last executing test programs:

3.483364538s ago: executing program 3 (id=2273):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000240)={r0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0x10, 0x0, 0x2}]}}, 0x0, 0x36}, 0x28)
r1 = socket$kcm(0x10, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x9}, {&(0x7f0000000100)="78cafb738f2e440a00"/19, 0x13}], 0x2}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7fffffffffd, 0x1, 0x0, 0x0, 0x704a, 0x0, 0x0, 0x9}, 0x0, 0x2000000000007, 0xffffffffffffffff, 0xb)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x1}, {&(0x7f0000000180)="23480d95ed94c4265b88f5532b5a63b5a84615cc674c206880d2eade17b1b60edf2ac4126ba663cce2046c70b60f7f5cfd0c621f483e40757769dbdf76ebcf74e4400bc1d6a8", 0xffe0}], 0x3a}, 0x80)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, 0x0, 0x4000040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x1c092, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb3e, 0xfffffffffffffff8}, 0x840, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e1050007008100000088a8", 0x1c}, {&(0x7f00000002c0)="a6e63770", 0x4}], 0x2}, 0x30004802)

3.413106865s ago: executing program 0 (id=2275):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000b000000095"], 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000340)=r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)='%-010d \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)

3.097346516s ago: executing program 0 (id=2277):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4a2d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000fc0f0000050000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x922000000001, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x25, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x1, 0x2}, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)

2.963111949s ago: executing program 3 (id=2278):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0xffffffffffffffa2, &(0x7f0000000240)}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x42)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socketpair(0x26, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0x37, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r2}, &(0x7f0000000700), &(0x7f0000000740)=r3, 0x2}, 0x20)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x20242, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r6, &(0x7f0000000880)=ANY=[@ANYBLOB="1e0301003c05000128876b60864668f82ffdeefa000000000000ffd2acb165fe580cd568020031b87b548cb74136f366da0abe01"], 0xffdd)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r7)
socketpair(0x1d, 0x2, 0x6, &(0x7f0000000300))
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r8 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000680)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r8, &(0x7f00000006c0)={'c', ' *:* ', 'w\x00'}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x42000, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000180)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r10, 0x400454cd, 0x20)
ioctl$TUNSETLINK(r10, 0x400454cd, 0x320)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f1957ced6235425c24551365e98ea6b4c275b6e8ca19cd1d43f2fc6a7a75cae38a8fe41ec2b819ceffabd1c4af43806e8af3fee354329b6a748b0c4670334158a0f55088b162cfaf74f4d08045c38ace47a42f5c9f7ee9b0549631cfff67fbc460b3277a80776a0085693a59d17964e0a1d4ba74df335c9fc8e3b2f3b3620c3649454123f7e8dd4753f5f9cf5ddb1d5e54d8e1"], &(0x7f0000000140)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)

2.886821727s ago: executing program 0 (id=2279):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x5, 0x0, 0x9, 0x0, 0x41a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0xa}, 0xa100, 0xc8, 0xffffffff, 0x0, 0xe1}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000500"/16, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x5, [@var={0x2, 0x0, 0x0, 0x11, 0x2, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x4}, @func_proto={0x2, 0x0, 0x0, 0x12, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x5f, 0x2e]}}, 0x0, 0x55}, 0x28)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0xdb5, '\x00', 0x0, r2, 0x2}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r0, @ANYBLOB="0600ffff00"/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="00000000000000000300"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180), 0x4)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}, 0x108001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000fffe80"], 0xfdef)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0xfdef)

2.846911571s ago: executing program 1 (id=2288):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4a2d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000fc0f0000050000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x922000000001, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x25, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x1, 0x2}, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)

2.566463788s ago: executing program 1 (id=2281):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x3, 0x4, 0x4, 0x12}, 0x50)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000380)=0x9)
close(0x3)
socket$kcm(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@alu]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x14}, 0x94)
socket$kcm(0x10, 0x2, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz0\x00', 0x200002, 0x0)
perf_event_open$cgroup(0x0, r5, 0x5, r0, 0x5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x61, 0x0, 0x0, 0x400}, {0x6}]})

2.497710235s ago: executing program 2 (id=2282):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xd, &(0x7f0000000040)=[{&(0x7f00000004c0)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000d000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 2)

2.488529556s ago: executing program 0 (id=2283):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2501, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x8}, 0x200, 0x15, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10801, 0x800, 0x0, 0x5, 0x0, 0x0, 0x48a, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\tm\nr'], 0xa)
syz_clone(0xae003400, 0x0, 0xffffff39, 0xfffffffffffffffd, 0x0, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x3a)
recvmsg$kcm(r3, 0x0, 0x40000110)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x1001)
ioctl$TUNSETNOCSUM(r4, 0x400454c8, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000010000007b8aa1ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000008500000007000000950000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
sendmsg$kcm(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.913108842s ago: executing program 2 (id=2284):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f00000001c0)={'bond_slave_1\x00', @broadcast})
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x1, 0x2}, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095000000000000663b38a3211fae8a877000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffc}, 0x8, 0xc8, 0x9, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1200000000}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x96, 0x1, 0x0, 0x81, 0x0, 0x8000000000000005, 0x19188, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x4, @perf_bp={0x0, 0x9}, 0x105563, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x20001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="8fedcb7907031175f37538e486dd630080fc00000000db5b686158bbcfe8875a060300001123000000000000000000000000ac1414aa3b20"], 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000046d100180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000008208500000073000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000017c0)=0xffffffffffffffff, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001dc0)={{0x1}, &(0x7f0000001d40), &(0x7f0000001d80)=r2}, 0x20)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000240)={'vlan1\x00', @broadcast})
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f0000000880)='cgroup.max.depth\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000480)=ANY=[], 0x27)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000040)={0x0, 0x1d, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59a5a4d33f921921320000005e140602ffffffff0d0013000100000002800000121f", 0x2e}], 0x1}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x7, 0x0, 0x0, 0xd299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7ff, 0x6, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[@ANYBLOB="18a60000560013f16ff28e036afc004a07"], 0xfe33)

1.333755349s ago: executing program 1 (id=2285):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000240)={r0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0x10, 0x0, 0x2}]}}, 0x0, 0x36}, 0x28)
r1 = socket$kcm(0x10, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x9}, {&(0x7f0000000100)="78cafb738f2e440a00"/19, 0x13}], 0x2}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7fffffffffd, 0x1, 0x0, 0x0, 0x704a, 0x0, 0x0, 0x9}, 0x0, 0x2000000000007, 0xffffffffffffffff, 0xb)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x1}, {&(0x7f0000000180)="23480d95ed94c4265b88f5532b5a63b5a84615cc674c206880d2eade17b1b60edf2ac4126ba663cce2046c70b60f7f5cfd0c621f483e40757769dbdf76ebcf74e4400bc1d6a8", 0xffe0}], 0x3a}, 0x80)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, 0x0, 0x4000040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x1c092, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb3e, 0xfffffffffffffff8}, 0x840, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e1050007008100000088a8", 0x1c}, {&(0x7f00000002c0)="a6e63770", 0x4}], 0x2}, 0x30004802)

1.245627738s ago: executing program 2 (id=2286):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)=@o_path={&(0x7f0000000440)='./file0\x00', 0x0, 0x10, r0}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2}, 0x50)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b009d7e4c4aa4aa7ee876fd2a83a2c52f000000", @ANYRES32=0x1, @ANYBLOB='\r\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000020000000300"/28], 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5}, 0x50)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_tracing={0x1a, 0x13, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000a000000000000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000008300000055090100000000009500000000000000183a0000020000000000000000000000185a0000030000000000000000000000bf91000000000000b7020000020000008500000084000000b7000057dc3d0fac68325200"/128], &(0x7f0000000140)='syzkaller\x00', 0x7fff, 0xdb, &(0x7f00000002c0)=""/219, 0x40f00, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x5, 0xb1, 0x7}, 0x10, 0xbb6a, r1, 0x0, &(0x7f0000000740)=[r2, r3, r4, r0], 0x0, 0x10, 0x2}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, 0xffffffffffffffff, 0x0, 0x1ba8847c99}, 0x38)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000810000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r9)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r11 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000ac0)={r3, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x19, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1a0fd64a}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x4, 0x1, 0xc, 0x9, 0xb, 0x50, 0xffffffffffffffe9}, @jmp={0x5, 0x1, 0x1, 0x9, 0x2, 0x4, 0x8}, @exit, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @exit, @map_fd={0x18, 0x4, 0x1, 0x0, r3}, @alu={0x7, 0x0, 0x0, 0xa, 0x7, 0x80, 0x10}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000940)='syzkaller\x00', 0x5, 0x2e, &(0x7f0000000980)=""/46, 0x41000, 0x6a, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x8, 0x1, 0xffffffff}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000b80)=[{0x3, 0x2, 0x4, 0x1}, {0x5, 0x3, 0x2}, {0x2, 0x4, 0x2, 0xb}], 0x10, 0x7f}, 0x94)

1.215835031s ago: executing program 3 (id=2287):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000240)={r0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0x10, 0x0, 0x2}]}}, 0x0, 0x36}, 0x28)
r1 = socket$kcm(0x10, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x9}, {&(0x7f0000000100)="78cafb738f2e440a00"/19, 0x13}], 0x2}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7fffffffffd, 0x1, 0x0, 0x0, 0x704a, 0x0, 0x0, 0x9}, 0x0, 0x2000000000007, 0xffffffffffffffff, 0xb)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x1}, {&(0x7f0000000180)="23480d95ed94c4265b88f5532b5a63b5a84615cc674c206880d2eade17b1b60edf2ac4126ba663cce2046c70b60f7f5cfd0c621f483e40757769dbdf76ebcf74e4400bc1d6a8", 0xffe0}], 0x3a}, 0x80)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, 0x0, 0x4000040)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x1c092, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb3e, 0xfffffffffffffff8}, 0x840, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e1050007008100000088a8", 0x1c}, {&(0x7f00000002c0)="a6e63770", 0x4}], 0x2}, 0x30004802)

856.065906ms ago: executing program 2 (id=2289):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000240)={r0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0x10, 0x0, 0x2}]}}, 0x0, 0x36}, 0x28)
r1 = socket$kcm(0x10, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x9}, {&(0x7f0000000100)="78cafb738f2e440a00"/19, 0x13}], 0x2}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7fffffffffd, 0x1, 0x0, 0x0, 0x704a, 0x0, 0x0, 0x9}, 0x0, 0x2000000000007, 0xffffffffffffffff, 0xb)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x1}, {&(0x7f0000000180)="23480d95ed94c4265b88f5532b5a63b5a84615cc674c206880d2eade17b1b60edf2ac4126ba663cce2046c70b60f7f5cfd0c621f483e40757769dbdf76ebcf74e4400bc1d6a8", 0xffe0}], 0x3a}, 0x80)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, 0x0, 0x4000040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x1c092, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb3e, 0xfffffffffffffff8}, 0x840, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e1050007008100000088a8", 0x1c}, {&(0x7f00000002c0)="a6e63770", 0x4}], 0x2}, 0x30004802)

853.955626ms ago: executing program 1 (id=2297):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)=@o_path={&(0x7f0000000440)='./file0\x00', 0x0, 0x10, r0}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2}, 0x50)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b009d7e4c4aa4aa7ee876fd2a83a2c52f000000", @ANYRES32=0x1, @ANYBLOB='\r\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000020000000300"/28], 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5}, 0x50)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_tracing={0x1a, 0x13, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000a000000000000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000008300000055090100000000009500000000000000183a0000020000000000000000000000185a0000030000000000000000000000bf91000000000000b7020000020000008500000084000000b7000057dc3d0fac68325200"/128], &(0x7f0000000140)='syzkaller\x00', 0x7fff, 0xdb, &(0x7f00000002c0)=""/219, 0x40f00, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x5, 0xb1, 0x7}, 0x10, 0xbb6a, r1, 0x0, &(0x7f0000000740)=[r2, r3, r4, r0], 0x0, 0x10, 0x2}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, 0xffffffffffffffff, 0x0, 0x1ba8847c99}, 0x38)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000810000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r9)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r11 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000ac0)={r3, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x19, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1a0fd64a}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x4, 0x1, 0xc, 0x9, 0xb, 0x50, 0xffffffffffffffe9}, @jmp={0x5, 0x1, 0x1, 0x9, 0x2, 0x4, 0x8}, @exit, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @exit, @map_fd={0x18, 0x4, 0x1, 0x0, r3}, @alu={0x7, 0x0, 0x0, 0xa, 0x7, 0x80, 0x10}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000940)='syzkaller\x00', 0x5, 0x2e, &(0x7f0000000980)=""/46, 0x41000, 0x6a, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x8, 0x1, 0xffffffff}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000b80)=[{0x3, 0x2, 0x4, 0x1}, {0x5, 0x3, 0x2}, {0x2, 0x4, 0x2, 0xb}], 0x10, 0x7f}, 0x94)

819.34252ms ago: executing program 3 (id=2290):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x10}, 0x0, 0xca, 0x0, 0x0, 0x0, 0x10, 0xff, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b0ad25a80648c2594f91824fc60100c064001000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22101, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)

706.979011ms ago: executing program 0 (id=2291):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x4a2d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000fc0f0000050000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x922000000001, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x25, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x1, 0x2}, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)

524.418349ms ago: executing program 2 (id=2292):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x5, 0x0, 0x9, 0x0, 0x41a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0xa}, 0xa100, 0xc8, 0xffffffff, 0x0, 0xe1}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000500"/16, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x5, [@var={0x2, 0x0, 0x0, 0x11, 0x2, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x4}, @func_proto={0x2, 0x0, 0x0, 0x12, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x5f, 0x2e]}}, 0x0, 0x55}, 0x28)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0xdb5, '\x00', 0x0, r2, 0x2}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r0, @ANYBLOB="0600ffff00"/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="00000000000000000300"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180), 0x4)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}, 0x108001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000fffe80"], 0xfdef)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0xfdef)

496.255561ms ago: executing program 1 (id=2293):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x7fe2, 0x20000002}, 0x50)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

454.617276ms ago: executing program 0 (id=2294):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x3, 0x4, 0x4, 0x12}, 0x50)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000380)=0x9)
close(0x3)
socket$kcm(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@alu]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x14}, 0x94)
socket$kcm(0x10, 0x2, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz0\x00', 0x200002, 0x0)
perf_event_open$cgroup(0x0, r5, 0x5, r0, 0x5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x61, 0x0, 0x0, 0x400}, {0x6}]})

383.310803ms ago: executing program 3 (id=2295):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)

207.7693ms ago: executing program 2 (id=2296):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0xffffffffffffffa2, &(0x7f0000000240)}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x42)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socketpair(0x26, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0x37, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r2}, &(0x7f0000000700), &(0x7f0000000740)=r3, 0x2}, 0x20)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x20242, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r6, &(0x7f0000000880)=ANY=[@ANYBLOB="1e0301003c05000128876b60864668f82ffdeefa000000000000ffd2acb165fe580cd568020031b87b548cb74136f366da0abe01"], 0xffdd)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r7)
socketpair(0x1d, 0x2, 0x6, &(0x7f0000000300))
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r8 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000680)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r8, &(0x7f00000006c0)={'c', ' *:* ', 'w\x00'}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x42000, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000180)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r10, 0x400454cd, 0x20)
ioctl$TUNSETLINK(r10, 0x400454cd, 0x320)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f1957ced6235425c24551365e98ea6b4c275b6e8ca19cd1d43f2fc6a7a75cae38a8fe41ec2b819ceffabd1c4af43806e8af3fee354329b6a748b0c4670334158a0f55088b162cfaf74f4d08045c38ace47a42f5c9f7ee9b0549631cfff67fbc460b3277a80776a0085693a59d17964e0a1d4ba74df335c9fc8e3b2f3b3620c3649454123f7e8dd4753f5f9cf5ddb1d5e54d8e1"], &(0x7f0000000140)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)

156.763915ms ago: executing program 1 (id=2298):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x7fe2, 0x20000002}, 0x50)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffc00, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x9015, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0xffffffffffffffff, 0x40000000000000, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 3 (id=2299):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000240)={r0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0x10, 0x0, 0x2}]}}, 0x0, 0x36}, 0x28)
r1 = socket$kcm(0x10, 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x9}, {&(0x7f0000000100)="78cafb738f2e440a00"/19, 0x13}], 0x2}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7fffffffffd, 0x1, 0x0, 0x0, 0x704a, 0x0, 0x0, 0x9}, 0x0, 0x2000000000007, 0xffffffffffffffff, 0xb)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x1}, {&(0x7f0000000180)="23480d95ed94c4265b88f5532b5a63b5a84615cc674c206880d2eade17b1b60edf2ac4126ba663cce2046c70b60f7f5cfd0c621f483e40757769dbdf76ebcf74e4400bc1d6a8", 0xffe0}], 0x3a}, 0x80)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, 0x0, 0x4000040)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x1c092, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb3e, 0xfffffffffffffff8}, 0x840, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @dev}}}], 0x20}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e1050007008100000088a8", 0x1c}, {&(0x7f00000002c0)="a6e63770", 0x4}], 0x2}, 0x30004802)

kernel console output (not intermixed with test programs):

