7753f27ef98b361f37f6b9bbc10d2e8bf51185ecd412aa3953b66", 0xeb}], 0x6, &(0x7f00000013c0)=ANY=[@ANYBLOB], 0x98}, 0x40008)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa7664012d42961e1445ce83def332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5bb6f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xffcf}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

1.055249268s ago: executing program 3 (id=16357):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

1.008805941s ago: executing program 4 (id=16358):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b8703130000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000004) (fail_nth: 4)

560.864477ms ago: executing program 2 (id=16359):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000002345f3870000000005000000850000002e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x8008}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x4000, r2}, 0x18)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x3}, 0x4000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x10, 0x100000000002, 0x4)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext={0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$kcm(0x28, 0x5, 0x0)
close(r5)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x3f, 0x1, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r4, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001759983f1b958500a7b0f654f9cb0ecdac2246875885671000002a00", @ANYRES32=r6, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f00", 0x16}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)

448.606503ms ago: executing program 2 (id=16360):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000008000000020000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\t\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x19, &(0x7f0000000300)=[{&(0x7f0000000100)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190007000200060001c00200bc24eab556a705251e618294ff4051f60a84c9f4d4938037e786a6d00010000400000000000000c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4004004)

590.44µs ago: executing program 0 (id=16361):
socket$kcm(0x2, 0x5, 0x84)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg(0xffffffffffffffff, 0x0, 0x10)
socket$kcm(0x10, 0x2, 0x4)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x41, 0x0, 0x8f00)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x200, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722", 0x6f}, {0x0}], 0x2}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xfe80000000000000, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)='\x00\x00', 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000580)={'full', 0x20, 0x4, 0x20, 0x9}, 0x2f)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a6742d5c27a9fc4f4", 0xffffff53}], 0x3}, 0x4009080)

0s ago: executing program 2 (id=16362):
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0xe, 0x10104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000140)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, r0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x248, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x10001}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r1], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close(r0)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x2a, 0x0, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x78, &(0x7f0000000040)=r3, 0x4)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8916, &(0x7f0000000000)={'wlan1\x00', @random="0200ff7fffff"})
socketpair(0x18, 0x4, 0x1, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000240)=ANY=[@ANYRES16=r6])
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_clone(0xa49a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000200000000dd0a00000000000073013b00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)
r7 = socket$kcm(0x22, 0x2, 0x21)
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x8004)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="1c000000210081044e81f782db44b9040200000000806c0100001500", 0x1c}], 0x1}, 0x0)
syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

50][T16289]  ? copy_from_kernel_nofault_allowed+0xb9/0x130
[ 2116.745096][T16289]  should_fail+0x38c/0x4c0
[ 2116.749523][T16289]  should_failslab+0x5/0x20
[ 2116.754021][T16289]  slab_pre_alloc_hook+0x51/0xc0
[ 2116.758957][T16289]  __kmalloc+0x6b/0x330
[ 2116.763126][T16289]  ? tomoyo_encode+0x27e/0x540
[ 2116.767908][T16289]  tomoyo_encode+0x27e/0x540
[ 2116.772513][T16289]  tomoyo_realpath_from_path+0x5cd/0x610
[ 2116.778166][T16289]  tomoyo_path_number_perm+0x242/0x660
[ 2116.783629][T16289]  ? verify_lock_unused+0x140/0x140
[ 2116.788841][T16289]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 2116.794317][T16289]  ? ksys_write+0x1c6/0x260
[ 2116.798874][T16289]  security_file_ioctl+0x6c/0xa0
[ 2116.803816][T16289]  __se_sys_ioctl+0x48/0x170
[ 2116.808404][T16289]  do_syscall_64+0x4c/0xa0
[ 2116.812815][T16289]  ? clear_bhb_loop+0x30/0x80
[ 2116.817495][T16289]  ? clear_bhb_loop+0x30/0x80
[ 2116.822173][T16289]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2116.828067][T16289] RIP: 0033:0x7fd0518e0f79
[ 2116.832483][T16289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2116.852096][T16289] RSP: 002b:00007fd04fb3b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2116.860517][T16289] RAX: ffffffffffffffda RBX: 00007fd051b5afa0 RCX: 00007fd0518e0f79
[ 2116.868492][T16289] RDX: 0000000000000000 RSI: 0000000040047459 RDI: 0000000000000004
[ 2116.876475][T16289] RBP: 00007fd04fb3b090 R08: 0000000000000000 R09: 0000000000000000
[ 2116.884452][T16289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2116.892439][T16289] R13: 00007fd051b5b038 R14: 00007fd051b5afa0 R15: 00007ffea7dc6f38
[ 2116.900456][T16289]  </TASK>
[ 2116.956484][T16289] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2117.179895][T16294] netlink: 'syz.0.15179': attribute type 10 has an invalid length.
[ 2117.266842][T16284] chnl_net:caif_netlink_parms(): no params data found
[ 2117.492752][    T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2117.595855][    T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2117.620505][T16284] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2117.632242][T16284] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2117.640487][T16284] device bridge_slave_0 entered promiscuous mode
[ 2117.693961][    T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2117.753076][T16284] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2117.764964][T16284] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2117.780279][T16284] device bridge_slave_1 entered promiscuous mode
[ 2117.887534][T16284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2117.927128][T16284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2118.077620][T16284] team0: Port device team_slave_0 added
[ 2118.111932][T16311] netlink: 'syz.3.15184': attribute type 3 has an invalid length.
[ 2118.150764][T16311] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15184'.
[ 2118.152595][T16284] team0: Port device team_slave_1 added
[ 2118.334998][T16284] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2118.381693][T16284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2118.449978][T16284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2118.472548][T16325] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.15186'.
[ 2118.481882][ T8977] Bluetooth: hci0: command 0x0409 tx timeout
[ 2118.518172][T16320] netlink: 'syz.0.15186': attribute type 46 has an invalid length.
[ 2118.552520][T16284] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2118.559504][T16284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2118.648941][T16284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2118.742076][    T9] tipc: Left network mode
[ 2118.746921][T16331] netlink: 'syz.3.15190': attribute type 10 has an invalid length.
[ 2118.968376][T16284] device hsr_slave_0 entered promiscuous mode
[ 2119.038440][T16284] device hsr_slave_1 entered promiscuous mode
[ 2119.132101][T16284] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2119.139706][T16284] Cannot create hsr debugfs directory
[ 2120.514621][T16284] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2120.554572][T16284] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2120.562082][ T8977] Bluetooth: hci0: command 0x041b tx timeout
[ 2120.597324][T16386] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.15200'.
[ 2120.653762][T16284] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2120.679309][T16284] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2120.715593][T16390] netlink: 'syz.1.15201': attribute type 46 has an invalid length.
[ 2120.762822][T16394] FAULT_INJECTION: forcing a failure.
[ 2120.762822][T16394] name failslab, interval 1, probability 0, space 0, times 0
[ 2120.769340][T16390] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.15201'.
[ 2120.797015][T16394] CPU: 0 PID: 16394 Comm: syz.2.15202 Not tainted syzkaller #0
[ 2120.804593][T16394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2120.814651][T16394] Call Trace:
[ 2120.817930][T16394]  <TASK>
[ 2120.820871][T16394]  dump_stack_lvl+0x188/0x250
[ 2120.825561][T16394]  ? show_regs_print_info+0x20/0x20
[ 2120.830767][T16394]  ? load_image+0x400/0x400
[ 2120.835284][T16394]  ? __might_sleep+0xf0/0xf0
[ 2120.839875][T16394]  ? __lock_acquire+0x7d10/0x7d10
[ 2120.844911][T16394]  should_fail+0x38c/0x4c0
[ 2120.849340][T16394]  should_failslab+0x5/0x20
[ 2120.853844][T16394]  slab_pre_alloc_hook+0x51/0xc0
[ 2120.858794][T16394]  kmem_cache_alloc_trace+0x47/0x2a0
[ 2120.864089][T16394]  ? __inet_diag_dump_start+0x8b/0x970
[ 2120.869568][T16394]  __inet_diag_dump_start+0x8b/0x970
[ 2120.874953][T16394]  __netlink_dump_start+0x3e8/0x700
[ 2120.880158][T16394]  inet_diag_handler_cmd+0x1d3/0x2b0
[ 2120.885435][T16394]  ? rcu_lock_release+0x20/0x20
[ 2120.890274][T16394]  ? inet_diag_handler_get_info+0xb90/0xb90
[ 2120.896149][T16394]  ? inet_diag_dump_start+0x20/0x20
[ 2120.901329][T16394]  ? inet_diag_dump+0x50/0x50
[ 2120.905995][T16394]  ? rcu_lock_release+0x20/0x20
[ 2120.910828][T16394]  sock_diag_rcv_msg+0x164/0x3e0
[ 2120.915748][T16394]  netlink_rcv_skb+0x1f5/0x440
[ 2120.920496][T16394]  ? sock_diag_bind+0xa0/0xa0
[ 2120.925162][T16394]  ? netlink_ack+0xb50/0xb50
[ 2120.929736][T16394]  ? __lock_acquire+0x7d10/0x7d10
[ 2120.934752][T16394]  sock_diag_rcv+0x26/0x40
[ 2120.939151][T16394]  netlink_unicast+0x774/0x920
[ 2120.943906][T16394]  netlink_sendmsg+0x8ba/0xbe0
[ 2120.948656][T16394]  ? netlink_getsockopt+0x570/0x570
[ 2120.953839][T16394]  ? aa_sock_msg_perm+0x94/0x150
[ 2120.958762][T16394]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2120.964026][T16394]  ? security_socket_sendmsg+0x7c/0xa0
[ 2120.969466][T16394]  ? netlink_getsockopt+0x570/0x570
[ 2120.974643][T16394]  ____sys_sendmsg+0x5b7/0x8f0
[ 2120.979402][T16394]  ? __sys_sendmsg_sock+0x30/0x30
[ 2120.984517][T16394]  ? import_iovec+0x6f/0xa0
[ 2120.989006][T16394]  ___sys_sendmsg+0x236/0x2e0
[ 2120.993674][T16394]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2120.998430][T16394]  ? vfs_write+0x8b2/0xd60
[ 2121.002842][T16394]  __se_sys_sendmsg+0x1af/0x290
[ 2121.007688][T16394]  ? __x64_sys_sendmsg+0x80/0x80
[ 2121.012607][T16394]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2121.018580][T16394]  ? lockdep_hardirqs_on+0x94/0x140
[ 2121.023767][T16394]  do_syscall_64+0x4c/0xa0
[ 2121.028166][T16394]  ? clear_bhb_loop+0x30/0x80
[ 2121.032823][T16394]  ? clear_bhb_loop+0x30/0x80
[ 2121.037493][T16394]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2121.043380][T16394] RIP: 0033:0x7f8e5f54bf79
[ 2121.047783][T16394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2121.067382][T16394] RSP: 002b:00007f8e5d7a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2121.075785][T16394] RAX: ffffffffffffffda RBX: 00007f8e5f7c5fa0 RCX: 00007f8e5f54bf79
[ 2121.083742][T16394] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 2121.091694][T16394] RBP: 00007f8e5d7a6090 R08: 0000000000000000 R09: 0000000000000000
[ 2121.099649][T16394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2121.107600][T16394] R13: 00007f8e5f7c6038 R14: 00007f8e5f7c5fa0 R15: 00007ffe4dba4e18
[ 2121.115569][T16394]  </TASK>
[ 2121.419059][T16284] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2121.490088][T13771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2121.500482][T13771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2121.566084][T16284] 8021q: adding VLAN 0 to HW filter on device team0
[ 2121.620696][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2121.638776][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2121.664194][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2121.691448][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2121.716233][    T9] batman_adv: batadv0: Interface deactivated: hsr_slave_1
[ 2121.744113][    T9] batman_adv: batadv0: Removing interface: hsr_slave_1
[ 2121.769963][    T9] device bridge_slave_1 left promiscuous mode
[ 2121.786794][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2121.850897][    T9] device bridge_slave_0 left promiscuous mode
[ 2121.860031][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2121.889983][    T9] device veth1_macvtap left promiscuous mode
[ 2121.902526][    T9] device veth0_macvtap left promiscuous mode
[ 2121.915678][    T9] device veth1_vlan left promiscuous mode
[ 2121.928207][    T9] device veth0_vlan left promiscuous mode
[ 2122.280442][    T9] team0 (unregistering): Port device geneve1 removed
[ 2122.494192][    T9] team0 (unregistering): Port device team_slave_1 removed
[ 2122.522219][    T9] team0 (unregistering): Port device team_slave_0 removed
[ 2122.552272][    T9] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2122.571046][    T9] device bond_slave_1 left promiscuous mode
[ 2122.627497][    T9] .` (unregistering): (slave batadv0): Releasing backup interface
[ 2122.638074][    T9] device batadv0 left promiscuous mode
[ 2122.643712][ T7095] Bluetooth: hci0: command 0x040f tx timeout
[ 2122.662528][    T9] .` (unregistering): (slave dummy0): Releasing backup interface
[ 2122.671227][    T9] device dummy0 left promiscuous mode
[ 2122.690703][    T9] .` (unregistering): Released all slaves
[ 2122.756524][T16421] netlink: 'syz.2.15204': attribute type 10 has an invalid length.
[ 2122.779897][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2122.800100][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2122.815135][ T8812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2122.822284][ T8812] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2122.846214][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2122.865349][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2122.882106][ T8812] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2122.889207][ T8812] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2122.897677][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2122.907259][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2122.946186][T16436] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2122.971916][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2122.980953][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2123.038368][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2123.048790][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2123.066726][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2123.085081][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 2123.119650][T16284] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 2123.160581][T16284] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2123.222321][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2123.234124][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2123.282238][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2123.302662][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2123.321757][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 2123.981514][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 2124.009063][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 2124.083463][T16284] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2124.303325][T16479] netlink: 'syz.1.15212': attribute type 46 has an invalid length.
[ 2124.383847][T16479] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.15212'.
[ 2124.571411][T16480] netlink: 208188 bytes leftover after parsing attributes in process `syz.2.15213'.
[ 2124.723617][T30319] Bluetooth: hci0: command 0x0419 tx timeout
[ 2124.925607][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2124.957520][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2124.987851][T16499] netlink: 'syz.2.15216': attribute type 10 has an invalid length.
[ 2125.040989][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2125.073008][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2125.099197][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2125.118046][T12876] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2125.150110][T16284] device veth0_vlan entered promiscuous mode
[ 2125.168444][T16504] delete_channel: no stack
[ 2125.188635][T16284] device veth1_vlan entered promiscuous mode
[ 2125.230946][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2125.245281][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2125.262376][T16284] device veth0_macvtap entered promiscuous mode
[ 2125.285834][T16284] device veth1_macvtap entered promiscuous mode
[ 2125.369603][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2125.444532][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2125.491825][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2125.577055][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2125.656126][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2125.766547][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2125.815290][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2125.860951][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2125.895300][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2125.915362][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2125.939097][T16284] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2126.024298][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 2126.034595][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2126.068125][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2126.103315][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2126.124397][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2126.162462][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2126.176582][T16522] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15224'.
[ 2126.193984][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2126.219310][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2126.240251][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2126.264660][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2126.284598][T16284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2126.311770][T16284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2126.332674][T16284] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2126.343339][T16520] netlink: 'syz.3.15224': attribute type 46 has an invalid length.
[ 2126.362234][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2126.374575][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2126.441095][T16284] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.465184][T16284] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.480021][T16284] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.498029][T16284] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2126.858284][ T1249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2126.864399][T16530] netlink: 'syz.2.15228': attribute type 10 has an invalid length.
[ 2126.882535][ T1249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2126.931289][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 2127.006483][ T8812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2127.032310][ T8812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2127.058592][ T1156] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2128.257704][T16558] netlink: 'syz.3.15235': attribute type 46 has an invalid length.
[ 2128.303490][T16563] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15235'.
[ 2128.574920][T16567] netlink: 'syz.3.15239': attribute type 10 has an invalid length.
[ 2128.617116][T16569] FAULT_INJECTION: forcing a failure.
