last executing test programs:

7.647327374s ago: executing program 4 (id=2425):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x2800000002000000, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x600, 0x4000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022"], 0xcfa4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

6.556024928s ago: executing program 1 (id=2429):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400000000000}, 0x0, 0x0, 0x0, 0x0, 0xf60}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000000500), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000280)="799f", 0x2}], 0x1, &(0x7f0000001b40)}, 0x4000)
socket$kcm(0x29, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000840)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4}, @func_proto, @func_proto={0x2, 0x0, 0x0, 0xc, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$kcm(0xa, 0x2, 0x73)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r2, 0xffffffffffffffff, 0x14, 0x0, 0x4000, @void, @value}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a80005002000014006000000035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a1a83d5f59e3d", 0xd8}], 0x1}, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)

6.373738039s ago: executing program 4 (id=2431):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x40000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180), 0x12)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='1\n'], 0x31)

6.192874323s ago: executing program 0 (id=2432):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x200000, 0x4, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x8002, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r0, 0x0, 0x0}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0xba}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r2, 0x0, 0x14, 0xa9, &(0x7f0000000100)="62892386c39471db3cd756ce26d603ae9d47de0c", &(0x7f0000000380)=""/169, 0xffff8001, 0x0, 0x89, 0xb5, &(0x7f0000000500)="25380c38cd47f41d3133f266054fd0bf0a61ef33b42066147873006c2dbffb0bdc0d03a71a8cfc4c8817ec2a83be7ca9e67a6997f6c13df3985dfa59603950de029e2eeec21b0da799a9c4f1b38d937738d53ca6775d115533623a6904fabc7344622e5439278078479f4b24ff2dc49aadf3b6097e40256a58aba36193dfc9cbc257e83643d3d0e695", &(0x7f00000005c0)="905e7d2a7fb24830228f31117709002fc9d24455c2d57c29c42742d778db4623ed41aabf5bde230a6ea0be3cf552bc8266e102cbe2cbeb3c4e5cda4dfa942ea8f7b1cfd43178127c2960fb49dc30d2a8d287bc9bc8bd1eb75cbdec9b80e9aea246e7e8ba11d0ce1238c88ea6c0c11a42cb2681fdcee2b6994d555b48e01eb70c9847eadafa74c8710075df9458031734e031dc17df8fdc861a61fae9b027155ca3e0223f3848be568677a18e621c62e96a19b02853", 0x0, 0x0, 0x9}, 0x50)
r3 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r3, 0x29, 0x46, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000}, 0x50)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)

6.134920093s ago: executing program 2 (id=2434):
r0 = socket$kcm(0xf, 0x3, 0x2)
write$cgroup_subtree(r0, 0x0, 0x13)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)

5.966282165s ago: executing program 0 (id=2435):
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r5, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3, &(0x7f0000000380)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x24, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700), 0x10, 0xffff8001, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x13, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000004000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000009f796800fcffffffbf91000000000000b702000002000000850000008500000044060000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0xfff, 0x34, &(0x7f0000000580)=""/52, 0x41100, 0x1, '\x00', r6, @fallback=0x18, r4, 0x8, &(0x7f0000000680)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xa, 0x4, 0xb}, 0x10, 0x0, r4, 0x1, 0x0, &(0x7f0000000a80)=[{0x2, 0x1, 0x9, 0x9}], 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x10, &(0x7f0000000000)=r4, 0x8)
r9 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xc, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000400040071107a000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0xff, 0x0, 0x0, 0xd7a, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xa}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0xc6, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0xd, 0x1d, &(0x7f0000000b80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@jmp={0x5, 0x0, 0xd, 0x8, 0x8, 0x100, 0xffffffffffffffff}, @ldst={0x2, 0x0, 0x3, 0x8, 0x1, 0x0, 0x1}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffffd}, @map_fd={0x18, 0x2, 0x1, 0x0, r4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x8}, @map_val={0x18, 0x2, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0xa}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000c80)='syzkaller\x00', 0xb8, 0x52, &(0x7f0000000cc0)=""/82, 0x41100, 0x29, '\x00', r6, @fallback=0x28, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d40)={0x5, 0x4, 0x8000, 0xa00000}, 0x10, 0x0, r7, 0x8, &(0x7f0000000d80)=[r8, r8, r9, r4, r8, r8, r4, r8, r4], &(0x7f0000000ec0)=[{0x1, 0x1, 0x9, 0xa}, {0x1, 0x2, 0x1, 0x6}, {0x3, 0x3, 0x4, 0x4}, {0x1, 0x1, 0xa, 0x9}, {0x5, 0x4, 0x6, 0x7}, {0x2, 0x1, 0x8, 0x1}, {0x1, 0x3, 0x5, 0x9}, {0x1, 0x5, 0x9, 0x7}], 0x10, 0x4, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240), 0x4)
sendmsg$kcm(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="7ea5419b43213529516ec329e65e8270d4470dccae6253b7f489fb59a174a45a52759c0cb0b67d68adf99d834c84ddd627826fcc6965bada5a02aed1a4f9f71b8b47ca550936980f4f9d30266892c3886a96ff4a777db32e86f20fba31cd6bbc941265857a94718906f08cf5c2d6df6e5356212f0f7c0e33ff11fe9e6d4443d7eb928113443e0738ed40148da9da9cc3d757b632c6a2516badcbba1765514907c395", 0xa2}, {&(0x7f00000001c0)="8a87983928cca7852f249e0d6d82cb6e94b16e6f1a5256d3a89b55b0c0fe8d6fa530122d97c4dae156ca051cf9e53c0ae2f826a7f81198397b1876738b9512142a0f996f1305199e9b0a1bdb6a54d58dfb0b8163e16143954ff61d", 0x5b}, {&(0x7f00000004c0)="871455edc80bcfd63503babbd3e48e825cc73e8e9d519b98ae253437ceb51d06a350214822f7f2e24a7c8c380cb13a2adf5870bdcaeeb5f248af30cce8535711a1c6209df8765c7338581c2323905d8cbf1b21d7f459df678b2a71e6e6d2949e8580e8dcd0b334c9338cf7ef0011298c1371e58db15729774f0f04a8c64dbd8cfa2ef09c85d4aa2d1ec19610327986e329d3a0", 0x93}], 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="e800000000000000010100000400000096308879c5ec737c2a69b6e11bf2b004acd93f799f579ef8d08a25fe2a0004d221fd8b4b7d444ce803351475fa6d0883321650a9e2c34ef10768c86519a2af65f3b62c2b7bf95908ae205c68970ae2fe6e0eef8bc8ff9bdde5a93acf2512d6aaf9e83efa9d5c168954aa3d54271c87da6a78e66479d4df009de54e0897e02920cd82c62e49a9363754c3ab379bf92a5e513283d30267727dc0e8c72b02752444e1245027df712dd7effea4935a7bda9368788cbea2c9d1f9cfe0504a29631c094deaade1ba2ddf614ce8d49fd15aae8e600000000000000009010000040000003babf4adc3d3eddbcf48bc89f560e8caf687837cd217b9b19c7944dced5f6cafb4b98433589c6b64b011c7aa5014e4b60076b0120e23348f8fd752f9f6bfdb40e80b7ea5c682b8adccf579ce080000004800000000000000040100000101000010c65f2d423d4d623b82962c0db213813a7981b7a9b93412e45cc7cb450034ee107fa16439a7f4a2bfd789839e338e983581664c7a5ba800100100000000000084000000a2120000db4f81bfe162bbc042ec8172b91c0b80dd74b090f2c159499a3ca1d53f484b7ed345a6aefe43fcec3c9eae6dbb470abcf4498ee3d668d9301a6edcf805b5eb45eb6d9f2a51109623335fa2314b2dc00d6fee9cc5fccb2e82217b96d73483b16e30f797c33df90bf8e03c047da08d8ead88ba3cf09d3c5df4a0d52e265a5e4f16fde04152fbbbd4ef3bdd42fa0603f70e37610994210f5dc9825236453ea52b39f1b569353fe49f051234a1b964666bdb4c8d971283ceb4cb2b7efa898173fcf8e91e2da8691d64d67673ddbdf4ef33cda758a06f2a8b3e08532ddbe2130fb13f233dd56bc1b2919e40c520628ca90a1a1ac3e752c38362c217d200000000000020000000000000001c010000080000006fd5bc894214780b6a25afcf64000000"], 0x2c0}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x29, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

5.962965695s ago: executing program 1 (id=2436):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = getpid()
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x2, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_bp={&(0x7f0000000240), 0x1}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0xfffffffd, 0x6, 0x0, 0x0, 0x0, 0x81}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000}}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c662003"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d80000001400810d4e81f782db44b9040a11080211000000040000a118000200fc00000000000e1208000f0100810401a80016ea1f000640c9201114c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMUNATTACH(r5, 0x8901, &(0x7f0000000040))
sendmsg$inet(r4, &(0x7f0000002740)={0x0, 0x0, &(0x7f00000022c0)=[{&(0x7f0000000080)}], 0x1}, 0x24004011)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00800000000000000000000000000000850000003000000085000000070000009500000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d800000010008104687da3aa7143a0b8c81d080b25000300e8fe55a118001500060014000040a8002b000e00014006046109d67f6f94007134cf6ee0a000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88a2ddddbbb219c6c09136dd481c4a918d1bcf0f938baa5d060a517898516277ce06bbace6f177ccbec4c2ee5a7cef4260027836b0d17a54ef5d6d93424841f468430dfe1d9d322fe7c0aaa16b8ddc64193071e9f8775730d16a4683f785025ccc806dcabced7ad654fac9609f4fb00"/216, 0xd8}], 0x1}, 0x4004)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x81, 0x81f37, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0xb, 0x2}, 0x40, 0x8, 0x800, 0x0, 0x0, 0xffff0000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000004}, 0x0, 0xf, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xb, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f1, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x600, 0x4000000}, 0x28)

5.825062427s ago: executing program 4 (id=2438):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x40000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180), 0x12)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='1\n'], 0x31)

5.788606377s ago: executing program 2 (id=2439):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x400})
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x4, 0x0)
close(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r8, @ANYRES32=r6], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)}, 0x0)
recvmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xe5}], 0x1}, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x20000800)

4.590579102s ago: executing program 1 (id=2440):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x2800000002000000, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x600, 0x4000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35"], 0xcfa4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

4.590008432s ago: executing program 0 (id=2441):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x401}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x401}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)

4.585362452s ago: executing program 4 (id=2443):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xc0bf}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd"], 0xfdef)
close(r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0xfdef)
r3 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x0, 0x25, 0x0, 0xc)

4.336752996s ago: executing program 3 (id=2444):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xc0bf}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102031100fe08000e40"], 0xfdef)
close(r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0xfdef)
r3 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x0, 0x25, 0x0, 0xc)