15][T10035]  dump_stack_lvl+0x16c/0x230
[  257.247549][T10035]  ? show_regs_print_info+0x20/0x20
[  257.252800][T10035]  ? load_image+0x3b0/0x3b0
[  257.257346][T10035]  ? __might_fault+0xaa/0x120
[  257.262064][T10035]  ? __lock_acquire+0x7c80/0x7c80
[  257.267145][T10035]  should_fail_ex+0x39d/0x4d0
[  257.271884][T10035]  strncpy_from_user+0x36/0x2e0
[  257.276790][T10035]  getname_flags+0xf6/0x500
[  257.281360][T10035]  do_sys_openat2+0xcb/0x1c0
[  257.285995][T10035]  ? atomic_notifier_call_chain+0x16e/0x180
[  257.291940][T10035]  ? do_sys_open+0xe0/0xe0
[  257.296410][T10035]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  257.302448][T10035]  ? lock_chain_count+0x20/0x20
[  257.307352][T10035]  __x64_sys_openat+0x139/0x160
[  257.312256][T10035]  do_syscall_64+0x55/0xb0
[  257.316731][T10035]  ? clear_bhb_loop+0x40/0x90
[  257.321457][T10035]  ? clear_bhb_loop+0x40/0x90
[  257.326243][T10035]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  257.332193][T10035] RIP: 0033:0x7f678d38d810
[  257.336629][T10035] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  257.356248][T10035] RSP: 002b:00007f678e200f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  257.364677][T10035] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f678d38d810
[  257.372670][T10035] RDX: 0000000000000002 RSI: 00007f678e200fa0 RDI: 00000000ffffff9c
[  257.380669][T10035] RBP: 00007f678e200fa0 R08: 0000000000000000 R09: 0000000000000000
[  257.388676][T10035] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  257.396679][T10035] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  257.404685][T10035]  </TASK>
[  257.707437][ T5785] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  257.718209][ T5785] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  257.728055][ T5785] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  257.750099][ T5785] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  257.758783][ T5785] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  257.769672][ T5785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  257.926162][T10050] FAULT_INJECTION: forcing a failure.
[  257.926162][T10050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.940158][T10050] CPU: 1 PID: 10050 Comm: syz.0.1790 Not tainted syzkaller #0
[  257.947666][T10050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.957770][T10050] Call Trace:
[  257.961087][T10050]  <TASK>
[  257.964054][T10050]  dump_stack_lvl+0x16c/0x230
[  257.968787][T10050]  ? show_regs_print_info+0x20/0x20
[  257.974034][T10050]  ? load_image+0x3b0/0x3b0
[  257.978586][T10050]  ? __lock_acquire+0x7c80/0x7c80
[  257.983681][T10050]  ? lockdep_hardirqs_on+0x98/0x150
[  257.988931][T10050]  should_fail_ex+0x39d/0x4d0
[  257.993666][T10050]  _copy_from_user+0x2f/0xe0
[  257.998300][T10050]  __copy_msghdr+0x3bb/0x580
[  258.002945][T10050]  ___sys_sendmsg+0x1a6/0x290
[  258.007680][T10050]  ? __sys_sendmsg+0x270/0x270
[  258.012524][T10050]  __se_sys_sendmsg+0x1a5/0x270
[  258.017403][T10050]  ? __x64_sys_sendmsg+0x80/0x80
[  258.022391][T10050]  ? syscall_enter_from_user_mode+0x2e/0x80
[  258.028322][T10050]  do_syscall_64+0x55/0xb0
[  258.032763][T10050]  ? clear_bhb_loop+0x40/0x90
[  258.037460][T10050]  ? clear_bhb_loop+0x40/0x90
[  258.042157][T10050]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  258.048077][T10050] RIP: 0033:0x7fa82d78efc9
[  258.052510][T10050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.072130][T10050] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  258.080560][T10050] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  258.088548][T10050] RDX: 00000000040080c0 RSI: 00002000000003c0 RDI: 0000000000000006
[  258.096537][T10050] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  258.104536][T10050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.112524][T10050] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  258.120527][T10050]  </TASK>
[  258.359781][T10044] tap0: tun_chr_ioctl cmd 1074025675
[  258.394522][T10044] tap0: persist enabled
[  258.411010][T10044] tap0: tun_chr_ioctl cmd 1074025675
[  258.432550][T10044] tap0: persist enabled
[  258.447315][T10042] chnl_net:caif_netlink_parms(): no params data found
[  258.832210][T10042] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.862781][T10042] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.886382][T10042] bridge_slave_0: entered allmulticast mode
[  258.920223][T10042] bridge_slave_0: entered promiscuous mode
[  258.964946][T10042] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.988870][T10042] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.005859][T10042] bridge_slave_1: entered allmulticast mode
[  259.013675][T10042] bridge_slave_1: entered promiscuous mode
[  259.043867][T10068] netlink: 'syz.0.1795': attribute type 46 has an invalid length.
[  259.112261][T10042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.143252][T10042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.244841][T10042] team0: Port device team_slave_0 added
[  259.273445][T10042] team0: Port device team_slave_1 added
[  259.364084][T10042] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.371190][T10042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.397381][T10042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.431696][T10076] netlink: 'syz.0.1798': attribute type 10 has an invalid length.
[  259.477414][T10042] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.486873][T10042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.513406][T10042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.541760][T10084] FAULT_INJECTION: forcing a failure.
[  259.541760][T10084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.556162][T10084] CPU: 0 PID: 10084 Comm: syz.1.1800 Not tainted syzkaller #0
[  259.563705][T10084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  259.573808][T10084] Call Trace:
[  259.577128][T10084]  <TASK>
[  259.580101][T10084]  dump_stack_lvl+0x16c/0x230
[  259.584837][T10084]  ? show_regs_print_info+0x20/0x20
[  259.590101][T10084]  ? load_image+0x3b0/0x3b0
[  259.594659][T10084]  ? __might_fault+0xaa/0x120
[  259.599379][T10084]  ? __lock_acquire+0x7c80/0x7c80
[  259.604453][T10084]  should_fail_ex+0x39d/0x4d0
[  259.609181][T10084]  _copy_from_user+0x2f/0xe0
[  259.613788][T10084]  ___sys_sendmsg+0x159/0x290
[  259.618483][T10084]  ? __sys_sendmsg+0x270/0x270
[  259.623279][T10084]  ? __lock_acquire+0x7c80/0x7c80
[  259.628331][T10084]  __se_sys_sendmsg+0x1a5/0x270
[  259.633222][T10084]  ? __x64_sys_sendmsg+0x80/0x80
[  259.638189][T10084]  ? lockdep_hardirqs_on+0x98/0x150
[  259.643415][T10084]  do_syscall_64+0x55/0xb0
[  259.647839][T10084]  ? clear_bhb_loop+0x40/0x90
[  259.652552][T10084]  ? clear_bhb_loop+0x40/0x90
[  259.657275][T10084]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  259.663181][T10084] RIP: 0033:0x7f66dc58efc9
[  259.667614][T10084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.687229][T10084] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.695654][T10084] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  259.703636][T10084] RDX: 0000000004000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  259.711627][T10084] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  259.719610][T10084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.727595][T10084] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  259.735619][T10084]  </TASK>
[  259.805148][T10042] hsr_slave_0: entered promiscuous mode
[  259.821705][T10042] hsr_slave_1: entered promiscuous mode
[  259.828287][T10042] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.843088][T10042] Cannot create hsr debugfs directory
[  259.870678][ T5785] Bluetooth: hci1: command tx timeout
[  259.978572][T10089] netlink: 'syz.2.1803': attribute type 10 has an invalid length.
[  260.313443][T10042] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.388793][T10100] netlink: 'syz.0.1808': attribute type 10 has an invalid length.
[  260.500185][T10042] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.617046][T10042] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.743736][T10042] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.788425][T10109] macvtap0: refused to change device tx_queue_len
[  260.800752][T10109] netlink: 'syz.2.1812': attribute type 153 has an invalid length.
[  260.808733][T10109] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1812'.
[  260.886763][T10114] FAULT_INJECTION: forcing a failure.
[  260.886763][T10114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.917113][T10114] CPU: 0 PID: 10114 Comm: syz.0.1813 Not tainted syzkaller #0
[  260.924670][T10114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.934771][T10114] Call Trace:
[  260.938093][T10114]  <TASK>
[  260.941065][T10114]  dump_stack_lvl+0x16c/0x230
[  260.945800][T10114]  ? show_regs_print_info+0x20/0x20
[  260.951052][T10114]  ? load_image+0x3b0/0x3b0
[  260.955618][T10114]  ? __might_fault+0xaa/0x120
[  260.960367][T10114]  ? __lock_acquire+0x7c80/0x7c80
[  260.965457][T10114]  ? seqcount_lockdep_reader_access+0x160/0x1c0
[  260.971772][T10114]  should_fail_ex+0x39d/0x4d0
[  260.976598][T10114]  _copy_from_user+0x2f/0xe0
[  260.981260][T10114]  __sys_bpf+0x1e9/0x800
[  260.985551][T10114]  ? bpf_link_show_fdinfo+0x350/0x350
[  260.990990][T10114]  ? lock_chain_count+0x20/0x20
[  260.994164][T10042] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  260.995865][T10114]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  260.995907][T10114]  __x64_sys_bpf+0x7c/0x90
[  261.013053][T10114]  do_syscall_64+0x55/0xb0
[  261.017518][T10114]  ? clear_bhb_loop+0x40/0x90
[  261.022218][T10114]  ? clear_bhb_loop+0x40/0x90
[  261.026941][T10114]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  261.032869][T10114] RIP: 0033:0x7fa82d78efc9
[  261.037401][T10114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.057025][T10114] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  261.065462][T10114] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  261.073448][T10114] RDX: 0000000000000050 RSI: 0000200000000a40 RDI: 000000000000000a
[  261.081457][T10114] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  261.089446][T10114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.097428][T10114] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  261.105430][T10114]  </TASK>
[  261.134319][T10042] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  261.148613][T10042] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  261.166772][T10042] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  261.437628][T10042] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.507165][T10130] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1817'.
[  261.549739][T10042] 8021q: adding VLAN 0 to HW filter on device team0
[  261.631063][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.639080][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.668913][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.676194][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.721077][T10134] FAULT_INJECTION: forcing a failure.
[  261.721077][T10134] name failslab, interval 1, probability 0, space 0, times 0
[  261.750461][T10134] CPU: 1 PID: 10134 Comm: syz.0.1819 Not tainted syzkaller #0
[  261.758008][T10134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.768109][T10134] Call Trace:
[  261.771453][T10134]  <TASK>
[  261.774457][T10134]  dump_stack_lvl+0x16c/0x230
[  261.779199][T10134]  ? show_regs_print_info+0x20/0x20
[  261.784462][T10134]  ? load_image+0x3b0/0x3b0
[  261.789019][T10134]  ? __might_sleep+0xe0/0xe0
[  261.793657][T10134]  ? __lock_acquire+0x7c80/0x7c80
[  261.798720][T10134]  ? perf_trace_lock+0xf7/0x380
[  261.803630][T10134]  should_fail_ex+0x39d/0x4d0
[  261.808356][T10134]  should_failslab+0x9/0x20
[  261.812900][T10134]  slab_pre_alloc_hook+0x59/0x310
[  261.817952][T10134]  ? __get_vm_area_node+0x125/0x370
[  261.823168][T10134]  __kmem_cache_alloc_node+0x53/0x260
[  261.828561][T10134]  ? __get_vm_area_node+0x125/0x370
[  261.833787][T10134]  kmalloc_node_trace+0x26/0xe0
[  261.838669][T10134]  __get_vm_area_node+0x125/0x370
[  261.843719][T10134]  __vmalloc_node_range+0x36e/0x1320
[  261.849025][T10134]  ? netlink_sendmsg+0x5f3/0xbe0
[  261.854000][T10134]  ? netlink_insert+0x106a/0x1370
[  261.859054][T10134]  ? netlink_insert+0x2b3/0x1370
[  261.864040][T10134]  ? netlink_data_ready+0x10/0x10
[  261.869102][T10134]  ? free_vm_area+0x50/0x50
[  261.873644][T10134]  ? netlink_sendmsg+0x5f3/0xbe0
[  261.878609][T10134]  vmalloc+0x79/0x90
[  261.882528][T10134]  ? netlink_sendmsg+0x5f3/0xbe0
[  261.887573][T10134]  netlink_sendmsg+0x5f3/0xbe0
[  261.892370][T10134]  ? netlink_getsockopt+0x580/0x580
[  261.897598][T10134]  ? aa_sock_msg_perm+0x94/0x150
[  261.902561][T10134]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  261.907866][T10134]  ? security_socket_sendmsg+0x80/0xa0
[  261.913347][T10134]  ? netlink_getsockopt+0x580/0x580
[  261.918567][T10134]  ____sys_sendmsg+0x5bf/0x950
[  261.923363][T10134]  ? __asan_memset+0x22/0x40
[  261.927970][T10134]  ? __sys_sendmsg_sock+0x30/0x30
[  261.933015][T10134]  ? __import_iovec+0x5f2/0x860
[  261.937891][T10134]  ? import_iovec+0x73/0xa0
[  261.942431][T10134]  ___sys_sendmsg+0x220/0x290
[  261.947131][T10134]  ? __sys_sendmsg+0x270/0x270
[  261.951936][T10134]  ? __lock_acquire+0x7c80/0x7c80
[  261.956998][T10134]  __se_sys_sendmsg+0x1a5/0x270
[  261.961895][T10134]  ? __x64_sys_sendmsg+0x80/0x80
[  261.966866][T10134]  ? lockdep_hardirqs_on+0x98/0x150
[  261.972088][T10134]  do_syscall_64+0x55/0xb0
[  261.976525][T10134]  ? clear_bhb_loop+0x40/0x90
[  261.981218][T10134]  ? clear_bhb_loop+0x40/0x90
[  261.985916][T10134]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  261.991823][T10134] RIP: 0033:0x7fa82d78efc9
[  261.996253][T10134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.015884][T10134] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.024318][T10134] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  262.032302][T10134] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  262.040289][T10134] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  262.048283][T10134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.056291][T10134] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  262.064308][T10134]  </TASK>
[  262.077505][T10134] warn_alloc: 1 callbacks suppressed
[  262.077523][T10134] syz.0.1819: vmalloc error: size 65600, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  262.108338][ T5785] Bluetooth: hci1: command tx timeout
[  262.143846][T10134] CPU: 0 PID: 10134 Comm: syz.0.1819 Not tainted syzkaller #0
[  262.151400][T10134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  262.161507][T10134] Call Trace:
[  262.164820][T10134]  <TASK>
[  262.167778][T10134]  dump_stack_lvl+0x16c/0x230
[  262.172509][T10134]  ? show_regs_print_info+0x20/0x20
[  262.177769][T10134]  ? load_image+0x3b0/0x3b0
[  262.182344][T10134]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  262.188813][T10134]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  262.195362][T10134]  warn_alloc+0x210/0x300
[  262.199743][T10134]  ? __get_vm_area_node+0x125/0x370
[  262.204998][T10134]  ? zone_watermark_ok_safe+0x230/0x230
[  262.210599][T10134]  ? rcu_is_watching+0x15/0xb0
[  262.215423][T10134]  ? __get_vm_area_node+0x356/0x370
[  262.220671][T10134]  __vmalloc_node_range+0x393/0x1320
[  262.225996][T10134]  ? netlink_insert+0x106a/0x1370
[  262.231078][T10134]  ? netlink_insert+0x2b3/0x1370
[  262.236068][T10134]  ? netlink_data_ready+0x10/0x10
[  262.241152][T10134]  ? free_vm_area+0x50/0x50
[  262.245715][T10134]  ? netlink_sendmsg+0x5f3/0xbe0
[  262.250695][T10134]  vmalloc+0x79/0x90
[  262.254645][T10134]  ? netlink_sendmsg+0x5f3/0xbe0
[  262.259617][T10134]  netlink_sendmsg+0x5f3/0xbe0
[  262.264425][T10134]  ? netlink_getsockopt+0x580/0x580
[  262.269665][T10134]  ? aa_sock_msg_perm+0x94/0x150
[  262.274637][T10134]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  262.279954][T10134]  ? security_socket_sendmsg+0x80/0xa0
[  262.285443][T10134]  ? netlink_getsockopt+0x580/0x580
[  262.290688][T10134]  ____sys_sendmsg+0x5bf/0x950
[  262.295495][T10134]  ? __asan_memset+0x22/0x40
[  262.300124][T10134]  ? __sys_sendmsg_sock+0x30/0x30
[  262.305193][T10134]  ? __import_iovec+0x5f2/0x860
[  262.310106][T10134]  ? import_iovec+0x73/0xa0
[  262.314658][T10134]  ___sys_sendmsg+0x220/0x290
[  262.319378][T10134]  ? __sys_sendmsg+0x270/0x270
[  262.324203][T10134]  ? __lock_acquire+0x7c80/0x7c80
[  262.329288][T10134]  __se_sys_sendmsg+0x1a5/0x270
[  262.334185][T10134]  ? __x64_sys_sendmsg+0x80/0x80
[  262.339175][T10134]  ? lockdep_hardirqs_on+0x98/0x150
[  262.344421][T10134]  do_syscall_64+0x55/0xb0
[  262.348876][T10134]  ? clear_bhb_loop+0x40/0x90
[  262.353581][T10134]  ? clear_bhb_loop+0x40/0x90
[  262.358304][T10134]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  262.364231][T10134] RIP: 0033:0x7fa82d78efc9
[  262.368679][T10134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.388317][T10134] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.396770][T10134] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  262.404782][T10134] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  262.412782][T10134] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  262.420791][T10134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.428789][T10134] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  262.436812][T10134]  </TASK>
[  262.457452][T10134] Mem-Info:
[  262.460757][T10134] active_anon:4302 inactive_anon:0 isolated_anon:0
[  262.460757][T10134]  active_file:19087 inactive_file:39947 isolated_file:0