[ 2128.617116][T16569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2128.658599][T16569] CPU: 0 PID: 16569 Comm: syz.2.15240 Not tainted syzkaller #0
[ 2128.666183][T16569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2128.676240][T16569] Call Trace:
[ 2128.679517][T16569]  <TASK>
[ 2128.682443][T16569]  dump_stack_lvl+0x188/0x250
[ 2128.687126][T16569]  ? show_regs_print_info+0x20/0x20
[ 2128.692322][T16569]  ? load_image+0x400/0x400
[ 2128.696826][T16569]  ? __lock_acquire+0x7d10/0x7d10
[ 2128.701854][T16569]  should_fail+0x38c/0x4c0
[ 2128.706275][T16569]  _copy_from_user+0x2e/0x170
[ 2128.710951][T16569]  __sys_bpf+0x26d/0x6f0
[ 2128.715198][T16569]  ? perf_trace_preemptirq_template+0x2aa/0x360
[ 2128.721441][T16569]  ? bpf_link_show_fdinfo+0x380/0x380
[ 2128.726810][T16569]  ? rcu_nmi_exit+0x6f/0xf0
[ 2128.731321][T16569]  ? vtime_user_exit+0x2c8/0x3e0
[ 2128.736270][T16569]  __x64_sys_bpf+0x78/0x90
[ 2128.740686][T16569]  do_syscall_64+0x4c/0xa0
[ 2128.745096][T16569]  ? clear_bhb_loop+0x30/0x80
[ 2128.749767][T16569]  ? clear_bhb_loop+0x30/0x80
[ 2128.754438][T16569]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2128.760325][T16569] RIP: 0033:0x7f8e5f54bf79
[ 2128.764734][T16569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2128.784335][T16569] RSP: 002b:00007f8e5d7a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2128.792750][T16569] RAX: ffffffffffffffda RBX: 00007f8e5f7c5fa0 RCX: 00007f8e5f54bf79
[ 2128.800717][T16569] RDX: 0000000000000094 RSI: 0000200000000c00 RDI: 0000000000000005
[ 2128.808682][T16569] RBP: 00007f8e5d7a6090 R08: 0000000000000000 R09: 0000000000000000
[ 2128.816647][T16569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2128.824623][T16569] R13: 00007f8e5f7c6038 R14: 00007f8e5f7c5fa0 R15: 00007ffe4dba4e18
[ 2128.832613][T16569]  </TASK>
[ 2129.181247][T16582] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2129.330964][T16586] netlink: 'syz.3.15246': attribute type 11 has an invalid length.
[ 2130.435798][T16596] netlink: 'syz.2.15249': attribute type 46 has an invalid length.
[ 2130.508542][T16596] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.15249'.
[ 2130.562870][T16601] netlink: 'syz.4.15251': attribute type 10 has an invalid length.
[ 2130.600600][T16601] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2130.636551][T16601] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 2130.665933][T16604] device bond0 entered promiscuous mode
[ 2130.682259][T16604] device bond_slave_0 entered promiscuous mode
[ 2130.688553][T16604] device bond_slave_1 entered promiscuous mode
[ 2130.725339][T16608] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.15252'.
[ 2130.728858][T16604] device batadv0 entered promiscuous mode
[ 2131.999477][T16638] netlink: 'syz.3.15263': attribute type 46 has an invalid length.
[ 2132.073423][T16638] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15263'.
[ 2132.411001][T16645] netlink: 'syz.2.15265': attribute type 10 has an invalid length.
[ 2132.454542][T16651] netlink: 'syz.3.15266': attribute type 3 has an invalid length.
[ 2132.518550][T16651] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.15266'.
[ 2132.587616][T16650] netlink: 'syz.3.15266': attribute type 3 has an invalid length.
[ 2132.613196][T16650] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.15266'.
[ 2133.616618][T16682] netlink: 'syz.4.15276': attribute type 46 has an invalid length.
[ 2133.740986][T16682] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.15276'.
[ 2134.066561][T16693] netlink: 'syz.3.15280': attribute type 10 has an invalid length.
[ 2135.119908][T16721] netlink: 'syz.4.15290': attribute type 46 has an invalid length.
[ 2135.179231][T16721] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.15290'.
[ 2135.436546][T16733] netlink: 'syz.4.15294': attribute type 10 has an invalid length.
[ 2135.444402][T16736] FAULT_INJECTION: forcing a failure.
[ 2135.444402][T16736] name failslab, interval 1, probability 0, space 0, times 0
[ 2135.481750][T16736] CPU: 1 PID: 16736 Comm: syz.3.15295 Not tainted syzkaller #0
[ 2135.489330][T16736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2135.499412][T16736] Call Trace:
[ 2135.502692][T16736]  <TASK>
[ 2135.505623][T16736]  dump_stack_lvl+0x188/0x250
[ 2135.510310][T16736]  ? show_regs_print_info+0x20/0x20
[ 2135.515511][T16736]  ? load_image+0x400/0x400
[ 2135.520034][T16736]  ? rcu_lock_release+0x5/0x20
[ 2135.524811][T16736]  should_fail+0x38c/0x4c0
[ 2135.529238][T16736]  should_failslab+0x5/0x20
[ 2135.533745][T16736]  slab_pre_alloc_hook+0x51/0xc0
[ 2135.538687][T16736]  ? __nf_conntrack_alloc+0x99/0x380
[ 2135.543972][T16736]  kmem_cache_alloc+0x3d/0x290
[ 2135.548746][T16736]  __nf_conntrack_alloc+0x99/0x380
[ 2135.553869][T16736]  init_conntrack+0x258/0x14d0
[ 2135.558642][T16736]  ? __nf_conntrack_find_get+0x581/0x650
[ 2135.564276][T16736]  ? early_drop+0x810/0x810
[ 2135.568784][T16736]  ? nf_conntrack_find_get+0x670/0x670
[ 2135.574247][T16736]  ? __siphash_unaligned+0x258/0x3a0
[ 2135.579547][T16736]  nf_conntrack_in+0xd38/0x1730
[ 2135.584424][T16736]  ? nf_ct_pernet+0x240/0x240
[ 2135.589155][T16736]  ? ipv4_conntrack_defrag+0x284/0x590
[ 2135.594620][T16736]  ? ipv4_conntrack_local+0x11f/0x200
[ 2135.599996][T16736]  ? ipv4_conntrack_in+0x20/0x20
[ 2135.604936][T16736]  nf_hook_slow+0xb9/0x200
[ 2135.609380][T16736]  ? nf_hook+0x360/0x360
[ 2135.613626][T16736]  nf_hook+0x205/0x360
[ 2135.617696][T16736]  ? __ip_make_skb+0x11cd/0x18a0
[ 2135.622642][T16736]  ? kfree+0x4a/0x2a0
[ 2135.626630][T16736]  ? __ip_local_out+0x5e0/0x5e0
[ 2135.631486][T16736]  ? nf_hook+0x360/0x360
[ 2135.635740][T16736]  __ip_local_out+0x4b7/0x5e0
[ 2135.640420][T16736]  ? nf_hook+0x360/0x360
[ 2135.644675][T16736]  ip_send_skb+0x48/0x1c0
[ 2135.649007][T16736]  raw_sendmsg+0x14b7/0x1aa0
[ 2135.653611][T16736]  ? compat_raw_ioctl+0x60/0x60
[ 2135.658486][T16736]  ? aa_sk_perm+0x7dc/0x910
[ 2135.663004][T16736]  ? tomoyo_socket_sendmsg_permission+0x212/0x2f0
[ 2135.669422][T16736]  ? sock_rps_record_flow+0x17/0x3b0
[ 2135.674718][T16736]  ? inet_sendmsg+0x78/0x2f0
[ 2135.679309][T16736]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2135.684594][T16736]  ? security_socket_sendmsg+0x7c/0xa0
[ 2135.690055][T16736]  ? inet_send_prepare+0x260/0x260
[ 2135.695169][T16736]  ____sys_sendmsg+0x5b7/0x8f0
[ 2135.699943][T16736]  ? __sys_sendmsg_sock+0x30/0x30
[ 2135.704983][T16736]  ? import_iovec+0x6f/0xa0
[ 2135.709492][T16736]  ___sys_sendmsg+0x236/0x2e0
[ 2135.714181][T16736]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2135.718986][T16736]  __se_sys_sendmsg+0x1af/0x290
[ 2135.723848][T16736]  ? __x64_sys_sendmsg+0x80/0x80
[ 2135.728787][T16736]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2135.734784][T16736]  ? lockdep_hardirqs_on+0x94/0x140
[ 2135.739992][T16736]  do_syscall_64+0x4c/0xa0
[ 2135.744413][T16736]  ? clear_bhb_loop+0x30/0x80
[ 2135.749111][T16736]  ? clear_bhb_loop+0x30/0x80
[ 2135.753790][T16736]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2135.759772][T16736] RIP: 0033:0x7f27304b0f79
[ 2135.764186][T16736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2135.783790][T16736] RSP: 002b:00007f272e70b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2135.792209][T16736] RAX: ffffffffffffffda RBX: 00007f273072afa0 RCX: 00007f27304b0f79
[ 2135.800181][T16736] RDX: 0000000020000040 RSI: 0000200000000440 RDI: 0000000000000004
[ 2135.808160][T16736] RBP: 00007f272e70b090 R08: 0000000000000000 R09: 0000000000000000
[ 2135.816155][T16736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2135.824132][T16736] R13: 00007f273072b038 R14: 00007f273072afa0 R15: 00007ffcec345a68
[ 2135.832124][T16736]  </TASK>
[ 2136.045804][T16740] netlink: 60 bytes leftover after parsing attributes in process `syz.3.15296'.
[ 2136.961896][T16766] netlink: 'syz.2.15304': attribute type 46 has an invalid length.
[ 2137.014198][T16769] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.15304'.
[ 2137.555174][T16783] netlink: 'syz.0.15309': attribute type 10 has an invalid length.
[ 2137.745392][T16785] netlink: 197204 bytes leftover after parsing attributes in process `syz.0.15311'.
[ 2137.775416][T16785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15311'.
[ 2137.938395][T16789] netlink: 'syz.3.15313': attribute type 46 has an invalid length.
[ 2138.449264][T16801] netlink: 'syz.0.15317': attribute type 46 has an invalid length.
[ 2138.480029][T16801] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.15317'.
[ 2138.929266][T16818] netlink: 'syz.0.15322': attribute type 10 has an invalid length.
[ 2140.202883][T16846] netlink: 'syz.3.15332': attribute type 46 has an invalid length.
[ 2140.280608][T16846] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15332'.
[ 2140.302223][T16851] FAULT_INJECTION: forcing a failure.
[ 2140.302223][T16851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2140.367178][T16851] CPU: 1 PID: 16851 Comm: syz.4.15333 Not tainted syzkaller #0
[ 2140.374781][T16851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2140.384855][T16851] Call Trace:
[ 2140.388154][T16851]  <TASK>
[ 2140.391105][T16851]  dump_stack_lvl+0x188/0x250
[ 2140.395816][T16851]  ? show_regs_print_info+0x20/0x20
[ 2140.401051][T16851]  ? load_image+0x400/0x400
[ 2140.405590][T16851]  ? __lock_acquire+0x7d10/0x7d10
[ 2140.410634][T16851]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[ 2140.416479][T16851]  should_fail+0x38c/0x4c0
[ 2140.420936][T16851]  _copy_from_user+0x2e/0x170
[ 2140.425660][T16851]  __copy_msghdr_from_user+0x48a/0x630
[ 2140.431139][T16851]  ? perf_trace_run_bpf_submit+0xf3/0x1c0
[ 2140.436887][T16851]  ? __ia32_sys_shutdown+0x1d0/0x1d0
[ 2140.442224][T16851]  ___sys_sendmsg+0x19a/0x2e0
[ 2140.447125][T16851]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2140.451943][T16851]  ? trace_event_raw_event_lock+0x270/0x270
[ 2140.457951][T16851]  ? vfs_write+0x8b2/0xd60
[ 2140.462438][T16851]  __se_sys_sendmsg+0x1af/0x290
[ 2140.467316][T16851]  ? __x64_sys_sendmsg+0x80/0x80
[ 2140.472266][T16851]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2140.478292][T16851]  ? lockdep_hardirqs_on+0x94/0x140
[ 2140.483539][T16851]  do_syscall_64+0x4c/0xa0
[ 2140.487965][T16851]  ? clear_bhb_loop+0x30/0x80
[ 2140.492652][T16851]  ? clear_bhb_loop+0x30/0x80
[ 2140.497351][T16851]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2140.503349][T16851] RIP: 0033:0x7f92a79aef79
[ 2140.507785][T16851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2140.527403][T16851] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2140.535853][T16851] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2140.543843][T16851] RDX: 00000000000480c0 RSI: 0000200000000200 RDI: 0000000000000003
[ 2140.551831][T16851] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2140.559816][T16851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2140.567800][T16851] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2140.575825][T16851]  </TASK>
[ 2140.637406][T16858] netlink: 'syz.0.15335': attribute type 10 has an invalid length.
[ 2141.429148][    T9] tipc: Left network mode
[ 2141.638384][T16891] netlink: 'syz.4.15346': attribute type 46 has an invalid length.
[ 2141.724366][T16891] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.15346'.
[ 2141.807289][T16895] netlink: 'syz.0.15348': attribute type 10 has an invalid length.
[ 2142.552120][T16925] netlink: 'syz.1.15360': attribute type 46 has an invalid length.
[ 2142.631421][T16925] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.15360'.
[ 2142.721191][T16931] netlink: 'syz.3.15361': attribute type 10 has an invalid length.
[ 2144.043085][T16978] netlink: 'syz.0.15374': attribute type 46 has an invalid length.
[ 2144.089613][T16978] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.15374'.
[ 2144.136714][    T9] team0: Port device wlan1 removed
[ 2144.348126][T16982] netlink: 'syz.1.15375': attribute type 10 has an invalid length.
[ 2144.479903][    T9] device hsr_slave_0 left promiscuous mode
[ 2144.511993][    T9] device hsr_slave_1 left promiscuous mode
[ 2144.520605][    T9] device bridge_slave_1 left promiscuous mode
[ 2144.550860][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2144.617201][    T9] device bridge_slave_0 left promiscuous mode
[ 2144.654293][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2144.813915][T16997] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.15380'.
[ 2144.886385][T16997] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.15380'.
[ 2145.247723][    T9] team0 (unregistering): Port device team_slave_1 removed
[ 2145.282809][    T9] team0 (unregistering): Port device team_slave_0 removed
[ 2145.320477][    T9] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2145.339463][    T9] device bond_slave_1 left promiscuous mode
[ 2145.473766][    T9] .` (unregistering): (slave dummy0): Releasing backup interface
[ 2145.500668][    T9] device dummy0 left promiscuous mode
[ 2145.559752][    T9] .` (unregistering): Released all slaves
[ 2145.712219][T17000] netlink: 'syz.0.15380': attribute type 39 has an invalid length.
[ 2146.285663][T17013] netlink: 'syz.2.15386': attribute type 46 has an invalid length.
[ 2146.356996][T17013] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.15386'.
[ 2146.637451][T17009] chnl_net:caif_netlink_parms(): no params data found
[ 2146.693509][T17009] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2146.700834][T17009] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2146.709460][T17009] device bridge_slave_0 entered promiscuous mode
[ 2146.718785][T17009] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2146.727759][T17009] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2146.741576][T17009] device bridge_slave_1 entered promiscuous mode
[ 2146.766482][T17009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2146.778606][T17009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2146.807303][T17009] team0: Port device team_slave_0 added
[ 2146.815595][T17009] team0: Port device team_slave_1 added
[ 2146.853985][T17030] netlink: 'syz.2.15389': attribute type 10 has an invalid length.
[ 2147.037024][T17009] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2147.088649][T17009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2147.127096][T17009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2147.212424][T17009] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2147.219397][T17009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2147.320297][T17009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2147.549204][T17009] device hsr_slave_0 entered promiscuous mode
[ 2147.653958][T17009] device hsr_slave_1 entered promiscuous mode
[ 2147.677670][T17009] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2147.721199][T17009] Cannot create hsr debugfs directory
[ 2147.871074][T17036] netlink: 'syz.3.15400': attribute type 10 has an invalid length.
[ 2148.172960][T17009] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2148.242013][ T6833] Bluetooth: hci4: command 0x0409 tx timeout
[ 2148.269042][T17009] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2148.394926][T17009] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2148.885730][T17009] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2148.957400][T17009] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2149.010406][T17009] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2149.069486][T17009] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2149.510342][T17009] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2149.584713][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2149.629178][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2149.784773][T17009] 8021q: adding VLAN 0 to HW filter on device team0
[ 2149.981771][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2149.998493][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2150.025545][ T8812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2150.032673][ T8812] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2150.046565][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2150.191810][T17075] netlink: 'syz.2.15403': attribute type 10 has an invalid length.
[ 2150.213124][T17077] netlink: 'syz.3.15404': attribute type 10 has an invalid length.
[ 2150.224047][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2150.237268][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2150.254451][ T8812] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2150.261577][ T8812] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2150.271701][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2150.280540][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2150.317005][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2150.325141][T30050] Bluetooth: hci4: command 0x041b tx timeout
[ 2150.353676][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2150.375159][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 2150.426221][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2150.442637][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2150.461557][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2150.481911][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2150.513898][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2150.527974][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2150.544177][T17009] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 2150.701934][T17092] netlink: 'syz.2.15408': attribute type 3 has an invalid length.