4.336182216s ago: executing program 0 (id=2445):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x14869}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073013900000000009500000000000000ebfbad3f0c4953260cdf35fd70ed47332920667acb285d1367e2a83bfd3b4e34f0cd5eb07ddb8f7707735bdbf16918aa55a241e6cdd111c189067667fe76ceee4928f2c0700e7192f162376ffa83c3342623f2d78735a656ad"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x300, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000ec0)=ANY=[@ANYRES16=r0], &(0x7f0000000140)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r1, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000640)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000680)=[0x0], &(0x7f00000006c0)=[0x0, 0x0], 0x0, 0x46, &(0x7f0000000700)=[{}], 0x8, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x3f, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0xff, 0x0, 0xffffffffffffffff, 0xff, '\x00', r2, 0xffffffffffffffff, 0x0, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r3 = syz_clone(0x20a03600, &(0x7f0000000400)="c4ce4617c2227e5ef2f887303f5b6db0781fce5fc8564a7cbc10117d745769eed3225dc5422645a32ca195e8df2ba18f0499a9842c7185244d4ebb00bf46b692568ff5df3244f9519d", 0x49, &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)="2e166f5ef83db3b46c25c136f80d20b8cef1080ef43f12ae48cd9ce8b8396bd0dd6595230e511b3767bd2ebe385f574b148cd22afddaf8e5481d0e18b310a9063034b6f7538824d86a655828913420fa2fd2a563d3fe8dcb387a18f370")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000a00)='netfs_rreq\x00', r1, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x2, 0x1, 0x2b, 0x6, 0x0, 0x7, 0x40, 0x9, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x80000000, 0x0, @perf_config_ext={0x9, 0xa31}, 0x10020, 0x401, 0x3, 0x4, 0x5, 0xff, 0x8, 0x0, 0x9, 0x0, 0x8}, r3, 0x5, r0, 0x3)
r4 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000a80))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000400000004000000090000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00e38a000100000000000000009b0960eba1d123950000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0d0000000500000004000000dd0a000005000000", @ANYRES32=r5, @ANYBLOB="000000000000000000000000ac4800000000000008ab96dc959ae8c3e263b2c691b5fd143d117542e4db018f46fef5642f9ddba76cd0973f893632e92c1a12cd5dcf945370994023bf6594a5938da27032756ad3818cf25fa724fb14d7d0a0b9c0c930a2d7b8cbc1c4c05e588f91aa6f0000c331bb3e83365c52a621dbdf58000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x48)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f00000009c0)={0x1}, 0x8)
recvmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1, &(0x7f0000000280)=""/242, 0xf2}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="17000000010000000c0000000602000003110300", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="020000000000001c00"/24, @ANYRES32, @ANYBLOB], 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a00140000000280168712", 0x2d}], 0x1}, 0x0)

4.289968996s ago: executing program 2 (id=2446):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400000000000}, 0x0, 0x0, 0x0, 0x0, 0xf60}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0xa, &(0x7f0000000500), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000280)="799f", 0x2}], 0x1, &(0x7f0000001b40)}, 0x4000)
socket$kcm(0x29, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000840)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4}, @func_proto, @func_proto={0x2, 0x0, 0x0, 0xc, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$kcm(0xa, 0x2, 0x73)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r2, 0xffffffffffffffff, 0x14, 0x0, 0x4000, @void, @value}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a80005002000014006000000035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a1a83d5f59e3d", 0xd8}], 0x1}, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)

4.139053938s ago: executing program 4 (id=2447):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x891c, &(0x7f0000000040)={'geneve1\x00', @random="02001800"})

3.777838383s ago: executing program 3 (id=2448):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x40000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180), 0x12)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='1\n'], 0x31)

2.938054653s ago: executing program 3 (id=2449):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r0, 0x18000000000002a0, 0xf, 0x3a, &(0x7f0000000040)="b90108001f", 0x0, 0x80100, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 3)

1.54004731s ago: executing program 3 (id=2450):
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r5, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3, &(0x7f0000000380)=[{}, {}, {}], 0x18, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x24, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700), 0x10, 0xffff8001, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x13, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000004000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000009f796800fcffffffbf91000000000000b702000002000000850000008500000044060000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0xfff, 0x34, &(0x7f0000000580)=""/52, 0x41100, 0x1, '\x00', r6, @fallback=0x18, r4, 0x8, &(0x7f0000000680)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xa, 0x4, 0xb}, 0x10, 0x0, r4, 0x1, 0x0, &(0x7f0000000a80)=[{0x2, 0x1, 0x9, 0x9}], 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x10, &(0x7f0000000000)=r4, 0x8)
r9 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xc, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000400040071107a000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0xff, 0x0, 0x0, 0xd7a, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xa}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0xc6, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0xd, 0x1d, &(0x7f0000000b80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@jmp={0x5, 0x0, 0xd, 0x8, 0x8, 0x100, 0xffffffffffffffff}, @ldst={0x2, 0x0, 0x3, 0x8, 0x1, 0x0, 0x1}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffffd}, @map_fd={0x18, 0x2, 0x1, 0x0, r4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x8}, @map_val={0x18, 0x2, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0xa}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000c80)='syzkaller\x00', 0xb8, 0x52, &(0x7f0000000cc0)=""/82, 0x41100, 0x29, '\x00', r6, @fallback=0x28, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d40)={0x5, 0x4, 0x8000, 0xa00000}, 0x10, 0x0, r7, 0x8, &(0x7f0000000d80)=[r8, r8, r9, r4, r8, r8, r4, r8, r4], &(0x7f0000000ec0)=[{0x1, 0x1, 0x9, 0xa}, {0x1, 0x2, 0x1, 0x6}, {0x3, 0x3, 0x4, 0x4}, {0x1, 0x1, 0xa, 0x9}, {0x5, 0x4, 0x6, 0x7}, {0x2, 0x1, 0x8, 0x1}, {0x1, 0x3, 0x5, 0x9}, {0x1, 0x5, 0x9, 0x7}], 0x10, 0x4, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r9, 0x40042408, r10)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000240), 0x4)
sendmsg$kcm(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="7ea5419b43213529516ec329e65e8270d4470dccae6253b7f489fb59a174a45a52759c0cb0b67d68adf99d834c84ddd627826fcc6965bada5a02aed1a4f9f71b8b47ca550936980f4f9d30266892c3886a96ff4a777db32e86f20fba31cd6bbc941265857a94718906f08cf5c2d6df6e5356212f0f7c0e33ff11fe9e6d4443d7eb928113443e0738ed40148da9da9cc3d757b632c6a2516badcbba1765514907c395", 0xa2}, {&(0x7f00000001c0)="8a87983928cca7852f249e0d6d82cb6e94b16e6f1a5256d3a89b55b0c0fe8d6fa530122d97c4dae156ca051cf9e53c0ae2f826a7f81198397b1876738b9512142a0f996f1305199e9b0a1bdb6a54d58dfb0b8163e16143954ff61d", 0x5b}, {&(0x7f00000004c0)="871455edc80bcfd63503babbd3e48e825cc73e8e9d519b98ae253437ceb51d06a350214822f7f2e24a7c8c380cb13a2adf5870bdcaeeb5f248af30cce8535711a1c6209df8765c7338581c2323905d8cbf1b21d7f459df678b2a71e6e6d2949e8580e8dcd0b334c9338cf7ef0011298c1371e58db15729774f0f04a8c64dbd8cfa2ef09c85d4aa2d1ec19610327986e329d3a0", 0x93}], 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="e800000000000000010100000400000096308879c5ec737c2a69b6e11bf2b004acd93f799f579ef8d08a25fe2a0004d221fd8b4b7d444ce803351475fa6d0883321650a9e2c34ef10768c86519a2af65f3b62c2b7bf95908ae205c68970ae2fe6e0eef8bc8ff9bdde5a93acf2512d6aaf9e83efa9d5c168954aa3d54271c87da6a78e66479d4df009de54e0897e02920cd82c62e49a9363754c3ab379bf92a5e513283d30267727dc0e8c72b02752444e1245027df712dd7effea4935a7bda9368788cbea2c9d1f9cfe0504a29631c094deaade1ba2ddf614ce8d49fd15aae8e600000000000000009010000040000003babf4adc3d3eddbcf48bc89f560e8caf687837cd217b9b19c7944dced5f6cafb4b98433589c6b64b011c7aa5014e4b60076b0120e23348f8fd752f9f6bfdb40e80b7ea5c682b8adccf579ce080000004800000000000000040100000101000010c65f2d423d4d623b82962c0db213813a7981b7a9b93412e45cc7cb450034ee107fa16439a7f4a2bfd789839e338e983581664c7a5ba800100100000000000084000000a2120000db4f81bfe162bbc042ec8172b91c0b80dd74b090f2c159499a3ca1d53f484b7ed345a6aefe43fcec3c9eae6dbb470abcf4498ee3d668d9301a6edcf805b5eb45eb6d9f2a51109623335fa2314b2dc00d6fee9cc5fccb2e82217b96d73483b16e30f797c33df90bf8e03c047da08d8ead88ba3cf09d3c5df4a0d52e265a5e4f16fde04152fbbbd4ef3bdd42fa0603f70e37610994210f5dc9825236453ea52b39f1b569353fe49f051234a1b964666bdb4c8d971283ceb4cb2b7efa898173fcf8e91e2da8691d64d67673ddbdf4ef33cda758a06f2a8b3e08532ddbe2130fb13f233dd56bc1b2919e40c520628ca90a1a1ac3e752c38362c217d200000000000020000000000000001c010000080000006fd5bc894214780b6a25afcf64000000"], 0x2c0}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x29, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

1.183061275s ago: executing program 1 (id=2451):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x40000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180), 0x12)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
r3 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000080)=ANY=[@ANYBLOB='1\n'], 0x31)

1.105650086s ago: executing program 0 (id=2452):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c662003"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x600, 0x4000000}, 0x28)