[  262.460757][T10134]  unevictable:768 dirty:622 writeback:0
[  262.460757][T10134]  slab_reclaimable:10532 slab_unreclaimable:92097
[  262.460757][T10134]  mapped:24526 shmem:1361 pagetables:443
[  262.460757][T10134]  sec_pagetables:0 bounce:0
[  262.460757][T10134]  kernel_misc_reclaimable:0
[  262.460757][T10134]  free:1354563 free_pcp:9538 free_cma:0
[  262.514416][T10134] Node 0 active_anon:17208kB inactive_anon:0kB active_file:76348kB inactive_file:159588kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98004kB dirty:2488kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10860kB pagetables:1772kB sec_pagetables:0kB all_unreclaimable? no
[  262.554325][T10134] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  262.589415][T10134] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  262.623585][T10134] lowmem_reserve[]: 0 2525 2526 2526 2526
[  262.630258][T10134] Node 0 DMA32 free:1509200kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:17064kB inactive_anon:0kB active_file:76348kB inactive_file:158268kB unevictable:1536kB writepending:2484kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:18100kB local_pcp:2320kB free_cma:0kB
[  262.674262][T10134] lowmem_reserve[]: 0 0 1 1 1
[  262.679098][T10134] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  262.712909][T10134] lowmem_reserve[]: 0 0 0 0 0
[  262.718074][T10134] Node 1 Normal free:3893676kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19688kB local_pcp:10660kB free_cma:0kB
[  262.755679][T10134] lowmem_reserve[]: 0 0 0 0 0
[  262.760993][T10134] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  262.779270][T10134] Node 0 DMA32: 1040*4kB (M) 893*8kB (UME) 591*16kB (ME) 616*32kB (UME) 323*64kB (UME) 147*128kB (UME) 28*256kB (UM) 11*512kB (UM) 11*1024kB (UM) 4*2048kB (U) 341*4096kB (UME) = 1508952kB
[  262.813296][T10143] netlink: 'syz.1.1822': attribute type 27 has an invalid length.
[  262.820556][T10134] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  262.833548][T10143] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1822'.
[  262.876111][T10134] Node 1 Normal: 265*4kB (UME) 69*8kB (UME) 34*16kB (UME) 74*32kB (UME) 20*64kB (UME) 8*128kB (UME) 3*256kB (UME) 2*512kB (UE) 2*1024kB (UE) 2*2048kB (UE) 947*4096kB (M) = 3893676kB
[  262.928520][T10042] 8021q: adding VLAN 0 to HW filter on device batadv0
[  262.936262][T10149] FAULT_INJECTION: forcing a failure.
[  262.936262][T10149] name failslab, interval 1, probability 0, space 0, times 0
[  262.943007][T10134] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.980144][T10134] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  262.985618][T10149] CPU: 1 PID: 10149 Comm: syz.2.1823 Not tainted syzkaller #0
[  262.996990][T10149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  263.007062][T10149] Call Trace:
[  263.010366][T10149]  <TASK>
[  263.013330][T10149]  dump_stack_lvl+0x16c/0x230
[  263.018043][T10149]  ? show_regs_print_info+0x20/0x20
[  263.023277][T10149]  ? load_image+0x3b0/0x3b0
[  263.027809][T10149]  ? __might_sleep+0xe0/0xe0
[  263.032516][T10149]  ? __lock_acquire+0x7c80/0x7c80
[  263.037589][T10149]  should_fail_ex+0x39d/0x4d0
[  263.042300][T10149]  should_failslab+0x9/0x20
[  263.046826][T10149]  slab_pre_alloc_hook+0x59/0x310
[  263.051874][T10149]  ? tomoyo_encode+0x28b/0x540
[  263.056663][T10149]  ? tomoyo_encode+0x28b/0x540
[  263.061449][T10149]  __kmem_cache_alloc_node+0x53/0x260
[  263.066942][T10149]  ? tomoyo_encode+0x28b/0x540
[  263.071729][T10149]  __kmalloc+0xa4/0x240
[  263.075943][T10149]  tomoyo_encode+0x28b/0x540
[  263.080653][T10149]  tomoyo_realpath_from_path+0x592/0x5d0
[  263.086319][T10149]  tomoyo_path_number_perm+0x1ea/0x590
[  263.091800][T10149]  ? tomoyo_path_number_perm+0x1ba/0x590
[  263.097454][T10149]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  263.102936][T10149]  ? ksys_write+0x1c1/0x250
[  263.107486][T10149]  ? __fget_files+0x28/0x4d0
[  263.112130][T10149]  security_file_ioctl+0x70/0xa0
[  263.117095][T10149]  __se_sys_ioctl+0x48/0x170
[  263.121705][T10149]  do_syscall_64+0x55/0xb0
[  263.126143][T10149]  ? clear_bhb_loop+0x40/0x90
[  263.130839][T10149]  ? clear_bhb_loop+0x40/0x90
[  263.135540][T10149]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  263.141570][T10149] RIP: 0033:0x7f678d38efc9
[  263.146004][T10149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.165723][T10149] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  263.174157][T10149] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  263.182145][T10149] RDX: 0000200000000000 RSI: 0000000000008916 RDI: 0000000000000003
[  263.190136][T10149] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  263.198121][T10149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.206104][T10149] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  263.214104][T10149]  </TASK>
[  263.220015][T10134] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  263.237093][T10134] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  263.246552][T10134] 60395 total pagecache pages
[  263.251478][T10134] 0 pages in swap cache
[  263.255669][T10134] Free swap  = 124996kB
[  263.259915][T10134] Total swap = 124996kB
[  263.264206][T10134] 2097051 pages RAM
[  263.268074][T10134] 0 pages HighMem/MovableOnly
[  263.272914][T10134] 416136 pages reserved
[  263.277212][T10134] 0 pages cma reserved
[  263.303633][T10042] veth0_vlan: entered promiscuous mode
[  263.318810][T10149] ERROR: Out of memory at tomoyo_realpath_from_path.
[  263.349442][T10042] veth1_vlan: entered promiscuous mode
[  263.452261][T10042] veth0_macvtap: entered promiscuous mode
[  263.486411][T10042] veth1_macvtap: entered promiscuous mode
[  263.526703][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.549988][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.561244][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.573858][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.584011][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.594773][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.606335][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.618461][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.632079][T10042] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.678234][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.700322][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.711201][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.760320][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.779869][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.800311][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.826216][T10042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.837121][T10042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.858749][T10042] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.940556][T10042] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.949650][T10042] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.958101][T10165] netlink: 'syz.0.1829': attribute type 6 has an invalid length.
[  263.965555][T10042] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.966431][T10165] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1829'.
[  263.992895][T10042] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.005130][T10163] netlink: 14546 bytes leftover after parsing attributes in process `syz.1.1828'.
[  264.018252][T10159] tap0: tun_chr_ioctl cmd 1074025675
[  264.035152][T10159] tap0: persist enabled
[  264.045377][T10157] tap0: tun_chr_ioctl cmd 1074025675
[  264.053766][T10157] tap0: persist enabled
[  264.060792][ T5785] Bluetooth: hci2: ISO packet for unknown connection handle 6
[  264.191726][ T5785] Bluetooth: hci1: command tx timeout
[  264.197582][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.216696][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.322400][ T2872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.331126][T10168] netlink: 'syz.1.1830': attribute type 10 has an invalid length.
[  264.349482][ T2872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.801201][T10197] netlink: 'syz.3.1838': attribute type 4 has an invalid length.
[  265.819425][T10197] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1838'.
[  265.873111][T10201] FAULT_INJECTION: forcing a failure.
[  265.873111][T10201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.896818][T10197] .`: renamed from bond0 (while UP)
[  265.927294][T10201] CPU: 0 PID: 10201 Comm: syz.2.1840 Not tainted syzkaller #0
[  265.934855][T10201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  265.944978][T10201] Call Trace:
[  265.948301][T10201]  <TASK>
[  265.951272][T10201]  dump_stack_lvl+0x16c/0x230
[  265.956008][T10201]  ? show_regs_print_info+0x20/0x20
[  265.961707][T10201]  ? load_image+0x3b0/0x3b0
[  265.966266][T10201]  ? __lock_acquire+0x7c80/0x7c80
[  265.971347][T10201]  should_fail_ex+0x39d/0x4d0
[  265.976085][T10201]  _copy_from_user+0x2f/0xe0
[  265.980727][T10201]  __copy_msghdr+0x3bb/0x580
[  265.985379][T10201]  ___sys_sendmsg+0x1a6/0x290
[  265.990118][T10201]  ? __sys_sendmsg+0x270/0x270
[  265.994971][T10201]  ? __lock_acquire+0x7c80/0x7c80
[  266.000078][T10201]  __se_sys_sendmsg+0x1a5/0x270
[  266.004990][T10201]  ? __x64_sys_sendmsg+0x80/0x80
[  266.009995][T10201]  ? lockdep_hardirqs_on+0x98/0x150
[  266.015264][T10201]  do_syscall_64+0x55/0xb0
[  266.019742][T10201]  ? clear_bhb_loop+0x40/0x90
[  266.024493][T10201]  ? clear_bhb_loop+0x40/0x90
[  266.029248][T10201]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  266.035193][T10201] RIP: 0033:0x7f678d38efc9
[  266.039762][T10201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.059503][T10201] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.067975][T10201] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  266.075986][T10201] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  266.083993][T10201] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  266.091998][T10201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.099998][T10201] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  266.108016][T10201]  </TASK>
[  266.239879][T10207] netlink: 'syz.2.1842': attribute type 27 has an invalid length.
[  266.270230][ T5785] Bluetooth: hci1: command tx timeout
[  266.295420][T10207] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1842'.
[  266.571988][T10213] netlink: 'syz.1.1844': attribute type 10 has an invalid length.
[  267.676581][T10234] FAULT_INJECTION: forcing a failure.
[  267.676581][T10234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.806323][T10234] CPU: 0 PID: 10234 Comm: syz.0.1851 Not tainted syzkaller #0
[  267.813884][T10234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  267.823996][T10234] Call Trace:
[  267.827309][T10234]  <TASK>
[  267.830291][T10234]  dump_stack_lvl+0x16c/0x230
[  267.835036][T10234]  ? show_regs_print_info+0x20/0x20
[  267.840293][T10234]  ? load_image+0x3b0/0x3b0
[  267.844854][T10234]  ? __lock_acquire+0x7c80/0x7c80
[  267.849923][T10234]  ? snprintf+0xdb/0x120
[  267.854213][T10234]  should_fail_ex+0x39d/0x4d0
[  267.858944][T10234]  _copy_to_user+0x2f/0xa0
[  267.863498][T10234]  simple_read_from_buffer+0xe7/0x150
[  267.868924][T10234]  proc_fail_nth_read+0x1e3/0x250
[  267.874007][T10234]  ? proc_fault_inject_write+0x340/0x340
[  267.879707][T10234]  ? fsnotify_perm+0x271/0x5e0
[  267.884531][T10234]  ? proc_fault_inject_write+0x340/0x340
[  267.890225][T10234]  vfs_read+0x27e/0x920
[  267.894444][T10234]  ? kernel_read+0x1e0/0x1e0
[  267.899079][T10234]  ? __fget_files+0x28/0x4d0
[  267.903725][T10234]  ? __fget_files+0x44a/0x4d0
[  267.908456][T10234]  ? __fdget_pos+0x2a3/0x330
[  267.913094][T10234]  ? ksys_read+0x75/0x250
[  267.917490][T10234]  ksys_read+0x147/0x250
[  267.921779][T10234]  ? vfs_write+0x940/0x940
[  267.926245][T10234]  ? lockdep_hardirqs_on+0x98/0x150
[  267.931499][T10234]  do_syscall_64+0x55/0xb0
[  267.935959][T10234]  ? clear_bhb_loop+0x40/0x90
[  267.940712][T10234]  ? clear_bhb_loop+0x40/0x90
[  267.945437][T10234]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  267.951369][T10234] RIP: 0033:0x7fa82d78d9dc
[  267.955833][T10234] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  267.975497][T10234] RSP: 002b:00007fa82e6d0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.983961][T10234] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78d9dc
[  267.992020][T10234] RDX: 000000000000000f RSI: 00007fa82e6d00a0 RDI: 0000000000000004
[  268.000046][T10234] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  268.008082][T10234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.016111][T10234] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  268.024161][T10234]  </TASK>
[  268.125481][T10237] netlink: 'syz.2.1852': attribute type 13 has an invalid length.
[  268.139159][T10237] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1852'.
[  268.171353][T10237] erspan0: refused to change device tx_queue_len
[  268.190070][T10237] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  268.432695][T10250] netlink: 'syz.2.1857': attribute type 10 has an invalid length.
[  269.072362][T10277] FAULT_INJECTION: forcing a failure.
[  269.072362][T10277] name failslab, interval 1, probability 0, space 0, times 0
[  269.100748][T10277] CPU: 1 PID: 10277 Comm: syz.1.1866 Not tainted syzkaller #0
[  269.108392][T10277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  269.118498][T10277] Call Trace:
[  269.121821][T10277]  <TASK>
[  269.124789][T10277]  dump_stack_lvl+0x16c/0x230
[  269.129523][T10277]  ? show_regs_print_info+0x20/0x20
[  269.134774][T10277]  ? load_image+0x3b0/0x3b0
[  269.139321][T10277]  ? __might_sleep+0xe0/0xe0
[  269.143958][T10277]  ? __lock_acquire+0x7c80/0x7c80
[  269.149035][T10277]  should_fail_ex+0x39d/0x4d0
[  269.153766][T10277]  should_failslab+0x9/0x20
[  269.158295][T10277]  slab_pre_alloc_hook+0x59/0x310
[  269.163349][T10277]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  269.168920][T10277]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  269.174495][T10277]  __kmem_cache_alloc_node+0x53/0x260
[  269.179899][T10277]  ? __lock_acquire+0x7c80/0x7c80
[  269.184965][T10277]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  269.190542][T10277]  __kmalloc+0xa4/0x240
[  269.194723][T10277]  bpf_prog_test_run_skb+0x22c/0x11c0
[  269.200118][T10277]  ? __fget_files+0x28/0x4d0
[  269.204773][T10277]  ? __fget_files+0x44a/0x4d0
[  269.209477][T10277]  ? cpu_online+0x60/0x60
[  269.213833][T10277]  bpf_prog_test_run+0x321/0x390
[  269.218790][T10277]  __sys_bpf+0x440/0x800
[  269.223071][T10277]  ? bpf_link_show_fdinfo+0x350/0x350
[  269.228471][T10277]  ? lock_chain_count+0x20/0x20
[  269.233360][T10277]  __x64_sys_bpf+0x7c/0x90
[  269.237795][T10277]  do_syscall_64+0x55/0xb0
[  269.242228][T10277]  ? clear_bhb_loop+0x40/0x90
[  269.246920][T10277]  ? clear_bhb_loop+0x40/0x90
[  269.251651][T10277]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  269.257560][T10277] RIP: 0033:0x7f66dc58efc9
[  269.261989][T10277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.281616][T10277] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  269.290063][T10277] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  269.298055][T10277] RDX: 0000000000000048 RSI: 00002000000002c0 RDI: 000000000000000a
[  269.306088][T10277] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  269.314085][T10277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.322070][T10277] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  269.330088][T10277]  </TASK>
[  269.431213][T10280] netlink: 'syz.2.1870': attribute type 10 has an invalid length.
[  269.644900][T10292] FAULT_INJECTION: forcing a failure.
[  269.644900][T10292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.658369][T10292] CPU: 0 PID: 10292 Comm: syz.0.1875 Not tainted syzkaller #0
[  269.665868][T10292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  269.676060][T10292] Call Trace:
[  269.679367][T10292]  <TASK>
[  269.682320][T10292]  dump_stack_lvl+0x16c/0x230
[  269.687018][T10292]  ? show_regs_print_info+0x20/0x20
[  269.692230][T10292]  ? load_image+0x3b0/0x3b0
[  269.696741][T10292]  ? __might_fault+0xaa/0x120
[  269.701428][T10292]  ? __lock_acquire+0x7c80/0x7c80
[  269.706571][T10292]  should_fail_ex+0x39d/0x4d0
[  269.711298][T10292]  _copy_to_user+0x2f/0xa0
[  269.715763][T10292]  bpf_mprog_query+0x224/0x7d0
[  269.720561][T10292]  ? tcx_prog_query+0x86/0x140
[  269.725349][T10292]  ? bpf_mprog_delete+0x410/0x410
[  269.730404][T10292]  ? lockdep_rtnl_is_held+0x26/0x30
[  269.735630][T10292]  tcx_prog_query+0xd9/0x140
[  269.740247][T10292]  __sys_bpf+0x738/0x800
[  269.744514][T10292]  ? bpf_link_show_fdinfo+0x350/0x350
[  269.749915][T10292]  ? lock_chain_count+0x20/0x20
[  269.754797][T10292]  __x64_sys_bpf+0x7c/0x90
[  269.759228][T10292]  do_syscall_64+0x55/0xb0
[  269.763670][T10292]  ? clear_bhb_loop+0x40/0x90
[  269.768365][T10292]  ? clear_bhb_loop+0x40/0x90
[  269.773062][T10292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  269.778970][T10292] RIP: 0033:0x7fa82d78efc9
[  269.783404][T10292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.803055][T10292] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  269.811499][T10292] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  269.819491][T10292] RDX: 0000000000000040 RSI: 0000200000000240 RDI: 0000000000000010
[  269.827488][T10292] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  269.835473][T10292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.843455][T10292] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  269.851456][T10292]  </TASK>
[  269.991168][T10298] FAULT_INJECTION: forcing a failure.
[  269.991168][T10298] name failslab, interval 1, probability 0, space 0, times 0