[ 2150.771882][T17092] netlink: 132 bytes leftover after parsing attributes in process `syz.2.15408'.
[ 2151.045016][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 2151.057256][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 2151.102888][T17009] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2151.197581][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2151.213672][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2151.247113][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2151.270415][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2151.298399][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2151.315623][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2151.328651][T17009] device veth0_vlan entered promiscuous mode
[ 2151.354558][T17009] device veth1_vlan entered promiscuous mode
[ 2151.414950][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 2151.435629][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 2151.491999][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2151.500802][T30282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2151.537230][T17009] device veth0_macvtap entered promiscuous mode
[ 2151.612622][T17009] device veth1_macvtap entered promiscuous mode
[ 2151.704393][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2151.744421][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2151.770735][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2151.786100][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2151.804609][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2151.825462][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2151.841309][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2151.872064][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2151.902053][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2151.944930][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.002090][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2152.056056][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.098656][T17009] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2152.133374][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 2152.163560][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2152.201442][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2152.221115][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2152.246820][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2152.269008][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.281679][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2152.300026][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.310189][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2152.328680][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.341786][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2152.360304][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.371699][T17009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2152.383284][T17009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2152.395132][T17009] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2152.407219][T30050] Bluetooth: hci4: command 0x040f tx timeout
[ 2152.409732][T17009] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2152.440016][T17009] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2152.461741][T17009] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2152.481643][T17009] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2152.494355][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2152.507994][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2152.532756][T17113] netlink: 'syz.2.15415': attribute type 10 has an invalid length.
[ 2152.762455][T12876] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2152.770330][T12876] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2152.870712][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 2152.999273][T13771] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2153.048997][T13771] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2153.092361][ T1249] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2153.135751][T17126] netlink: 'syz.0.15420': attribute type 3 has an invalid length.
[ 2153.224685][T17126] netlink: 132 bytes leftover after parsing attributes in process `syz.0.15420'.
[ 2154.578145][ T6833] Bluetooth: hci4: command 0x0419 tx timeout
[ 2154.609458][T17149] netlink: 'syz.4.15426': attribute type 10 has an invalid length.
[ 2154.881100][T17156] netlink: 'syz.3.15439': attribute type 10 has an invalid length.
[ 2156.027462][T17166] device syzkaller0 entered promiscuous mode
[ 2157.293295][ T6833] Bluetooth: hci1: command 0x0406 tx timeout
[ 2158.305473][T17195] netlink: 'syz.4.15442': attribute type 10 has an invalid length.
[ 2160.262044][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[ 2160.268393][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 2162.440935][T17236] netlink: 'syz.4.15454': attribute type 10 has an invalid length.
[ 2164.273412][T17265] netlink: 'syz.0.15468': attribute type 10 has an invalid length.
[ 2165.476709][T17285] netlink: 'syz.0.15476': attribute type 46 has an invalid length.
[ 2165.532037][T17286] netlink: 'syz.0.15476': attribute type 10 has an invalid length.
[ 2166.348456][T17301] netlink: 'syz.0.15481': attribute type 3 has an invalid length.
[ 2166.375302][T17301] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.15481'.
[ 2166.539672][T17304] netlink: 'syz.1.15482': attribute type 10 has an invalid length.
[ 2166.610845][T17304] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2166.620705][T17307] netlink: 'syz.0.15483': attribute type 3 has an invalid length.
[ 2166.634707][T17307] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.15483'.
[ 2166.662406][T17304] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 2166.690893][T17305] device bond0 entered promiscuous mode
[ 2166.706400][T17305] device bond_slave_0 entered promiscuous mode
[ 2166.716842][T17305] device bond_slave_1 entered promiscuous mode
[ 2166.727032][T17305] device batadv0 entered promiscuous mode
[ 2166.870579][T17310] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2167.049661][T17317] netlink: 'syz.2.15487': attribute type 3 has an invalid length.
[ 2167.092199][T17317] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.15487'.
[ 2168.207600][T17332] netlink: 'syz.2.15493': attribute type 3 has an invalid length.
[ 2168.251660][T17332] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.15493'.
[ 2168.698947][T17341] netlink: 'syz.1.15495': attribute type 10 has an invalid length.
[ 2168.971966][T17346] netlink: 'syz.1.15497': attribute type 3 has an invalid length.
[ 2169.006713][T17346] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.15497'.
[ 2169.744016][T17352] netlink: 'syz.2.15499': attribute type 46 has an invalid length.
[ 2169.819866][T17352] netlink: 'syz.2.15499': attribute type 10 has an invalid length.
[ 2169.918645][T17352] device dummy0 entered promiscuous mode
[ 2169.953065][T17352] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 2170.635458][T17357] netlink: 'syz.1.15501': attribute type 3 has an invalid length.
[ 2170.652506][T17357] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.15501'.
[ 2171.500019][    T9] tipc: Left network mode
[ 2172.499517][T17382] netlink: 'syz.1.15507': attribute type 3 has an invalid length.
[ 2172.621830][T17382] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.15507'.
[ 2172.859095][T17387] netlink: 'syz.3.15508': attribute type 10 has an invalid length.
[ 2173.085641][T17392] netlink: 'syz.3.15509': attribute type 3 has an invalid length.
[ 2173.122069][T17392] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.15509'.
[ 2173.216651][T17391] netlink: 'syz.1.15522': attribute type 10 has an invalid length.
[ 2173.705977][    T9] team0: Port device wlan1 removed
[ 2173.953684][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2173.961188][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2174.000265][    T9] device bridge_slave_1 left promiscuous mode
[ 2174.006946][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2174.017361][    T9] device bridge_slave_0 left promiscuous mode
[ 2174.023854][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2174.251400][    T9] team0 (unregistering): Port device team_slave_1 removed
[ 2174.269814][    T9] team0 (unregistering): Port device team_slave_0 removed
[ 2174.288239][    T9] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2174.298032][    T9] device bond_slave_1 left promiscuous mode
[ 2174.361997][    T9] .` (unregistering): (slave batadv0): Releasing backup interface
[ 2174.370306][    T9] device batadv0 left promiscuous mode
[ 2174.395021][    T9] .` (unregistering): (slave dummy0): Releasing backup interface
[ 2174.403728][    T9] device dummy0 left promiscuous mode
[ 2174.424802][    T9] team0 (unregistering): Port device .` removed
[ 2174.454050][    T9] .` (unregistering): Released all slaves
[ 2176.828887][T17415] netlink: 'syz.2.15530': attribute type 46 has an invalid length.
[ 2176.890902][T17415] netlink: 'syz.2.15530': attribute type 10 has an invalid length.
[ 2177.209039][T17428] netlink: 'syz.4.15523': attribute type 3 has an invalid length.
[ 2177.295509][T17428] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.15523'.
[ 2177.365117][T17433] netlink: 'syz.2.15525': attribute type 10 has an invalid length.
[ 2178.766195][T17458] netlink: 'syz.1.15536': attribute type 46 has an invalid length.
[ 2178.878406][T17458] netlink: 'syz.1.15536': attribute type 10 has an invalid length.
[ 2178.946179][T17458] device dummy0 entered promiscuous mode
[ 2178.956372][T17458] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 2178.984038][T17462] netlink: 'syz.2.15538': attribute type 10 has an invalid length.
[ 2179.211880][T17465] netlink: 'syz.3.15539': attribute type 10 has an invalid length.
[ 2184.739610][T17506] netlink: 'syz.2.15553': attribute type 10 has an invalid length.
[ 2187.608422][T17540] netlink: 'syz.1.15564': attribute type 10 has an invalid length.
[ 2187.921734][T30051] Bluetooth: hci2: command 0x0406 tx timeout
[ 2188.473649][T17546] netlink: 'syz.1.15566': attribute type 10 has an invalid length.
[ 2190.489882][T17562] device syzkaller0 entered promiscuous mode
[ 2192.113816][T17585] netlink: 'syz.0.15578': attribute type 10 has an invalid length.
[ 2193.556230][T17606] device syzkaller0 entered promiscuous mode
[ 2195.059322][T17632] netlink: 'syz.0.15596': attribute type 10 has an invalid length.
[ 2195.210088][T17630] netlink: 'syz.4.15597': attribute type 10 has an invalid length.
[ 2196.699701][T17646] netlink: 'syz.4.15601': attribute type 10 has an invalid length.
[ 2200.584786][T17683] netlink: 'syz.2.15615': attribute type 10 has an invalid length.
[ 2210.570124][T17817] netlink: 'syz.0.15658': attribute type 10 has an invalid length.
[ 2213.620581][T17861] netlink: 'syz.2.15671': attribute type 10 has an invalid length.
[ 2217.118050][T17915] netlink: 'syz.3.15688': attribute type 10 has an invalid length.
[ 2221.448620][T17956] netlink: 'syz.4.15705': attribute type 10 has an invalid length.
[ 2221.726342][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[ 2221.732712][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 2223.762243][ T6833] Bluetooth: hci3: command 0x0406 tx timeout
[ 2224.380250][T13771] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2224.390406][T13771] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2224.419912][T13771] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2224.427944][T13771] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2224.437115][T13771] device bridge_slave_1 left promiscuous mode
[ 2224.444172][T13771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2224.454042][T13771] device bridge_slave_0 left promiscuous mode
[ 2224.460559][T13771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2224.500033][T13771] device veth1_vlan left promiscuous mode
[ 2224.818792][T13771] team0 (unregistering): Port device team_slave_1 removed
[ 2224.836839][T13771] team0 (unregistering): Port device team_slave_0 removed
[ 2224.855472][T13771] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2224.868045][T13771] device bond_slave_1 left promiscuous mode
[ 2224.925771][T13771] .` (unregistering): (slave batadv0): Releasing backup interface
[ 2224.934842][T13771] device batadv0 left promiscuous mode
[ 2224.955419][T13771] .` (unregistering): (slave dummy0): Releasing backup interface
[ 2224.969444][T13771] device dummy0 left promiscuous mode
[ 2225.000169][T13771] .` (unregistering): Released all slaves
[ 2225.335082][T18002] netlink: 'syz.1.15720': attribute type 10 has an invalid length.
[ 2233.259504][T18124] netlink: 'syz.3.15769': attribute type 10 has an invalid length.
[ 2235.704962][T18167] netlink: 'syz.4.15785': attribute type 10 has an invalid length.
[ 2236.452247][T18173] netlink: 'syz.0.15797': attribute type 10 has an invalid length.
[ 2237.022307][T18180] netlink: 'syz.0.15802': attribute type 10 has an invalid length.
[ 2238.883499][T18219] netlink: 'syz.0.15806': attribute type 8 has an invalid length.
[ 2238.910369][T18219] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.15806'.
[ 2239.121848][T30049] Bluetooth: hci0: command 0x0406 tx timeout
[ 2239.224138][T18225] netlink: 'syz.2.15807': attribute type 10 has an invalid length.
[ 2241.323509][T18247] delete_channel: no stack
[ 2241.929256][T18256] netlink: 'syz.2.15820': attribute type 8 has an invalid length.
[ 2241.973780][T18259] netlink: 'syz.0.15821': attribute type 10 has an invalid length.
[ 2242.031919][T18256] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.15820'.
[ 2243.114423][T18284] FAULT_INJECTION: forcing a failure.
[ 2243.114423][T18284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2243.170742][T18284] CPU: 0 PID: 18284 Comm: syz.2.15830 Not tainted syzkaller #0
[ 2243.178336][T18284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2243.188399][T18284] Call Trace:
[ 2243.191685][T18284]  <TASK>
[ 2243.194623][T18284]  dump_stack_lvl+0x188/0x250
[ 2243.199315][T18284]  ? show_regs_print_info+0x20/0x20
[ 2243.204523][T18284]  ? load_image+0x400/0x400
[ 2243.209047][T18284]  ? __lock_acquire+0x7d10/0x7d10
[ 2243.214100][T18284]  should_fail+0x38c/0x4c0
[ 2243.218536][T18284]  _copy_from_user+0x2e/0x170
[ 2243.223225][T18284]  __copy_msghdr_from_user+0xc9/0x630
[ 2243.228613][T18284]  ? verify_lock_unused+0x140/0x140
[ 2243.233825][T18284]  ? __ia32_sys_shutdown+0x1d0/0x1d0
[ 2243.239120][T18284]  ? perf_tp_event+0xa92/0xbf0
[ 2243.243896][T18284]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[ 2243.249721][T18284]  ___sys_sendmsg+0x19a/0x2e0
[ 2243.254412][T18284]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2243.259229][T18284]  __se_sys_sendmsg+0x1af/0x290
[ 2243.264102][T18284]  ? __x64_sys_sendmsg+0x80/0x80
[ 2243.269051][T18284]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2243.275054][T18284]  ? lockdep_hardirqs_on+0x94/0x140
[ 2243.280272][T18284]  do_syscall_64+0x4c/0xa0
[ 2243.284694][T18284]  ? clear_bhb_loop+0x30/0x80
[ 2243.289373][T18284]  ? clear_bhb_loop+0x30/0x80
[ 2243.294060][T18284]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2243.299959][T18284] RIP: 0033:0x7f8e5f54bf79
[ 2243.304381][T18284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2243.323991][T18284] RSP: 002b:00007f8e5d7a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2243.328863][T18282] device wlan1 entered promiscuous mode
[ 2243.332410][T18284] RAX: ffffffffffffffda RBX: 00007f8e5f7c5fa0 RCX: 00007f8e5f54bf79
[ 2243.332428][T18284] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[ 2243.332440][T18284] RBP: 00007f8e5d7a6090 R08: 0000000000000000 R09: 0000000000000000
[ 2243.332456][T18284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2243.332467][T18284] R13: 00007f8e5f7c6038 R14: 00007f8e5f7c5fa0 R15: 00007ffe4dba4e18
[ 2243.332493][T18284]  </TASK>
[ 2243.856204][T18294] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15831'.
[ 2244.028393][T18294] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2244.359681][T18301] netlink: 'syz.1.15834': attribute type 8 has an invalid length.
[ 2244.462214][T18301] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.15834'.
[ 2246.693930][T18347] netlink: 'syz.1.15849': attribute type 10 has an invalid length.
[ 2248.207085][T18381] netlink: 'syz.0.15859': attribute type 2 has an invalid length.
[ 2248.221881][T18381] netlink: 'syz.0.15859': attribute type 8 has an invalid length.
[ 2248.230153][T18381] netlink: 132 bytes leftover after parsing attributes in process `syz.0.15859'.
[ 2248.624088][T18382] device syzkaller0 entered promiscuous mode
[ 2249.328661][T18393] netlink: 'syz.2.15863': attribute type 10 has an invalid length.
[ 2249.875109][T18406] FAULT_INJECTION: forcing a failure.
[ 2249.875109][T18406] name failslab, interval 1, probability 0, space 0, times 0
[ 2249.936550][T18406] CPU: 1 PID: 18406 Comm: syz.4.15868 Not tainted syzkaller #0
[ 2249.944139][T18406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2249.954199][T18406] Call Trace:
[ 2249.957479][T18406]  <TASK>
[ 2249.960408][T18406]  dump_stack_lvl+0x188/0x250
[ 2249.965091][T18406]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2249.971338][T18406]  ? show_regs_print_info+0x20/0x20
[ 2249.976550][T18406]  ? load_image+0x400/0x400
[ 2249.981069][T18406]  should_fail+0x38c/0x4c0
[ 2249.985498][T18406]  should_failslab+0x5/0x20
[ 2249.990006][T18406]  slab_pre_alloc_hook+0x51/0xc0
[ 2249.994960][T18406]  __kmalloc+0x6b/0x330
[ 2249.999116][T18406]  ? tomoyo_encode+0x27e/0x540
[ 2250.003885][T18406]  tomoyo_encode+0x27e/0x540
[ 2250.008482][T18406]  tomoyo_realpath_from_path+0x5cd/0x610
[ 2250.014129][T18406]  tomoyo_path_number_perm+0x242/0x660
[ 2250.019593][T18406]  ? verify_lock_unused+0x140/0x140
[ 2250.024798][T18406]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 2250.030311][T18406]  security_file_ioctl+0x6c/0xa0
[ 2250.035258][T18406]  __se_sys_ioctl+0x48/0x170
[ 2250.039858][T18406]  do_syscall_64+0x4c/0xa0
[ 2250.044272][T18406]  ? clear_bhb_loop+0x30/0x80
[ 2250.048955][T18406]  ? clear_bhb_loop+0x30/0x80
[ 2250.053650][T18406]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2250.059556][T18406] RIP: 0033:0x7f92a79aef79
[ 2250.063978][T18406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2250.083584][T18406] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2250.092003][T18406] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2250.099971][T18406] RDX: 0000200000000100 RSI: 000000000000890b RDI: 0000000000000003
[ 2250.107926][T18406] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2250.115881][T18406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2250.123835][T18406] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2250.131798][T18406]  </TASK>
[ 2250.146855][T18408] netlink: 'syz.3.15869': attribute type 10 has an invalid length.