1.098851826s ago: executing program 4 (id=2453):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000029c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000fefffe7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c9be17044171e1d3d7b1efd036d7af273bce36015779c4cef58fa35d17c668a4b63e069efb29797573b8538e31ec24925095a163b9d4e76be2661f2a395e41f7e31a8021e00b00104e0801d4de36e5fdc6c42a7b3ff13f2360a6e231fd223bc33091dd61258a1fda45991fbdce6793c8a4785ee8b60092659b941bbd694dff0f0000000000003a45404b04bf97c4fea679c032b363956cd8bac9626b5db1b07a0bd7cc85e961506a35a04617dc0200379e731d3a8d8feac94a4ee293001f6ce7d5b40bf2a7f9be8173a9639a79fae885d05afe042c0e7821d406c967379e7521292d24d6c8034f2fc7c855a8945e9bce678ee9a015abc9daac8876623db56346916674ceb55f60b493f2f4d736acb2f206fc538450a676d71c01175b8454eb92567e8f8a707b590d7219288e23ee0800000000000010a49fc8f4ff0300000000000000000000cb947d6017ad27714772ad790af252e648ef8c313c604324f5b306000000000000cf327a8f5dd89315b8c8650a70162bba30ad7804fa4140f1a754ffff000000ab744d306619dfb3a37d897662bee00189f43da46a908a235c84cbad335fd1d2f2ef93a6a70c8b8ece0e243eab05a34ab0a7e7e497065e5e282e284f8d5e8852a265d528075214af000000000070d42182d8f3a347d48289a824e5b7b238e27263a23c0b865f75331d888c72df1da4b290582f00024227f03204add786a87b23ceb17c25810e769fe2d6a7bd8e504843b66b1a8c7b364bd2194ba9c8f60ac0c9b18d8c1b9e1a736825c91b4dff0000c1c5dcffa295c2930000000000235d84b0193a5ea7c77cdb7de9ce1a59ab4158097b4dd13ebfaf4425c6855530b56a3320d85c8fe85f667998b1a7e589f486c107761108e4e230419fd27b6ad9c10b25c6b6ed84badbb970dcf133279dd355e41de944564bdab99c5c712a9fbc8e9691c775bb94f746505e1e748cf1710d52468b4b1625ce21612ed5e807dfb5f19f3267e5366b2c0b2a0be49ae476263c9407ac6c596bf3cf66204984f5aebf93d1caa220ea6969cea852fe9a7d1eee13f1f48722a69ad9fb850bd093a302b9250245900ad5c8e5f20ddf77ee3d5a168964fad1aa7347d36c502d02b1d96d753ef6fc354fc126070060c65c147651fca62c0a06939f40c90ebc3042e753fe91b5770b24f25c558736dd7e1e9fb214cbb04c5c6ee4c970b320ba6fb6ef4615f4092de54c519f4622e1224153463ea80248a45a95a189958f586d606dcaa9aac656cf95a2d35225cfb0e6f47486d5cbb04a590116d4de92e203e107d68728a189b0d537d2442beab2f8ce7b2dd357200dcd139e47267012fc2a2b6bad79be429d1ddaccbe0139f16ca1b9bc1103000000ed1ece54cfdbe04670bee9b42fe3dc42033997e2e700b6edb2b49b5f2f6001ee0a9e5d1bee199ce9124a5cb479040000000000000049ead5b02d5ea1dcf6cdcf332fe94b3c1932d8d391754774a32c9b7e6ca4023bce2c7281d27a2cb62383ab3a3bb535650fbfb96c89936855eb7a485698f0d20c3eedd6123ef8f218d52ea2c346f80acb8b9a71856d2f2d1a7c6f45ee127b6a1d1ac1e243ed02e49e8aafe835919564af915965a050c37ceff855bd2dec3452c7c38f5dbf1ff1ff00020000000000006a1a029ea6540b40b2f797813af2c7d4ed235c2dc5f1dbbfcc52b2f55fd3f9f100c4891d0cb4c10ed01489bf235c45822594842da1b411346297a40bbf221bbf63ad3822575dcc01a3c34b5aa4e3750400000000000000fc0fd9c746cf0ed4b0343d00a154e6a869346256ffbd666a34414ab0f40bec45b1c24f02ac9bc20e69201968537dd4dc61323c8b6d3643183631664eeca616696fb30fe89c8bdb15037c801fca4a9c220fec5d14582a00b62548ddf2599e5ffc5330cefb8903d276eae21b0b4b20100ead8256636c7e754185e815dd21445cc965a0526da38021a3e540949494ef3041cfa5067f556a0af5c19d27ff4f61fa7762d7963c96853709e773f14c47eef784cb145ae9d6d37fc7b5d83e05ac773fcc429eae6826a9d207d4c39df8eed9cc2ae3f68df1c6495a82d02939b448bf8038521057714e6e644d633d2abe9e0b0025d16b7eff573f78364ed70a62a7b1e55311dc0193d47f9ecc8c7ad268dc6e2e75f8cc83315411bd6c6b88e1850ee757ac2f9e4d6ac510003717d5847a19e750db92d33d6bdc434d0b52b2eb4b1790459e35122f46b205120a54bf657da9fd55d43a89e333481de468f5984a69509e9eac7a5b39c004396e8cb3ab037fd62fa43f259f13ebc4b590e9ea07ea37689049c799cd444d45dabe3e3cf086768daa6816c37793d17a284d2828f5eab2d3d0bedd5334b7bb4c983fa9cd4bd86f0ad227901e83ef4871695380d25bea2929fa66382af6ddb89917ab100046151bd08fce74247955247daa1ea75139b9ce3771526503c7db3a4b3ff39301986c1fd9b5c42d39e768946c9a7ee8dd081bfb6ea5fa132ebdbe72d02ce9f2000000006f63ae8311afc4943c963d39e42c425fe268892f654febdaee43e95b5ae6749275e1ad8b8b279e1ae296e03a8d9386d8e199dc1f00000008000000000000000026c43493c622f041b47d329b248e8ccd92e9b17007ba2578eefcb59f50343722e6cba3be72fd037eb5fa243a395b5c83376a14414b32c2e8a33de8000000003927da2bec76f4e15c8bf3715c5bfe7b3617d0fcf9b5861554b5b76b8ae69c644a48931306a16cff8a38ea95553867e2c5fb1e99b1802e616345871b4611627874cfbe30fa5793c873ae6f75427f3eeda690147b9615b096d967c2d7f5ddf725f0544f8750a5ed04d6ca0f223506fec5d5e65b467c59459f6113cf41c174a63a17fc79d0b777a0c903c0d2e7f79b6f9ce68a3b72315407040f6a09cadc25e87b7c6b4a3079c7989b4cf04b2581b555fa9a2d74392939b4dbaa9e620e22ab975ac3a5a329157762c1f29075fbdd39451a56b97c90e4fde6782a7c78e7fbe8400054dcafcd51e9eef2d2ea10a3f2636ac2239cef5d8505060de55f472aa89cb8e0188f2ee96cb1ae8dee3c03d0a942c6289cbc4499cea402bd0550520f4aae98c436f18a667ae4efeb5e6a4b1b3f53536145a87578eac8bfc1037acd9d9629449714ed1302714c3519fdd8529b5a86ce2fabb7f285fe73730000000000000000000000000000000073b6f8e9255567374cb2cc80be58fca5b1dc50d85342e56beda632edb7f0a4abcabae102fadfbffecc6b1549315dda8e09d18a7fe5e1574e4fad426b6ca211da39a16dffdd661a20b20c390e00004b002cd83b754c3d32819c823027b3cf8f8da6e63d099712be370bb2aa06debff931ea0a2e7aa0390000000000000045b6720d74c470d49e1e97d1668bb75ad994089d723c2eeaad3f857937fa3df615121a1841ed452dd395788e1a82efda18b41c06c948ef44af8500fbe1ee0828a3b047afb80435935b0f99b381dcf101e9a1593bdaab3bc88c70bf56995a4790a339e1b62516356644ed7df6db419d0976a5169e68e8bd4712552c5ec03f2818c17c4a5bf1e5ecd9bb40074a63c66b61f4779226a99dc5ff9c442e93991570797493569e6f9ccd6d73bcbce41022d4731fc61b6bf0188c74a21471332a546ffe8e9dd738aa2ca782ff5a547a1ad7c348c59ff99d1496404eafcd0333df8f2801d39ad0c82735af24b819efc2fd67c6a53835f0af6a51d1b9123f4b9af7fa2ee2ebf4bc2973cf04380b41aa7577e35bcd28446bfcea19aa85440fe0fdce12e53da7b8842b7527a34d1bcb16fcdc84f2c46a78c01c2ff463cdd0d65267b0822e899e893514a02acd8c21583d181208175d08ff75223da84d53656eb7ab46ad442d70c67a6010029329aaf116308d57e77065464eb94ba18e680c2030b4212c135a3c3bbc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0xffffffffffffffff)
close(0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xcfa4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='contention_end\x00'}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.083088356s ago: executing program 2 (id=2454):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
socket$kcm(0xa, 0x3, 0x3a)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r3=>0x0}, 0x8)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=r3, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r4, 0x4)
r5 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r3, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000500)={r5, r2, 0x4, r2}, 0x10)

899.991078ms ago: executing program 3 (id=2455):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x40000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180), 0x12)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='1\n'], 0x31)

836.77902ms ago: executing program 1 (id=2456):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x400})
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x4, 0x0)
close(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r8, @ANYRES32=r6], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)}, 0x0)
recvmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xe5}], 0x1}, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{}], 0x1}, 0x20000800)

810.65846ms ago: executing program 2 (id=2457):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xc0bf}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81020311"], 0xfdef)
close(r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0xfdef)
r3 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x0, 0x25, 0x0, 0xc)

522.523723ms ago: executing program 0 (id=2458):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x4000)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0, 0x6}, 0x0, 0xa7, 0x2, 0x1, 0x0, 0xfffffffe, 0xff68, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0}, 0x2018, 0x0, 0x0, 0x8, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000080), &(0x7f0000000340)=r3}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x5, 0xe, 0x2000, &(0x7f0000000000)="6121eed4cd50bb2b01e841acde1a", 0x0, 0x29d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

439.916334ms ago: executing program 3 (id=2459):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r0, 0x18000000000002a0, 0xf, 0x3a, &(0x7f0000000040)="b90108001f", 0x0, 0x80100, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

437.883795ms ago: executing program 1 (id=2460):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x14869, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000840)={&(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x6, {0x43, 0x3, 0x2}}, 0x10, &(0x7f0000000580), 0x0, &(0x7f0000000440)="94c33940946a143c19650ae6d1095cf18e61f19f286c164f8926af08b5ba2a8a79c79c9d106a9194fbf77ff052", 0x2d, 0x4000000}, 0x4000000)
mkdir(&(0x7f0000000980)='./file0\x00', 0x120)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="09000000010000004200000040000000c20000000706d2cc63d37e36836b1cf6dc132959ab2205bc104b5d9bc104a49ed530138cda974345b5c502f95dea8ed1c7465e787b4cd8fe44d7fa8d3530d6d08f386333bc009e7cb61186c6b5017bdfc1926eac1e0fb0898d9e816efc1d84c5ae4fcbdd074ccbf174ca54376ebc0c0914f85a592543fcecdf39b116bbc5638c24270ee67bbfe7fa538429d0916ddcf9", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed0079"], 0xcfa4)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xc7}, 0x0, 0x0, 0x5, 0x0, 0x0, 0x401}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2000000}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
sendmsg$kcm(r1, &(0x7f0000000640)={&(0x7f0000000300)=@hci={0x1f, 0xffffffffffffffff, 0x4}, 0x80, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="100000000000000001000000010000"], 0x20}, 0x8000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 2 (id=2461):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x5, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='memory.max\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x6, 0x12)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x0, 0x0, 0x9, 0x0, 0x7, 0x867, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, 0x0, 0x4000010)
close(0xffffffffffffffff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
recvmsg(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000fcffffff000000000800000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000ee0000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
close(r4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r7}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r8, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x200800, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000200)=ANY=[@ANYRES8=r4, @ANYRES8=r10], 0xb)
openat$cgroup_procs(r9, &(0x7f0000000080)='cgroup.threads\x00', 0x2, 0x0)
r11 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r11, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x400c84c)
ioctl$sock_kcm_SIOCKCMCLONE(r11, 0x89ed, 0x0)

kernel console output (not intermixed with test programs):