[  270.004152][T10298] CPU: 0 PID: 10298 Comm: syz.1.1877 Not tainted syzkaller #0
[  270.011695][T10298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.021820][T10298] Call Trace:
[  270.025158][T10298]  <TASK>
[  270.028132][T10298]  dump_stack_lvl+0x16c/0x230
[  270.032881][T10298]  ? show_regs_print_info+0x20/0x20
[  270.038136][T10298]  ? load_image+0x3b0/0x3b0
[  270.042707][T10298]  ? __might_sleep+0xe0/0xe0
[  270.047362][T10298]  ? __lock_acquire+0x7c80/0x7c80
[  270.052467][T10298]  should_fail_ex+0x39d/0x4d0
[  270.057188][T10298]  should_failslab+0x9/0x20
[  270.061722][T10298]  slab_pre_alloc_hook+0x59/0x310
[  270.066783][T10298]  ? tomoyo_encode+0x28b/0x540
[  270.071584][T10298]  ? tomoyo_encode+0x28b/0x540
[  270.076380][T10298]  __kmem_cache_alloc_node+0x53/0x260
[  270.081794][T10298]  ? tomoyo_encode+0x28b/0x540
[  270.086605][T10298]  __kmalloc+0xa4/0x240
[  270.090805][T10298]  tomoyo_encode+0x28b/0x540
[  270.095446][T10298]  tomoyo_realpath_from_path+0x592/0x5d0
[  270.101133][T10298]  tomoyo_path_number_perm+0x1ea/0x590
[  270.106623][T10298]  ? tomoyo_path_number_perm+0x1ba/0x590
[  270.112291][T10298]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  270.117785][T10298]  ? ksys_write+0x1c1/0x250
[  270.122374][T10298]  ? __fget_files+0x28/0x4d0
[  270.127052][T10298]  security_file_ioctl+0x70/0xa0
[  270.132053][T10298]  __se_sys_ioctl+0x48/0x170
[  270.136696][T10298]  do_syscall_64+0x55/0xb0
[  270.141172][T10298]  ? clear_bhb_loop+0x40/0x90
[  270.145878][T10298]  ? clear_bhb_loop+0x40/0x90
[  270.150582][T10298]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.156501][T10298] RIP: 0033:0x7f66dc58efc9
[  270.160940][T10298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.180705][T10298] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  270.189162][T10298] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  270.197174][T10298] RDX: 0000200000000040 RSI: 000000004008240b RDI: 0000000000000003
[  270.205174][T10298] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  270.213176][T10298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.221287][T10298] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  270.229312][T10298]  </TASK>
[  270.250085][T10298] ERROR: Out of memory at tomoyo_realpath_from_path.
[  270.456910][T10310] FAULT_INJECTION: forcing a failure.
[  270.456910][T10310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.488152][T10310] CPU: 1 PID: 10310 Comm: syz.1.1881 Not tainted syzkaller #0
[  270.495729][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.505825][T10310] Call Trace:
[  270.509138][T10310]  <TASK>
[  270.512114][T10310]  dump_stack_lvl+0x16c/0x230
[  270.516851][T10310]  ? show_regs_print_info+0x20/0x20
[  270.522081][T10310]  ? load_image+0x3b0/0x3b0
[  270.526604][T10310]  ? __might_fault+0xaa/0x120
[  270.531296][T10310]  ? __lock_acquire+0x7c80/0x7c80
[  270.536426][T10310]  should_fail_ex+0x39d/0x4d0
[  270.541132][T10310]  _copy_from_user+0x2f/0xe0
[  270.545742][T10310]  ___sys_sendmsg+0x159/0x290
[  270.550446][T10310]  ? __sys_sendmsg+0x270/0x270
[  270.555293][T10310]  ? __lock_acquire+0x7c80/0x7c80
[  270.560350][T10310]  __se_sys_sendmsg+0x1a5/0x270
[  270.565229][T10310]  ? __x64_sys_sendmsg+0x80/0x80
[  270.570195][T10310]  ? lockdep_hardirqs_on+0x98/0x150
[  270.575427][T10310]  do_syscall_64+0x55/0xb0
[  270.579872][T10310]  ? clear_bhb_loop+0x40/0x90
[  270.584588][T10310]  ? clear_bhb_loop+0x40/0x90
[  270.589287][T10310]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.595191][T10310] RIP: 0033:0x7f66dc58efc9
[  270.599626][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.619257][T10310] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.627689][T10310] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  270.635671][T10310] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  270.643650][T10310] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  270.651634][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.659621][T10310] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  270.667626][T10310]  </TASK>
[  270.699447][T10313] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1883'.
[  270.939762][T10323] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1887'.
[  270.965103][T10326] netlink: 'syz.1.1888': attribute type 6 has an invalid length.
[  270.976359][T10326] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1888'.
[  271.126779][T10330] netlink: 'syz.2.1889': attribute type 10 has an invalid length.
[  271.289322][T10338] netlink: 'syz.3.1894': attribute type 10 has an invalid length.
[  271.309244][T10338] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1894'.
[  271.328063][T10338] veth0_vlan: entered allmulticast mode
[  271.335010][T10338] bridge0: port 3(veth0_vlan) entered blocking state
[  271.388560][T10338] bridge0: port 3(veth0_vlan) entered disabled state
[  271.450638][T10338] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  271.663207][T10344] FAULT_INJECTION: forcing a failure.
[  271.663207][T10344] name failslab, interval 1, probability 0, space 0, times 0
[  271.676549][T10344] CPU: 1 PID: 10344 Comm: syz.2.1895 Not tainted syzkaller #0
[  271.684060][T10344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  271.694157][T10344] Call Trace:
[  271.697479][T10344]  <TASK>
[  271.700450][T10344]  dump_stack_lvl+0x16c/0x230
[  271.705185][T10344]  ? show_regs_print_info+0x20/0x20
[  271.710448][T10344]  ? load_image+0x3b0/0x3b0
[  271.714990][T10344]  ? __might_sleep+0xe0/0xe0
[  271.719602][T10344]  ? __lock_acquire+0x7c80/0x7c80
[  271.724648][T10344]  should_fail_ex+0x39d/0x4d0
[  271.729372][T10344]  should_failslab+0x9/0x20
[  271.733904][T10344]  slab_pre_alloc_hook+0x59/0x310
[  271.738953][T10344]  ? __lock_acquire+0x7c80/0x7c80
[  271.743998][T10344]  kmem_cache_alloc_node+0x60/0x330
[  271.749221][T10344]  ? __alloc_skb+0x108/0x2c0
[  271.753839][T10344]  __alloc_skb+0x108/0x2c0
[  271.758279][T10344]  netlink_sendmsg+0x65b/0xbe0
[  271.763068][T10344]  ? netlink_getsockopt+0x580/0x580
[  271.768288][T10344]  ? aa_sock_msg_perm+0x94/0x150
[  271.773246][T10344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  271.778551][T10344]  ? security_socket_sendmsg+0x80/0xa0
[  271.784026][T10344]  ? netlink_getsockopt+0x580/0x580
[  271.789241][T10344]  ____sys_sendmsg+0x5bf/0x950
[  271.794042][T10344]  ? __asan_memset+0x22/0x40
[  271.798742][T10344]  ? __sys_sendmsg_sock+0x30/0x30
[  271.803794][T10344]  ? __import_iovec+0x5f2/0x860
[  271.808681][T10344]  ? import_iovec+0x73/0xa0
[  271.813215][T10344]  ___sys_sendmsg+0x220/0x290
[  271.817916][T10344]  ? __sys_sendmsg+0x270/0x270
[  271.822722][T10344]  ? __lock_acquire+0x7c80/0x7c80
[  271.827785][T10344]  __se_sys_sendmsg+0x1a5/0x270
[  271.832662][T10344]  ? perf_trace_preemptirq_template+0x281/0x340
[  271.838934][T10344]  ? __x64_sys_sendmsg+0x80/0x80
[  271.843930][T10344]  ? lockdep_hardirqs_on+0x98/0x150
[  271.849174][T10344]  do_syscall_64+0x55/0xb0
[  271.853628][T10344]  ? clear_bhb_loop+0x40/0x90
[  271.858331][T10344]  ? clear_bhb_loop+0x40/0x90
[  271.863122][T10344]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.869030][T10344] RIP: 0033:0x7f678d38efc9
[  271.873550][T10344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.893177][T10344] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.901610][T10344] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  271.909596][T10344] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  271.917682][T10344] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  271.925663][T10344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.933656][T10344] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  271.941671][T10344]  </TASK>
[  272.121989][T10352] FAULT_INJECTION: forcing a failure.
[  272.121989][T10352] name failslab, interval 1, probability 0, space 0, times 0
[  272.150648][T10348] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1896'.
[  272.165030][T10352] CPU: 0 PID: 10352 Comm: syz.2.1897 Not tainted syzkaller #0
[  272.172569][T10352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  272.182667][T10352] Call Trace:
[  272.185984][T10352]  <TASK>
[  272.188954][T10352]  dump_stack_lvl+0x16c/0x230
[  272.193691][T10352]  ? show_regs_print_info+0x20/0x20
[  272.198940][T10352]  ? load_image+0x3b0/0x3b0
[  272.203493][T10352]  ? __might_sleep+0xe0/0xe0
[  272.208129][T10352]  ? __lock_acquire+0x7c80/0x7c80
[  272.213207][T10352]  should_fail_ex+0x39d/0x4d0
[  272.217934][T10352]  should_failslab+0x9/0x20
[  272.222478][T10352]  slab_pre_alloc_hook+0x59/0x310
[  272.227530][T10352]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  272.233100][T10352]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  272.238666][T10352]  __kmem_cache_alloc_node+0x53/0x260
[  272.244061][T10352]  ? __lock_acquire+0x7c80/0x7c80
[  272.249101][T10352]  ? bpf_prog_test_run_skb+0x22c/0x11c0
[  272.254668][T10352]  __kmalloc+0xa4/0x240
[  272.258843][T10352]  bpf_prog_test_run_skb+0x22c/0x11c0
[  272.264236][T10352]  ? __fget_files+0x28/0x4d0
[  272.268845][T10352]  ? __fget_files+0x44a/0x4d0
[  272.273547][T10352]  ? cpu_online+0x60/0x60
[  272.277908][T10352]  bpf_prog_test_run+0x321/0x390
[  272.282884][T10352]  __sys_bpf+0x440/0x800
[  272.287179][T10352]  ? bpf_link_show_fdinfo+0x350/0x350
[  272.292579][T10352]  ? lock_chain_count+0x20/0x20
[  272.297449][T10352]  __x64_sys_bpf+0x7c/0x90
[  272.301876][T10352]  do_syscall_64+0x55/0xb0
[  272.306304][T10352]  ? clear_bhb_loop+0x40/0x90
[  272.310995][T10352]  ? clear_bhb_loop+0x40/0x90
[  272.315688][T10352]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  272.321591][T10352] RIP: 0033:0x7f678d38efc9
[  272.326015][T10352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.345657][T10352] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  272.354089][T10352] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  272.362070][T10352] RDX: 0000000000000027 RSI: 00002000000002c0 RDI: 000000000000000a
[  272.370067][T10352] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  272.378147][T10352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.386147][T10352] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  272.394231][T10352]  </TASK>
[  272.419931][T10348] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  273.017220][T10374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1903'.
[  273.033699][T10374] netlink: 33 bytes leftover after parsing attributes in process `syz.3.1903'.
[  273.047312][T10374] netlink: 33 bytes leftover after parsing attributes in process `syz.3.1903'.
[  273.063761][T10373] netlink: 'syz.2.1904': attribute type 10 has an invalid length.
[  273.081153][T10373] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1904'.
[  273.096100][T10373] veth0_vlan: entered allmulticast mode
[  273.107041][T10373] bridge0: port 4(veth0_vlan) entered blocking state
[  273.118805][T10373] bridge0: port 4(veth0_vlan) entered disabled state
[  273.134920][T10373] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  273.343301][T10380] syz.3.1906[10380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  273.343574][T10380] syz.3.1906[10380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.004331][T10406] netlink: 'syz.2.1916': attribute type 10 has an invalid length.
[  274.051157][T10406] team0: Device netdevsim0 is up. Set it down before adding it as a team port
[  274.108813][T10407] netlink: 'syz.1.1915': attribute type 10 has an invalid length.
[  274.129546][T10407] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1915'.
[  274.149483][T10407] veth0_vlan: entered allmulticast mode
[  274.165361][T10407] bridge0: port 3(veth0_vlan) entered blocking state
[  274.180114][T10407] bridge0: port 3(veth0_vlan) entered disabled state
[  274.205158][T10407] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  274.298381][T10415] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  274.359402][T10414] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.1919'.
[  274.416632][T10419] syz.1.1921[10419] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.416922][T10419] syz.1.1921[10419] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.519756][T10422] syz.3.1922[10422] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.539582][T10422] syz.3.1922[10422] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.572219][T10422] FAULT_INJECTION: forcing a failure.
[  274.572219][T10422] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.597897][T10422] CPU: 0 PID: 10422 Comm: syz.3.1922 Not tainted syzkaller #0
[  274.605515][T10422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  274.615626][T10422] Call Trace:
[  274.618934][T10422]  <TASK>
[  274.621885][T10422]  dump_stack_lvl+0x16c/0x230
[  274.626639][T10422]  ? show_regs_print_info+0x20/0x20
[  274.631871][T10422]  ? load_image+0x3b0/0x3b0
[  274.636401][T10422]  ? __lock_acquire+0x7c80/0x7c80
[  274.641466][T10422]  should_fail_ex+0x39d/0x4d0
[  274.646261][T10422]  _copy_from_user+0x2f/0xe0
[  274.650932][T10422]  __copy_msghdr+0x3bb/0x580
[  274.655558][T10422]  ___sys_sendmsg+0x1a6/0x290
[  274.660263][T10422]  ? __sys_sendmsg+0x270/0x270
[  274.665069][T10422]  ? __lock_acquire+0x7c80/0x7c80
[  274.670133][T10422]  __se_sys_sendmsg+0x1a5/0x270
[  274.675099][T10422]  ? __x64_sys_sendmsg+0x80/0x80
[  274.680083][T10422]  ? lockdep_hardirqs_on+0x98/0x150
[  274.685312][T10422]  do_syscall_64+0x55/0xb0
[  274.689764][T10422]  ? clear_bhb_loop+0x40/0x90
[  274.694459][T10422]  ? clear_bhb_loop+0x40/0x90
[  274.699244][T10422]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  274.705155][T10422] RIP: 0033:0x7ff02998efc9
[  274.709594][T10422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.729215][T10422] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.737645][T10422] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  274.745634][T10422] RDX: 0000000000000844 RSI: 0000200000000380 RDI: 0000000000000003
[  274.753704][T10422] RBP: 00007ff02a7af090 R08: 0000000000000000 R09: 0000000000000000
[  274.761689][T10422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.769765][T10422] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  274.777850][T10422]  </TASK>
[  274.894275][T10430] netlink: 'syz.0.1925': attribute type 10 has an invalid length.
[  275.698424][T10454] netlink: 'syz.0.1933': attribute type 13 has an invalid length.
[  275.707061][T10454] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1933'.
[  276.034458][T10468] netlink: 'syz.2.1938': attribute type 10 has an invalid length.
[  276.045027][T10471] netlink: 'syz.1.1939': attribute type 6 has an invalid length.
[  276.063338][T10471] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1939'.
[  276.249035][T10476] netlink: 'syz.0.1941': attribute type 6 has an invalid length.
[  276.320518][T10476] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1941'.
[  276.611387][T10488] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  276.775765][T10494] FAULT_INJECTION: forcing a failure.
[  276.775765][T10494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.814031][T10494] CPU: 0 PID: 10494 Comm: syz.2.1948 Not tainted syzkaller #0
[  276.821588][T10494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.831692][T10494] Call Trace:
[  276.835026][T10494]  <TASK>
[  276.837998][T10494]  dump_stack_lvl+0x16c/0x230
[  276.842747][T10494]  ? show_regs_print_info+0x20/0x20
[  276.848025][T10494]  ? load_image+0x3b0/0x3b0
[  276.852593][T10494]  ? __lock_acquire+0x7c80/0x7c80
[  276.857670][T10494]  ? snprintf+0xdb/0x120
[  276.861966][T10494]  should_fail_ex+0x39d/0x4d0
[  276.866717][T10494]  _copy_to_user+0x2f/0xa0
[  276.871188][T10494]  simple_read_from_buffer+0xe7/0x150
[  276.876630][T10494]  proc_fail_nth_read+0x1e3/0x250
[  276.881717][T10494]  ? proc_fault_inject_write+0x340/0x340
[  276.887407][T10494]  ? fsnotify_perm+0x271/0x5e0
[  276.892224][T10494]  ? proc_fault_inject_write+0x340/0x340
[  276.897913][T10494]  vfs_read+0x27e/0x920
[  276.902123][T10494]  ? kernel_read+0x1e0/0x1e0
[  276.906764][T10494]  ? __fget_files+0x28/0x4d0
[  276.911428][T10494]  ? __fget_files+0x44a/0x4d0
[  276.916167][T10494]  ? __fdget_pos+0x2a3/0x330
[  276.920815][T10494]  ? ksys_read+0x75/0x250
[  276.925191][T10494]  ksys_read+0x147/0x250
[  276.929499][T10494]  ? vfs_write+0x940/0x940
[  276.933987][T10494]  ? lockdep_hardirqs_on+0x98/0x150
[  276.939252][T10494]  do_syscall_64+0x55/0xb0
[  276.943714][T10494]  ? clear_bhb_loop+0x40/0x90
[  276.948426][T10494]  ? clear_bhb_loop+0x40/0x90
[  276.953142][T10494]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  276.959074][T10494] RIP: 0033:0x7f678d38d9dc
[  276.963527][T10494] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  276.983178][T10494] RSP: 002b:00007f678e201030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  276.991650][T10494] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38d9dc
[  276.999672][T10494] RDX: 000000000000000f RSI: 00007f678e2010a0 RDI: 0000000000000005
[  277.008133][T10494] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  277.016153][T10494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.024174][T10494] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  277.032212][T10494]  </TASK>
[  277.162348][T10498] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  277.284940][T10504] netlink: 'syz.3.1952': attribute type 10 has an invalid length.
[  277.333039][T10509] netlink: 'syz.2.1954': attribute type 6 has an invalid length.
[  277.370034][T10509] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1954'.
[  277.383855][T10504] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.408410][T10504] .`: (slave batadv0): Enslaving as an active interface with an up link