[ 2250.172033][T18406] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2250.379413][T18417] FAULT_INJECTION: forcing a failure.
[ 2250.379413][T18417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2250.459000][T18417] CPU: 1 PID: 18417 Comm: syz.0.15872 Not tainted syzkaller #0
[ 2250.466592][T18417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2250.476651][T18417] Call Trace:
[ 2250.479943][T18417]  <TASK>
[ 2250.482872][T18417]  dump_stack_lvl+0x188/0x250
[ 2250.487557][T18417]  ? show_regs_print_info+0x20/0x20
[ 2250.492763][T18417]  ? load_image+0x400/0x400
[ 2250.497279][T18417]  ? __lock_acquire+0x7d10/0x7d10
[ 2250.502315][T18417]  should_fail+0x38c/0x4c0
[ 2250.506742][T18417]  _copy_to_user+0x2e/0x130
[ 2250.511246][T18417]  simple_read_from_buffer+0xe3/0x150
[ 2250.516621][T18417]  proc_fail_nth_read+0x1a6/0x220
[ 2250.521651][T18417]  ? proc_fault_inject_write+0x310/0x310
[ 2250.527297][T18417]  ? fsnotify_perm+0x254/0x560
[ 2250.532067][T18417]  ? proc_fault_inject_write+0x310/0x310
[ 2250.537708][T18417]  vfs_read+0x301/0xd60
[ 2250.541874][T18417]  ? kernel_read+0x1e0/0x1e0
[ 2250.546473][T18417]  ? __fget_files+0x40f/0x480
[ 2250.551158][T18417]  ? mutex_lock_nested+0x17/0x20
[ 2250.556100][T18417]  ? __fdget_pos+0x2bf/0x370
[ 2250.560696][T18417]  ? ksys_read+0x71/0x260
[ 2250.565031][T18417]  ksys_read+0x152/0x260
[ 2250.569277][T18417]  ? vfs_write+0xd60/0xd60
[ 2250.573705][T18417]  ? lockdep_hardirqs_on+0x94/0x140
[ 2250.578911][T18417]  do_syscall_64+0x4c/0xa0
[ 2250.583328][T18417]  ? clear_bhb_loop+0x30/0x80
[ 2250.588006][T18417]  ? clear_bhb_loop+0x30/0x80
[ 2250.592692][T18417]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2250.598585][T18417] RIP: 0033:0x7fd0518a184e
[ 2250.603000][T18417] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2250.622601][T18417] RSP: 002b:00007fd04fb3afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2250.631016][T18417] RAX: ffffffffffffffda RBX: 00007fd04fb3b6c0 RCX: 00007fd0518a184e
[ 2250.638988][T18417] RDX: 000000000000000f RSI: 00007fd04fb3b0a0 RDI: 0000000000000004
[ 2250.646952][T18417] RBP: 00007fd04fb3b090 R08: 0000000000000000 R09: 0000000000000000
[ 2250.654913][T18417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2250.662871][T18417] R13: 00007fd051b5b038 R14: 00007fd051b5afa0 R15: 00007ffea7dc6f38
[ 2250.670920][T18417]  </TASK>
[ 2250.890007][T18424] netlink: 'syz.4.15875': attribute type 12 has an invalid length.
[ 2250.921438][T18424] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15875'.
[ 2251.310494][T18429] netlink: 'syz.0.15877': attribute type 10 has an invalid length.
[ 2251.850326][T18438] netlink: 'syz.0.15880': attribute type 46 has an invalid length.
[ 2251.912295][T18438] netlink: 'syz.0.15880': attribute type 46 has an invalid length.
[ 2252.115616][T18445] FAULT_INJECTION: forcing a failure.
[ 2252.115616][T18445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2252.156677][T18445] CPU: 0 PID: 18445 Comm: syz.0.15883 Not tainted syzkaller #0
[ 2252.164254][T18445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2252.174313][T18445] Call Trace:
[ 2252.177587][T18445]  <TASK>
[ 2252.180506][T18445]  dump_stack_lvl+0x188/0x250
[ 2252.185209][T18445]  ? show_regs_print_info+0x20/0x20
[ 2252.190407][T18445]  ? load_image+0x400/0x400
[ 2252.194909][T18445]  ? __lock_acquire+0x7d10/0x7d10
[ 2252.199942][T18445]  should_fail+0x38c/0x4c0
[ 2252.204359][T18445]  _copy_from_user+0x2e/0x170
[ 2252.209036][T18445]  iovec_from_user+0x142/0x370
[ 2252.213802][T18445]  __import_iovec+0x70/0x490
[ 2252.218389][T18445]  ? perf_tp_event+0xa92/0xbf0
[ 2252.223156][T18445]  import_iovec+0x6f/0xa0
[ 2252.227484][T18445]  ___sys_sendmsg+0x1fd/0x2e0
[ 2252.232167][T18445]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2252.236959][T18445]  __se_sys_sendmsg+0x1af/0x290
[ 2252.241812][T18445]  ? __x64_sys_sendmsg+0x80/0x80
[ 2252.246745][T18445]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2252.252733][T18445]  ? lockdep_hardirqs_on+0x94/0x140
[ 2252.257933][T18445]  do_syscall_64+0x4c/0xa0
[ 2252.262340][T18445]  ? clear_bhb_loop+0x30/0x80
[ 2252.267011][T18445]  ? clear_bhb_loop+0x30/0x80
[ 2252.271688][T18445]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2252.277575][T18445] RIP: 0033:0x7fd0518e0f79
[ 2252.281984][T18445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2252.301580][T18445] RSP: 002b:00007fd04fb3b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2252.309991][T18445] RAX: ffffffffffffffda RBX: 00007fd051b5afa0 RCX: 00007fd0518e0f79
[ 2252.317958][T18445] RDX: 0000000000000010 RSI: 0000200000000380 RDI: 0000000000000003
[ 2252.325928][T18445] RBP: 00007fd04fb3b090 R08: 0000000000000000 R09: 0000000000000000
[ 2252.333894][T18445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2252.341861][T18445] R13: 00007fd051b5b038 R14: 00007fd051b5afa0 R15: 00007ffea7dc6f38
[ 2252.349893][T18445]  </TASK>
[ 2254.042630][T18460] netlink: 'syz.1.15888': attribute type 10 has an invalid length.
[ 2255.892708][T18493] netlink: 'syz.2.15901': attribute type 10 has an invalid length.
[ 2256.275315][T18501] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.15906'.
[ 2256.579474][T18511] FAULT_INJECTION: forcing a failure.
[ 2256.579474][T18511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2256.601974][T18511] CPU: 0 PID: 18511 Comm: syz.4.15910 Not tainted syzkaller #0
[ 2256.609561][T18511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2256.619621][T18511] Call Trace:
[ 2256.622901][T18511]  <TASK>
[ 2256.625828][T18511]  dump_stack_lvl+0x188/0x250
[ 2256.630514][T18511]  ? show_regs_print_info+0x20/0x20
[ 2256.635730][T18511]  ? load_image+0x400/0x400
[ 2256.640240][T18511]  ? __lock_acquire+0x7d10/0x7d10
[ 2256.645271][T18511]  should_fail+0x38c/0x4c0
[ 2256.649690][T18511]  _copy_from_user+0x2e/0x170
[ 2256.654367][T18511]  __sys_bpf+0x26d/0x6f0
[ 2256.658616][T18511]  ? bpf_link_show_fdinfo+0x380/0x380
[ 2256.664005][T18511]  __x64_sys_bpf+0x78/0x90
[ 2256.668428][T18511]  do_syscall_64+0x4c/0xa0
[ 2256.672850][T18511]  ? clear_bhb_loop+0x30/0x80
[ 2256.677525][T18511]  ? clear_bhb_loop+0x30/0x80
[ 2256.682230][T18511]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2256.688104][T18511] RIP: 0033:0x7f92a79aef79
[ 2256.692529][T18511] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2256.712124][T18511] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2256.720539][T18511] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2256.728495][T18511] RDX: 0000000000000094 RSI: 0000200000000c00 RDI: 0000000000000005
[ 2256.736450][T18511] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2256.744408][T18511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2256.752363][T18511] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2256.760325][T18511]  </TASK>
[ 2256.840477][T18513] netlink: 'syz.4.15911': attribute type 10 has an invalid length.
[ 2256.860750][T18513] device hsr_slave_0 left promiscuous mode
[ 2256.868112][T18513] device hsr_slave_1 left promiscuous mode
[ 2256.912251][T18514] netlink: 'syz.4.15911': attribute type 10 has an invalid length.
[ 2256.921167][T18514] device bond0 left promiscuous mode
[ 2256.926579][T18514] device bond_slave_0 left promiscuous mode
[ 2256.934475][T18514] device bond_slave_1 left promiscuous mode
[ 2256.940555][T18514] device batadv0 left promiscuous mode
[ 2256.955201][T18514] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2256.967416][T18514] team0: Port device bond0 added
[ 2256.992249][T18517] netlink: 'syz.4.15911': attribute type 10 has an invalid length.
[ 2257.128329][T18517] team0: Port device wlan1 added
[ 2257.279252][T18523] netlink: 'syz.1.15914': attribute type 10 has an invalid length.
[ 2257.478442][T18540] FAULT_INJECTION: forcing a failure.
[ 2257.478442][T18540] name failslab, interval 1, probability 0, space 0, times 0
[ 2257.520288][T18540] CPU: 1 PID: 18540 Comm: syz.1.15919 Not tainted syzkaller #0
[ 2257.527877][T18540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2257.537937][T18540] Call Trace:
[ 2257.541221][T18540]  <TASK>
[ 2257.544169][T18540]  dump_stack_lvl+0x188/0x250
[ 2257.548860][T18540]  ? show_regs_print_info+0x20/0x20
[ 2257.554068][T18540]  ? load_image+0x400/0x400
[ 2257.558677][T18540]  ? __might_sleep+0xf0/0xf0
[ 2257.563363][T18540]  ? __lock_acquire+0x7d10/0x7d10
[ 2257.568415][T18540]  should_fail+0x38c/0x4c0
[ 2257.572843][T18540]  should_failslab+0x5/0x20
[ 2257.577354][T18540]  slab_pre_alloc_hook+0x51/0xc0
[ 2257.582285][T18540]  ? __d_alloc+0x2a/0x6f0
[ 2257.586613][T18540]  kmem_cache_alloc+0x3d/0x290
[ 2257.591363][T18540]  __d_alloc+0x2a/0x6f0
[ 2257.595520][T18540]  d_alloc_pseudo+0x19/0x70
[ 2257.600027][T18540]  alloc_file_pseudo+0xe0/0x200
[ 2257.604885][T18540]  ? alloc_empty_file_noaccount+0x80/0x80
[ 2257.610608][T18540]  ? unclone_ctx+0xca/0x120
[ 2257.615109][T18540]  anon_inode_getfile+0xc1/0x1a0
[ 2257.620055][T18540]  __se_sys_perf_event_open+0xc02/0x1bb0
[ 2257.625730][T18540]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 2257.631387][T18540]  ? lockdep_hardirqs_on+0x94/0x140
[ 2257.636596][T18540]  ? __x64_sys_perf_event_open+0x1c/0xc0
[ 2257.642236][T18540]  do_syscall_64+0x4c/0xa0
[ 2257.646664][T18540]  ? clear_bhb_loop+0x30/0x80
[ 2257.651353][T18540]  ? clear_bhb_loop+0x30/0x80
[ 2257.656040][T18540]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2257.661941][T18540] RIP: 0033:0x7f2686722f79
[ 2257.666365][T18540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2257.685987][T18540] RSP: 002b:00007f268497d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2257.694417][T18540] RAX: ffffffffffffffda RBX: 00007f268699cfa0 RCX: 00007f2686722f79
[ 2257.702406][T18540] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000000
[ 2257.710386][T18540] RBP: 00007f268497d090 R08: 0000000000000000 R09: 0000000000000000
[ 2257.718372][T18540] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2257.726364][T18540] R13: 00007f268699d038 R14: 00007f268699cfa0 R15: 00007ffd7a89d6e8
[ 2257.734458][T18540]  </TASK>
[ 2258.233019][T18557] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.15924'.
[ 2258.717688][T18569] netlink: 'syz.0.15930': attribute type 10 has an invalid length.
[ 2258.869268][T18574] FAULT_INJECTION: forcing a failure.
[ 2258.869268][T18574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2258.884348][T18574] CPU: 1 PID: 18574 Comm: syz.1.15931 Not tainted syzkaller #0
[ 2258.891933][T18574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2258.902003][T18574] Call Trace:
[ 2258.905296][T18574]  <TASK>
[ 2258.908239][T18574]  dump_stack_lvl+0x188/0x250
[ 2258.912948][T18574]  ? show_regs_print_info+0x20/0x20
[ 2258.918169][T18574]  ? load_image+0x400/0x400
[ 2258.922697][T18574]  ? __kasan_kmalloc+0xcc/0xf0
[ 2258.927487][T18574]  ? __lock_acquire+0x7d10/0x7d10
[ 2258.932531][T18574]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2258.938633][T18574]  should_fail+0x38c/0x4c0
[ 2258.943100][T18574]  _copy_from_iter+0x22e/0x1170
[ 2258.947977][T18574]  ? __lock_acquire+0x7d10/0x7d10
[ 2258.953038][T18574]  ? copy_mc_pipe_to_iter+0x7d0/0x7d0
[ 2258.958443][T18574]  ? __virt_addr_valid+0x3c6/0x470
[ 2258.963573][T18574]  ? __phys_addr_symbol+0x2b/0x70
[ 2258.968613][T18574]  ? __check_object_size+0x30c/0x410
[ 2258.973924][T18574]  kernfs_fop_write_iter+0x1a4/0x4c0
[ 2258.979227][T18574]  ? iov_iter_init+0xb4/0x170
[ 2258.983928][T18574]  vfs_write+0x745/0xd60
[ 2258.988209][T18574]  ? file_end_write+0x250/0x250
[ 2258.993075][T18574]  ? rcu_nmi_exit+0x6f/0xf0
[ 2258.997874][T18574]  ? __fget_files+0x40f/0x480
[ 2259.002583][T18574]  ? mutex_lock_nested+0x17/0x20
[ 2259.007628][T18574]  ? __fdget_pos+0x2bf/0x370
[ 2259.012231][T18574]  ? ksys_write+0x71/0x260
[ 2259.016668][T18574]  ksys_write+0x152/0x260
[ 2259.021025][T18574]  ? __ia32_sys_read+0x80/0x80
[ 2259.025819][T18574]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2259.031752][T18574]  do_syscall_64+0x4c/0xa0
[ 2259.036179][T18574]  ? clear_bhb_loop+0x30/0x80
[ 2259.040873][T18574]  ? clear_bhb_loop+0x30/0x80
[ 2259.045574][T18574]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2259.051479][T18574] RIP: 0033:0x7f2686722f79
[ 2259.055906][T18574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2259.075529][T18574] RSP: 002b:00007f268497d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2259.083963][T18574] RAX: ffffffffffffffda RBX: 00007f268699cfa0 RCX: 00007f2686722f79
[ 2259.091963][T18574] RDX: 0000000000000012 RSI: 0000200000000c40 RDI: 0000000000000007
[ 2259.100050][T18574] RBP: 00007f268497d090 R08: 0000000000000000 R09: 0000000000000000
[ 2259.108073][T18574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2259.116067][T18574] R13: 00007f268699d038 R14: 00007f268699cfa0 R15: 00007ffd7a89d6e8
[ 2259.124101][T18574]  </TASK>
[ 2259.730543][T18604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15940'.
[ 2259.754290][T18604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15940'.
[ 2260.011464][T18601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15940'.
[ 2260.425035][T18629] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.15948'.
[ 2260.506220][T18631] netlink: 'syz.1.15949': attribute type 25 has an invalid length.
[ 2260.525550][T18631] netlink: 'syz.1.15949': attribute type 1 has an invalid length.
[ 2260.548220][T18631] bridge0: port 1(bridge_slave_0) entered learning state
[ 2260.902173][T18646] netlink: 'syz.1.15954': attribute type 10 has an invalid length.
[ 2260.993290][T18646] device hsr_slave_0 left promiscuous mode
[ 2261.078646][T18646] device hsr_slave_1 left promiscuous mode
[ 2261.122539][T18648] netlink: 'syz.1.15954': attribute type 10 has an invalid length.