391][ T8345] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1472'.
[  286.531422][ T8338] validate_nla: 9 callbacks suppressed
[  286.531444][ T8338] netlink: 'syz.1.1470': attribute type 10 has an invalid length.
[  286.548304][ T8338] device veth0_vlan left promiscuous mode
[  286.565919][ T8338] device veth0_vlan entered promiscuous mode
[  286.583144][ T8338] team0: Device veth0_vlan failed to register rx_handler
[  286.625035][ T8345] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1472'.
[  286.863037][ T8354] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1474'.
[  287.022405][ T8357] netlink: 'syz.2.1476': attribute type 27 has an invalid length.
[  287.047921][ T8357] netlink: 'syz.2.1476': attribute type 3 has an invalid length.
[  287.080369][ T8357] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1476'.
[  287.636245][ T8355] FAULT_INJECTION: forcing a failure.
[  287.636245][ T8355] name fail_futex, interval 1, probability 0, space 0, times 1
[  287.683754][ T8355] CPU: 0 PID: 8355 Comm: syz.4.1474 Not tainted 6.1.136-syzkaller #0
[  287.691906][ T8355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  287.702010][ T8355] Call Trace:
[  287.705340][ T8355]  <TASK>
[  287.708310][ T8355]  dump_stack_lvl+0x168/0x22e
[  287.713077][ T8355]  ? show_regs_print_info+0x12/0x12
[  287.718329][ T8355]  ? load_image+0x3b0/0x3b0
[  287.722857][ T8355]  ? __lock_acquire+0x13c0/0x7c50
[  287.727936][ T8355]  should_fail_ex+0x399/0x4d0
[  287.732642][ T8355]  get_futex_key+0x18f/0xf50
[  287.737263][ T8355]  ? verify_lock_unused+0x140/0x140
[  287.742488][ T8355]  ? futex_setup_timer+0xc0/0xc0
[  287.747447][ T8355]  ? perf_trace_lock_acquire+0xf7/0x3c0
[  287.753010][ T8355]  ? perf_trace_lock_acquire+0xf7/0x3c0
[  287.758612][ T8355]  futex_wake+0x107/0x4b0
[  287.762960][ T8355]  ? trace_event_raw_event_lock+0x230/0x230
[  287.768873][ T8355]  ? futex_wake_mark+0x150/0x150
[  287.773940][ T8355]  do_futex+0x2e2/0x320
[  287.778184][ T8355]  ? __ia32_sys_get_robust_list+0x80/0x80
[  287.783946][ T8355]  ? __might_fault+0xc2/0x120
[  287.788647][ T8355]  mm_release+0x211/0x360
[  287.792995][ T8355]  ? exit_mm_release+0x30/0x30
[  287.797785][ T8355]  ? lockdep_hardirqs_on+0x94/0x140
[  287.803023][ T8355]  exit_mm+0xa4/0x2c0
[  287.807039][ T8355]  ? do_exit+0x2400/0x2400
[  287.811479][ T8355]  ? taskstats_exit+0x35a/0x9d0
[  287.816359][ T8355]  do_exit+0x8b9/0x2400
[  287.820573][ T8355]  ? put_task_struct+0x80/0x80
[  287.825405][ T8355]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  287.831412][ T8355]  ? _raw_spin_lock_irq+0x7a/0xe0
[  287.836461][ T8355]  ? lock_chain_count+0x20/0x20
[  287.841338][ T8355]  ? _raw_spin_lock_irq+0xab/0xe0
[  287.846388][ T8355]  do_group_exit+0x217/0x2d0
[  287.851006][ T8355]  ? lockdep_hardirqs_on+0x94/0x140
[  287.856237][ T8355]  get_signal+0x1272/0x1350
[  287.860782][ T8355]  arch_do_signal_or_restart+0xb0/0x1230
[  287.866441][ T8355]  ? __fget_files+0x44a/0x4d0
[  287.871192][ T8355]  ? get_sigframe_size+0x10/0x10
[  287.876149][ T8355]  ? fput+0x150/0x1a0
[  287.880188][ T8355]  ? exit_to_user_mode_loop+0x3b/0x110
[  287.885670][ T8355]  exit_to_user_mode_loop+0x70/0x110
[  287.890978][ T8355]  exit_to_user_mode_prepare+0xb1/0x140
[  287.896552][ T8355]  syscall_exit_to_user_mode+0x16/0x40
[  287.902037][ T8355]  do_syscall_64+0x58/0xa0
[  287.906474][ T8355]  ? clear_bhb_loop+0x45/0xa0
[  287.911166][ T8355]  ? clear_bhb_loop+0x45/0xa0
[  287.915861][ T8355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  287.921815][ T8355] RIP: 0033:0x7fa0b5f8e969
[  287.926247][ T8355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.945896][ T8355] RSP: 002b:00007fa0b5dde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  287.954327][ T8355] RAX: fffffffffffffe00 RBX: 00007fa0b61b6160 RCX: 00007fa0b5f8e969
[  287.962317][ T8355] RDX: 0000000040000002 RSI: 0000200000000e80 RDI: 0000000000000003
[  287.970321][ T8355] RBP: 00007fa0b5dde090 R08: 0000000000000000 R09: 0000000000000000
[  287.978329][ T8355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.986315][ T8355] R13: 0000000000000000 R14: 00007fa0b61b6160 R15: 00007ffe285c4248
[  287.994315][ T8355]  </TASK>
[  288.157434][ T8369] netlink: 'syz.3.1481': attribute type 27 has an invalid length.
[  288.167925][ T8369] netlink: 'syz.3.1481': attribute type 3 has an invalid length.
[  288.177088][ T8369] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1481'.
[  291.309723][ T8354] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1474'.
[  291.581233][ T8381] netlink: 'syz.1.1483': attribute type 29 has an invalid length.
[  291.607819][ T8381] netlink: 'syz.1.1483': attribute type 29 has an invalid length.
[  291.658177][ T8385] netlink: 'syz.1.1483': attribute type 29 has an invalid length.
[  291.687683][ T8386] netlink: 'syz.1.1483': attribute type 29 has an invalid length.
[  291.757556][ T8381] netlink: 'syz.1.1483': attribute type 29 has an invalid length.
[  292.216300][ T8397] netlink: 'syz.1.1490': attribute type 27 has an invalid length.
[  292.252132][ T8399] sctp: [Deprecated]: syz.0.1491 (pid 8399) Use of struct sctp_assoc_value in delayed_ack socket option.
[  292.252132][ T8399] Use struct sctp_sack_info instead
[  292.274140][ T8397] netlink: 'syz.1.1490': attribute type 3 has an invalid length.
[  292.300052][ T8397] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1490'.
[  292.822808][ T8403] netlink: 'syz.2.1492': attribute type 27 has an invalid length.
[  292.919323][ T8403] netlink: 'syz.2.1492': attribute type 3 has an invalid length.
[  292.975363][ T8403] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1492'.
[  293.325049][ T8412] FAULT_INJECTION: forcing a failure.
[  293.325049][ T8412] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.370303][ T8412] CPU: 1 PID: 8412 Comm: syz.0.1495 Not tainted 6.1.136-syzkaller #0
[  293.378457][ T8412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  293.388574][ T8412] Call Trace:
[  293.391890][ T8412]  <TASK>
[  293.394838][ T8412]  dump_stack_lvl+0x168/0x22e
[  293.399548][ T8412]  ? show_regs_print_info+0x12/0x12
[  293.404767][ T8412]  ? load_image+0x3b0/0x3b0
[  293.409307][ T8412]  ? __lock_acquire+0x7c50/0x7c50
[  293.414387][ T8412]  should_fail_ex+0x399/0x4d0
[  293.419085][ T8412]  ? 0xffffffffa0002090
[  293.423254][ T8412]  _copy_to_user+0x2c/0x130
[  293.427782][ T8412]  ? 0xffffffffa0002090
[  293.431955][ T8412]  bpf_obj_get_info_by_fd+0x17ca/0x2c00
[  293.437540][ T8412]  ? bpf_map_get_fd_by_id+0x310/0x310
[  293.442937][ T8412]  ? perf_trace_lock+0xf3/0x370
[  293.447805][ T8412]  ? perf_trace_lock+0xf3/0x370
[  293.452674][ T8412]  ? trace_event_raw_event_lock+0x230/0x230
[  293.458615][ T8412]  ? __might_fault+0xa6/0x120
[  293.463422][ T8412]  ? __might_fault+0xc2/0x120
[  293.468180][ T8412]  ? __might_fault+0xa6/0x120
[  293.472884][ T8412]  ? bpf_lsm_bpf+0x5/0x10
[  293.477238][ T8412]  ? security_bpf+0x7a/0xa0
[  293.481762][ T8412]  __sys_bpf+0x46d/0x6d0
[  293.486031][ T8412]  ? bpf_link_show_fdinfo+0x310/0x310
[  293.491440][ T8412]  ? lock_chain_count+0x20/0x20
[  293.496321][ T8412]  __x64_sys_bpf+0x78/0x90
[  293.500760][ T8412]  do_syscall_64+0x4c/0xa0
[  293.505231][ T8412]  ? clear_bhb_loop+0x45/0xa0
[  293.509959][ T8412]  ? clear_bhb_loop+0x45/0xa0
[  293.514670][ T8412]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.520591][ T8412] RIP: 0033:0x7f2da298e969
[  293.525025][ T8412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.544649][ T8412] RSP: 002b:00007f2da27ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  293.553081][ T8412] RAX: ffffffffffffffda RBX: 00007f2da2bb5fa0 RCX: 00007f2da298e969
[  293.561066][ T8412] RDX: 0000000000000010 RSI: 0000200000000600 RDI: 000000000000000f
[  293.569049][ T8412] RBP: 00007f2da27ff090 R08: 0000000000000000 R09: 0000000000000000
[  293.577032][ T8412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.585144][ T8412] R13: 0000000000000000 R14: 00007f2da2bb5fa0 R15: 00007ffc60e8f6b8
[  293.593152][ T8412]  </TASK>
[  294.130555][ T8406] netlink: 'syz.1.1493': attribute type 10 has an invalid length.
[  294.196276][ T8406] device veth0_vlan left promiscuous mode
[  294.219683][ T8406] device veth0_vlan entered promiscuous mode
[  294.246086][ T8406] team0: Device veth0_vlan failed to register rx_handler
[  296.544528][ T8432] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1503'.
[  296.688757][ T8434] validate_nla: 2 callbacks suppressed
[  296.688800][ T8434] netlink: 'syz.4.1504': attribute type 29 has an invalid length.
[  296.731267][ T8434] netlink: 'syz.4.1504': attribute type 29 has an invalid length.
[  296.745456][ T8436] netlink: 'syz.4.1504': attribute type 29 has an invalid length.
[  296.790422][ T8434] netlink: 'syz.4.1504': attribute type 29 has an invalid length.
[  296.822052][ T8434] netlink: 'syz.4.1504': attribute type 29 has an invalid length.
[  296.853410][ T8438] sctp: [Deprecated]: syz.1.1505 (pid 8438) Use of struct sctp_assoc_value in delayed_ack socket option.
[  296.853410][ T8438] Use struct sctp_sack_info instead
[  298.429428][ T8462] netlink: 'syz.4.1512': attribute type 10 has an invalid length.
[  298.509525][ T8462] device veth0_vlan left promiscuous mode
[  298.559151][ T8462] device veth0_vlan entered promiscuous mode
[  298.616773][ T8462] team0: Device veth0_vlan failed to register rx_handler
[  298.747626][ T8464] netlink: 'syz.3.1516': attribute type 27 has an invalid length.
[  298.791039][ T8464] netlink: 'syz.3.1516': attribute type 3 has an invalid length.
[  298.821711][ T8464] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1516'.
[  299.089969][ T8470] FAULT_INJECTION: forcing a failure.
[  299.089969][ T8470] name failslab, interval 1, probability 0, space 0, times 0