[  277.429392][T10506] .`: entered promiscuous mode
[  277.437790][T10506] bond_slave_0: entered promiscuous mode
[  277.447360][T10506] bond_slave_1: entered promiscuous mode
[  277.455106][T10506] batadv0: entered promiscuous mode
[  277.505932][T10515] netlink: 'syz.1.1956': attribute type 6 has an invalid length.
[  277.514056][T10515] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1956'.
[  277.775495][T10523] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  277.907051][T10530] FAULT_INJECTION: forcing a failure.
[  277.907051][T10530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.937152][T10530] CPU: 1 PID: 10530 Comm: syz.2.1962 Not tainted syzkaller #0
[  277.944711][T10530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.954817][T10530] Call Trace:
[  277.958145][T10530]  <TASK>
[  277.961122][T10530]  dump_stack_lvl+0x16c/0x230
[  277.965883][T10530]  ? show_regs_print_info+0x20/0x20
[  277.971152][T10530]  ? load_image+0x3b0/0x3b0
[  277.975721][T10530]  ? __might_fault+0xaa/0x120
[  277.980479][T10530]  ? __lock_acquire+0x7c80/0x7c80
[  277.985577][T10530]  should_fail_ex+0x39d/0x4d0
[  277.990334][T10530]  _copy_from_user+0x2f/0xe0
[  277.994994][T10530]  ___sys_sendmsg+0x159/0x290
[  277.999718][T10530]  ? __sys_sendmsg+0x270/0x270
[  278.004560][T10530]  ? __lock_acquire+0x7c80/0x7c80
[  278.009675][T10530]  __se_sys_sendmsg+0x1a5/0x270
[  278.014594][T10530]  ? __x64_sys_sendmsg+0x80/0x80
[  278.019591][T10530]  ? lockdep_hardirqs_on+0x98/0x150
[  278.024827][T10530]  do_syscall_64+0x55/0xb0
[  278.029285][T10530]  ? clear_bhb_loop+0x40/0x90
[  278.033987][T10530]  ? clear_bhb_loop+0x40/0x90
[  278.038694][T10530]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  278.044610][T10530] RIP: 0033:0x7f678d38efc9
[  278.049050][T10530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.068680][T10530] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.077146][T10530] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  278.085146][T10530] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  278.093142][T10530] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  278.101160][T10530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.109180][T10530] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  278.117202][T10530]  </TASK>
[  278.188457][T10539] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1965'.
[  278.242499][T10539] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  278.280031][T10539] CPU: 0 PID: 10539 Comm: syz.3.1965 Not tainted syzkaller #0
[  278.287598][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  278.297728][T10539] Call Trace:
[  278.301066][T10539]  <TASK>
[  278.304053][T10539]  dump_stack_lvl+0x16c/0x230
[  278.308831][T10539]  ? show_regs_print_info+0x20/0x20
[  278.314105][T10539]  ? load_image+0x3b0/0x3b0
[  278.318703][T10539]  sysfs_warn_dup+0x8e/0xa0
[  278.323280][T10539]  sysfs_do_create_link_sd+0xc0/0x110
[  278.328734][T10539]  device_add_class_symlinks+0x1cf/0x240
[  278.334452][T10539]  device_add+0x507/0xc20
[  278.338880][T10539]  wiphy_register+0x1e74/0x2c00
[  278.343867][T10539]  ? cfg80211_event_work+0x40/0x40
[  278.349061][T10539]  ? minstrel_ht_alloc+0x88a/0x990
[  278.354275][T10539]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  278.360435][T10539]  ieee80211_register_hw+0x2de8/0x3b10
[  278.366009][T10539]  ? ieee80211_register_hw+0xf61/0x3b10
[  278.371656][T10539]  ? ieee80211_tasklet_handler+0x20/0x20
[  278.377362][T10539]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  278.383337][T10539]  ? __debug_object_init+0xe8/0x430
[  278.388609][T10539]  ? __asan_memset+0x22/0x40
[  278.393265][T10539]  ? __hrtimer_init+0x186/0x270
[  278.398184][T10539]  mac80211_hwsim_new_radio+0x2a00/0x4cf0
[  278.404031][T10539]  ? mac80211_hwsim_free+0x220/0x220
[  278.409382][T10539]  ? rcu_is_watching+0x15/0xb0
[  278.414220][T10539]  ? kstrndup+0xbd/0x140
[  278.418557][T10539]  hwsim_new_radio_nl+0xd78/0x19d0
[  278.423739][T10539]  ? __nla_validate+0x50/0x50
[  278.428522][T10539]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  278.434944][T10539]  ? __nla_parse+0x40/0x50
[  278.439460][T10539]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  278.445892][T10539]  genl_family_rcv_msg_doit+0x209/0x2f0
[  278.451545][T10539]  ? genl_family_rcv_msg_dumpit+0x2c0/0x2c0
[  278.457536][T10539]  ? bpf_lsm_capable+0x9/0x10
[  278.462289][T10539]  ? security_capable+0x89/0xb0
[  278.467228][T10539]  genl_rcv_msg+0x60b/0x790
[  278.471819][T10539]  ? genl_bind+0x360/0x360
[  278.476307][T10539]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  278.482790][T10539]  ? perf_trace_lock+0x2ed/0x380
[  278.487820][T10539]  netlink_rcv_skb+0x216/0x480
[  278.492640][T10539]  ? genl_bind+0x360/0x360
[  278.497123][T10539]  ? netlink_ack+0x1110/0x1110
[  278.501981][T10539]  ? __lock_acquire+0x7c80/0x7c80
[  278.507084][T10539]  ? down_read+0x1ac/0x2e0
[  278.511582][T10539]  genl_rcv+0x28/0x40
[  278.515644][T10539]  netlink_unicast+0x751/0x8d0
[  278.520492][T10539]  netlink_sendmsg+0x8c1/0xbe0
[  278.525329][T10539]  ? netlink_getsockopt+0x580/0x580
[  278.530595][T10539]  ? aa_sock_msg_perm+0x94/0x150
[  278.535594][T10539]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  278.540935][T10539]  ? security_socket_sendmsg+0x80/0xa0
[  278.546452][T10539]  ? netlink_getsockopt+0x580/0x580
[  278.551722][T10539]  ____sys_sendmsg+0x5bf/0x950
[  278.556561][T10539]  ? __asan_memset+0x22/0x40
[  278.561210][T10539]  ? __sys_sendmsg_sock+0x30/0x30
[  278.566639][T10539]  ? __import_iovec+0x5f2/0x860
[  278.571606][T10539]  ? import_iovec+0x73/0xa0
[  278.576185][T10539]  ___sys_sendmsg+0x220/0x290
[  278.580942][T10539]  ? __sys_sendmsg+0x270/0x270
[  278.585822][T10539]  ? apparmor_capable+0x137/0x1a0
[  278.590967][T10539]  __se_sys_sendmsg+0x1a5/0x270
[  278.595884][T10539]  ? __x64_sys_sendmsg+0x80/0x80
[  278.600937][T10539]  ? lockdep_hardirqs_on+0x98/0x150
[  278.606230][T10539]  do_syscall_64+0x55/0xb0
[  278.610709][T10539]  ? clear_bhb_loop+0x40/0x90
[  278.615455][T10539]  ? clear_bhb_loop+0x40/0x90
[  278.620209][T10539]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  278.626175][T10539] RIP: 0033:0x7ff02998efc9
[  278.630645][T10539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.650309][T10539] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.658799][T10539] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  278.666836][T10539] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  278.674873][T10539] RBP: 00007ff029a11f91 R08: 0000000000000000 R09: 0000000000000000
[  278.682897][T10539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  278.690926][T10539] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  278.698989][T10539]  </TASK>
[  278.766852][T10541] netlink: 'syz.2.1966': attribute type 6 has an invalid length.
[  278.821682][T10541] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1966'.
[  279.136604][T10553] netlink: 'syz.0.1970': attribute type 10 has an invalid length.
[  279.577815][T10572] FAULT_INJECTION: forcing a failure.
[  279.577815][T10572] name failslab, interval 1, probability 0, space 0, times 0
[  279.614678][T10572] CPU: 1 PID: 10572 Comm: syz.0.1979 Not tainted syzkaller #0
[  279.622230][T10572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  279.632332][T10572] Call Trace:
[  279.635658][T10572]  <TASK>
[  279.638631][T10572]  dump_stack_lvl+0x16c/0x230
[  279.643354][T10572]  ? show_regs_print_info+0x20/0x20
[  279.648596][T10572]  ? load_image+0x3b0/0x3b0
[  279.653139][T10572]  ? __might_sleep+0xe0/0xe0
[  279.657772][T10572]  ? __lock_acquire+0x7c80/0x7c80
[  279.662847][T10572]  should_fail_ex+0x39d/0x4d0
[  279.667584][T10572]  should_failslab+0x9/0x20
[  279.672134][T10572]  slab_pre_alloc_hook+0x59/0x310
[  279.677210][T10572]  ? __lock_acquire+0x7c80/0x7c80
[  279.682285][T10572]  kmem_cache_alloc_node+0x60/0x330
[  279.687525][T10572]  ? __alloc_skb+0x108/0x2c0
[  279.692170][T10572]  __alloc_skb+0x108/0x2c0
[  279.696631][T10572]  netlink_sendmsg+0x65b/0xbe0
[  279.701456][T10572]  ? netlink_getsockopt+0x580/0x580
[  279.706697][T10572]  ? aa_sock_msg_perm+0x94/0x150
[  279.711685][T10572]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  279.717013][T10572]  ? security_socket_sendmsg+0x80/0xa0
[  279.722507][T10572]  ? netlink_getsockopt+0x580/0x580
[  279.727758][T10572]  ____sys_sendmsg+0x5bf/0x950
[  279.732575][T10572]  ? __asan_memset+0x22/0x40
[  279.737211][T10572]  ? __sys_sendmsg_sock+0x30/0x30
[  279.742276][T10572]  ? __import_iovec+0x5f2/0x860
[  279.747179][T10572]  ? import_iovec+0x73/0xa0
[  279.751730][T10572]  ___sys_sendmsg+0x220/0x290
[  279.756464][T10572]  ? __sys_sendmsg+0x270/0x270
[  279.761297][T10572]  ? __lock_acquire+0x7c80/0x7c80
[  279.766392][T10572]  __se_sys_sendmsg+0x1a5/0x270
[  279.771290][T10572]  ? __x64_sys_sendmsg+0x80/0x80
[  279.776289][T10572]  ? lockdep_hardirqs_on+0x98/0x150
[  279.781633][T10572]  do_syscall_64+0x55/0xb0
[  279.786088][T10572]  ? clear_bhb_loop+0x40/0x90
[  279.790821][T10572]  ? clear_bhb_loop+0x40/0x90
[  279.795537][T10572]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  279.801463][T10572] RIP: 0033:0x7fa82d78efc9
[  279.805910][T10572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.825555][T10572] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.834015][T10572] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  279.842039][T10572] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[  279.850066][T10572] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  279.858078][T10572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.866092][T10572] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  279.874123][T10572]  </TASK>
[  280.165274][T10586] netlink: 'syz.3.1984': attribute type 6 has an invalid length.
[  280.183864][T10586] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1984'.
[  280.466761][T10597] netlink: 'syz.1.1988': attribute type 10 has an invalid length.
[  280.706436][T10598] syzkaller0: entered promiscuous mode
[  280.716185][T10598] syzkaller0: entered allmulticast mode
[  282.522668][T10607] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1990'.
[  282.659416][T10619] netlink: 'syz.2.1996': attribute type 6 has an invalid length.
[  282.676354][T10619] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1996'.
[  282.911199][T10626] FAULT_INJECTION: forcing a failure.
[  282.911199][T10626] name failslab, interval 1, probability 0, space 0, times 0
[  282.930016][T10626] CPU: 0 PID: 10626 Comm: syz.0.2000 Not tainted syzkaller #0
[  282.937564][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  282.947660][T10626] Call Trace:
[  282.950977][T10626]  <TASK>
[  282.953945][T10626]  dump_stack_lvl+0x16c/0x230
[  282.958668][T10626]  ? show_regs_print_info+0x20/0x20
[  282.963908][T10626]  ? load_image+0x3b0/0x3b0
[  282.968452][T10626]  ? __lock_acquire+0x7c80/0x7c80
[  282.973509][T10626]  should_fail_ex+0x39d/0x4d0
[  282.978567][T10626]  should_failslab+0x9/0x20
[  282.983098][T10626]  slab_pre_alloc_hook+0x59/0x310
[  282.988144][T10626]  ? sock_write_iter+0x2bb/0x3f0
[  282.993130][T10626]  ? vfs_write+0x43b/0x940
[  282.997564][T10626]  ? ksys_write+0x147/0x250
[  283.002264][T10626]  kmem_cache_alloc_node+0x60/0x330
[  283.007489][T10626]  ? alloc_vmap_area+0x1c4/0x1c70
[  283.012534][T10626]  alloc_vmap_area+0x1c4/0x1c70
[  283.017415][T10626]  ? vm_map_ram+0xcb0/0xcb0
[  283.021939][T10626]  ? rcu_is_watching+0x15/0xb0
[  283.026727][T10626]  __get_vm_area_node+0x162/0x370
[  283.031769][T10626]  __vmalloc_node_range+0x36e/0x1320
[  283.037067][T10626]  ? netlink_sendmsg+0x5f3/0xbe0
[  283.042037][T10626]  ? netlink_insert+0x106a/0x1370
[  283.047109][T10626]  ? netlink_insert+0x2b3/0x1370
[  283.052076][T10626]  ? netlink_data_ready+0x10/0x10
[  283.057124][T10626]  ? free_vm_area+0x50/0x50
[  283.061684][T10626]  ? netlink_sendmsg+0x5f3/0xbe0
[  283.066657][T10626]  vmalloc+0x79/0x90
[  283.070570][T10626]  ? netlink_sendmsg+0x5f3/0xbe0
[  283.075529][T10626]  netlink_sendmsg+0x5f3/0xbe0
[  283.080326][T10626]  ? netlink_getsockopt+0x580/0x580
[  283.085633][T10626]  ? aa_sock_msg_perm+0x94/0x150
[  283.090603][T10626]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  283.095903][T10626]  ? security_socket_sendmsg+0x80/0xa0
[  283.101381][T10626]  sock_write_iter+0x2bb/0x3f0
[  283.106187][T10626]  ? sock_read_iter+0x3b0/0x3b0
[  283.111084][T10626]  ? common_file_perm+0x198/0x1f0
[  283.116144][T10626]  vfs_write+0x43b/0x940
[  283.120424][T10626]  ? file_end_write+0x250/0x250
[  283.125305][T10626]  ? __fget_files+0x44a/0x4d0
[  283.130006][T10626]  ? __fdget_pos+0x1d8/0x330
[  283.134613][T10626]  ? ksys_write+0x75/0x250
[  283.139047][T10626]  ksys_write+0x147/0x250
[  283.143410][T10626]  ? __ia32_sys_read+0x90/0x90
[  283.148196][T10626]  ? lockdep_hardirqs_on+0x98/0x150
[  283.153419][T10626]  do_syscall_64+0x55/0xb0
[  283.157857][T10626]  ? clear_bhb_loop+0x40/0x90
[  283.162580][T10626]  ? clear_bhb_loop+0x40/0x90
[  283.167280][T10626]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  283.173191][T10626] RIP: 0033:0x7fa82d78efc9
[  283.177642][T10626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.197272][T10626] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  283.205971][T10626] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  283.213966][T10626] RDX: 000000000000fe33 RSI: 0000200000000040 RDI: 0000000000000004
[  283.221958][T10626] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  283.229946][T10626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.237927][T10626] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  283.245939][T10626]  </TASK>
[  283.295784][T10626] syz.0.2000: vmalloc error: size 65408, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  283.312371][T10626] CPU: 0 PID: 10626 Comm: syz.0.2000 Not tainted syzkaller #0
[  283.319917][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  283.330049][T10626] Call Trace:
[  283.333377][T10626]  <TASK>
[  283.336348][T10626]  dump_stack_lvl+0x16c/0x230
[  283.341109][T10626]  ? show_regs_print_info+0x20/0x20
[  283.346394][T10626]  ? load_image+0x3b0/0x3b0
[  283.350958][T10626]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  283.357441][T10626]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  283.364021][T10626]  warn_alloc+0x210/0x300
[  283.368424][T10626]  ? slab_free_freelist_hook+0x130/0x1b0
[  283.374122][T10626]  ? zone_watermark_ok_safe+0x230/0x230
[  283.379725][T10626]  ? __get_vm_area_node+0x17b/0x370
[  283.385017][T10626]  ? __get_vm_area_node+0x17b/0x370
[  283.390301][T10626]  __vmalloc_node_range+0x393/0x1320
[  283.395650][T10626]  ? netlink_insert+0x106a/0x1370
[  283.400788][T10626]  ? netlink_insert+0x2b3/0x1370
[  283.405809][T10626]  ? netlink_data_ready+0x10/0x10
[  283.410913][T10626]  ? free_vm_area+0x50/0x50
[  283.415512][T10626]  ? netlink_sendmsg+0x5f3/0xbe0
[  283.420514][T10626]  vmalloc+0x79/0x90
[  283.424494][T10626]  ? netlink_sendmsg+0x5f3/0xbe0
[  283.429487][T10626]  netlink_sendmsg+0x5f3/0xbe0
[  283.434327][T10626]  ? netlink_getsockopt+0x580/0x580
[  283.439600][T10626]  ? aa_sock_msg_perm+0x94/0x150
[  283.444601][T10626]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  283.449961][T10626]  ? security_socket_sendmsg+0x80/0xa0
[  283.455492][T10626]  sock_write_iter+0x2bb/0x3f0
[  283.460335][T10626]  ? sock_read_iter+0x3b0/0x3b0
[  283.465302][T10626]  ? common_file_perm+0x198/0x1f0
[  283.470419][T10626]  vfs_write+0x43b/0x940
[  283.474810][T10626]  ? file_end_write+0x250/0x250
[  283.479739][T10626]  ? __fget_files+0x44a/0x4d0
[  283.484494][T10626]  ? __fdget_pos+0x1d8/0x330
[  283.489133][T10626]  ? ksys_write+0x75/0x250
[  283.493715][T10626]  ksys_write+0x147/0x250
[  283.498111][T10626]  ? __ia32_sys_read+0x90/0x90
[  283.502963][T10626]  ? lockdep_hardirqs_on+0x98/0x150
[  283.508253][T10626]  do_syscall_64+0x55/0xb0
[  283.512723][T10626]  ? clear_bhb_loop+0x40/0x90
[  283.517445][T10626]  ? clear_bhb_loop+0x40/0x90
[  283.522190][T10626]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  283.528140][T10626] RIP: 0033:0x7fa82d78efc9
[  283.532635][T10626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.552297][T10626] RSP: 002b:00007fa82e6d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  283.560796][T10626] RAX: ffffffffffffffda RBX: 00007fa82d9e5fa0 RCX: 00007fa82d78efc9
[  283.568819][T10626] RDX: 000000000000fe33 RSI: 0000200000000040 RDI: 0000000000000004
[  283.576836][T10626] RBP: 00007fa82e6d0090 R08: 0000000000000000 R09: 0000000000000000
[  283.584856][T10626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.592875][T10626] R13: 00007fa82d9e6038 R14: 00007fa82d9e5fa0 R15: 00007fff32e7f148
[  283.600951][T10626]  </TASK>
[  283.610960][T10626] Mem-Info:
[  283.614166][T10626] active_anon:4330 inactive_anon:0 isolated_anon:0
[  283.614166][T10626]  active_file:19157 inactive_file:39956 isolated_file:0
[  283.614166][T10626]  unevictable:768 dirty:702 writeback:0
[  283.614166][T10626]  slab_reclaimable:10956 slab_unreclaimable:93340
[  283.614166][T10626]  mapped:24643 shmem:1361 pagetables:464
[  283.614166][T10626]  sec_pagetables:0 bounce:0
[  283.614166][T10626]  kernel_misc_reclaimable:0
[  283.614166][T10626]  free:1350566 free_pcp:10554 free_cma:0
[  283.660873][T10626] Node 0 active_anon:17320kB inactive_anon:0kB active_file:76628kB inactive_file:159624kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98572kB dirty:2808kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10852kB pagetables:1856kB sec_pagetables:0kB all_unreclaimable? no