[ 2261.146464][T18648] device bond0 left promiscuous mode
[ 2261.164508][T18648] device bond_slave_0 left promiscuous mode
[ 2261.184788][T18648] device bond_slave_1 left promiscuous mode
[ 2261.214035][T18648] device batadv0 left promiscuous mode
[ 2261.219661][T18648] device dummy0 left promiscuous mode
[ 2261.261986][T18648] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2261.270242][T18648] team0: Port device bond0 added
[ 2261.359600][T18650] netlink: 'syz.1.15954': attribute type 10 has an invalid length.
[ 2261.416121][T18650] team0: Port device wlan1 added
[ 2261.655933][T18664] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15957'.
[ 2261.701701][T18664] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15957'.
[ 2261.719208][T18658] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15957'.
[ 2262.581710][T18689] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2262.589263][T18689] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2264.174446][T18711] netlink: 'syz.3.15974': attribute type 10 has an invalid length.
[ 2264.211727][T18717] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15973'.
[ 2264.229300][T18716] netlink: 'syz.4.15975': attribute type 10 has an invalid length.
[ 2264.294703][T18716] device bond0 entered promiscuous mode
[ 2264.307841][T18716] device bond_slave_0 entered promiscuous mode
[ 2264.359932][T18716] device bond_slave_1 entered promiscuous mode
[ 2264.377814][T18716] device batadv0 entered promiscuous mode
[ 2264.480051][T18722] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.15976'.
[ 2264.497236][T18717] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15973'.
[ 2264.584972][T18722] netlink: 'syz.3.15976': attribute type 39 has an invalid length.
[ 2264.872530][T18729] FAULT_INJECTION: forcing a failure.
[ 2264.872530][T18729] name failslab, interval 1, probability 0, space 0, times 0
[ 2264.954647][T18730] netlink: 'syz.4.15979': attribute type 39 has an invalid length.
[ 2265.052758][T18729] CPU: 0 PID: 18729 Comm: syz.4.15979 Not tainted syzkaller #0
[ 2265.060346][T18729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2265.070406][T18729] Call Trace:
[ 2265.073685][T18729]  <TASK>
[ 2265.076614][T18729]  dump_stack_lvl+0x188/0x250
[ 2265.081302][T18729]  ? show_regs_print_info+0x20/0x20
[ 2265.086508][T18729]  ? load_image+0x400/0x400
[ 2265.091025][T18729]  ? __might_sleep+0xf0/0xf0
[ 2265.095619][T18729]  ? __lock_acquire+0x7d10/0x7d10
[ 2265.100660][T18729]  should_fail+0x38c/0x4c0
[ 2265.105091][T18729]  should_failslab+0x5/0x20
[ 2265.109600][T18729]  slab_pre_alloc_hook+0x51/0xc0
[ 2265.114550][T18729]  kmem_cache_alloc_node_trace+0x4a/0x300
[ 2265.120280][T18729]  ? __get_vm_area_node+0x119/0x2d0
[ 2265.125491][T18729]  __get_vm_area_node+0x119/0x2d0
[ 2265.130524][T18729]  __vmalloc_node_range+0xef/0x8b0
[ 2265.135649][T18729]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2265.140584][T18729]  ? netlink_data_ready+0x10/0x10
[ 2265.145619][T18729]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2265.150564][T18729]  vmalloc+0x75/0x80
[ 2265.154461][T18729]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2265.159400][T18729]  netlink_sendmsg+0x5ec/0xbe0
[ 2265.164177][T18729]  ? netlink_getsockopt+0x570/0x570
[ 2265.169383][T18729]  ? aa_sock_msg_perm+0x94/0x150
[ 2265.174335][T18729]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2265.179627][T18729]  ? security_socket_sendmsg+0x7c/0xa0
[ 2265.185091][T18729]  sock_write_iter+0x2a6/0x3a0
[ 2265.189872][T18729]  ? sock_read_iter+0x380/0x380
[ 2265.194738][T18729]  ? memset+0x1e/0x40
[ 2265.198728][T18729]  ? iov_iter_init+0xb4/0x170
[ 2265.203412][T18729]  vfs_write+0x745/0xd60
[ 2265.207665][T18729]  ? file_end_write+0x250/0x250
[ 2265.212517][T18729]  ? rcu_nmi_exit+0x6f/0xf0
[ 2265.217036][T18729]  ? __fget_files+0x40f/0x480
[ 2265.221721][T18729]  ? __fdget_pos+0x1e2/0x370
[ 2265.226310][T18729]  ? ksys_write+0x71/0x260
[ 2265.230731][T18729]  ksys_write+0x152/0x260
[ 2265.235067][T18729]  ? __ia32_sys_read+0x80/0x80
[ 2265.239838][T18729]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2265.245740][T18729]  do_syscall_64+0x4c/0xa0
[ 2265.250161][T18729]  ? clear_bhb_loop+0x30/0x80
[ 2265.254835][T18729]  ? clear_bhb_loop+0x30/0x80
[ 2265.259605][T18729]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2265.265494][T18729] RIP: 0033:0x7f92a79aef79
[ 2265.269910][T18729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2265.289512][T18729] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2265.297934][T18729] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2265.305913][T18729] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000005
[ 2265.313884][T18729] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2265.321861][T18729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2265.329835][T18729] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2265.337926][T18729]  </TASK>
[ 2265.482029][T18729] syz.4.15979: vmalloc error: size 65408, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 2265.536738][T18729] CPU: 0 PID: 18729 Comm: syz.4.15979 Not tainted syzkaller #0
[ 2265.544341][T18729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2265.554407][T18729] Call Trace:
[ 2265.557685][T18729]  <TASK>
[ 2265.560608][T18729]  dump_stack_lvl+0x188/0x250
[ 2265.565287][T18729]  ? rcu_lock_release+0x5/0x20
[ 2265.570045][T18729]  ? show_regs_print_info+0x20/0x20
[ 2265.575234][T18729]  ? load_image+0x400/0x400
[ 2265.579737][T18729]  warn_alloc+0x243/0x320
[ 2265.584061][T18729]  ? zone_watermark_ok_safe+0x240/0x240
[ 2265.589600][T18729]  ? kmem_cache_alloc_node_trace+0x16c/0x300
[ 2265.595574][T18729]  ? __get_vm_area_node+0x119/0x2d0
[ 2265.600765][T18729]  __vmalloc_node_range+0x2b1/0x8b0
[ 2265.605948][T18729]  ? netlink_data_ready+0x10/0x10
[ 2265.610959][T18729]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2265.615876][T18729]  vmalloc+0x75/0x80
[ 2265.619753][T18729]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2265.624672][T18729]  netlink_sendmsg+0x5ec/0xbe0
[ 2265.629422][T18729]  ? netlink_getsockopt+0x570/0x570
[ 2265.634602][T18729]  ? aa_sock_msg_perm+0x94/0x150
[ 2265.639534][T18729]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2265.644805][T18729]  ? security_socket_sendmsg+0x7c/0xa0
[ 2265.650245][T18729]  sock_write_iter+0x2a6/0x3a0
[ 2265.654993][T18729]  ? sock_read_iter+0x380/0x380
[ 2265.659827][T18729]  ? memset+0x1e/0x40
[ 2265.663791][T18729]  ? iov_iter_init+0xb4/0x170
[ 2265.668453][T18729]  vfs_write+0x745/0xd60
[ 2265.672682][T18729]  ? file_end_write+0x250/0x250
[ 2265.677508][T18729]  ? rcu_nmi_exit+0x6f/0xf0
[ 2265.682002][T18729]  ? __fget_files+0x40f/0x480
[ 2265.686665][T18729]  ? __fdget_pos+0x1e2/0x370
[ 2265.691232][T18729]  ? ksys_write+0x71/0x260
[ 2265.695630][T18729]  ksys_write+0x152/0x260
[ 2265.699939][T18729]  ? __ia32_sys_read+0x80/0x80
[ 2265.704684][T18729]  ? syscall_enter_from_user_mode+0x2a/0x70
[ 2265.710562][T18729]  do_syscall_64+0x4c/0xa0
[ 2265.714960][T18729]  ? clear_bhb_loop+0x30/0x80
[ 2265.719617][T18729]  ? clear_bhb_loop+0x30/0x80
[ 2265.724277][T18729]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2265.730237][T18729] RIP: 0033:0x7f92a79aef79
[ 2265.734633][T18729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2265.754218][T18729] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2265.762612][T18729] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2265.770565][T18729] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000005
[ 2265.778516][T18729] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2265.786472][T18729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2265.794424][T18729] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2265.802388][T18729]  </TASK>
[ 2265.941252][T18736] netlink: 'syz.1.15980': attribute type 39 has an invalid length.
[ 2266.491680][T18729] Mem-Info:
[ 2266.498343][T18729] active_anon:277 inactive_anon:26685 isolated_anon:0
[ 2266.498343][T18729]  active_file:26963 inactive_file:37720 isolated_file:0
[ 2266.498343][T18729]  unevictable:768 dirty:469 writeback:0
[ 2266.498343][T18729]  slab_reclaimable:21092 slab_unreclaimable:100851
[ 2266.498343][T18729]  mapped:38882 shmem:19201 pagetables:691 bounce:0
[ 2266.498343][T18729]  kernel_misc_reclaimable:0
[ 2266.498343][T18729]  free:1301062 free_pcp:4864 free_cma:0
[ 2266.598249][T18745] netlink: 'syz.0.15984': attribute type 10 has an invalid length.
[ 2266.637845][T18745] device hsr_slave_0 left promiscuous mode
[ 2266.674901][T18745] device hsr_slave_1 left promiscuous mode
[ 2266.687785][T18729] Node 0 active_anon:1076kB inactive_anon:112732kB active_file:107652kB inactive_file:150880kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156928kB dirty:1876kB writeback:0kB shmem:81028kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:11528kB pagetables:2864kB all_unreclaimable? no
[ 2266.787309][T18749] netlink: 'syz.0.15984': attribute type 10 has an invalid length.
[ 2266.805569][T18749] device bond0 left promiscuous mode
[ 2266.814436][T18749] device bond_slave_0 left promiscuous mode
[ 2266.829667][T18749] device bond_slave_1 left promiscuous mode
[ 2266.837435][T18729] Node 1 active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no
[ 2266.877440][T18749] device dummy0 left promiscuous mode
[ 2266.892158][T18749] device batadv0 left promiscuous mode
[ 2266.915709][T18749] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2266.928742][T18749] team0: Port device bond0 added
[ 2266.937787][T18750] netlink: 'syz.0.15984': attribute type 10 has an invalid length.
[ 2266.952925][T18750] device wlan1 left promiscuous mode
[ 2266.959685][T18729] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2267.025078][T18750] team0: Port device wlan1 added
[ 2267.148848][T18729] lowmem_reserve[]: 0 2539 2540 2540 2540
[ 2267.215701][T18729] Node 0 DMA32 free:1243244kB min:34784kB low:43480kB high:52176kB reserved_highatomic:0KB active_anon:1080kB inactive_anon:134168kB active_file:107652kB inactive_file:152980kB unevictable:1536kB writepending:1960kB present:3129332kB managed:2606556kB mlocked:0kB bounce:0kB free_pcp:11508kB local_pcp:10708kB free_cma:0kB
[ 2267.445814][T18729] lowmem_reserve[]: 0 0 0 0 0
[ 2267.487204][T18729] Node 0 Normal free:4kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:660kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB
[ 2267.541678][T18755] netlink: 'syz.3.15987': attribute type 10 has an invalid length.
[ 2267.611660][T18729] lowmem_reserve[]: 0 0 0 0 0
[ 2267.626992][T18729] Node 1 Normal free:3918368kB min:55108kB low:68884kB high:82660kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:3080kB local_pcp:3080kB free_cma:0kB
[ 2267.756466][T18729] lowmem_reserve[]: 0 0 0 0 0
[ 2267.840821][T18729] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 2267.937041][T18729] Node 0 DMA32: 3*4kB (UME) 837*8kB (UME) 1853*16kB (UE) 304*32kB (UME) 14*64kB (UE) 463*128kB (UME) 344*256kB (UME) 179*512kB (UME) 86*1024kB (UM) 32*2048kB (UME) 190*4096kB (UM) = 1217796kB
[ 2267.962084][T18729] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[ 2268.000380][T18729] Node 1 Normal: 212*4kB (UME) 42*8kB (UME) 22*16kB (UME) 189*32kB (UME) 78*64kB (UME) 22*128kB (UE) 6*256kB (UM) 6*512kB (UE) 1*1024kB (E) 3*2048kB (UME) 950*4096kB (M) = 3918368kB
[ 2268.011878][T18763] netlink: 'syz.3.15989': attribute type 10 has an invalid length.
[ 2268.054875][T18729] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2268.087178][T18729] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2268.111960][T18729] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2268.141706][T18729] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2268.163195][T18729] 99705 total pagecache pages
[ 2268.171914][T18729] 0 pages in swap cache
[ 2268.196466][T18729] Swap cache stats: add 0, delete 0, find 0/0
[ 2268.211659][T18729] Free swap  = 124996kB
[ 2268.227067][T18729] Total swap = 124996kB
[ 2268.231359][T18729] 2097051 pages RAM
[ 2268.252346][T18729] 0 pages HighMem/MovableOnly
[ 2268.257151][T18729] 411489 pages reserved
[ 2268.261402][T18729] 0 pages cma reserved
[ 2268.300494][T18771] netlink: 'syz.0.15993': attribute type 10 has an invalid length.
[ 2268.336543][T18771] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15993'.
[ 2268.440881][T18771] batman_adv: batadv0: Adding interface: virt_wifi0
[ 2268.482445][T18771] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2268.513508][T18771] batman_adv: batadv0: Interface activated: virt_wifi0
[ 2269.841645][T12549] Bluetooth: hci4: command 0x0406 tx timeout
[ 2270.078460][T18792] netlink: 'syz.3.15999': attribute type 4 has an invalid length.
[ 2270.117631][T18792] netlink: 105084 bytes leftover after parsing attributes in process `syz.3.15999'.
[ 2270.298042][T18794] netlink: 152 bytes leftover after parsing attributes in process `syz.3.15999'.
[ 2272.224602][T18810] bridge0: port 3(syz_tun) entered blocking state
[ 2272.241940][T18810] bridge0: port 3(syz_tun) entered disabled state
[ 2272.249972][T18810] device syz_tun entered promiscuous mode
[ 2272.540287][T18816] netlink: 'syz.3.16009': attribute type 25 has an invalid length.
[ 2272.561318][T18816] netlink: 'syz.3.16009': attribute type 1 has an invalid length.
[ 2272.573352][T18816] bridge0: port 1(bridge_slave_0) entered learning state
[ 2272.925758][T18837] netlink: 'syz.2.16017': attribute type 4 has an invalid length.
[ 2272.943451][T18837] netlink: 105084 bytes leftover after parsing attributes in process `syz.2.16017'.
[ 2273.073041][T18848] netlink: 152 bytes leftover after parsing attributes in process `syz.2.16017'.
[ 2276.137698][T18869] netlink: 'syz.0.16027': attribute type 10 has an invalid length.
[ 2276.208914][T18869] device bond0 entered promiscuous mode
[ 2276.225214][T18869] device bond_slave_0 entered promiscuous mode
[ 2276.239240][T18869] device bond_slave_1 entered promiscuous mode
[ 2276.250524][T18869] device dummy0 entered promiscuous mode
[ 2276.268786][T18869] device batadv0 entered promiscuous mode
[ 2276.409816][T18878] netlink: 'syz.1.16031': attribute type 10 has an invalid length.
[ 2279.714912][T18893] netlink: 'syz.4.16036': attribute type 4 has an invalid length.
[ 2279.714959][T18896] netlink: 'syz.0.16037': attribute type 3 has an invalid length.
[ 2279.714977][T18896] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.16037'.
[ 2279.762514][T18893] netlink: 105084 bytes leftover after parsing attributes in process `syz.4.16036'.
[ 2279.785533][T18900] netlink: 152 bytes leftover after parsing attributes in process `syz.4.16036'.
[ 2282.605099][T18921] netlink: 'syz.2.16043': attribute type 10 has an invalid length.
[ 2282.636188][T18915] netlink: 'syz.1.16042': attribute type 4 has an invalid length.
[ 2282.682613][T18915] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.16042'.
[ 2282.733885][T18925] netlink: 'syz.1.16042': attribute type 4 has an invalid length.
[ 2282.789718][T18925] netlink: 199824 bytes leftover after parsing attributes in process `syz.1.16042'.
[ 2283.138892][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[ 2283.145253][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 2283.821666][T18952] netlink: 'syz.4.16051': attribute type 21 has an invalid length.
[ 2283.829660][T18952] netlink: 156 bytes leftover after parsing attributes in process `syz.4.16051'.
[ 2284.077493][T18945] netlink: 'syz.3.16049': attribute type 39 has an invalid length.
[ 2284.567344][T18968] netlink: 'syz.3.16055': attribute type 25 has an invalid length.