[  299.172328][ T8475] sctp: [Deprecated]: syz.4.1519 (pid 8475) Use of struct sctp_assoc_value in delayed_ack socket option.
[  299.172328][ T8475] Use struct sctp_sack_info instead
[  299.200721][ T8470] CPU: 1 PID: 8470 Comm: syz.2.1518 Not tainted 6.1.136-syzkaller #0
[  299.208872][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  299.218972][ T8470] Call Trace:
[  299.222295][ T8470]  <TASK>
[  299.225265][ T8470]  dump_stack_lvl+0x168/0x22e
[  299.229999][ T8470]  ? show_regs_print_info+0x12/0x12
[  299.235248][ T8470]  ? load_image+0x3b0/0x3b0
[  299.239792][ T8470]  ? __might_sleep+0xd0/0xd0
[  299.244426][ T8470]  ? __lock_acquire+0x7c50/0x7c50
[  299.249500][ T8470]  should_fail_ex+0x399/0x4d0
[  299.254230][ T8470]  should_failslab+0x5/0x20
[  299.258776][ T8470]  slab_pre_alloc_hook+0x59/0x310
[  299.263849][ T8470]  ? tomoyo_realpath_from_path+0xd2/0x5d0
[  299.269623][ T8470]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  299.275427][ T8470]  __kmem_cache_alloc_node+0x4f/0x260
[  299.280894][ T8470]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  299.286675][ T8470]  __kmalloc+0xa0/0x240
[  299.290881][ T8470]  tomoyo_realpath_from_path+0xdf/0x5d0
[  299.296585][ T8470]  tomoyo_path_number_perm+0x1e3/0x600
[  299.302203][ T8470]  ? tomoyo_path_number_perm+0x1b6/0x600
[  299.307897][ T8470]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  299.313410][ T8470]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  299.319491][ T8470]  ? __d_lookup+0x8b/0x7c0
[  299.323959][ T8470]  ? __lock_acquire+0x7c50/0x7c50
[  299.329045][ T8470]  ? hook_path_mknod+0x15b/0x4a0
[  299.334040][ T8470]  ? d_alloc_parallel+0x2d4/0x1480
[  299.339215][ T8470]  tomoyo_path_mknod+0x13f/0x180
[  299.344238][ T8470]  ? hook_path_mkdir+0x440/0x440
[  299.349242][ T8470]  ? tomoyo_path_symlink+0xe0/0xe0
[  299.354408][ T8470]  ? rwsem_write_trylock+0x12f/0x1b0
[  299.359844][ T8470]  security_path_mknod+0xec/0x140
[  299.364929][ T8470]  path_openat+0xb29/0x2e70
[  299.369522][ T8470]  ? do_filp_open+0x3c0/0x3c0
[  299.374252][ T8470]  ? perf_trace_lock+0xf3/0x370
[  299.379155][ T8470]  ? trace_event_raw_event_lock+0x230/0x230
[  299.385116][ T8470]  do_filp_open+0x1c1/0x3c0
[  299.389676][ T8470]  ? vfs_tmpfile+0x480/0x480
[  299.394350][ T8470]  ? _raw_spin_unlock+0x24/0x40
[  299.399253][ T8470]  ? alloc_fd+0x58f/0x630
[  299.403646][ T8470]  do_sys_openat2+0x142/0x490
[  299.408382][ T8470]  ? do_sys_open+0xe0/0xe0
[  299.412850][ T8470]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  299.418894][ T8470]  ? lock_chain_count+0x20/0x20
[  299.423808][ T8470]  __x64_sys_openat+0x135/0x160
[  299.428724][ T8470]  do_syscall_64+0x4c/0xa0
[  299.433193][ T8470]  ? clear_bhb_loop+0x45/0xa0
[  299.437922][ T8470]  ? clear_bhb_loop+0x45/0xa0
[  299.442638][ T8470]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  299.448589][ T8470] RIP: 0033:0x7ff502f8e969
[  299.453048][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.472721][ T8470] RSP: 002b:00007ff503d19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  299.481191][ T8470] RAX: ffffffffffffffda RBX: 00007ff5031b5fa0 RCX: 00007ff502f8e969
[  299.489319][ T8470] RDX: 00000000000026e1 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  299.497340][ T8470] RBP: 00007ff503d19090 R08: 0000000000000000 R09: 0000000000000000
[  299.505353][ T8470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.513454][ T8470] R13: 0000000000000000 R14: 00007ff5031b5fa0 R15: 00007ffeecdbed38
[  299.521492][ T8470]  </TASK>
[  299.547863][ T8470] ERROR: Out of memory at tomoyo_realpath_from_path.
[  300.012337][ T8486] netlink: 'syz.2.1522': attribute type 29 has an invalid length.
[  300.052328][ T8486] netlink: 'syz.2.1522': attribute type 29 has an invalid length.
[  300.276129][ T8493] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1523'.
[  300.300098][ T8494] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1525'.
[  300.951126][ T8503] device veth0_vlan left promiscuous mode
[  301.460404][ T8503] device veth0_vlan entered promiscuous mode
[  301.468848][ T8503] team0: Device veth0_vlan failed to register rx_handler
[  301.635493][ T8522] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1541'.
[  302.798263][ T8533] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1533'.
[  302.816609][ T8535] validate_nla: 9 callbacks suppressed
[  302.816627][ T8535] netlink: 'syz.4.1533': attribute type 10 has an invalid length.
[  302.845863][ T8535] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1533'.
[  302.862947][ T8535] bridge0: port 2(dummy0) entered blocking state
[  302.872446][ T8535] bridge0: port 2(dummy0) entered disabled state
[  302.888733][ T8535] device dummy0 entered promiscuous mode
[  302.911089][ T8535] bridge0: port 2(dummy0) entered blocking state
[  302.917702][ T8535] bridge0: port 2(dummy0) entered forwarding state
[  306.185170][ T8549] netlink: 'syz.1.1539': attribute type 10 has an invalid length.
[  306.193059][ T8549] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1539'.
[  306.234051][ T8549] bridge0: port 3(dummy0) entered blocking state
[  306.254367][ T8549] bridge0: port 3(dummy0) entered disabled state
[  306.276917][ T8549] device dummy0 entered promiscuous mode
[  306.316104][ T8549] bridge0: port 3(dummy0) entered blocking state
[  306.322582][ T8549] bridge0: port 3(dummy0) entered forwarding state
[  306.511542][ T8559] netlink: 'syz.0.1542': attribute type 27 has an invalid length.
[  306.573863][ T8559] netlink: 'syz.0.1542': attribute type 3 has an invalid length.
[  306.672705][ T8559] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1542'.
[  306.928600][ T8562] netlink: 'syz.2.1545': attribute type 10 has an invalid length.
[  307.294856][ T8571] netlink: 'syz.3.1547': attribute type 27 has an invalid length.
[  307.302755][ T8571] netlink: 'syz.3.1547': attribute type 3 has an invalid length.
[  307.379047][ T8571] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1547'.
[  307.417757][ T8562] device veth0_vlan left promiscuous mode
[  307.426594][ T8562] device veth0_vlan entered promiscuous mode
[  307.480452][ T8562] team0: Device veth0_vlan failed to register rx_handler
[  308.968937][ T8590] FAULT_INJECTION: forcing a failure.
[  308.968937][ T8590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.013779][ T8590] CPU: 0 PID: 8590 Comm: syz.3.1553 Not tainted 6.1.136-syzkaller #0
[  309.021922][ T8590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  309.032012][ T8590] Call Trace:
[  309.035319][ T8590]  <TASK>
[  309.035392][ T8592] FAULT_INJECTION: forcing a failure.
[  309.035392][ T8592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.038256][ T8590]  dump_stack_lvl+0x168/0x22e
[  309.038292][ T8590]  ? show_regs_print_info+0x12/0x12
[  309.061515][ T8590]  ? load_image+0x3b0/0x3b0
[  309.066148][ T8590]  ? __lock_acquire+0x7c50/0x7c50
[  309.071237][ T8590]  ? __virt_addr_valid+0x188/0x540
[  309.076402][ T8590]  should_fail_ex+0x399/0x4d0
[  309.081147][ T8590]  _copy_from_user+0x2c/0x170
[  309.085873][ T8590]  bpf_test_init+0xf9/0x150
[  309.090416][ T8590]  bpf_prog_test_run_xdp+0x359/0xe50
[  309.095736][ T8590]  ? rcu_is_watching+0x11/0xa0
[  309.100524][ T8590]  ? dev_put+0x80/0x80
[  309.104615][ T8590]  ? dev_put+0x80/0x80
[  309.108694][ T8590]  bpf_prog_test_run+0x31e/0x390
[  309.113655][ T8590]  __sys_bpf+0x593/0x6d0
[  309.117920][ T8590]  ? bpf_link_show_fdinfo+0x310/0x310
[  309.123315][ T8590]  ? lock_chain_count+0x20/0x20
[  309.128174][ T8590]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  309.134172][ T8590]  __x64_sys_bpf+0x78/0x90
[  309.138600][ T8590]  do_syscall_64+0x4c/0xa0
[  309.143068][ T8590]  ? clear_bhb_loop+0x45/0xa0
[  309.147749][ T8590]  ? clear_bhb_loop+0x45/0xa0
[  309.152432][ T8590]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  309.158350][ T8590] RIP: 0033:0x7ff2c8f8e969
[  309.162768][ T8590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.182488][ T8590] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  309.190914][ T8590] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  309.198894][ T8590] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  309.206889][ T8590] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  309.214882][ T8590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.222862][ T8590] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  309.230856][ T8590]  </TASK>
[  309.238394][ T8592] CPU: 0 PID: 8592 Comm: syz.2.1554 Not tainted 6.1.136-syzkaller #0
[  309.246525][ T8592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  309.256616][ T8592] Call Trace:
[  309.259932][ T8592]  <TASK>
[  309.262895][ T8592]  dump_stack_lvl+0x168/0x22e
[  309.267617][ T8592]  ? show_regs_print_info+0x12/0x12
[  309.272865][ T8592]  ? load_image+0x3b0/0x3b0
[  309.277415][ T8592]  ? __lock_acquire+0x7c50/0x7c50
[  309.282505][ T8592]  should_fail_ex+0x399/0x4d0
[  309.287213][ T8592]  _copy_from_user+0x2c/0x170
[  309.291917][ T8592]  kstrtouint_from_user+0xbe/0x150
[  309.297057][ T8592]  ? kstrtol_from_user+0x150/0x150
[  309.302210][ T8592]  proc_fail_nth_write+0x85/0x1f0
[  309.307258][ T8592]  ? proc_fail_nth_read+0x210/0x210
[  309.312478][ T8592]  ? common_file_perm+0x171/0x1c0
[  309.317527][ T8592]  ? proc_fail_nth_read+0x210/0x210
[  309.322741][ T8592]  vfs_write+0x2c4/0x960
[  309.327012][ T8592]  ? file_end_write+0x250/0x250
[  309.331883][ T8592]  ? __fget_files+0x28/0x4d0
[  309.336490][ T8592]  ? __fget_files+0x44a/0x4d0
[  309.341189][ T8592]  ? __fdget_pos+0x2ae/0x360
[  309.345821][ T8592]  ? ksys_write+0x71/0x240
[  309.350242][ T8592]  ksys_write+0x143/0x240
[  309.354578][ T8592]  ? __ia32_sys_read+0x80/0x80
[  309.359352][ T8592]  ? lockdep_hardirqs_on+0x94/0x140
[  309.364568][ T8592]  do_syscall_64+0x4c/0xa0