[  283.713543][T10626] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  283.758794][T10631] FAULT_INJECTION: forcing a failure.
[  283.758794][T10631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.772456][T10631] CPU: 0 PID: 10631 Comm: syz.1.2002 Not tainted syzkaller #0
[  283.779968][T10631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  283.790061][T10631] Call Trace:
[  283.793377][T10631]  <TASK>
[  283.796346][T10631]  dump_stack_lvl+0x16c/0x230
[  283.801061][T10631]  ? show_regs_print_info+0x20/0x20
[  283.806304][T10631]  ? load_image+0x3b0/0x3b0
[  283.810835][T10631]  ? __lock_acquire+0x7c80/0x7c80
[  283.815890][T10631]  should_fail_ex+0x39d/0x4d0
[  283.820597][T10631]  _copy_from_user+0x2f/0xe0
[  283.825213][T10631]  __copy_msghdr+0x3bb/0x580
[  283.829845][T10631]  ___sys_sendmsg+0x1a6/0x290
[  283.834559][T10631]  ? __sys_sendmsg+0x270/0x270
[  283.839372][T10631]  ? __lock_acquire+0x7c80/0x7c80
[  283.844445][T10631]  __se_sys_sendmsg+0x1a5/0x270
[  283.849324][T10631]  ? __x64_sys_sendmsg+0x80/0x80
[  283.854314][T10631]  ? lockdep_hardirqs_on+0x98/0x150
[  283.859546][T10631]  do_syscall_64+0x55/0xb0
[  283.863983][T10631]  ? clear_bhb_loop+0x40/0x90
[  283.868675][T10631]  ? clear_bhb_loop+0x40/0x90
[  283.873463][T10631]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  283.879435][T10631] RIP: 0033:0x7f66dc58efc9
[  283.883879][T10631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.903505][T10631] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.911939][T10631] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  283.919953][T10631] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  283.927943][T10631] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  283.935932][T10631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.943918][T10631] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  283.951926][T10631]  </TASK>
[  283.969021][T10626] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  283.996456][T10626] lowmem_reserve[]: 0 2525 2526 2526 2526
[  284.002855][T10626] Node 0 DMA32 free:1493212kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:17356kB inactive_anon:0kB active_file:76628kB inactive_file:158304kB unevictable:1536kB writepending:2812kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:23320kB local_pcp:7860kB free_cma:0kB
[  284.035017][T10626] lowmem_reserve[]: 0 0 1 1 1
[  284.040036][T10626] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  284.067767][T10626] lowmem_reserve[]: 0 0 0 0 0
[  284.072652][T10626] Node 1 Normal free:3893676kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19688kB local_pcp:10660kB free_cma:0kB
[  284.104322][T10626] lowmem_reserve[]: 0 0 0 0 0
[  284.109319][T10626] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  284.122758][T10626] Node 0 DMA32: 1041*4kB (ME) 893*8kB (UME) 591*16kB (ME) 460*32kB (UME) 199*64kB (UM) 143*128kB (UME) 29*256kB (UME) 8*512kB (M) 12*1024kB (UME) 5*2048kB (UE) 340*4096kB (UM) = 1493212kB
[  284.141794][T10626] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  284.170957][T10626] Node 1 Normal: 265*4kB (UME) 69*8kB (UME) 34*16kB (UME) 74*32kB (UME) 20*64kB (UME) 8*128kB (UME) 3*256kB (UME) 2*512kB (UE) 2*1024kB (UE) 2*2048kB (UE) 947*4096kB (M) = 3893676kB
[  284.190925][T10626] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  284.200800][T10626] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  284.210419][T10626] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  284.220550][T10626] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  284.233822][T10639] netlink: 'syz.1.2004': attribute type 29 has an invalid length.
[  284.242569][T10639] netlink: 'syz.1.2004': attribute type 29 has an invalid length.
[  284.258976][T10626] 60474 total pagecache pages
[  284.269320][T10626] 0 pages in swap cache
[  284.273758][T10626] Free swap  = 124996kB
[  284.278049][T10626] Total swap = 124996kB
[  284.290368][T10626] 2097051 pages RAM
[  284.296994][T10626] 0 pages HighMem/MovableOnly
[  284.306318][T10626] 416136 pages reserved
[  284.310758][T10626] 0 pages cma reserved
[  284.498538][T10647] IPv6: NLM_F_CREATE should be specified when creating new route
[  284.703194][T10651] netlink: 'syz.0.2011': attribute type 10 has an invalid length.
[  284.959389][T10658] FAULT_INJECTION: forcing a failure.
[  284.959389][T10658] name failslab, interval 1, probability 0, space 0, times 0
[  284.978447][T10658] CPU: 1 PID: 10658 Comm: syz.3.2014 Not tainted syzkaller #0
[  284.986009][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  284.996113][T10658] Call Trace:
[  284.999444][T10658]  <TASK>
[  285.002417][T10658]  dump_stack_lvl+0x16c/0x230
[  285.007147][T10658]  ? show_regs_print_info+0x20/0x20
[  285.012396][T10658]  ? load_image+0x3b0/0x3b0
[  285.016948][T10658]  ? __lock_acquire+0x7c80/0x7c80
[  285.022030][T10658]  should_fail_ex+0x39d/0x4d0
[  285.026770][T10658]  should_failslab+0x9/0x20
[  285.031339][T10658]  slab_pre_alloc_hook+0x59/0x310
[  285.036423][T10658]  ? sock_write_iter+0x2bb/0x3f0
[  285.041433][T10658]  ? vfs_write+0x43b/0x940
[  285.045914][T10658]  ? ksys_write+0x147/0x250
[  285.050474][T10658]  kmem_cache_alloc_node+0x60/0x330
[  285.055740][T10658]  ? alloc_vmap_area+0x1c4/0x1c70
[  285.061340][T10658]  alloc_vmap_area+0x1c4/0x1c70
[  285.066278][T10658]  ? vm_map_ram+0xcb0/0xcb0
[  285.070829][T10658]  ? rcu_is_watching+0x15/0xb0
[  285.075650][T10658]  __get_vm_area_node+0x162/0x370
[  285.080727][T10658]  __vmalloc_node_range+0x36e/0x1320
[  285.086053][T10658]  ? netlink_sendmsg+0x5f3/0xbe0
[  285.091137][T10658]  ? netlink_insert+0x106a/0x1370
[  285.096300][T10658]  ? netlink_insert+0x2b3/0x1370
[  285.101273][T10658]  ? netlink_data_ready+0x10/0x10
[  285.106333][T10658]  ? free_vm_area+0x50/0x50
[  285.110870][T10658]  ? netlink_sendmsg+0x5f3/0xbe0
[  285.115827][T10658]  vmalloc+0x79/0x90
[  285.119742][T10658]  ? netlink_sendmsg+0x5f3/0xbe0
[  285.124707][T10658]  netlink_sendmsg+0x5f3/0xbe0
[  285.129506][T10658]  ? netlink_getsockopt+0x580/0x580
[  285.134734][T10658]  ? aa_sock_msg_perm+0x94/0x150
[  285.139694][T10658]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  285.145001][T10658]  ? security_socket_sendmsg+0x80/0xa0
[  285.150758][T10658]  sock_write_iter+0x2bb/0x3f0
[  285.155559][T10658]  ? sock_read_iter+0x3b0/0x3b0
[  285.160442][T10658]  ? common_file_perm+0x198/0x1f0
[  285.165489][T10658]  vfs_write+0x43b/0x940
[  285.169765][T10658]  ? file_end_write+0x250/0x250
[  285.174647][T10658]  ? __fget_files+0x44a/0x4d0
[  285.179357][T10658]  ? __fdget_pos+0x1d8/0x330
[  285.183988][T10658]  ? ksys_write+0x75/0x250
[  285.188426][T10658]  ksys_write+0x147/0x250
[  285.192779][T10658]  ? __ia32_sys_read+0x90/0x90
[  285.197566][T10658]  ? syscall_enter_from_user_mode+0x2e/0x80
[  285.203491][T10658]  do_syscall_64+0x55/0xb0
[  285.207932][T10658]  ? clear_bhb_loop+0x40/0x90
[  285.212712][T10658]  ? clear_bhb_loop+0x40/0x90
[  285.217412][T10658]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  285.223342][T10658] RIP: 0033:0x7ff02998efc9
[  285.227862][T10658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.247502][T10658] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  285.255943][T10658] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  285.263931][T10658] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 000000000000000a
[  285.271918][T10658] RBP: 00007ff02a7af090 R08: 0000000000000000 R09: 0000000000000000
[  285.279906][T10658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.287897][T10658] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  285.295928][T10658]  </TASK>
[  285.556118][T10674] netlink: 'syz.0.2027': attribute type 29 has an invalid length.
[  285.580462][T10674] netlink: 'syz.0.2027': attribute type 29 has an invalid length.
[  285.629377][T10678] FAULT_INJECTION: forcing a failure.
[  285.629377][T10678] name failslab, interval 1, probability 0, space 0, times 0
[  285.648944][T10678] CPU: 1 PID: 10678 Comm: syz.1.2022 Not tainted syzkaller #0
[  285.656479][T10678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  285.666552][T10678] Call Trace:
[  285.669851][T10678]  <TASK>
[  285.672795][T10678]  dump_stack_lvl+0x16c/0x230
[  285.677498][T10678]  ? show_regs_print_info+0x20/0x20
[  285.682723][T10678]  ? load_image+0x3b0/0x3b0
[  285.687244][T10678]  ? __might_sleep+0xe0/0xe0
[  285.691877][T10678]  ? __lock_acquire+0x7c80/0x7c80
[  285.696933][T10678]  should_fail_ex+0x39d/0x4d0
[  285.701723][T10678]  should_failslab+0x9/0x20
[  285.706246][T10678]  slab_pre_alloc_hook+0x59/0x310
[  285.711302][T10678]  ? tomoyo_encode+0x28b/0x540
[  285.716089][T10678]  ? tomoyo_encode+0x28b/0x540
[  285.720870][T10678]  __kmem_cache_alloc_node+0x53/0x260
[  285.726265][T10678]  ? tomoyo_encode+0x28b/0x540
[  285.731049][T10678]  __kmalloc+0xa4/0x240
[  285.735227][T10678]  tomoyo_encode+0x28b/0x540
[  285.739847][T10678]  tomoyo_realpath_from_path+0x592/0x5d0
[  285.745613][T10678]  tomoyo_path_number_perm+0x1ea/0x590
[  285.751092][T10678]  ? tomoyo_path_number_perm+0x1ba/0x590
[  285.756747][T10678]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  285.762235][T10678]  ? ksys_write+0x1c1/0x250
[  285.766786][T10678]  ? __fget_files+0x28/0x4d0
[  285.771405][T10678]  security_file_ioctl+0x70/0xa0
[  285.776410][T10678]  __se_sys_ioctl+0x48/0x170
[  285.781025][T10678]  do_syscall_64+0x55/0xb0
[  285.785545][T10678]  ? clear_bhb_loop+0x40/0x90
[  285.790239][T10678]  ? clear_bhb_loop+0x40/0x90
[  285.794937][T10678]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  285.800848][T10678] RIP: 0033:0x7f66dc58efc9
[  285.805291][T10678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.824931][T10678] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  285.833360][T10678] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  285.841351][T10678] RDX: 0000200000000cc0 RSI: 0000000000008947 RDI: 0000000000000004
[  285.849374][T10678] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  285.857378][T10678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.865394][T10678] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  285.873432][T10678]  </TASK>
[  285.923227][T10678] ERROR: Out of memory at tomoyo_realpath_from_path.
[  286.043639][T10681] netlink: 'syz.2.2024': attribute type 10 has an invalid length.
[  286.748503][T10707] netlink: 'syz.0.2035': attribute type 19 has an invalid length.
[  287.038226][T10718] netlink: 'syz.0.2039': attribute type 10 has an invalid length.
[  287.449485][T10730] netlink: 'syz.2.2042': attribute type 29 has an invalid length.
[  287.462762][T10730] netlink: 'syz.2.2042': attribute type 29 has an invalid length.
[  287.647629][T10738] FAULT_INJECTION: forcing a failure.
[  287.647629][T10738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.662457][T10738] CPU: 1 PID: 10738 Comm: syz.3.2046 Not tainted syzkaller #0
[  287.669981][T10738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  287.680086][T10738] Call Trace:
[  287.683423][T10738]  <TASK>
[  287.686399][T10738]  dump_stack_lvl+0x16c/0x230
[  287.691140][T10738]  ? show_regs_print_info+0x20/0x20
[  287.696393][T10738]  ? load_image+0x3b0/0x3b0
[  287.700943][T10738]  ? __might_fault+0xaa/0x120
[  287.705659][T10738]  ? __lock_acquire+0x7c80/0x7c80
[  287.710725][T10738]  ? memset_orig+0x46/0xac
[  287.715200][T10738]  should_fail_ex+0x39d/0x4d0
[  287.720034][T10738]  strncpy_from_user+0x36/0x2e0
[  287.724952][T10738]  getname_flags+0xf6/0x500
[  287.729520][T10738]  __x64_sys_mkdir+0x5f/0x80
[  287.734177][T10738]  do_syscall_64+0x55/0xb0
[  287.738651][T10738]  ? clear_bhb_loop+0x40/0x90
[  287.743375][T10738]  ? clear_bhb_loop+0x40/0x90
[  287.748100][T10738]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  287.754034][T10738] RIP: 0033:0x7ff02998efc9
[  287.758502][T10738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.778164][T10738] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  287.786709][T10738] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  287.794716][T10738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  287.802725][T10738] RBP: 00007ff02a7af090 R08: 0000000000000000 R09: 0000000000000000
[  287.810729][T10738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.818748][T10738] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  287.826784][T10738]  </TASK>
[  288.011308][T10746] netlink: 'syz.3.2049': attribute type 19 has an invalid length.
[  288.720854][T10762] netlink: 'syz.0.2054': attribute type 10 has an invalid length.
[  288.744144][T10768] FAULT_INJECTION: forcing a failure.
[  288.744144][T10768] name failslab, interval 1, probability 0, space 0, times 0
[  288.822254][T10768] CPU: 0 PID: 10768 Comm: syz.1.2058 Not tainted syzkaller #0
[  288.829807][T10768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  288.839909][T10768] Call Trace:
[  288.843226][T10768]  <TASK>
[  288.846199][T10768]  dump_stack_lvl+0x16c/0x230
[  288.850952][T10768]  ? show_regs_print_info+0x20/0x20
[  288.856208][T10768]  ? load_image+0x3b0/0x3b0
[  288.860756][T10768]  ? __might_sleep+0xe0/0xe0
[  288.865388][T10768]  ? __lock_acquire+0x7c80/0x7c80
[  288.870463][T10768]  should_fail_ex+0x39d/0x4d0
[  288.875186][T10768]  should_failslab+0x9/0x20
[  288.879711][T10768]  slab_pre_alloc_hook+0x59/0x310
[  288.884760][T10768]  ? tomoyo_encode+0x28b/0x540
[  288.889551][T10768]  ? tomoyo_encode+0x28b/0x540
[  288.894346][T10768]  __kmem_cache_alloc_node+0x53/0x260
[  288.899777][T10768]  ? tomoyo_encode+0x28b/0x540
[  288.904661][T10768]  __kmalloc+0xa4/0x240
[  288.908938][T10768]  tomoyo_encode+0x28b/0x540
[  288.913564][T10768]  tomoyo_realpath_from_path+0x592/0x5d0
[  288.919254][T10768]  tomoyo_path_number_perm+0x1ea/0x590
[  288.924736][T10768]  ? tomoyo_path_number_perm+0x1ba/0x590
[  288.930393][T10768]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  288.935882][T10768]  ? ksys_write+0x1c1/0x250
[  288.940440][T10768]  ? __fget_files+0x28/0x4d0
[  288.945070][T10768]  security_file_ioctl+0x70/0xa0
[  288.950039][T10768]  __se_sys_ioctl+0x48/0x170
[  288.954660][T10768]  do_syscall_64+0x55/0xb0
[  288.959116][T10768]  ? clear_bhb_loop+0x40/0x90
[  288.963807][T10768]  ? clear_bhb_loop+0x40/0x90
[  288.968500][T10768]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  288.974423][T10768] RIP: 0033:0x7f66dc58efc9
[  288.978852][T10768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.998508][T10768] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  289.006952][T10768] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  289.015033][T10768] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000004
[  289.023020][T10768] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  289.031009][T10768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.039024][T10768] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  289.047041][T10768]  </TASK>
[  289.202089][T10768] ERROR: Out of memory at tomoyo_realpath_from_path.
[  289.542707][T10773] FAULT_INJECTION: forcing a failure.
[  289.542707][T10773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.569995][T10773] CPU: 1 PID: 10773 Comm: syz.1.2060 Not tainted syzkaller #0
[  289.577542][T10773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  289.587732][T10773] Call Trace:
[  289.591048][T10773]  <TASK>
[  289.594038][T10773]  dump_stack_lvl+0x16c/0x230
[  289.598781][T10773]  ? show_regs_print_info+0x20/0x20
[  289.604033][T10773]  ? load_image+0x3b0/0x3b0
[  289.608574][T10773]  ? __lock_acquire+0x7c80/0x7c80
[  289.613626][T10773]  ? snprintf+0xdb/0x120
[  289.617893][T10773]  should_fail_ex+0x39d/0x4d0
[  289.622632][T10773]  _copy_to_user+0x2f/0xa0
[  289.627073][T10773]  simple_read_from_buffer+0xe7/0x150
[  289.632511][T10773]  proc_fail_nth_read+0x1e3/0x250
[  289.637569][T10773]  ? proc_fault_inject_write+0x340/0x340
[  289.643228][T10773]  ? fsnotify_perm+0x271/0x5e0
[  289.648023][T10773]  ? proc_fault_inject_write+0x340/0x340
[  289.653685][T10773]  vfs_read+0x27e/0x920
[  289.657872][T10773]  ? kernel_read+0x1e0/0x1e0
[  289.662501][T10773]  ? __fget_files+0x28/0x4d0
[  289.667109][T10773]  ? __fget_files+0x44a/0x4d0
[  289.671810][T10773]  ? __fdget_pos+0x2a3/0x330
[  289.676454][T10773]  ? ksys_read+0x75/0x250
[  289.680831][T10773]  ksys_read+0x147/0x250
[  289.685149][T10773]  ? vfs_write+0x940/0x940
[  289.689612][T10773]  ? lockdep_hardirqs_on+0x98/0x150
[  289.694845][T10773]  do_syscall_64+0x55/0xb0
[  289.699288][T10773]  ? clear_bhb_loop+0x40/0x90
[  289.703983][T10773]  ? clear_bhb_loop+0x40/0x90
[  289.708683][T10773]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  289.714594][T10773] RIP: 0033:0x7f66dc58d9dc
[  289.719031][T10773] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  289.738661][T10773] RSP: 002b:00007f66dd484030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  289.747102][T10773] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58d9dc
[  289.755108][T10773] RDX: 000000000000000f RSI: 00007f66dd4840a0 RDI: 0000000000000005
[  289.763101][T10773] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  289.771100][T10773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.779104][T10773] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  289.787136][T10773]  </TASK>
[  289.889495][T10777] netlink: 'syz.0.2069': attribute type 10 has an invalid length.
[  290.537283][T10799] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2068'.
[  290.944980][T10809] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2072'.
[  291.064067][T10813] FAULT_INJECTION: forcing a failure.
[  291.064067][T10813] name failslab, interval 1, probability 0, space 0, times 0
[  291.083793][T10813] CPU: 1 PID: 10813 Comm: syz.2.2074 Not tainted syzkaller #0