[ 2284.595799][T18968] netlink: 'syz.3.16055': attribute type 1 has an invalid length.
[ 2284.653304][T18968] bridge0: port 1(bridge_slave_0) entered learning state
[ 2284.741331][T18970] netlink: 'syz.1.16056': attribute type 25 has an invalid length.
[ 2284.761252][T18970] netlink: 'syz.1.16056': attribute type 1 has an invalid length.
[ 2284.775876][T18970] bridge0: port 1(bridge_slave_0) entered learning state
[ 2284.867166][T18973] netlink: 'syz.4.16057': attribute type 10 has an invalid length.
[ 2285.310957][T18980] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2285.459471][T18980] netlink: 1 bytes leftover after parsing attributes in process `syz.3.16061'.
[ 2285.852039][T18996] netlink: 'syz.2.16067': attribute type 1 has an invalid length.
[ 2285.873596][T18996] netlink: 144 bytes leftover after parsing attributes in process `syz.2.16067'.
[ 2285.891843][T18998] netlink: 'syz.0.16066': attribute type 21 has an invalid length.
[ 2285.920337][T18998] netlink: 156 bytes leftover after parsing attributes in process `syz.0.16066'.
[ 2286.254095][T19010] netlink: 'syz.4.16070': attribute type 25 has an invalid length.
[ 2286.269663][T19010] netlink: 'syz.4.16070': attribute type 1 has an invalid length.
[ 2286.288226][T19010] bridge0: port 1(bridge_slave_0) entered learning state
[ 2286.320428][T19014] netlink: 'syz.1.16072': attribute type 10 has an invalid length.
[ 2286.979617][T19029] netlink: 'syz.0.16075': attribute type 10 has an invalid length.
[ 2287.068051][T19029] team0: Port device geneve1 added
[ 2289.138647][T19051] netlink: 'syz.3.16081': attribute type 21 has an invalid length.
[ 2289.169457][T19051] netlink: 156 bytes leftover after parsing attributes in process `syz.3.16081'.
[ 2291.456465][T19068] validate_nla: 1 callbacks suppressed
[ 2291.456525][T19068] netlink: 'syz.3.16088': attribute type 10 has an invalid length.
[ 2291.675519][T19068] team0: Port device geneve1 added
[ 2291.996485][T19082] netlink: 'syz.2.16091': attribute type 10 has an invalid length.
[ 2292.143989][T19082] team0: Port device geneve1 added
[ 2297.538932][T19154] netlink: 'syz.0.16116': attribute type 10 has an invalid length.
[ 2297.706973][T19162] netlink: 'syz.4.16120': attribute type 13 has an invalid length.
[ 2297.732491][T19162] netlink: 24643 bytes leftover after parsing attributes in process `syz.4.16120'.
[ 2297.752021][T19159] netlink: 'syz.0.16117': attribute type 10 has an invalid length.
[ 2297.864480][T19168] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2297.887842][T19168] netlink: 1 bytes leftover after parsing attributes in process `syz.1.16121'.
[ 2298.262370][T19175] device veth1_macvtap left promiscuous mode
[ 2299.208670][T19186] netlink: 'syz.1.16127': attribute type 10 has an invalid length.
[ 2299.250804][T19186] device bond0 entered promiscuous mode
[ 2299.256594][T19186] device bond_slave_0 entered promiscuous mode
[ 2299.279384][T19186] device bond_slave_1 entered promiscuous mode
[ 2299.296513][T19186] device batadv0 entered promiscuous mode
[ 2299.319799][T19186] device dummy0 entered promiscuous mode
[ 2299.381447][T19188] netlink: 176 bytes leftover after parsing attributes in process `syz.4.16128'.
[ 2299.433623][T19189] netlink: 1 bytes leftover after parsing attributes in process `syz.4.16128'.
[ 2300.145804][T19202] netlink: 830 bytes leftover after parsing attributes in process `syz.0.16134'.
[ 2300.238729][T19204] netlink: 'syz.1.16133': attribute type 10 has an invalid length.
[ 2300.577897][T19213] FAULT_INJECTION: forcing a failure.
[ 2300.577897][T19213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2300.654200][T19213] CPU: 0 PID: 19213 Comm: syz.4.16137 Not tainted syzkaller #0
[ 2300.661786][T19213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2300.671861][T19213] Call Trace:
[ 2300.675146][T19213]  <TASK>
[ 2300.678088][T19213]  dump_stack_lvl+0x188/0x250
[ 2300.682774][T19213]  ? show_regs_print_info+0x20/0x20
[ 2300.687974][T19213]  ? load_image+0x400/0x400
[ 2300.692478][T19213]  ? __lock_acquire+0x7d10/0x7d10
[ 2300.697510][T19213]  should_fail+0x38c/0x4c0
[ 2300.701933][T19213]  _copy_from_user+0x2e/0x170
[ 2300.706614][T19213]  __copy_msghdr_from_user+0xc9/0x630
[ 2300.711986][T19213]  ? verify_lock_unused+0x140/0x140
[ 2300.717189][T19213]  ? __ia32_sys_shutdown+0x1d0/0x1d0
[ 2300.722491][T19213]  ___sys_sendmsg+0x19a/0x2e0
[ 2300.727186][T19213]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2300.731957][T19213]  ? trace_event_raw_event_lock+0x270/0x270
[ 2300.737848][T19213]  ? vfs_write+0x8b2/0xd60
[ 2300.742295][T19213]  __se_sys_sendmsg+0x1af/0x290
[ 2300.747160][T19213]  ? __x64_sys_sendmsg+0x80/0x80
[ 2300.752100][T19213]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2300.758095][T19213]  ? lockdep_hardirqs_on+0x94/0x140
[ 2300.763302][T19213]  do_syscall_64+0x4c/0xa0
[ 2300.767717][T19213]  ? clear_bhb_loop+0x30/0x80
[ 2300.772393][T19213]  ? clear_bhb_loop+0x30/0x80
[ 2300.777067][T19213]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2300.782956][T19213] RIP: 0033:0x7f92a79aef79
[ 2300.787368][T19213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2300.806984][T19213] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2300.815403][T19213] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2300.823374][T19213] RDX: 0000000000044010 RSI: 0000200000000180 RDI: 0000000000000003
[ 2300.831345][T19213] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2300.839315][T19213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2300.847287][T19213] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2300.855281][T19213]  </TASK>
[ 2300.861779][T19214] device veth1_macvtap left promiscuous mode
[ 2301.432508][T19221] netlink: 'syz.0.16140': attribute type 10 has an invalid length.
[ 2301.728228][T19228] netlink: 'syz.0.16142': attribute type 25 has an invalid length.
[ 2301.752172][T19228] netlink: 'syz.0.16142': attribute type 1 has an invalid length.
[ 2301.760434][T19228] bridge0: port 1(bridge_slave_0) entered learning state
[ 2302.022778][T19239] netlink: 'syz.0.16146': attribute type 10 has an invalid length.
[ 2302.086539][T19242] netlink: 'syz.4.16147': attribute type 10 has an invalid length.
[ 2302.169032][T19244] netlink: 156 bytes leftover after parsing attributes in process `syz.3.16148'.
[ 2302.714847][T19266] device veth1_macvtap left promiscuous mode
[ 2302.912268][T19272] FAULT_INJECTION: forcing a failure.
[ 2302.912268][T19272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2303.083680][T19272] CPU: 1 PID: 19272 Comm: syz.3.16156 Not tainted syzkaller #0
[ 2303.091260][T19272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2303.101318][T19272] Call Trace:
[ 2303.104598][T19272]  <TASK>
[ 2303.107527][T19272]  dump_stack_lvl+0x188/0x250
[ 2303.112214][T19272]  ? show_regs_print_info+0x20/0x20
[ 2303.117415][T19272]  ? load_image+0x400/0x400
[ 2303.121922][T19272]  ? __lock_acquire+0x7d10/0x7d10
[ 2303.126951][T19272]  should_fail+0x38c/0x4c0
[ 2303.131376][T19272]  _copy_from_user+0x2e/0x170
[ 2303.136056][T19272]  ____sys_sendmsg+0x30a/0x8f0
[ 2303.140829][T19272]  ? __sys_sendmsg_sock+0x30/0x30
[ 2303.146040][T19272]  ? import_iovec+0x6f/0xa0
[ 2303.150554][T19272]  ___sys_sendmsg+0x236/0x2e0
[ 2303.155243][T19272]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2303.160027][T19272]  ? vfs_write+0x8b2/0xd60
[ 2303.164466][T19272]  __se_sys_sendmsg+0x1af/0x290
[ 2303.169324][T19272]  ? __x64_sys_sendmsg+0x80/0x80
[ 2303.174262][T19272]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2303.180256][T19272]  ? lockdep_hardirqs_on+0x94/0x140
[ 2303.185467][T19272]  do_syscall_64+0x4c/0xa0
[ 2303.189884][T19272]  ? clear_bhb_loop+0x30/0x80
[ 2303.194559][T19272]  ? clear_bhb_loop+0x30/0x80
[ 2303.199235][T19272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2303.205125][T19272] RIP: 0033:0x7f27304b0f79
[ 2303.209543][T19272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2303.229145][T19272] RSP: 002b:00007f272e70b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2303.237559][T19272] RAX: ffffffffffffffda RBX: 00007f273072afa0 RCX: 00007f27304b0f79
[ 2303.245532][T19272] RDX: 0000000000000090 RSI: 0000200000000340 RDI: 0000000000000003
[ 2303.253500][T19272] RBP: 00007f272e70b090 R08: 0000000000000000 R09: 0000000000000000
[ 2303.261459][T19272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2303.269415][T19272] R13: 00007f273072b038 R14: 00007f273072afa0 R15: 00007ffcec345a68
[ 2303.277378][T19272]  </TASK>
[ 2303.490528][T19287] validate_nla: 3 callbacks suppressed
[ 2303.490544][T19287] netlink: 'syz.2.16161': attribute type 10 has an invalid length.
[ 2303.947401][T19298] netlink: 'syz.2.16165': attribute type 10 has an invalid length.
[ 2304.192795][T19302] netlink: 'syz.1.16166': attribute type 19 has an invalid length.
[ 2304.280403][T19310] bond0: (slave batadv0): Error: Slave device does not support XDP
[ 2304.334494][T19310] netlink: 'syz.4.16169': attribute type 10 has an invalid length.
[ 2304.386253][T19310] bond0: (slave bond_slave_0): Releasing backup interface
[ 2304.407199][T19310] device bond_slave_0 left promiscuous mode
[ 2304.684460][T19308] delete_channel: no stack
[ 2304.750811][T19329] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.16176'.
[ 2304.777590][T19327] netlink: 'syz.1.16175': attribute type 10 has an invalid length.
[ 2305.081375][T19338] netlink: 'syz.0.16179': attribute type 10 has an invalid length.
[ 2306.079745][T19358] netlink: 'syz.4.16186': attribute type 25 has an invalid length.
[ 2306.095686][T19358] netlink: 'syz.4.16186': attribute type 1 has an invalid length.
[ 2306.109971][T19358] bridge0: port 1(bridge_slave_0) entered learning state
[ 2306.346130][T19366] netlink: 'syz.4.16189': attribute type 10 has an invalid length.
[ 2306.438676][T19368] netlink: 'syz.2.16190': attribute type 10 has an invalid length.
[ 2306.528533][T19369] delete_channel: no stack
[ 2306.675579][T19380] netlink: 72 bytes leftover after parsing attributes in process `syz.4.16194'.
[ 2306.765531][T19377] delete_channel: no stack
[ 2307.132501][T19393] bridge0: port 1(bridge_slave_0) entered learning state
[ 2308.486498][T19422] bond0: (slave batadv0): Error: Slave device does not support XDP
[ 2308.537816][T19422] validate_nla: 6 callbacks suppressed
[ 2308.537861][T19422] netlink: 'syz.2.16211': attribute type 10 has an invalid length.
[ 2308.577418][T19422] bond0: (slave bond_slave_0): Releasing backup interface
[ 2308.586792][T19422] device bond_slave_0 left promiscuous mode
[ 2308.607911][T19426] bond0: (slave dummy0): Error: Slave device does not support XDP
[ 2308.626510][T19425] delete_channel: no stack
[ 2308.638907][T19428] netlink: 'syz.1.16215': attribute type 10 has an invalid length.
[ 2308.695536][T19421] delete_channel: no stack
[ 2308.879926][T19440] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.16219'.
[ 2310.133793][T19464] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.16227'.
[ 2310.203763][T19462] netlink: 'syz.2.16226': attribute type 21 has an invalid length.
[ 2310.234932][T19462] netlink: 'syz.2.16226': attribute type 4 has an invalid length.
[ 2310.292484][T19462] netlink: 156 bytes leftover after parsing attributes in process `syz.2.16226'.
[ 2310.353449][T19467] netlink: 'syz.1.16228': attribute type 10 has an invalid length.
[ 2310.719345][T19481] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.16232'.
[ 2310.956323][T19475] bond0: (slave batadv0): Error: Slave device does not support XDP
[ 2310.991937][T19482] netlink: 'syz.1.16229': attribute type 10 has an invalid length.
[ 2311.054653][T19482] bond0: (slave bond_slave_0): Releasing backup interface
[ 2311.084036][T19482] device bond_slave_0 left promiscuous mode
[ 2311.214646][T19474] delete_channel: no stack
[ 2311.335240][T19492] netlink: 72 bytes leftover after parsing attributes in process `syz.1.16236'.
[ 2311.409957][T19491] delete_channel: no stack
[ 2311.563534][T19490] netlink: 'syz.4.16237': attribute type 19 has an invalid length.
[ 2311.865589][T19503] FAULT_INJECTION: forcing a failure.
[ 2311.865589][T19503] name failslab, interval 1, probability 0, space 0, times 0
[ 2311.878613][T19499] netlink: 'syz.0.16239': attribute type 10 has an invalid length.
[ 2311.938457][T19503] CPU: 0 PID: 19503 Comm: syz.3.16241 Not tainted syzkaller #0
[ 2311.944835][T19501] netlink: 'syz.4.16240': attribute type 10 has an invalid length.
[ 2311.946032][T19503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2311.946047][T19503] Call Trace:
[ 2311.946054][T19503]  <TASK>
[ 2311.946062][T19503]  dump_stack_lvl+0x188/0x250
[ 2311.946090][T19503]  ? show_regs_print_info+0x20/0x20
[ 2311.980113][T19503]  ? load_image+0x400/0x400
[ 2311.984634][T19503]  ? __might_sleep+0xf0/0xf0
[ 2311.989242][T19503]  ? __lock_acquire+0x7d10/0x7d10
[ 2311.994272][T19503]  ? __local_bh_enable_ip+0x136/0x1c0
[ 2311.999652][T19503]  should_fail+0x38c/0x4c0
[ 2312.004086][T19503]  should_failslab+0x5/0x20
[ 2312.008586][T19503]  slab_pre_alloc_hook+0x51/0xc0
[ 2312.013526][T19503]  kmem_cache_alloc_node_trace+0x4a/0x300
[ 2312.019246][T19503]  ? __get_vm_area_node+0x119/0x2d0
[ 2312.024446][T19503]  __get_vm_area_node+0x119/0x2d0
[ 2312.029476][T19503]  __vmalloc_node_range+0xef/0x8b0
[ 2312.034579][T19503]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2312.039512][T19503]  ? netlink_data_ready+0x10/0x10
[ 2312.044546][T19503]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2312.049479][T19503]  vmalloc+0x75/0x80
[ 2312.053372][T19503]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2312.058311][T19503]  netlink_sendmsg+0x5ec/0xbe0
[ 2312.063086][T19503]  ? netlink_getsockopt+0x570/0x570
[ 2312.068292][T19503]  ? aa_sock_msg_perm+0x94/0x150
[ 2312.073223][T19503]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2312.078496][T19503]  ? security_socket_sendmsg+0x7c/0xa0
[ 2312.083944][T19503]  sock_write_iter+0x2a6/0x3a0
[ 2312.088699][T19503]  ? sock_read_iter+0x380/0x380
[ 2312.093539][T19503]  ? memset+0x1e/0x40
[ 2312.097513][T19503]  ? iov_iter_init+0xb4/0x170
[ 2312.102172][T19503]  vfs_write+0x745/0xd60
[ 2312.106450][T19503]  ? file_end_write+0x250/0x250
[ 2312.111296][T19503]  ? __fget_files+0x40f/0x480
[ 2312.115962][T19503]  ? __fdget_pos+0x1e2/0x370
[ 2312.120530][T19503]  ? ksys_write+0x71/0x260
[ 2312.124931][T19503]  ksys_write+0x152/0x260
[ 2312.129245][T19503]  ? __ia32_sys_read+0x80/0x80
[ 2312.134002][T19503]  ? lockdep_hardirqs_on+0x94/0x140
[ 2312.139186][T19503]  do_syscall_64+0x4c/0xa0
[ 2312.143587][T19503]  ? clear_bhb_loop+0x30/0x80
[ 2312.148263][T19503]  ? clear_bhb_loop+0x30/0x80
[ 2312.152924][T19503]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2312.158804][T19503] RIP: 0033:0x7f27304b0f79
[ 2312.163209][T19503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2312.182970][T19503] RSP: 002b:00007f272e70b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2312.191376][T19503] RAX: ffffffffffffffda RBX: 00007f273072afa0 RCX: 00007f27304b0f79
[ 2312.199328][T19503] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[ 2312.207283][T19503] RBP: 00007f272e70b090 R08: 0000000000000000 R09: 0000000000000000
[ 2312.215234][T19503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2312.223188][T19503] R13: 00007f273072b038 R14: 00007f273072afa0 R15: 00007ffcec345a68
[ 2312.231166][T19503]  </TASK>
[ 2312.260632][T19506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16242'.