[  309.368994][ T8592]  ? clear_bhb_loop+0x45/0xa0
[  309.373676][ T8592]  ? clear_bhb_loop+0x45/0xa0
[  309.378363][ T8592]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  309.384269][ T8592] RIP: 0033:0x7ff502f8d41f
[  309.388692][ T8592] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  309.408312][ T8592] RSP: 002b:00007ff503d19030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  309.416734][ T8592] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff502f8d41f
[  309.424713][ T8592] RDX: 0000000000000001 RSI: 00007ff503d190a0 RDI: 0000000000000005
[  309.432691][ T8592] RBP: 00007ff503d19090 R08: 0000000000000000 R09: 0000000000000000
[  309.440670][ T8592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  309.448650][ T8592] R13: 0000000000000000 R14: 00007ff5031b5fa0 R15: 00007ffeecdbed38
[  309.456662][ T8592]  </TASK>
[  309.894372][ T8609] netlink: 'syz.3.1559': attribute type 27 has an invalid length.
[  309.902291][ T8609] netlink: 'syz.3.1559': attribute type 3 has an invalid length.
[  309.994435][ T8609] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1559'.
[  310.160136][ T8620] netlink: 122896 bytes leftover after parsing attributes in process `syz.2.1563'.
[  310.171565][ T8617] sctp: [Deprecated]: syz.0.1564 (pid 8617) Use of struct sctp_assoc_value in delayed_ack socket option.
[  310.171565][ T8617] Use struct sctp_sack_info instead
[  313.055697][ T8616] netlink: 'syz.1.1562': attribute type 10 has an invalid length.
[  313.070955][ T8616] device veth0_vlan left promiscuous mode
[  313.080333][ T8616] device veth0_vlan entered promiscuous mode
[  313.088580][ T8616] team0: Device veth0_vlan failed to register rx_handler
[  313.367017][ T8632] netlink: 'syz.3.1568': attribute type 21 has an invalid length.
[  313.404742][ T8632] netlink: 'syz.3.1568': attribute type 5 has an invalid length.
[  313.437381][ T8631] netlink: 'syz.0.1577': attribute type 21 has an invalid length.
[  313.502415][ T8631] netlink: 'syz.0.1577': attribute type 5 has an invalid length.
[  313.670016][ T8635] netlink: 'syz.4.1567': attribute type 27 has an invalid length.
[  313.686342][ T8635] netlink: 'syz.4.1567': attribute type 3 has an invalid length.
[  313.707380][ T8635] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1567'.
[  314.716877][ T8652] FAULT_INJECTION: forcing a failure.
[  314.716877][ T8652] name failslab, interval 1, probability 0, space 0, times 0
[  314.763814][ T8652] CPU: 1 PID: 8652 Comm: syz.2.1573 Not tainted 6.1.136-syzkaller #0
[  314.772045][ T8652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  314.782138][ T8652] Call Trace:
[  314.785451][ T8652]  <TASK>
[  314.788404][ T8652]  dump_stack_lvl+0x168/0x22e
[  314.793135][ T8652]  ? show_regs_print_info+0x12/0x12
[  314.798386][ T8652]  ? load_image+0x3b0/0x3b0
[  314.802926][ T8652]  ? __might_sleep+0xd0/0xd0
[  314.807574][ T8652]  ? __lock_acquire+0x7c50/0x7c50
[  314.812642][ T8652]  ? __lock_acquire+0x7c50/0x7c50
[  314.817715][ T8652]  should_fail_ex+0x399/0x4d0
[  314.822433][ T8652]  should_failslab+0x5/0x20
[  314.826972][ T8652]  slab_pre_alloc_hook+0x59/0x310
[  314.832043][ T8652]  ? ip6_setup_cork+0x1d7/0xfe0
[  314.836942][ T8652]  __kmem_cache_alloc_node+0x4f/0x260
[  314.842359][ T8652]  ? ip6_setup_cork+0x1d7/0xfe0
[  314.847265][ T8652]  kmalloc_trace+0x26/0xe0
[  314.851711][ T8652]  ip6_setup_cork+0x1d7/0xfe0
[  314.856419][ T8652]  ip6_append_data+0x29e/0x3e0
[  314.861222][ T8652]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  314.866098][ T8652]  l2tp_ip6_sendmsg+0x127b/0x16e0
[  314.871150][ T8652]  ? __might_sleep+0xd0/0xd0
[  314.875756][ T8652]  ? l2tp_ip6_destroy_sock+0x50/0x50
[  314.881078][ T8652]  ? aa_af_perm+0x2b0/0x2b0
[  314.885595][ T8652]  ? tomoyo_socket_sendmsg_permission+0x212/0x2f0
[  314.892031][ T8652]  ? sock_rps_record_flow+0x19/0x3f0
[  314.897339][ T8652]  ? inet_sendmsg+0x78/0x2f0
[  314.901962][ T8652]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  314.907276][ T8652]  ? security_socket_sendmsg+0x7c/0xa0
[  314.912770][ T8652]  ? inet_send_prepare+0x260/0x260
[  314.917903][ T8652]  ____sys_sendmsg+0x59b/0x970
[  314.922695][ T8652]  ? __sys_sendmsg_sock+0x30/0x30
[  314.927732][ T8652]  ? __import_iovec+0x315/0x500
[  314.932598][ T8652]  ? import_iovec+0x6f/0xa0
[  314.937110][ T8652]  ___sys_sendmsg+0x21c/0x290
[  314.941803][ T8652]  ? __sys_sendmsg+0x270/0x270
[  314.946598][ T8652]  ? __lock_acquire+0x7c50/0x7c50
[  314.951753][ T8652]  ? __fdget+0x17c/0x200
[  314.956038][ T8652]  __se_sys_sendmsg+0x19e/0x270
[  314.960905][ T8652]  ? __x64_sys_sendmsg+0x80/0x80
[  314.965874][ T8652]  ? lockdep_hardirqs_on+0x94/0x140
[  314.971092][ T8652]  do_syscall_64+0x4c/0xa0
[  314.975520][ T8652]  ? clear_bhb_loop+0x45/0xa0
[  314.980293][ T8652]  ? clear_bhb_loop+0x45/0xa0
[  314.984979][ T8652]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.990888][ T8652] RIP: 0033:0x7ff502f8e969
[  314.995336][ T8652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.014971][ T8652] RSP: 002b:00007ff503d19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.023399][ T8652] RAX: ffffffffffffffda RBX: 00007ff5031b5fa0 RCX: 00007ff502f8e969
[  315.031402][ T8652] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000003
[  315.039405][ T8652] RBP: 00007ff503d19090 R08: 0000000000000000 R09: 0000000000000000
[  315.047390][ T8652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.055372][ T8652] R13: 0000000000000000 R14: 00007ff5031b5fa0 R15: 00007ffeecdbed38
[  315.063362][ T8652]  </TASK>
[  315.084746][ T8655] sctp: [Deprecated]: syz.1.1575 (pid 8655) Use of struct sctp_assoc_value in delayed_ack socket option.
[  315.084746][ T8655] Use struct sctp_sack_info instead
[  315.470269][ T8658] netlink: 'syz.0.1576': attribute type 27 has an invalid length.
[  315.510549][ T8658] netlink: 'syz.0.1576': attribute type 3 has an invalid length.
[  315.553888][ T8658] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1576'.
[  316.703454][ T8667] netlink: 'syz.2.1580': attribute type 10 has an invalid length.
[  316.737183][ T8667] device veth0_vlan left promiscuous mode
[  316.746663][ T8667] device veth0_vlan entered promiscuous mode
[  316.765493][ T8667] team0: Device veth0_vlan failed to register rx_handler
[  316.803259][ T8678] netlink: 'syz.1.1583': attribute type 21 has an invalid length.
[  316.843787][ T8678] netlink: 'syz.1.1583': attribute type 5 has an invalid length.
[  317.097363][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  317.103797][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  317.496407][ T8692] netlink: 'syz.4.1584': attribute type 21 has an invalid length.
[  317.525400][ T8692] netlink: 'syz.4.1584': attribute type 5 has an invalid length.
[  317.818529][ T8700] netlink: 'syz.3.1589': attribute type 10 has an invalid length.
[  317.848679][ T8700] device veth0_vlan left promiscuous mode
[  317.880182][ T8700] device veth0_vlan entered promiscuous mode
[  317.911661][ T8702] sctp: [Deprecated]: syz.1.1591 (pid 8702) Use of struct sctp_assoc_value in delayed_ack socket option.
[  317.911661][ T8702] Use struct sctp_sack_info instead
[  317.995390][ T8700] team0: Device veth0_vlan failed to register rx_handler
[  318.866577][ T8710] netlink: 'syz.0.1592': attribute type 21 has an invalid length.
[  318.883041][ T8710] netlink: 'syz.0.1592': attribute type 5 has an invalid length.
[  319.430706][ T8726] FAULT_INJECTION: forcing a failure.
[  319.430706][ T8726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.459110][ T8726] CPU: 1 PID: 8726 Comm: syz.3.1600 Not tainted 6.1.136-syzkaller #0
[  319.467255][ T8726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  319.477346][ T8726] Call Trace:
[  319.480655][ T8726]  <TASK>
[  319.483612][ T8726]  dump_stack_lvl+0x168/0x22e
[  319.488336][ T8726]  ? show_regs_print_info+0x12/0x12
[  319.493570][ T8726]  ? load_image+0x3b0/0x3b0
[  319.498110][ T8726]  ? __lock_acquire+0x7c50/0x7c50
[  319.503184][ T8726]  should_fail_ex+0x399/0x4d0
[  319.507898][ T8726]  _copy_from_user+0x2c/0x170
[  319.512619][ T8726]  __sys_bpf+0x265/0x6d0
[  319.516908][ T8726]  ? bpf_link_show_fdinfo+0x310/0x310
[  319.522329][ T8726]  ? lock_chain_count+0x20/0x20
[  319.527226][ T8726]  __x64_sys_bpf+0x78/0x90
[  319.531679][ T8726]  do_syscall_64+0x4c/0xa0
[  319.536129][ T8726]  ? clear_bhb_loop+0x45/0xa0
[  319.540833][ T8726]  ? clear_bhb_loop+0x45/0xa0
[  319.545537][ T8726]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  319.551473][ T8726] RIP: 0033:0x7ff2c8f8e969
[  319.555917][ T8726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.575555][ T8726] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  319.584015][ T8726] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  319.592102][ T8726] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 0000000000000000
[  319.600103][ T8726] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  319.608105][ T8726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.616103][ T8726] R13: 0000000000000001 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  319.624119][ T8726]  </TASK>
[  319.650006][ T8720] device veth0_vlan left promiscuous mode
[  319.783325][ T8720] device veth0_vlan entered promiscuous mode
[  319.924733][ T8720] team0: Device veth0_vlan failed to register rx_handler
[  320.919331][ T8744] sctp: [Deprecated]: syz.2.1606 (pid 8744) Use of struct sctp_assoc_value in delayed_ack socket option.
[  320.919331][ T8744] Use struct sctp_sack_info instead
[  321.431686][ T8757] validate_nla: 1 callbacks suppressed
[  321.431727][ T8757] netlink: 'syz.2.1609': attribute type 21 has an invalid length.
[  321.459582][ T8756] netlink: 'syz.0.1620': attribute type 27 has an invalid length.
[  321.478266][ T8756] netlink: 'syz.0.1620': attribute type 3 has an invalid length.