[  291.091516][T10813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  291.101606][T10813] Call Trace:
[  291.104912][T10813]  <TASK>
[  291.107868][T10813]  dump_stack_lvl+0x16c/0x230
[  291.112582][T10813]  ? show_regs_print_info+0x20/0x20
[  291.117809][T10813]  ? load_image+0x3b0/0x3b0
[  291.122338][T10813]  ? __lock_acquire+0x7c80/0x7c80
[  291.127392][T10813]  should_fail_ex+0x39d/0x4d0
[  291.132103][T10813]  should_failslab+0x9/0x20
[  291.136633][T10813]  slab_pre_alloc_hook+0x59/0x310
[  291.141688][T10813]  ? iovec_from_user+0x87/0x250
[  291.146566][T10813]  ? iovec_from_user+0x87/0x250
[  291.151441][T10813]  __kmem_cache_alloc_node+0x53/0x260
[  291.156838][T10813]  ? iovec_from_user+0x87/0x250
[  291.161716][T10813]  __kmalloc+0xa4/0x240
[  291.165896][T10813]  iovec_from_user+0x87/0x250
[  291.170599][T10813]  __import_iovec+0x13d/0x860
[  291.175309][T10813]  import_iovec+0x73/0xa0
[  291.179668][T10813]  ___sys_sendmsg+0x1e8/0x290
[  291.184374][T10813]  ? __sys_sendmsg+0x270/0x270
[  291.189181][T10813]  ? __lock_acquire+0x7c80/0x7c80
[  291.194246][T10813]  __se_sys_sendmsg+0x1a5/0x270
[  291.199124][T10813]  ? __x64_sys_sendmsg+0x80/0x80
[  291.204095][T10813]  ? lockdep_hardirqs_on+0x98/0x150
[  291.209326][T10813]  do_syscall_64+0x55/0xb0
[  291.213761][T10813]  ? clear_bhb_loop+0x40/0x90
[  291.218456][T10813]  ? clear_bhb_loop+0x40/0x90
[  291.223151][T10813]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  291.229065][T10813] RIP: 0033:0x7f678d38efc9
[  291.233497][T10813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.253133][T10813] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.261564][T10813] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  291.269560][T10813] RDX: 00000000000012cd RSI: 0000200000000040 RDI: 0000000000000003
[  291.277557][T10813] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  291.285555][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.293558][T10813] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  291.301563][T10813]  </TASK>
[  291.363533][T10817] validate_nla: 2 callbacks suppressed
[  291.363551][T10817] netlink: 'syz.1.2075': attribute type 10 has an invalid length.
[  291.518323][T10822] netlink: 'syz.0.2085': attribute type 39 has an invalid length.
[  292.663185][T10840] netlink: 'syz.2.2083': attribute type 6 has an invalid length.
[  292.706186][T10840] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2083'.
[  293.230272][T10853] netlink: 'syz.3.2089': attribute type 10 has an invalid length.
[  293.414295][T10865] netlink: 'syz.0.2091': attribute type 10 has an invalid length.
[  293.630065][T10872] netlink: 'syz.2.2094': attribute type 9 has an invalid length.
[  293.638138][T10872] netlink: 154020 bytes leftover after parsing attributes in process `syz.2.2094'.
[  294.576498][T10880] netlink: 'syz.0.2098': attribute type 6 has an invalid length.
[  294.585707][T10880] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2098'.
[  295.163474][T10896] netlink: 'syz.2.2105': attribute type 19 has an invalid length.
[  295.576920][T10903] netlink: 'syz.3.2107': attribute type 9 has an invalid length.
[  295.589513][T10903] netlink: 154020 bytes leftover after parsing attributes in process `syz.3.2107'.
[  296.494413][T10912] netlink: 'syz.1.2110': attribute type 6 has an invalid length.
[  296.515337][T10912] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2110'.
[  296.536191][T10908] netlink: 'syz.2.2108': attribute type 10 has an invalid length.
[  296.555698][T10910] netlink: 'syz.3.2109': attribute type 19 has an invalid length.
[  296.910190][T10921] netlink: 'syz.2.2114': attribute type 4 has an invalid length.
[  296.918742][T10921] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2114'.
[  297.029290][T10921] .`: renamed from bond0
[  297.042260][T10923] netlink: 'syz.0.2115': attribute type 19 has an invalid length.
[  297.185985][T10925] netlink: 'syz.3.2117': attribute type 10 has an invalid length.
[  297.949749][T10940] netlink: 'syz.1.2121': attribute type 6 has an invalid length.
[  297.958136][T10940] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2121'.
[  298.495407][T10953] netlink: 'syz.3.2125': attribute type 19 has an invalid length.
[  298.832797][T10961] netlink: 'syz.3.2128': attribute type 4 has an invalid length.
[  298.887843][T10961] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2128'.
[  299.038820][T10970] netlink: 'syz.2.2131': attribute type 6 has an invalid length.
[  299.186001][T10970] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2131'.
[  300.840602][T11014] FAULT_INJECTION: forcing a failure.
[  300.840602][T11014] name failslab, interval 1, probability 0, space 0, times 0
[  300.890039][T11014] CPU: 1 PID: 11014 Comm: syz.3.2147 Not tainted syzkaller #0
[  300.897701][T11014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  300.907813][T11014] Call Trace:
[  300.911145][T11014]  <TASK>
[  300.914121][T11014]  dump_stack_lvl+0x16c/0x230
[  300.918875][T11014]  ? show_regs_print_info+0x20/0x20
[  300.924140][T11014]  ? load_image+0x3b0/0x3b0
[  300.928705][T11014]  ? __might_sleep+0xe0/0xe0
[  300.933443][T11014]  ? __lock_acquire+0x7c80/0x7c80
[  300.938539][T11014]  should_fail_ex+0x39d/0x4d0
[  300.943736][T11014]  should_failslab+0x9/0x20
[  300.948298][T11014]  slab_pre_alloc_hook+0x59/0x310
[  300.953395][T11014]  ? __lock_acquire+0x7c80/0x7c80
[  300.958483][T11014]  kmem_cache_alloc_node+0x60/0x330
[  300.963745][T11014]  ? __alloc_skb+0x108/0x2c0
[  300.968416][T11014]  __alloc_skb+0x108/0x2c0
[  300.972912][T11014]  netlink_sendmsg+0x65b/0xbe0
[  300.977767][T11014]  ? netlink_getsockopt+0x580/0x580
[  300.983045][T11014]  ? aa_sock_msg_perm+0x94/0x150
[  300.988052][T11014]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  300.993399][T11014]  ? security_socket_sendmsg+0x80/0xa0
[  300.998895][T11014]  ? netlink_getsockopt+0x580/0x580
[  301.004130][T11014]  ____sys_sendmsg+0x5bf/0x950
[  301.008939][T11014]  ? __asan_memset+0x22/0x40
[  301.013567][T11014]  ? __sys_sendmsg_sock+0x30/0x30
[  301.018655][T11014]  ? __import_iovec+0x5f2/0x860
[  301.023564][T11014]  ? import_iovec+0x73/0xa0
[  301.028113][T11014]  ___sys_sendmsg+0x220/0x290
[  301.032921][T11014]  ? __sys_sendmsg+0x270/0x270
[  301.037754][T11014]  ? __lock_acquire+0x7c80/0x7c80
[  301.042853][T11014]  __se_sys_sendmsg+0x1a5/0x270
[  301.047751][T11014]  ? __x64_sys_sendmsg+0x80/0x80
[  301.052752][T11014]  ? lockdep_hardirqs_on+0x98/0x150
[  301.057989][T11014]  do_syscall_64+0x55/0xb0
[  301.062438][T11014]  ? clear_bhb_loop+0x40/0x90
[  301.067147][T11014]  ? clear_bhb_loop+0x40/0x90
[  301.071860][T11014]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  301.077777][T11014] RIP: 0033:0x7ff02998efc9
[  301.082218][T11014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.101874][T11014] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.110318][T11014] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  301.118315][T11014] RDX: 0000000000040000 RSI: 0000200000000140 RDI: 0000000000000008
[  301.126312][T11014] RBP: 00007ff02a7af090 R08: 0000000000000000 R09: 0000000000000000
[  301.134309][T11014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.142333][T11014] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  301.150358][T11014]  </TASK>
[  301.286512][T11017] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2148'.
[  301.592333][T11023] validate_nla: 8 callbacks suppressed
[  301.592390][T11023] netlink: 'syz.1.2150': attribute type 19 has an invalid length.
[  302.675970][T11046] netlink: 'syz.1.2160': attribute type 10 has an invalid length.
[  302.853486][T11053] FAULT_INJECTION: forcing a failure.
[  302.853486][T11053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.890032][T11053] CPU: 0 PID: 11053 Comm: syz.2.2164 Not tainted syzkaller #0
[  302.897686][T11053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  302.907832][T11053] Call Trace:
[  302.911159][T11053]  <TASK>
[  302.914141][T11053]  dump_stack_lvl+0x16c/0x230
[  302.918896][T11053]  ? show_regs_print_info+0x20/0x20
[  302.924153][T11053]  ? load_image+0x3b0/0x3b0
[  302.928715][T11053]  ? __might_fault+0xaa/0x120
[  302.933454][T11053]  ? __lock_acquire+0x7c80/0x7c80
[  302.938752][T11053]  should_fail_ex+0x39d/0x4d0
[  302.943512][T11053]  _copy_from_user+0x2f/0xe0
[  302.948165][T11053]  __sys_bpf+0x1e9/0x800
[  302.952471][T11053]  ? bpf_link_show_fdinfo+0x350/0x350
[  302.957951][T11053]  ? lock_chain_count+0x20/0x20
[  302.963006][T11053]  __x64_sys_bpf+0x7c/0x90
[  302.967476][T11053]  do_syscall_64+0x55/0xb0
[  302.971948][T11053]  ? clear_bhb_loop+0x40/0x90
[  302.976681][T11053]  ? clear_bhb_loop+0x40/0x90
[  302.981421][T11053]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  302.987361][T11053] RIP: 0033:0x7f678d38efc9
[  302.991824][T11053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.011492][T11053] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  303.019973][T11053] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  303.028001][T11053] RDX: 0000000000000027 RSI: 0000200000000a40 RDI: 0000000000000008
[  303.036040][T11053] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  303.044070][T11053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.052095][T11053] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  303.060155][T11053]  </TASK>
[  303.224980][T11057] netlink: 'syz.0.2165': attribute type 19 has an invalid length.
[  303.627786][T11065] netlink: 'syz.1.2175': attribute type 10 has an invalid length.
[  305.224205][T11094] tun0: tun_chr_ioctl cmd 1074025677
[  305.230188][T11094] tun0: linktype set to 776
[  305.365180][T11095] netlink: 'syz.3.2178': attribute type 19 has an invalid length.
[  306.343591][T11114] netlink: 'syz.0.2187': attribute type 10 has an invalid length.
[  306.815786][T11126] netlink: 'syz.2.2192': attribute type 19 has an invalid length.
[  306.816160][T11128] FAULT_INJECTION: forcing a failure.
[  306.816160][T11128] name failslab, interval 1, probability 0, space 0, times 0
[  306.856123][T11128] CPU: 1 PID: 11128 Comm: syz.3.2194 Not tainted syzkaller #0
[  306.863709][T11128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  306.873809][T11128] Call Trace:
[  306.877206][T11128]  <TASK>
[  306.880169][T11128]  dump_stack_lvl+0x16c/0x230
[  306.884896][T11128]  ? show_regs_print_info+0x20/0x20
[  306.890149][T11128]  ? load_image+0x3b0/0x3b0
[  306.894847][T11128]  ? __might_sleep+0xe0/0xe0
[  306.899495][T11128]  ? __lock_acquire+0x7c80/0x7c80
[  306.904579][T11128]  should_fail_ex+0x39d/0x4d0
[  306.909335][T11128]  should_failslab+0x9/0x20
[  306.913901][T11128]  slab_pre_alloc_hook+0x59/0x310
[  306.918996][T11128]  ? tomoyo_encode+0x28b/0x540
[  306.923831][T11128]  ? tomoyo_encode+0x28b/0x540
[  306.928653][T11128]  __kmem_cache_alloc_node+0x53/0x260
[  306.934091][T11128]  ? tomoyo_encode+0x28b/0x540
[  306.938905][T11128]  __kmalloc+0xa4/0x240
[  306.943134][T11128]  tomoyo_encode+0x28b/0x540
[  306.947786][T11128]  tomoyo_realpath_from_path+0x592/0x5d0
[  306.953497][T11128]  tomoyo_path_number_perm+0x1ea/0x590
[  306.959011][T11128]  ? tomoyo_path_number_perm+0x1ba/0x590
[  306.964704][T11128]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  306.970235][T11128]  ? ksys_write+0x1c1/0x250
[  306.974999][T11128]  ? __fget_files+0x28/0x4d0
[  306.979669][T11128]  security_file_ioctl+0x70/0xa0
[  306.984669][T11128]  __se_sys_ioctl+0x48/0x170
[  306.989318][T11128]  do_syscall_64+0x55/0xb0
[  306.993787][T11128]  ? clear_bhb_loop+0x40/0x90
[  306.998509][T11128]  ? clear_bhb_loop+0x40/0x90
[  307.003222][T11128]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.009160][T11128] RIP: 0033:0x7ff02998efc9
[  307.013640][T11128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.033383][T11128] RSP: 002b:00007ff02a7af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  307.041847][T11128] RAX: ffffffffffffffda RBX: 00007ff029be5fa0 RCX: 00007ff02998efc9
[  307.049853][T11128] RDX: 0000200000000000 RSI: 0000000000008937 RDI: 0000000000000004
[  307.057874][T11128] RBP: 00007ff02a7af090 R08: 0000000000000000 R09: 0000000000000000
[  307.065883][T11128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.073888][T11128] R13: 00007ff029be6038 R14: 00007ff029be5fa0 R15: 00007ffc913c7318
[  307.081920][T11128]  </TASK>
[  307.089544][T11128] ERROR: Out of memory at tomoyo_realpath_from_path.
[  307.445864][T11140] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2197'.
[  307.761704][T11146] netlink: 'syz.1.2201': attribute type 10 has an invalid length.
[  311.371014][T11184] netlink: 'syz.3.2214': attribute type 19 has an invalid length.
[  311.489993][T11189] netlink: 'syz.1.2218': attribute type 10 has an invalid length.
[  312.781376][T11207] netlink: 'syz.0.2225': attribute type 19 has an invalid length.
[  313.061145][T11223] netlink: 'syz.0.2231': attribute type 10 has an invalid length.
[  313.224019][T11225] netlink: 'syz.3.2232': attribute type 19 has an invalid length.
[  313.273973][T11231] FAULT_INJECTION: forcing a failure.
[  313.273973][T11231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.287912][T11231] CPU: 1 PID: 11231 Comm: syz.2.2235 Not tainted syzkaller #0
[  313.295416][T11231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  313.305491][T11231] Call Trace:
[  313.308781][T11231]  <TASK>
[  313.311720][T11231]  dump_stack_lvl+0x16c/0x230
[  313.316421][T11231]  ? show_regs_print_info+0x20/0x20
[  313.321633][T11231]  ? load_image+0x3b0/0x3b0
[  313.326162][T11231]  ? __lock_acquire+0x7c80/0x7c80
[  313.331244][T11231]  should_fail_ex+0x39d/0x4d0
[  313.335977][T11231]  _copy_from_user+0x2f/0xe0
[  313.340624][T11231]  __copy_msghdr+0x3bb/0x580
[  313.345270][T11231]  ___sys_sendmsg+0x1a6/0x290
[  313.350000][T11231]  ? __sys_sendmsg+0x270/0x270
[  313.354846][T11231]  ? __lock_acquire+0x7c80/0x7c80
[  313.359946][T11231]  __se_sys_sendmsg+0x1a5/0x270
[  313.364865][T11231]  ? __x64_sys_sendmsg+0x80/0x80
[  313.369866][T11231]  ? lockdep_hardirqs_on+0x98/0x150
[  313.375105][T11231]  do_syscall_64+0x55/0xb0
[  313.379543][T11231]  ? clear_bhb_loop+0x40/0x90
[  313.384233][T11231]  ? clear_bhb_loop+0x40/0x90
[  313.388920][T11231]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.394831][T11231] RIP: 0033:0x7f678d38efc9
[  313.399272][T11231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.418899][T11231] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.427330][T11231] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  313.435320][T11231] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  313.443326][T11231] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  313.451322][T11231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.459391][T11231] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  313.467390][T11231]  </TASK>
[  313.745308][ T5785] Bluetooth: hci0: unexpected event 0x14 length: 151 > 6
[  314.804734][T11263] FAULT_INJECTION: forcing a failure.
[  314.804734][T11263] name failslab, interval 1, probability 0, space 0, times 0
[  314.830581][T11263] CPU: 0 PID: 11263 Comm: syz.1.2246 Not tainted syzkaller #0
[  314.838107][T11263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  314.848194][T11263] Call Trace:
[  314.851506][T11263]  <TASK>
[  314.854470][T11263]  dump_stack_lvl+0x16c/0x230
[  314.859202][T11263]  ? show_regs_print_info+0x20/0x20
[  314.864444][T11263]  ? load_image+0x3b0/0x3b0
[  314.869086][T11263]  ? __might_sleep+0xe0/0xe0
[  314.873761][T11263]  ? __lock_acquire+0x7c80/0x7c80
[  314.879001][T11263]  should_fail_ex+0x39d/0x4d0
[  314.883699][T11263]  should_failslab+0x9/0x20
[  314.888221][T11263]  slab_pre_alloc_hook+0x59/0x310
[  314.893259][T11263]  ? __lock_acquire+0x7c80/0x7c80
[  314.898300][T11263]  kmem_cache_alloc_node+0x60/0x330
[  314.903544][T11263]  ? __alloc_skb+0x108/0x2c0
[  314.908178][T11263]  __alloc_skb+0x108/0x2c0
[  314.912620][T11263]  netlink_sendmsg+0x65b/0xbe0
[  314.917406][T11263]  ? netlink_getsockopt+0x580/0x580
[  314.922619][T11263]  ? aa_sock_msg_perm+0x94/0x150
[  314.927606][T11263]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  314.932929][T11263]  ? security_socket_sendmsg+0x80/0xa0
[  314.938399][T11263]  ? netlink_getsockopt+0x580/0x580
[  314.943614][T11263]  ____sys_sendmsg+0x5bf/0x950
[  314.948403][T11263]  ? __asan_memset+0x22/0x40
[  314.953006][T11263]  ? __sys_sendmsg_sock+0x30/0x30
[  314.958042][T11263]  ? __import_iovec+0x5f2/0x860
[  314.962931][T11263]  ? import_iovec+0x73/0xa0
[  314.967450][T11263]  ___sys_sendmsg+0x220/0x290
[  314.972145][T11263]  ? __sys_sendmsg+0x270/0x270
[  314.976962][T11263]  ? __lock_acquire+0x7c80/0x7c80
[  314.982039][T11263]  __se_sys_sendmsg+0x1a5/0x270
[  314.986932][T11263]  ? __x64_sys_sendmsg+0x80/0x80
[  314.991912][T11263]  ? lockdep_hardirqs_on+0x98/0x150
[  314.997182][T11263]  do_syscall_64+0x55/0xb0
[  315.001659][T11263]  ? clear_bhb_loop+0x40/0x90
[  315.006349][T11263]  ? clear_bhb_loop+0x40/0x90
[  315.011046][T11263]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  315.016961][T11263] RIP: 0033:0x7f66dc58efc9
[  315.021390][T11263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.041022][T11263] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.049465][T11263] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  315.057453][T11263] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  315.065459][T11263] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  315.073501][T11263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.081534][T11263] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  315.089531][T11263]  </TASK>
[  315.130275][T11256] netlink: 'syz.0.2244': attribute type 10 has an invalid length.
[  315.306757][T11266] netlink: 'syz.1.2247': attribute type 19 has an invalid length.