[ 2312.417775][T19516] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.16246'.
[ 2312.492636][T19516] openvswitch: netlink: Geneve option length err (len 1788, max 255).
[ 2312.531616][T19503] syz.3.16241: vmalloc error: size 65408, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 2312.552897][T19516] netlink: 'syz.2.16246': attribute type 2 has an invalid length.
[ 2312.561254][T19516] netlink: 198692 bytes leftover after parsing attributes in process `syz.2.16246'.
[ 2312.571413][T19503] CPU: 1 PID: 19503 Comm: syz.3.16241 Not tainted syzkaller #0
[ 2312.579073][T19503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2312.589134][T19503] Call Trace:
[ 2312.592418][T19503]  <TASK>
[ 2312.595360][T19503]  dump_stack_lvl+0x188/0x250
[ 2312.600056][T19503]  ? rcu_lock_release+0x5/0x20
[ 2312.604827][T19503]  ? show_regs_print_info+0x20/0x20
[ 2312.610035][T19503]  ? load_image+0x400/0x400
[ 2312.614558][T19503]  warn_alloc+0x243/0x320
[ 2312.618899][T19503]  ? zone_watermark_ok_safe+0x240/0x240
[ 2312.624459][T19503]  ? kmem_cache_alloc_node_trace+0x16c/0x300
[ 2312.630437][T19503]  ? __get_vm_area_node+0x119/0x2d0
[ 2312.635654][T19503]  __vmalloc_node_range+0x2b1/0x8b0
[ 2312.640854][T19503]  ? netlink_data_ready+0x10/0x10
[ 2312.645888][T19503]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2312.650824][T19503]  vmalloc+0x75/0x80
[ 2312.654720][T19503]  ? netlink_sendmsg+0x5ec/0xbe0
[ 2312.659655][T19503]  netlink_sendmsg+0x5ec/0xbe0
[ 2312.664438][T19503]  ? netlink_getsockopt+0x570/0x570
[ 2312.669644][T19503]  ? aa_sock_msg_perm+0x94/0x150
[ 2312.674580][T19503]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2312.679866][T19503]  ? security_socket_sendmsg+0x7c/0xa0
[ 2312.685321][T19503]  sock_write_iter+0x2a6/0x3a0
[ 2312.690090][T19503]  ? sock_read_iter+0x380/0x380
[ 2312.694946][T19503]  ? memset+0x1e/0x40
[ 2312.698926][T19503]  ? iov_iter_init+0xb4/0x170
[ 2312.703604][T19503]  vfs_write+0x745/0xd60
[ 2312.707850][T19503]  ? file_end_write+0x250/0x250
[ 2312.712699][T19503]  ? __fget_files+0x40f/0x480
[ 2312.717392][T19503]  ? __fdget_pos+0x1e2/0x370
[ 2312.721975][T19503]  ? ksys_write+0x71/0x260
[ 2312.726391][T19503]  ksys_write+0x152/0x260
[ 2312.730719][T19503]  ? __ia32_sys_read+0x80/0x80
[ 2312.735478][T19503]  ? lockdep_hardirqs_on+0x94/0x140
[ 2312.740673][T19503]  do_syscall_64+0x4c/0xa0
[ 2312.745086][T19503]  ? clear_bhb_loop+0x30/0x80
[ 2312.749756][T19503]  ? clear_bhb_loop+0x30/0x80
[ 2312.754427][T19503]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2312.760312][T19503] RIP: 0033:0x7f27304b0f79
[ 2312.764729][T19503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2312.784325][T19503] RSP: 002b:00007f272e70b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2312.792740][T19503] RAX: ffffffffffffffda RBX: 00007f273072afa0 RCX: 00007f27304b0f79
[ 2312.800704][T19503] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[ 2312.808667][T19503] RBP: 00007f272e70b090 R08: 0000000000000000 R09: 0000000000000000
[ 2312.816630][T19503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2312.824592][T19503] R13: 00007f273072b038 R14: 00007f273072afa0 R15: 00007ffcec345a68
[ 2312.832568][T19503]  </TASK>
[ 2312.914494][T19503] Mem-Info:
[ 2312.918956][T19503] active_anon:275 inactive_anon:14417 isolated_anon:0
[ 2312.918956][T19503]  active_file:26997 inactive_file:39571 isolated_file:0
[ 2312.918956][T19503]  unevictable:768 dirty:322 writeback:0
[ 2312.918956][T19503]  slab_reclaimable:21103 slab_unreclaimable:100616
[ 2312.918956][T19503]  mapped:30413 shmem:1629 pagetables:606 bounce:0
[ 2312.918956][T19503]  kernel_misc_reclaimable:0
[ 2312.918956][T19503]  free:1301770 free_pcp:10974 free_cma:0
[ 2313.006943][T19529] bridge0: port 1(bridge_slave_0) entered learning state
[ 2313.098840][T19503] Node 0 active_anon:1068kB inactive_anon:57260kB active_file:107788kB inactive_file:158284kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121552kB dirty:988kB writeback:0kB shmem:4440kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:11344kB pagetables:2524kB all_unreclaimable? no
[ 2313.145854][T19532] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.16251'.
[ 2313.270825][T19503] Node 1 active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no
[ 2313.394229][T19539] FAULT_INJECTION: forcing a failure.
[ 2313.394229][T19539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2313.422652][T19539] CPU: 1 PID: 19539 Comm: syz.1.16254 Not tainted syzkaller #0
[ 2313.430234][T19539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2313.440298][T19539] Call Trace:
[ 2313.443579][T19539]  <TASK>
[ 2313.446509][T19539]  dump_stack_lvl+0x188/0x250
[ 2313.451197][T19539]  ? show_regs_print_info+0x20/0x20
[ 2313.456401][T19539]  ? load_image+0x400/0x400
[ 2313.460916][T19539]  ? __lock_acquire+0x7d10/0x7d10
[ 2313.465950][T19539]  should_fail+0x38c/0x4c0
[ 2313.470380][T19539]  _copy_from_user+0x2e/0x170
[ 2313.475058][T19539]  __sys_bpf+0x26d/0x6f0
[ 2313.479311][T19539]  ? bpf_link_show_fdinfo+0x380/0x380
[ 2313.484706][T19539]  __x64_sys_bpf+0x78/0x90
[ 2313.489129][T19539]  do_syscall_64+0x4c/0xa0
[ 2313.493547][T19539]  ? clear_bhb_loop+0x30/0x80
[ 2313.498224][T19539]  ? clear_bhb_loop+0x30/0x80
[ 2313.502910][T19539]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2313.508805][T19539] RIP: 0033:0x7f2686722f79
[ 2313.513221][T19539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2313.532828][T19539] RSP: 002b:00007f268497d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2313.541244][T19539] RAX: ffffffffffffffda RBX: 00007f268699cfa0 RCX: 00007f2686722f79
[ 2313.549234][T19539] RDX: 0000000000000094 RSI: 0000200000000c00 RDI: 0000000000000005
[ 2313.557214][T19539] RBP: 00007f268497d090 R08: 0000000000000000 R09: 0000000000000000
[ 2313.565188][T19539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2313.573177][T19539] R13: 00007f268699d038 R14: 00007f268699cfa0 R15: 00007ffd7a89d6e8
[ 2313.581163][T19539]  </TASK>
[ 2313.713683][T19503] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2313.831389][T19503] lowmem_reserve[]: 0 2539 2540 2540 2540
[ 2313.846517][T19503] Node 0 DMA32 free:1269604kB min:34784kB low:43480kB high:52176kB reserved_highatomic:0KB active_anon:1068kB inactive_anon:57164kB active_file:107788kB inactive_file:158284kB unevictable:1536kB writepending:928kB present:3129332kB managed:2606556kB mlocked:0kB bounce:0kB free_pcp:40120kB local_pcp:18956kB free_cma:0kB
[ 2313.850404][T19543] validate_nla: 2 callbacks suppressed
[ 2313.850419][T19543] netlink: 'syz.1.16255': attribute type 10 has an invalid length.
[ 2313.909847][T19545] netlink: 152 bytes leftover after parsing attributes in process `syz.0.16256'.
[ 2313.928194][T19503] lowmem_reserve[]: 0 0 0 0 0
[ 2313.938706][T19503] Node 0 Normal free:8kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:660kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB
[ 2314.013063][T19503] lowmem_reserve[]: 0 0 0 0 0
[ 2314.038993][T19503] Node 1 Normal free:3918368kB min:55108kB low:68884kB high:82660kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:3080kB local_pcp:3080kB free_cma:0kB
[ 2314.049810][T19545] netlink: 144308 bytes leftover after parsing attributes in process `syz.0.16256'.
[ 2314.160108][T19551] netlink: 'syz.1.16267': attribute type 10 has an invalid length.
[ 2314.187615][T19503] lowmem_reserve[]: 0 0 0 0 0
[ 2314.222582][T19503] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 2314.294395][T19503] Node 0 DMA32: 3378*4kB (UME) 2094*8kB (UME) 1999*16kB (UME) 831*32kB (UME) 370*64kB (UME) 446*128kB (UME) 314*256kB (UME) 179*512kB (UME) 86*1024kB (UM) 32*2048kB (UME) 190*4096kB (UM) = 1273480kB
[ 2314.392727][T19503] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 2314.466265][T19503] Node 1 Normal: 212*4kB (UME) 42*8kB (UME) 22*16kB (UME) 189*32kB (UME) 78*64kB (UME) 22*128kB (UE) 6*256kB (UM) 6*512kB (UE) 1*1024kB (E) 3*2048kB (UME) 950*4096kB (M) = 3918368kB
[ 2314.611601][T19503] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2314.684166][T19503] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2314.720114][T19562] netlink: 'syz.4.16261': attribute type 10 has an invalid length.
[ 2314.764357][T19503] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2314.824242][T19503] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2314.888725][T19503] 68197 total pagecache pages
[ 2314.918314][T19503] 0 pages in swap cache
[ 2314.942264][T19503] Swap cache stats: add 0, delete 0, find 0/0
[ 2314.972464][T19503] Free swap  = 124996kB
[ 2314.986620][T19503] Total swap = 124996kB
[ 2314.990935][T19503] 2097051 pages RAM
[ 2314.995452][T19565] netlink: 'syz.4.16262': attribute type 25 has an invalid length.
[ 2315.004133][T19565] netlink: 'syz.4.16262': attribute type 1 has an invalid length.
[ 2315.029895][T19503] 0 pages HighMem/MovableOnly
[ 2315.055429][T19503] 411489 pages reserved
[ 2315.063289][T19565] bridge0: port 1(bridge_slave_0) entered learning state
[ 2315.080774][T19503] 0 pages cma reserved
[ 2315.577189][T19581] netlink: 'syz.2.16270': attribute type 10 has an invalid length.
[ 2315.753283][T19593] FAULT_INJECTION: forcing a failure.
[ 2315.753283][T19593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2315.777408][T19593] CPU: 0 PID: 19593 Comm: syz.1.16272 Not tainted syzkaller #0
[ 2315.784985][T19593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2315.795050][T19593] Call Trace:
[ 2315.798338][T19593]  <TASK>
[ 2315.801284][T19593]  dump_stack_lvl+0x188/0x250
[ 2315.805983][T19593]  ? show_regs_print_info+0x20/0x20
[ 2315.811207][T19593]  ? load_image+0x400/0x400
[ 2315.815723][T19593]  ? __lock_acquire+0x7d10/0x7d10
[ 2315.820751][T19593]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[ 2315.826566][T19593]  should_fail+0x38c/0x4c0
[ 2315.830997][T19593]  _copy_from_user+0x2e/0x170
[ 2315.835675][T19593]  iovec_from_user+0x142/0x370
[ 2315.840446][T19593]  __import_iovec+0x70/0x490
[ 2315.845049][T19593]  import_iovec+0x6f/0xa0
[ 2315.849383][T19593]  ___sys_sendmsg+0x1fd/0x2e0
[ 2315.854076][T19593]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2315.858861][T19593]  ? trace_event_raw_event_lock+0x270/0x270
[ 2315.864749][T19593]  ? vfs_write+0x8b2/0xd60
[ 2315.869196][T19593]  __se_sys_sendmsg+0x1af/0x290
[ 2315.874048][T19593]  ? __x64_sys_sendmsg+0x80/0x80
[ 2315.878985][T19593]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2315.884984][T19593]  ? lockdep_hardirqs_on+0x94/0x140
[ 2315.890191][T19593]  do_syscall_64+0x4c/0xa0
[ 2315.894604][T19593]  ? clear_bhb_loop+0x30/0x80
[ 2315.899283][T19593]  ? clear_bhb_loop+0x30/0x80
[ 2315.903974][T19593]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2315.909873][T19593] RIP: 0033:0x7f2686722f79
[ 2315.914300][T19593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2315.933905][T19593] RSP: 002b:00007f268497d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2315.942323][T19593] RAX: ffffffffffffffda RBX: 00007f268699cfa0 RCX: 00007f2686722f79
[ 2315.950292][T19593] RDX: 000000000000fffe RSI: 0000200000007940 RDI: 0000000000000005
[ 2315.958346][T19593] RBP: 00007f268497d090 R08: 0000000000000000 R09: 0000000000000000
[ 2315.966312][T19593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2315.974283][T19593] R13: 00007f268699d038 R14: 00007f268699cfa0 R15: 00007ffd7a89d6e8
[ 2315.982270][T19593]  </TASK>
[ 2315.988019][T19595] __nla_validate_parse: 1 callbacks suppressed
[ 2315.988032][T19595] netlink: 60 bytes leftover after parsing attributes in process `syz.2.16273'.
[ 2316.010533][T19595] netlink: 60 bytes leftover after parsing attributes in process `syz.2.16273'.
[ 2316.020334][T19589] netlink: 60 bytes leftover after parsing attributes in process `syz.2.16273'.
[ 2316.034279][T19596] netlink: 60 bytes leftover after parsing attributes in process `syz.2.16273'.
[ 2316.110942][T19599] netlink: 'syz.1.16275': attribute type 3 has an invalid length.
[ 2316.125563][T19599] netlink: 'syz.1.16275': attribute type 1 has an invalid length.
[ 2316.196781][T19602] netlink: 'syz.2.16276': attribute type 25 has an invalid length.
[ 2316.217402][T19602] netlink: 'syz.2.16276': attribute type 1 has an invalid length.
[ 2316.237761][T19602] bridge0: port 1(bridge_slave_0) entered learning state
[ 2317.670535][T19639] bridge0: port 1(bridge_slave_0) entered learning state
[ 2319.063731][T19668] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.16300'.
[ 2319.402938][T19676] validate_nla: 4 callbacks suppressed
[ 2319.402957][T19676] netlink: 'syz.0.16302': attribute type 10 has an invalid length.
[ 2319.620527][T19680] netlink: 'syz.0.16304': attribute type 25 has an invalid length.
[ 2319.658412][T19680] netlink: 'syz.0.16304': attribute type 1 has an invalid length.
[ 2319.669949][T19680] bridge0: port 1(bridge_slave_0) entered learning state
[ 2319.866674][T19690] netlink: 'syz.0.16309': attribute type 10 has an invalid length.
[ 2319.946707][T19695] netlink: 'syz.3.16310': attribute type 25 has an invalid length.
[ 2319.980831][T19695] netlink: 'syz.3.16310': attribute type 1 has an invalid length.
[ 2320.007274][T19695] bridge0: port 1(bridge_slave_0) entered learning state
[ 2320.725708][T19707] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.16314'.
[ 2320.937628][T19710] netlink: 'syz.2.16315': attribute type 10 has an invalid length.
[ 2321.410999][T19723] netlink: 'syz.2.16320': attribute type 25 has an invalid length.
[ 2321.421755][T19723] netlink: 'syz.2.16320': attribute type 1 has an invalid length.