[  321.496691][ T8757] netlink: 'syz.2.1609': attribute type 5 has an invalid length.
[  321.523980][ T8756] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1620'.
[  322.277436][ T8773] netlink: 'syz.1.1613': attribute type 27 has an invalid length.
[  322.323294][ T8773] netlink: 'syz.1.1613': attribute type 3 has an invalid length.
[  322.359652][ T8773] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1613'.
[  322.438871][ T8777] netlink: 'syz.0.1615': attribute type 10 has an invalid length.
[  322.478290][ T8777] device veth0_vlan left promiscuous mode
[  322.508042][ T8777] device veth0_vlan entered promiscuous mode
[  322.548570][ T8777] team0: Device veth0_vlan failed to register rx_handler
[  322.910748][ T8782] netlink: 'syz.3.1616': attribute type 27 has an invalid length.
[  322.938116][ T8782] netlink: 'syz.3.1616': attribute type 3 has an invalid length.
[  322.967416][ T8782] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1616'.
[  323.941431][ T8787] netlink: 'syz.4.1619': attribute type 10 has an invalid length.
[  323.952678][ T8787] device veth0_vlan left promiscuous mode
[  323.977524][ T8787] device veth0_vlan entered promiscuous mode
[  323.988439][ T8787] team0: Device veth0_vlan failed to register rx_handler
[  324.147922][ T8789] sctp: [Deprecated]: syz.1.1621 (pid 8789) Use of struct sctp_assoc_value in delayed_ack socket option.
[  324.147922][ T8789] Use struct sctp_sack_info instead
[  324.363685][ T8793] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1624'.
[  324.920124][ T8808] syz.4.1628 (8808) used obsolete PPPIOCDETACH ioctl
[  325.307236][ T8823] device veth0_vlan left promiscuous mode
[  325.330097][ T8823] device veth0_vlan entered promiscuous mode
[  325.359208][ T8823] team0: Device veth0_vlan failed to register rx_handler
[  325.522211][ T8827] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1635'.
[  325.813925][ T8829] sctp: [Deprecated]: syz.2.1636 (pid 8829) Use of struct sctp_assoc_value in delayed_ack socket option.
[  325.813925][ T8829] Use struct sctp_sack_info instead
[  329.293902][ T8851] validate_nla: 11 callbacks suppressed
[  329.293922][ T8851] netlink: 'syz.0.1641': attribute type 27 has an invalid length.
[  329.333784][ T8851] netlink: 'syz.0.1641': attribute type 3 has an invalid length.
[  329.341704][ T8851] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1641'.
[  329.639743][ T8860] netlink: 'syz.2.1647': attribute type 21 has an invalid length.
[  329.714141][ T8860] netlink: 'syz.2.1647': attribute type 5 has an invalid length.
[  329.859610][ T8865] sctp: [Deprecated]: syz.3.1649 (pid 8865) Use of struct sctp_assoc_value in delayed_ack socket option.
[  329.859610][ T8865] Use struct sctp_sack_info instead
[  331.936812][ T8874] netlink: 'syz.3.1652': attribute type 10 has an invalid length.
[  331.954275][ T8874] device veth0_vlan left promiscuous mode
[  331.968969][ T8874] device veth0_vlan entered promiscuous mode
[  331.980426][ T8874] team0: Device veth0_vlan failed to register rx_handler
[  332.013218][ T8877] cgroup: fork rejected by pids controller in /syz0
[  332.373479][ T8989] netlink: 'syz.1.1659': attribute type 29 has an invalid length.
[  332.409253][ T8989] netlink: 'syz.1.1659': attribute type 29 has an invalid length.
[  332.431621][ T8985] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1657'.
[  332.444647][ T8985] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1657'.
[  332.456244][ T8991] netlink: 'syz.1.1659': attribute type 29 has an invalid length.
[  332.510710][ T8994] device veth1_macvtap left promiscuous mode
[  332.532446][ T8994] device macsec0 entered promiscuous mode
[  332.662716][ T8999] sctp: [Deprecated]: syz.4.1662 (pid 8999) Use of struct sctp_assoc_value in delayed_ack socket option.
[  332.662716][ T8999] Use struct sctp_sack_info instead
[  332.840617][ T1269] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.955551][ T9003] netlink: 'syz.3.1665': attribute type 27 has an invalid length.
[  332.993215][ T9003] netlink: 'syz.3.1665': attribute type 3 has an invalid length.
[  333.009480][ T1269] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.020612][ T9003] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1665'.
[  333.220731][ T1269] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.560181][ T1269] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.595487][ T9013] device veth0_vlan left promiscuous mode
[  333.618525][ T9013] device veth0_vlan entered promiscuous mode
[  333.695093][ T9013] team0: Device veth0_vlan failed to register rx_handler
[  334.355038][ T4260] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  334.365813][ T4260] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  334.374766][ T4260] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  334.399157][ T4260] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  334.414884][ T4260] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  334.422569][ T4260] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  334.536354][ T9042] FAULT_INJECTION: forcing a failure.
[  334.536354][ T9042] name failslab, interval 1, probability 0, space 0, times 0
[  334.549466][ T9042] CPU: 1 PID: 9042 Comm: syz.3.1675 Not tainted 6.1.136-syzkaller #0
[  334.557583][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  334.567673][ T9042] Call Trace:
[  334.570986][ T9042]  <TASK>
[  334.573947][ T9042]  dump_stack_lvl+0x168/0x22e
[  334.578681][ T9042]  ? show_regs_print_info+0x12/0x12
[  334.583933][ T9042]  ? load_image+0x3b0/0x3b0
[  334.588489][ T9042]  should_fail_ex+0x399/0x4d0
[  334.593206][ T9042]  should_failslab+0x5/0x20
[  334.597746][ T9042]  slab_pre_alloc_hook+0x59/0x310
[  334.602824][ T9042]  kmem_cache_alloc+0x56/0x2f0
[  334.607628][ T9042]  ? batadv_tt_local_add+0x475/0x1a70
[  334.613068][ T9042]  batadv_tt_local_add+0x475/0x1a70
[  334.618338][ T9042]  ? batadv_tt_global_entry_put+0x140/0x140
[  334.624283][ T9042]  ? batadv_get_vid+0x15f/0x270
[  334.629193][ T9042]  batadv_interface_tx+0x73b/0x15d0
[  334.634456][ T9042]  ? batadv_softif_is_valid+0x60/0x60
[  334.639850][ T9042]  ? netif_skb_features+0x833/0xbc0
[  334.645069][ T9042]  dev_hard_start_xmit+0x262/0x870
[  334.650201][ T9042]  __dev_queue_xmit+0x1bf1/0x3760
[  334.655239][ T9042]  ? __dev_queue_xmit+0x26f/0x3760
[  334.660393][ T9042]  ? netdev_core_pick_tx+0x340/0x340
[  334.665702][ T9042]  ? __kmem_cache_alloc_node+0x140/0x260
[  334.671349][ T9042]  ? skb_release_data+0x1d2/0x7c0
[  334.676400][ T9042]  __bpf_redirect+0xbdd/0x1180
[  334.681181][ T9042]  bpf_clone_redirect+0x26c/0x3c0
[  334.686219][ T9042]  bpf_prog_dde6c29962cc7727+0x56/0x5b
[  334.691720][ T9042]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  334.697732][ T9042]  ? lock_chain_count+0x20/0x20
[  334.702604][ T9042]  ? seqcount_lockdep_reader_access+0x120/0x1c0
[  334.708861][ T9042]  ? lockdep_hardirqs_on+0x94/0x140
[  334.714108][ T9042]  ? ktime_get+0x7b/0x270
[  334.718444][ T9042]  ? seqcount_lockdep_reader_access+0x172/0x1c0
[  334.724696][ T9042]  ? ktime_get_real_ts64+0x420/0x420
[  334.729990][ T9042]  ? read_lock_is_recursive+0x10/0x10
[  334.735376][ T9042]  ? __cant_sleep+0x210/0x210
[  334.740073][ T9042]  ? ktime_get+0x247/0x270
[  334.744501][ T9042]  bpf_test_run+0x323/0x870
[  334.749017][ T9042]  ? slab_post_alloc_hook+0x67/0x480
[  334.754323][ T9042]  ? convert___skb_to_skb+0x580/0x580
[  334.759708][ T9042]  ? eth_get_headlen+0x1f0/0x1f0
[  334.764653][ T9042]  ? __build_skb+0x257/0x3c0
[  334.769262][ T9042]  ? convert___skb_to_skb+0x3d/0x580
[  334.774555][ T9042]  bpf_prog_test_run_skb+0xa40/0x11b0
[  334.779950][ T9042]  ? cpu_online+0xa0/0xa0
[  334.784298][ T9042]  bpf_prog_test_run+0x31e/0x390
[  334.789248][ T9042]  __sys_bpf+0x593/0x6d0
[  334.793525][ T9042]  ? bpf_link_show_fdinfo+0x310/0x310
[  334.798933][ T9042]  ? lock_chain_count+0x20/0x20
[  334.803813][ T9042]  __x64_sys_bpf+0x78/0x90
[  334.808249][ T9042]  do_syscall_64+0x4c/0xa0
[  334.812682][ T9042]  ? clear_bhb_loop+0x45/0xa0
[  334.817385][ T9042]  ? clear_bhb_loop+0x45/0xa0
[  334.822106][ T9042]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.828022][ T9042] RIP: 0033:0x7ff2c8f8e969
[  334.832470][ T9042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.852111][ T9042] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  334.860541][ T9042] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  334.868524][ T9042] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  334.876589][ T9042] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  334.884563][ T9042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.892559][ T9042] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  334.900549][ T9042]  </TASK>
[  334.946141][ T9033] validate_nla: 1 callbacks suppressed
[  334.946159][ T9033] netlink: 'syz.2.1672': attribute type 13 has an invalid length.
[  334.986442][ T9033] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1672'.
[  335.341471][ T9060] netlink: 'syz.1.1679': attribute type 27 has an invalid length.
[  335.372390][ T9060] netlink: 'syz.1.1679': attribute type 3 has an invalid length.
[  335.415575][ T9060] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1679'.
[  336.494370][ T4262] Bluetooth: hci2: command 0x0409 tx timeout
[  336.549384][ T9074] netlink: 'syz.3.1682': attribute type 10 has an invalid length.
[  336.596742][ T9074] device veth0_vlan left promiscuous mode
[  336.624852][ T9074] device veth0_vlan entered promiscuous mode
[  336.632768][ T9074] team0: Device veth0_vlan failed to register rx_handler
[  337.052596][ T9025] chnl_net:caif_netlink_parms(): no params data found
[  337.120138][ T9092] netlink: 127868 bytes leftover after parsing attributes in process `syz.4.1688'.
[  337.203057][ T9092] netlink: 6955 bytes leftover after parsing attributes in process `syz.4.1688'.