[  315.488914][ T5785] Bluetooth: hci3: unexpected event 0x14 length: 151 > 6
[  315.881750][T11289] netlink: 'syz.3.2256': attribute type 46 has an invalid length.
[  315.929497][T11289] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2256'.
[  315.983615][T11289] netlink: 'syz.3.2256': attribute type 2 has an invalid length.
[  316.010174][T11289] netlink: 'syz.3.2256': attribute type 8 has an invalid length.
[  316.030211][T11289] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2256'.
[  316.051312][T11292] netlink: 'syz.2.2259': attribute type 19 has an invalid length.
[  316.117019][T11296] netlink: 'syz.1.2260': attribute type 19 has an invalid length.
[  316.328394][ T5785] Bluetooth: hci2: unexpected event 0x14 length: 151 > 6
[  316.543876][T11308] batman_adv: batadv0: Adding interface: wlan0
[  316.576485][T11308] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.609404][T11308] batman_adv: batadv0: Interface activated: wlan0
[  316.757788][T11317] FAULT_INJECTION: forcing a failure.
[  316.757788][T11317] name failslab, interval 1, probability 0, space 0, times 0
[  316.771571][T11317] CPU: 0 PID: 11317 Comm: syz.1.2270 Not tainted syzkaller #0
[  316.779097][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  316.789207][T11317] Call Trace:
[  316.792522][T11317]  <TASK>
[  316.795490][T11317]  dump_stack_lvl+0x16c/0x230
[  316.800220][T11317]  ? show_regs_print_info+0x20/0x20
[  316.805456][T11317]  ? load_image+0x3b0/0x3b0
[  316.809984][T11317]  ? __lock_acquire+0x7c80/0x7c80
[  316.815043][T11317]  ? mark_lock+0x94/0x320
[  316.819437][T11317]  should_fail_ex+0x39d/0x4d0
[  316.824149][T11317]  should_failslab+0x9/0x20
[  316.828696][T11317]  slab_pre_alloc_hook+0x59/0x310
[  316.833740][T11317]  ? iovec_from_user+0x87/0x250
[  316.838608][T11317]  ? iovec_from_user+0x87/0x250
[  316.843486][T11317]  __kmem_cache_alloc_node+0x53/0x260
[  316.848911][T11317]  ? iovec_from_user+0x87/0x250
[  316.853824][T11317]  __kmalloc+0xa4/0x240
[  316.858049][T11317]  iovec_from_user+0x87/0x250
[  316.862768][T11317]  __import_iovec+0x13d/0x860
[  316.867483][T11317]  ? __might_fault+0xaa/0x120
[  316.872180][T11317]  import_iovec+0x73/0xa0
[  316.876544][T11317]  ___sys_recvmsg+0x437/0x510
[  316.881251][T11317]  ? __sys_recvmsg+0x270/0x270
[  316.886043][T11317]  ? ksys_write+0x1c1/0x250
[  316.890572][T11317]  ? __fget_files+0x44a/0x4d0
[  316.895277][T11317]  __x64_sys_recvmsg+0x1f2/0x2c0
[  316.900242][T11317]  ? ___sys_recvmsg+0x510/0x510
[  316.905130][T11317]  ? lockdep_hardirqs_on+0x98/0x150
[  316.910355][T11317]  do_syscall_64+0x55/0xb0
[  316.914795][T11317]  ? clear_bhb_loop+0x40/0x90
[  316.919503][T11317]  ? clear_bhb_loop+0x40/0x90
[  316.924217][T11317]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  316.930127][T11317] RIP: 0033:0x7f66dc58efc9
[  316.934644][T11317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.954264][T11317] RSP: 002b:00007f66dd484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  316.962738][T11317] RAX: ffffffffffffffda RBX: 00007f66dc7e5fa0 RCX: 00007f66dc58efc9
[  316.970741][T11317] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  316.978742][T11317] RBP: 00007f66dd484090 R08: 0000000000000000 R09: 0000000000000000
[  316.986730][T11317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.994722][T11317] R13: 00007f66dc7e6038 R14: 00007f66dc7e5fa0 R15: 00007ffdb8bf5358
[  317.002728][T11317]  </TASK>
[  317.147999][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  317.154741][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  317.522554][T11334] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  317.551477][T11334] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  317.577253][T11334] team0: Port device wlan1 removed
[  317.939574][T11339] validate_nla: 4 callbacks suppressed
[  317.939594][T11339] netlink: 'syz.3.2278': attribute type 10 has an invalid length.
[  318.102752][T11352] FAULT_INJECTION: forcing a failure.
[  318.102752][T11352] name failslab, interval 1, probability 0, space 0, times 0
[  318.116187][T11352] CPU: 0 PID: 11352 Comm: syz.2.2282 Not tainted syzkaller #0
[  318.123703][T11352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  318.133800][T11352] Call Trace:
[  318.137124][T11352]  <TASK>
[  318.140091][T11352]  dump_stack_lvl+0x16c/0x230
[  318.144829][T11352]  ? show_regs_print_info+0x20/0x20
[  318.150088][T11352]  ? load_image+0x3b0/0x3b0
[  318.154647][T11352]  ? __might_sleep+0xe0/0xe0
[  318.159276][T11352]  ? __lock_acquire+0x7c80/0x7c80
[  318.164361][T11352]  should_fail_ex+0x39d/0x4d0
[  318.169111][T11352]  should_failslab+0x9/0x20
[  318.173741][T11352]  slab_pre_alloc_hook+0x59/0x310
[  318.178798][T11352]  ? __lock_acquire+0x7c80/0x7c80
[  318.183846][T11352]  kmem_cache_alloc_node+0x60/0x330
[  318.189097][T11352]  ? __alloc_skb+0x108/0x2c0
[  318.193723][T11352]  __alloc_skb+0x108/0x2c0
[  318.198167][T11352]  netlink_sendmsg+0x65b/0xbe0
[  318.202959][T11352]  ? netlink_getsockopt+0x580/0x580
[  318.208214][T11352]  ? aa_sock_msg_perm+0x94/0x150
[  318.213178][T11352]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  318.218479][T11352]  ? security_socket_sendmsg+0x80/0xa0
[  318.223954][T11352]  ? netlink_getsockopt+0x580/0x580
[  318.229176][T11352]  ____sys_sendmsg+0x5bf/0x950
[  318.233974][T11352]  ? __asan_memset+0x22/0x40
[  318.238616][T11352]  ? __sys_sendmsg_sock+0x30/0x30
[  318.243670][T11352]  ? __import_iovec+0x5f2/0x860
[  318.248548][T11352]  ? import_iovec+0x73/0xa0
[  318.253074][T11352]  ___sys_sendmsg+0x220/0x290
[  318.257774][T11352]  ? __sys_sendmsg+0x270/0x270
[  318.262577][T11352]  ? __lock_acquire+0x7c80/0x7c80
[  318.267677][T11352]  __se_sys_sendmsg+0x1a5/0x270
[  318.272570][T11352]  ? __x64_sys_sendmsg+0x80/0x80
[  318.277567][T11352]  ? lockdep_hardirqs_on+0x98/0x150
[  318.282989][T11352]  do_syscall_64+0x55/0xb0
[  318.287428][T11352]  ? clear_bhb_loop+0x40/0x90
[  318.292126][T11352]  ? clear_bhb_loop+0x40/0x90
[  318.296824][T11352]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  318.302734][T11352] RIP: 0033:0x7f678d38efc9
[  318.307252][T11352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.326883][T11352] RSP: 002b:00007f678e201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.335326][T11352] RAX: ffffffffffffffda RBX: 00007f678d5e5fa0 RCX: 00007f678d38efc9
[  318.343314][T11352] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[  318.351299][T11352] RBP: 00007f678e201090 R08: 0000000000000000 R09: 0000000000000000
[  318.359286][T11352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.367272][T11352] R13: 00007f678d5e6038 R14: 00007f678d5e5fa0 R15: 00007fff0888c238
[  318.375303][T11352]  </TASK>
[  319.084042][T11359] netlink: 'syz.2.2284': attribute type 19 has an invalid length.
[  319.117483][T11361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  319.127344][T11361] batman_adv: batadv0: Removing interface: batadv_slave_0
[  319.152501][T11361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  319.190756][T11361] batman_adv: batadv0: Removing interface: batadv_slave_1
[  319.230976][T11361] batman_adv: batadv0: Interface deactivated: wlan0
[  319.237690][T11361] batman_adv: batadv0: Removing interface: wlan0
[  319.341813][T11361] bond0: (slave batadv0): Releasing backup interface
[  319.376882][T11361] batadv0 (unregistering): left promiscuous mode
[  319.978756][T11379] netlink: 'syz.3.2290': attribute type 6 has an invalid length.
[  319.998638][T11379] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2290'.
[  320.310684][T11390] netlink: 'syz.3.2295': attribute type 10 has an invalid length.
[  320.335669][T11390] team0: Device ipvlan1 failed to register rx_handler
[  320.466329][T11395] netlink: 'syz.2.2296': attribute type 10 has an invalid length.
[  320.607806][   T11] 
[  320.610235][   T11] ======================================================
[  320.617280][   T11] WARNING: possible circular locking dependency detected
[  320.624357][   T11] syzkaller #0 Not tainted
[  320.628802][   T11] ------------------------------------------------------
[  320.635846][   T11] kworker/u4:0/11 is trying to acquire lock:
[  320.641857][   T11] ffff88807d02cd00 (team->team_lock_key){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  320.651318][   T11] 
[  320.651318][   T11] but task is already holding lock:
[  320.658708][   T11] ffff88807cdf8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  320.669133][   T11] 
[  320.669133][   T11] which lock already depends on the new lock.
[  320.669133][   T11] 
[  320.679572][   T11] 
[  320.679572][   T11] the existing dependency chain (in reverse order) is:
[  320.688621][   T11] 
[  320.688621][   T11] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  320.696401][   T11]        __mutex_lock+0x129/0xcc0
[  320.701478][   T11]        ieee80211_open+0x144/0x200
[  320.706727][   T11]        __dev_open+0x2bc/0x430
[  320.711609][   T11]        dev_open+0xab/0x170
[  320.716241][   T11]        team_add_slave+0xae7/0x2660
[  320.721559][   T11]        do_setlink+0xe14/0x3fb0
[  320.726617][   T11]        rtnl_newlink+0x175b/0x2020
[  320.731857][   T11]        rtnetlink_rcv_msg+0x7c7/0xf10
[  320.737364][   T11]        netlink_rcv_skb+0x216/0x480
[  320.742697][   T11]        netlink_unicast+0x751/0x8d0
[  320.748028][   T11]        netlink_sendmsg+0x8c1/0xbe0
[  320.753348][   T11]        ____sys_sendmsg+0x5bf/0x950
[  320.758677][   T11]        ___sys_sendmsg+0x220/0x290
[  320.763914][   T11]        __se_sys_sendmsg+0x1a5/0x270
[  320.769335][   T11]        do_syscall_64+0x55/0xb0
[  320.774315][   T11]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  320.780771][   T11] 
[  320.780771][   T11] -> #0 (team->team_lock_key){+.+.}-{3:3}:
[  320.788812][   T11]        __lock_acquire+0x2ddb/0x7c80
[  320.794224][   T11]        lock_acquire+0x197/0x410
[  320.799304][   T11]        __mutex_lock+0x129/0xcc0
[  320.804406][   T11]        team_del_slave+0x32/0x1c0
[  320.809557][   T11]        team_device_event+0x28d/0xa20
[  320.815064][   T11]        notifier_call_chain+0x197/0x390
[  320.820739][   T11]        unregister_netdevice_many_notify+0xf36/0x1810
[  320.827715][   T11]        unregister_netdevice_queue+0x324/0x360
[  320.833994][   T11]        _cfg80211_unregister_wdev+0x16b/0x580
[  320.840197][   T11]        ieee80211_remove_interfaces+0x496/0x680
[  320.846573][   T11]        ieee80211_unregister_hw+0x5d/0x2a0
[  320.852507][   T11]        mac80211_hwsim_del_radio+0x274/0x450
[  320.858582][   T11]        hwsim_exit_net+0x585/0x640
[  320.863917][   T11]        cleanup_net+0x6f4/0xb90
[  320.868871][   T11]        process_scheduled_works+0xa45/0x15b0
[  320.874959][   T11]        worker_thread+0xa55/0xfc0
[  320.880091][   T11]        kthread+0x2fa/0x390
[  320.884688][   T11]        ret_from_fork+0x48/0x80
[  320.889633][   T11]        ret_from_fork_asm+0x11/0x20
[  320.894944][   T11] 
[  320.894944][   T11] other info that might help us debug this:
[  320.894944][   T11] 
[  320.905188][   T11]  Possible unsafe locking scenario:
[  320.905188][   T11] 
[  320.912649][   T11]        CPU0                    CPU1
[  320.918016][   T11]        ----                    ----
[  320.923386][   T11]   lock(&rdev->wiphy.mtx);
[  320.927900][   T11]                                lock(team->team_lock_key);
[  320.935191][   T11]                                lock(&rdev->wiphy.mtx);
[  320.942240][   T11]   lock(team->team_lock_key);
[  320.947029][   T11] 
[  320.947029][   T11]  *** DEADLOCK ***
[  320.947029][   T11] 
[  320.955174][   T11] 5 locks held by kworker/u4:0/11:
[  320.960311][   T11]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  320.971291][   T11]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  320.981850][   T11]  #2: ffffffff8dfae850 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[  320.991303][   T11]  #3: ffffffff8dfbb688 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  321.001182][   T11]  #4: ffff88807cdf8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  321.011994][   T11] 
[  321.011994][   T11] stack backtrace:
[  321.018208][   T11] CPU: 0 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0
[  321.025668][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.035733][   T11] Workqueue: netns cleanup_net
[  321.040519][   T11] Call Trace:
[  321.043808][   T11]  <TASK>
[  321.046744][   T11]  dump_stack_lvl+0x16c/0x230
[  321.051434][   T11]  ? load_image+0x3b0/0x3b0
[  321.055952][   T11]  ? show_regs_print_info+0x20/0x20
[  321.061169][   T11]  ? print_circular_bug+0x12b/0x1a0
[  321.066385][   T11]  check_noncircular+0x2bd/0x3c0
[  321.071338][   T11]  ? print_deadlock_bug+0x5d0/0x5d0
[  321.076556][   T11]  ? lockdep_lock+0xe0/0x220
[  321.081177][   T11]  ? _find_first_zero_bit+0xd3/0x100
[  321.086490][   T11]  __lock_acquire+0x2ddb/0x7c80
[  321.091375][   T11]  ? verify_lock_unused+0x140/0x140
[  321.096602][   T11]  ? perf_trace_lock_acquire+0xfb/0x3e0
[  321.102202][   T11]  ? trace_event_raw_event_lock_acquire+0x2a0/0x2a0
[  321.108833][   T11]  ? perf_trace_lock_acquire+0xfb/0x3e0
[  321.114418][   T11]  lock_acquire+0x197/0x410
[  321.118944][   T11]  ? team_del_slave+0x32/0x1c0
[  321.123733][   T11]  ? __might_sleep+0xe0/0xe0
[  321.128338][   T11]  ? read_lock_is_recursive+0x20/0x20
[  321.133727][   T11]  __mutex_lock+0x129/0xcc0
[  321.138252][   T11]  ? team_del_slave+0x32/0x1c0
[  321.143035][   T11]  ? __lock_acquire+0x7c80/0x7c80
[  321.148069][   T11]  ? rcu_is_watching+0x15/0xb0
[  321.152851][   T11]  ? trace_contention_end+0x39/0xe0
[  321.158074][   T11]  ? __mutex_lock+0x304/0xcc0
[  321.162768][   T11]  ? team_del_slave+0x32/0x1c0
[  321.167563][   T11]  ? mutex_lock_nested+0x20/0x20
[  321.172521][   T11]  ? bond_netdev_event+0xe1/0xef0
[  321.177564][   T11]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  321.183226][   T11]  ? bond_ipsec_offload_ok+0x410/0x410
[  321.188752][   T11]  team_del_slave+0x32/0x1c0
[  321.193379][   T11]  team_device_event+0x28d/0xa20
[  321.198341][   T11]  notifier_call_chain+0x197/0x390
[  321.203487][   T11]  unregister_netdevice_many_notify+0xf36/0x1810
[  321.209830][   T11]  ? trace_event_raw_event_lock+0x230/0x230
[  321.215760][   T11]  ? unregister_netdevice_many+0x20/0x20
[  321.221668][   T11]  ? kernfs_remove_by_name_ns+0x117/0x150
[  321.227393][   T11]  ? __lock_acquire+0x7c80/0x7c80
[  321.232455][   T11]  unregister_netdevice_queue+0x324/0x360
[  321.238191][   T11]  ? list_netdevice+0x730/0x730
[  321.243052][   T11]  ? kernfs_remove_by_name_ns+0x117/0x150
[  321.248784][   T11]  _cfg80211_unregister_wdev+0x16b/0x580
[  321.254442][   T11]  ieee80211_remove_interfaces+0x496/0x680
[  321.260358][   T11]  ? ieee80211_do_stop+0x1db0/0x1db0
[  321.265657][   T11]  ? rcu_is_watching+0x15/0xb0
[  321.270437][   T11]  ieee80211_unregister_hw+0x5d/0x2a0
[  321.275832][   T11]  mac80211_hwsim_del_radio+0x274/0x450
[  321.281389][   T11]  ? rhashtable_remove_fast+0xbf0/0xbf0
[  321.286940][   T11]  hwsim_exit_net+0x585/0x640
[  321.291632][   T11]  ? hwsim_init_net+0x90/0x90
[  321.296323][   T11]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  321.302139][   T11]  cleanup_net+0x6f4/0xb90
[  321.306564][   T11]  ? ops_free_list+0x3b0/0x3b0
[  321.311354][   T11]  ? _raw_spin_unlock_irq+0x23/0x50
[  321.316575][   T11]  ? process_scheduled_works+0x957/0x15b0
[  321.322305][   T11]  ? process_scheduled_works+0x957/0x15b0
[  321.328035][   T11]  process_scheduled_works+0xa45/0x15b0
[  321.333710][   T11]  ? assign_work+0x400/0x400
[  321.338326][   T11]  ? assign_work+0x39e/0x400
[  321.342941][   T11]  worker_thread+0xa55/0xfc0
[  321.347585][   T11]  kthread+0x2fa/0x390
[  321.351661][   T11]  ? pr_cont_work+0x560/0x560
[  321.356353][   T11]  ? kthread_blkcg+0xd0/0xd0
[  321.360960][   T11]  ret_from_fork+0x48/0x80
[  321.365399][   T11]  ? kthread_blkcg+0xd0/0xd0
[  321.370093][   T11]  ret_from_fork_asm+0x11/0x20
[  321.374877][   T11]  </TASK>
[  321.388491][   T11] team0: Port device wlan1 removed
[  321.515074][   T11] hsr_slave_0: left promiscuous mode
[  321.522108][   T11] hsr_slave_1: left promiscuous mode
[  321.528252][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.537426][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.546643][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.554896][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  321.562712][   T11] bridge_slave_1: left allmulticast mode
[  321.568373][   T11] bridge_slave_1: left promiscuous mode
[  321.574297][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.582712][   T11] bridge_slave_0: left allmulticast mode
[  321.588367][   T11] bridge_slave_0: left promiscuous mode
[  321.594091][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.605634][   T11] veth0_macvtap: left promiscuous mode
[  321.611297][   T11] veth1_vlan: left promiscuous mode
[  321.616578][   T11] veth0_vlan: left promiscuous mode
[  321.733737][   T11] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  321.864740][   T11] team0 (unregistering): Port device team_slave_1 removed
[  321.890583][   T11] team0 (unregistering): Port device team_slave_0 removed
[  321.918663][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  321.927655][   T11] bond_slave_1 (unregistering): left promiscuous mode
[  321.956038][   T11] bond0 (unregistering): (slave 
3
0
): Releasing backup interface
[  321.966329][   T11] 
 (unregistering): left promiscuous mode
[  322.036718][   T11] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  322.045761][   T11] batadv0 (unregistering): left promiscuous mode
[  322.163326][   T11] bond0 (unregistering): Released all slaves