[ 2321.441727][T19723] bridge0: port 1(bridge_slave_0) entered learning state
[ 2322.004247][T19734] netlink: 'syz.1.16323': attribute type 25 has an invalid length.
[ 2322.013765][T19734] bridge0: port 1(bridge_slave_0) entered learning state
[ 2324.810246][T19788] validate_nla: 3 callbacks suppressed
[ 2324.810262][T19788] netlink: 'syz.4.16345': attribute type 10 has an invalid length.
[ 2325.038349][T19794] netlink: 'syz.4.16348': attribute type 25 has an invalid length.
[ 2325.076245][T19794] netlink: 'syz.4.16348': attribute type 1 has an invalid length.
[ 2325.115623][T19794] bridge0: port 1(bridge_slave_0) entered learning state
[ 2325.449213][T19802] FAULT_INJECTION: forcing a failure.
[ 2325.449213][T19802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2325.530480][T19802] CPU: 1 PID: 19802 Comm: syz.4.16349 Not tainted syzkaller #0
[ 2325.538062][T19802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2325.548124][T19802] Call Trace:
[ 2325.551404][T19802]  <TASK>
[ 2325.554334][T19802]  dump_stack_lvl+0x188/0x250
[ 2325.559018][T19802]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2325.565176][T19802]  ? show_regs_print_info+0x20/0x20
[ 2325.570381][T19802]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 2325.576549][T19802]  should_fail+0x38c/0x4c0
[ 2325.580976][T19802]  _copy_from_user+0x2e/0x170
[ 2325.585664][T19802]  __sys_bpf+0x26d/0x6f0
[ 2325.589907][T19802]  ? perf_trace_preemptirq_template+0x2aa/0x360
[ 2325.596148][T19802]  ? bpf_link_show_fdinfo+0x380/0x380
[ 2325.601521][T19802]  ? rcu_nmi_exit+0x6f/0xf0
[ 2325.606036][T19802]  ? vtime_user_exit+0x2c8/0x3e0
[ 2325.610978][T19802]  __x64_sys_bpf+0x78/0x90
[ 2325.615396][T19802]  do_syscall_64+0x4c/0xa0
[ 2325.619812][T19802]  ? clear_bhb_loop+0x30/0x80
[ 2325.624485][T19802]  ? clear_bhb_loop+0x30/0x80
[ 2325.629165][T19802]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2325.635062][T19802] RIP: 0033:0x7f92a79aef79
[ 2325.639492][T19802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2325.659097][T19802] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2325.667522][T19802] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2325.675494][T19802] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 0000000000000000
[ 2325.683464][T19802] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2325.691431][T19802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2325.699407][T19802] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2325.707398][T19802]  </TASK>
[ 2326.683615][T19825] FAULT_INJECTION: forcing a failure.
[ 2326.683615][T19825] name failslab, interval 1, probability 0, space 0, times 0
[ 2326.791053][T19825] CPU: 0 PID: 19825 Comm: syz.4.16358 Not tainted syzkaller #0
[ 2326.798644][T19825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2326.808711][T19825] Call Trace:
[ 2326.811996][T19825]  <TASK>
[ 2326.814936][T19825]  dump_stack_lvl+0x188/0x250
[ 2326.819634][T19825]  ? show_regs_print_info+0x20/0x20
[ 2326.824844][T19825]  ? load_image+0x400/0x400
[ 2326.829363][T19825]  ? __might_sleep+0xf0/0xf0
[ 2326.833964][T19825]  ? __lock_acquire+0x7d10/0x7d10
[ 2326.839005][T19825]  should_fail+0x38c/0x4c0
[ 2326.843447][T19825]  should_failslab+0x5/0x20
[ 2326.847953][T19825]  slab_pre_alloc_hook+0x51/0xc0
[ 2326.852905][T19825]  __kmalloc_node_track_caller+0x68/0x3a0
[ 2326.858631][T19825]  ? netlink_sendmsg+0x654/0xbe0
[ 2326.863574][T19825]  ? kmem_cache_alloc_node+0x162/0x2d0
[ 2326.869035][T19825]  ? __alloc_skb+0xf4/0x750
[ 2326.873546][T19825]  ? netlink_sendmsg+0x654/0xbe0
[ 2326.878494][T19825]  __alloc_skb+0x22c/0x750
[ 2326.882938][T19825]  netlink_sendmsg+0x654/0xbe0
[ 2326.887730][T19825]  ? netlink_getsockopt+0x570/0x570
[ 2326.892943][T19825]  ? aa_sock_msg_perm+0x94/0x150
[ 2326.897891][T19825]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 2326.903449][T19825]  ? security_socket_sendmsg+0x7c/0xa0
[ 2326.908922][T19825]  ? netlink_getsockopt+0x570/0x570
[ 2326.914140][T19825]  ____sys_sendmsg+0x5b7/0x8f0
[ 2326.918939][T19825]  ? __sys_sendmsg_sock+0x30/0x30
[ 2326.923994][T19825]  ? import_iovec+0x6f/0xa0
[ 2326.928517][T19825]  ___sys_sendmsg+0x236/0x2e0
[ 2326.933222][T19825]  ? __sys_sendmsg+0x2a0/0x2a0
[ 2326.938061][T19825]  __se_sys_sendmsg+0x1af/0x290
[ 2326.942927][T19825]  ? __x64_sys_sendmsg+0x80/0x80
[ 2326.947870][T19825]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2326.953892][T19825]  ? lockdep_hardirqs_on+0x94/0x140
[ 2326.959108][T19825]  do_syscall_64+0x4c/0xa0
[ 2326.963533][T19825]  ? clear_bhb_loop+0x30/0x80
[ 2326.968216][T19825]  ? clear_bhb_loop+0x30/0x80
[ 2326.972901][T19825]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2326.978798][T19825] RIP: 0033:0x7f92a79aef79
[ 2326.983222][T19825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2327.002829][T19825] RSP: 002b:00007f92a5c09028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2327.011236][T19825] RAX: ffffffffffffffda RBX: 00007f92a7c28fa0 RCX: 00007f92a79aef79
[ 2327.019196][T19825] RDX: 0000000004000004 RSI: 0000200000000040 RDI: 0000000000000004
[ 2327.027152][T19825] RBP: 00007f92a5c09090 R08: 0000000000000000 R09: 0000000000000000
[ 2327.035111][T19825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2327.043069][T19825] R13: 00007f92a7c29038 R14: 00007f92a7c28fa0 R15: 00007ffd2c549e48
[ 2327.051052][T19825]  </TASK>
[ 2327.115587][T19831] netlink: 'syz.2.16359': attribute type 10 has an invalid length.
[ 2327.316534][T19836] netlink: 'syz.2.16360': attribute type 25 has an invalid length.
[ 2327.346351][T19836] netlink: 'syz.2.16360': attribute type 1 has an invalid length.
[ 2327.375226][T19836] bridge0: port 1(bridge_slave_0) entered learning state
[ 2432.341487][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2432.348493][    C0] rcu: 	1-....: (1 GPs behind) idle=a51/1/0x4000000000000000 softirq=187301/187305 fqs=5250 
[ 2432.359720][    C0] 	(detected by 0, t=10502 jiffies, g=265093, q=669)
[ 2432.366427][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 2432.371628][    C1] NMI backtrace for cpu 1
[ 2432.371638][    C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Not tainted syzkaller #0
[ 2432.371652][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2432.371665][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2432.371689][    C1] RIP: 0010:__lock_acquire+0x9b2/0x7d10
[ 2432.371709][    C1] Code: c0 0f 85 e9 00 00 00 41 0f b6 06 84 c0 74 0e 41 0f b6 cd 44 0f b6 e8 38 c1 44 0f 42 e9 48 8b 84 24 88 00 00 00 42 0f b6 04 00 <84> c0 0f 85 e3 00 00 00 48 ff c3 48 8b 44 24 40 48 63 00 49 83 c7
[ 2432.371722][    C1] RSP: 0018:ffffc90000ce6c80 EFLAGS: 00000046
[ 2432.371734][    C1] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000000002
[ 2432.371743][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff901d20c0
[ 2432.371753][    C1] RBP: ffffc90000ce6ed0 R08: dffffc0000000000 R09: 1ffffffff203a418
[ 2432.371764][    C1] R10: dffffc0000000000 R11: fffffbfff203a419 R12: ffff88813fe90bb0
[ 2432.371775][    C1] R13: 0000000000000002 R14: ffffffff8fb5aff8 R15: ffff88813fe90bb0
[ 2432.371786][    C1] FS:  0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 2432.371799][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2432.371810][    C1] CR2: 0000001b33d10ff8 CR3: 000000000c08e000 CR4: 00000000003506e0
[ 2432.371823][    C1] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[ 2432.371833][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 2432.371842][    C1] Call Trace:
[ 2432.371848][    C1]  <TASK>
[ 2432.371856][    C1]  ? mark_lock+0x94/0x320
[ 2432.371874][    C1]  ? mark_lock+0x94/0x320
[ 2432.371889][    C1]  ? mark_lock+0x94/0x320
[ 2432.371902][    C1]  ? verify_lock_unused+0x140/0x140
[ 2432.371918][    C1]  ? __lock_acquire+0x12e8/0x7d10
[ 2432.371942][    C1]  ? perf_trace_lock+0xe4/0x390
[ 2432.371959][    C1]  lock_acquire+0x19e/0x400
[ 2432.371975][    C1]  ? rcu_lock_acquire+0x5/0x30
[ 2432.371994][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 2432.372013][    C1]  ? kvm_sched_clock_read+0x14/0x40
[ 2432.372028][    C1]  ? sched_clock_cpu+0x15/0x3c0
[ 2432.372046][    C1]  rcu_lock_acquire+0x2a/0x30
[ 2432.372059][    C1]  ? rcu_lock_acquire+0x5/0x30
[ 2432.372071][    C1]  perf_output_begin_forward+0xa5/0xa40
[ 2432.372085][    C1]  ? kvm_is_in_guest+0x24/0x30
[ 2432.372108][    C1]  ? __perf_cgroup_move+0x140/0x140
[ 2432.372122][    C1]  ? perf_callchain+0x190/0x190
[ 2432.372136][    C1]  ? rcu_lock_release+0x9/0x20
[ 2432.372154][    C1]  perf_event_output_forward+0x19b/0x2e0
[ 2432.372170][    C1]  ? perf_get_page_size+0x430/0x430
[ 2432.372187][    C1]  ? tracing_gen_ctx_irq_test+0xb3/0x130
[ 2432.372206][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 2432.372222][    C1]  __perf_event_overflow+0x364/0x530
[ 2432.372241][    C1]  perf_tp_event+0x383/0xbf0
[ 2432.372258][    C1]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[ 2432.372279][    C1]  ? perf_tp_event+0xa92/0xbf0
[ 2432.372312][    C1]  perf_trace_run_bpf_submit+0xf3/0x1c0
[ 2432.372330][    C1]  perf_trace_preemptirq_template+0x2aa/0x360
[ 2432.372348][    C1]  ? asm_sysvec_irq_work+0x16/0x20
[ 2432.372364][    C1]  ? trace_event_raw_event_preemptirq_template+0x290/0x290
[ 2432.372380][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 2432.372399][    C1]  ? lock_chain_count+0x20/0x20
[ 2432.372417][    C1]  ? asm_sysvec_irq_work+0x16/0x20
[ 2432.372431][    C1]  trace_irq_enable_rcuidle+0x108/0x180
[ 2432.372448][    C1]  trace_hardirqs_on+0x57/0x80
[ 2432.372462][    C1]  asm_sysvec_irq_work+0x16/0x20
[ 2432.372477][    C1] RIP: 0010:rcu_read_unlock_special+0x7f/0x4a0
[ 2432.372493][    C1] Code: eb 03 48 b8 f1 f1 f1 f1 f8 f2 f2 f2 4a 89 04 2b 42 c7 44 2b 08 f8 f3 f3 f3 65 44 8b 35 e2 f0 9c 7e 41 f7 c6 00 00 f0 00 74 40 <48> c7 44 24 20 0e 36 e0 45 4a c7 04 2b 00 00 00 00 42 c7 44 2b 08
[ 2432.372505][    C1] RSP: 0018:ffffc90000ce77a0 EFLAGS: 00000206
[ 2432.372517][    C1] RAX: e8c919eea72cbc00 RBX: 1ffff9200019cef8 RCX: e8c919eea72cbc00
[ 2432.372529][    C1] RDX: dffffc0000000000 RSI: ffffffff8a2b2780 RDI: ffffffff8a79f740
[ 2432.372540][    C1] RBP: ffffc90000ce7868 R08: ffffffff901d21bf R09: 1ffffffff203a437
[ 2432.372551][    C1] R10: dffffc0000000000 R11: fffffbfff203a438 R12: ffffffff8c322f00
[ 2432.372562][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000002
[ 2432.372582][    C1]  ? __rcu_read_unlock+0xd0/0xd0
[ 2432.372596][    C1]  ? asm_sysvec_call_function_single+0x16/0x20
[ 2432.372616][    C1]  __rcu_read_unlock+0x78/0xd0
[ 2432.372631][    C1]  netdev_pick_tx+0x8cf/0xad0
[ 2432.372649][    C1]  netdev_core_pick_tx+0x12e/0x2e0
[ 2432.372665][    C1]  __dev_queue_xmit+0x756/0x2fd0
[ 2432.372688][    C1]  ? dev_queue_xmit+0x20/0x20
[ 2432.372704][    C1]  ? pskb_expand_head+0xb23/0x10f0
[ 2432.372726][    C1]  ? batadv_nc_skb_store_for_decoding+0x3e6/0x640
[ 2432.372745][    C1]  batadv_send_skb_packet+0x384/0x5f0
[ 2432.372763][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x698/0x840
[ 2432.372787][    C1]  process_one_work+0x85f/0x1010
[ 2432.372810][    C1]  ? worker_detach_from_pool+0x240/0x240
[ 2432.372824][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[ 2432.372842][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 2432.372855][    C1]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 2432.372870][    C1]  ? wq_worker_running+0x97/0x170
[ 2432.372885][    C1]  worker_thread+0xaa6/0x1290
[ 2432.372913][    C1]  kthread+0x436/0x520
[ 2432.372926][    C1]  ? rcu_lock_release+0x20/0x20
[ 2432.372940][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 2432.372954][    C1]  ret_from_fork+0x1f/0x30
[ 2432.372976][    C1]  </TASK>
[ 2436.726047][ T8347] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10964 jiffies s: 181481 root: 0x2/.
[ 2436.745340][ T8347] rcu: blocking rcu_node structures (internal RCU debug):
[ 2436.759110][ T8347] Task dump for CPU 1:
[ 2436.763411][ T8347] task:kworker/u4:0    state:R  running task     stack:19824 pid:    9 ppid:     2 flags:0x00004008
[ 2436.774306][ T8347] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2436.782218][ T8347] Call Trace:
[ 2436.785508][ T8347]  <TASK>
[ 2436.788443][ T8347]  ? __rcu_read_unlock+0xd0/0xd0
[ 2436.793436][ T8347]  ? asm_sysvec_call_function_single+0x16/0x20
[ 2436.799612][ T8347]  ? __rcu_read_unlock+0x78/0xd0
[ 2436.804722][ T8347]  ? netdev_pick_tx+0x8cf/0xad0
[ 2436.809584][ T8347]  ? netdev_core_pick_tx+0x12e/0x2e0
[ 2436.814965][ T8347]  ? __dev_queue_xmit+0x756/0x2fd0
[ 2436.820104][ T8347]  ? dev_queue_xmit+0x20/0x20
[ 2436.824877][ T8347]  ? pskb_expand_head+0xb23/0x10f0
[ 2436.830360][ T8347]  ? batadv_nc_skb_store_for_decoding+0x3e6/0x640
[ 2436.836924][ T8347]  ? batadv_send_skb_packet+0x384/0x5f0
[ 2436.842509][ T8347]  ? batadv_iv_send_outstanding_bat_ogm_packet+0x698/0x840
[ 2436.849723][ T8347]  ? process_one_work+0x85f/0x1010
[ 2436.854890][ T8347]  ? worker_detach_from_pool+0x240/0x240
[ 2436.860528][ T8347]  ? lockdep_hardirqs_off+0x70/0x100
[ 2436.865851][ T8347]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 2436.870883][ T8347]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 2436.876461][ T8347]  ? wq_worker_running+0x97/0x170
[ 2436.881514][ T8347]  ? worker_thread+0xaa6/0x1290
[ 2436.886390][ T8347]  ? kthread+0x436/0x520
[ 2436.890629][ T8347]  ? rcu_lock_release+0x20/0x20
[ 2436.895508][ T8347]  ? kthread_blkcg+0xd0/0xd0
[ 2436.900099][ T8347]  ? ret_from_fork+0x1f/0x30
[ 2436.904734][ T8347]  </TASK>