[  337.471000][ T9104] FAULT_INJECTION: forcing a failure.
[  337.471000][ T9104] name failslab, interval 1, probability 0, space 0, times 0
[  337.509600][ T9106] netlink: 'syz.3.1692': attribute type 21 has an invalid length.
[  337.513816][ T9104] CPU: 0 PID: 9104 Comm: syz.4.1691 Not tainted 6.1.136-syzkaller #0
[  337.525685][ T9104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  337.530925][ T9106] netlink: 'syz.3.1692': attribute type 5 has an invalid length.
[  337.535750][ T9104] Call Trace:
[  337.535763][ T9104]  <TASK>
[  337.535772][ T9104]  dump_stack_lvl+0x168/0x22e
[  337.535808][ T9104]  ? show_regs_print_info+0x12/0x12
[  337.535836][ T9104]  ? load_image+0x3b0/0x3b0
[  337.535861][ T9104]  ? __might_sleep+0xd0/0xd0
[  337.535892][ T9104]  ? __lock_acquire+0x7c50/0x7c50
[  337.535923][ T9104]  should_fail_ex+0x399/0x4d0
[  337.578577][ T9104]  should_failslab+0x5/0x20
[  337.583121][ T9104]  slab_pre_alloc_hook+0x59/0x310
[  337.588193][ T9104]  kmem_cache_alloc_node+0x5a/0x320
[  337.593445][ T9104]  ? __alloc_skb+0xfc/0x7e0
[  337.597998][ T9104]  __alloc_skb+0xfc/0x7e0
[  337.602374][ T9104]  ? netlink_autobind+0xda/0x300
[  337.607362][ T9104]  netlink_sendmsg+0x645/0xbc0
[  337.612188][ T9104]  ? netlink_getsockopt+0x540/0x540
[  337.617450][ T9104]  ? aa_sock_msg_perm+0x94/0x150
[  337.622424][ T9104]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  337.627755][ T9104]  ? security_socket_sendmsg+0x7c/0xa0
[  337.633316][ T9104]  ? netlink_getsockopt+0x540/0x540
[  337.638561][ T9104]  ____sys_sendmsg+0x59b/0x970
[  337.643382][ T9104]  ? __sys_sendmsg_sock+0x30/0x30
[  337.648441][ T9104]  ? __import_iovec+0x315/0x500
[  337.653314][ T9104]  ? import_iovec+0x6f/0xa0
[  337.657837][ T9104]  ___sys_sendmsg+0x21c/0x290
[  337.662534][ T9104]  ? __sys_sendmsg+0x270/0x270
[  337.667334][ T9104]  ? __lock_acquire+0x7c50/0x7c50
[  337.672389][ T9104]  ? __fdget+0x17c/0x200
[  337.676653][ T9104]  __se_sys_sendmsg+0x19e/0x270
[  337.681527][ T9104]  ? __x64_sys_sendmsg+0x80/0x80
[  337.686498][ T9104]  ? lockdep_hardirqs_on+0x94/0x140
[  337.691720][ T9104]  do_syscall_64+0x4c/0xa0
[  337.696146][ T9104]  ? clear_bhb_loop+0x45/0xa0
[  337.700825][ T9104]  ? clear_bhb_loop+0x45/0xa0
[  337.705508][ T9104]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  337.711414][ T9104] RIP: 0033:0x7fa0b5f8e969
[  337.715832][ T9104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.735443][ T9104] RSP: 002b:00007fa0b6d24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.743882][ T9104] RAX: ffffffffffffffda RBX: 00007fa0b61b5fa0 RCX: 00007fa0b5f8e969
[  337.751859][ T9104] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000007
[  337.759837][ T9104] RBP: 00007fa0b6d24090 R08: 0000000000000000 R09: 0000000000000000
[  337.767811][ T9104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.775784][ T9104] R13: 0000000000000000 R14: 00007fa0b61b5fa0 R15: 00007ffe285c4248
[  337.783774][ T9104]  </TASK>
[  337.867756][ T9025] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.894347][ T9025] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.903284][ T9114] netlink: 'syz.2.1693': attribute type 27 has an invalid length.
[  337.913420][ T9025] device bridge_slave_0 entered promiscuous mode
[  337.920035][ T9114] netlink: 'syz.2.1693': attribute type 3 has an invalid length.
[  337.942471][ T9114] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1693'.
[  338.584084][ T4262] Bluetooth: hci2: command 0x041b tx timeout
[  338.957723][ T9025] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.970003][ T9025] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.978581][ T9025] device bridge_slave_1 entered promiscuous mode
[  339.094143][ T9025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.141998][ T1269] device hsr_slave_0 left promiscuous mode
[  339.162743][ T1269] device hsr_slave_1 left promiscuous mode
[  339.196733][ T1269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.212454][ T1269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.245443][ T1269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.270331][ T1269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.302303][ T1269] device bridge_slave_0 left promiscuous mode
[  339.313996][ T1269] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.485156][ T1269] device veth1_macvtap left promiscuous mode
[  339.506981][ T1269] device veth0_macvtap left promiscuous mode
[  339.526047][ T1269] device veth1_vlan left promiscuous mode
[  340.380225][ T1269] team0 (unregistering): Port device team_slave_1 removed
[  340.429901][ T1269] team0 (unregistering): Port device team_slave_0 removed
[  340.470499][ T1269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.512682][ T1269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  340.554508][ T1269] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  340.658652][ T4262] Bluetooth: hci2: command 0x040f tx timeout
[  340.935993][ T1269] bond0 (unregistering): Released all slaves
[  341.008658][ T9025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  341.021618][ T9135] netlink: 'syz.1.1696': attribute type 10 has an invalid length.
[  341.037075][ T9135] device veth0_vlan left promiscuous mode
[  341.047701][ T9135] device veth0_vlan entered promiscuous mode
[  341.060752][ T9135] team0: Device veth0_vlan failed to register rx_handler
[  341.162791][ T9141] device syzkaller0 entered promiscuous mode
[  341.663059][ T9192] netlink: 'syz.2.1707': attribute type 27 has an invalid length.
[  341.702950][ T9192] netlink: 'syz.2.1707': attribute type 3 has an invalid length.
[  341.713888][ T9192] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1707'.
[  342.735563][ T4262] Bluetooth: hci2: command 0x0419 tx timeout
[  344.296247][ T9025] team0: Port device team_slave_0 added
[  344.386901][ T9025] team0: Port device team_slave_1 added
[  344.485121][ T9197] netlink: 'syz.2.1709': attribute type 21 has an invalid length.
[  344.508365][ T9197] netlink: 'syz.2.1709': attribute type 5 has an invalid length.
[  344.585654][ T9025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.600524][ T9025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.647365][ T9025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.700630][ T9025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.714641][ T9025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.769849][ T9025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.796329][ T9211] FAULT_INJECTION: forcing a failure.
[  344.796329][ T9211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.820398][ T9211] CPU: 1 PID: 9211 Comm: syz.4.1713 Not tainted 6.1.136-syzkaller #0
[  344.828544][ T9211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  344.838639][ T9211] Call Trace:
[  344.841958][ T9211]  <TASK>
[  344.844930][ T9211]  dump_stack_lvl+0x168/0x22e
[  344.849654][ T9211]  ? show_regs_print_info+0x12/0x12
[  344.854994][ T9211]  ? load_image+0x3b0/0x3b0
[  344.859516][ T9211]  ? __lock_acquire+0x7c50/0x7c50
[  344.864571][ T9211]  ? snprintf+0xd7/0x120
[  344.868836][ T9211]  should_fail_ex+0x399/0x4d0
[  344.873537][ T9211]  _copy_to_user+0x2c/0x130
[  344.878063][ T9211]  simple_read_from_buffer+0xe3/0x150
[  344.883447][ T9211]  proc_fail_nth_read+0x19a/0x210
[  344.888481][ T9211]  ? proc_fault_inject_write+0x2f0/0x2f0
[  344.894214][ T9211]  ? fsnotify_perm+0x248/0x550
[  344.898994][ T9211]  ? proc_fault_inject_write+0x2f0/0x2f0
[  344.904660][ T9211]  vfs_read+0x2c0/0x920
[  344.908841][ T9211]  ? kernel_read+0x1e0/0x1e0
[  344.913458][ T9211]  ? __fget_files+0x28/0x4d0
[  344.918088][ T9211]  ? __fget_files+0x44a/0x4d0
[  344.922803][ T9211]  ? __fdget_pos+0x2ae/0x360
[  344.927417][ T9211]  ? ksys_read+0x71/0x240
[  344.931763][ T9211]  ksys_read+0x143/0x240
[  344.936033][ T9211]  ? vfs_write+0x960/0x960
[  344.940476][ T9211]  ? lockdep_hardirqs_on+0x94/0x140
[  344.945699][ T9211]  do_syscall_64+0x4c/0xa0
[  344.950129][ T9211]  ? clear_bhb_loop+0x45/0xa0
[  344.954818][ T9211]  ? clear_bhb_loop+0x45/0xa0
[  344.959509][ T9211]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  344.965438][ T9211] RIP: 0033:0x7fa0b5f8d37c
[  344.969864][ T9211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  344.989479][ T9211] RSP: 002b:00007fa0b6d24030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  344.997904][ T9211] RAX: ffffffffffffffda RBX: 00007fa0b61b5fa0 RCX: 00007fa0b5f8d37c
[  345.005904][ T9211] RDX: 000000000000000f RSI: 00007fa0b6d240a0 RDI: 0000000000000004
[  345.013887][ T9211] RBP: 00007fa0b6d24090 R08: 0000000000000000 R09: 0000000000000000
[  345.021868][ T9211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.029849][ T9211] R13: 0000000000000000 R14: 00007fa0b61b5fa0 R15: 00007ffe285c4248
[  345.037844][ T9211]  </TASK>
[  345.054999][ T9209] netlink: 'syz.1.1712': attribute type 21 has an invalid length.
[  345.063224][ T9209] netlink: 'syz.1.1712': attribute type 5 has an invalid length.
[  345.134741][ T9216] netlink: 'syz.3.1714': attribute type 10 has an invalid length.
[  345.149709][ T9216] device veth0_vlan left promiscuous mode
[  345.202085][ T9216] device veth0_vlan entered promiscuous mode
[  345.247969][ T9216] team0: Device veth0_vlan failed to register rx_handler
[  345.252649][ T9220] FAULT_INJECTION: forcing a failure.
[  345.252649][ T9220] name failslab, interval 1, probability 0, space 0, times 0
[  345.279165][ T9220] CPU: 0 PID: 9220 Comm: syz.4.1716 Not tainted 6.1.136-syzkaller #0
[  345.287311][ T9220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  345.297391][ T9220] Call Trace:
[  345.300700][ T9220]  <TASK>
[  345.303655][ T9220]  dump_stack_lvl+0x168/0x22e
[  345.308383][ T9220]  ? show_regs_print_info+0x12/0x12
[  345.313618][ T9220]  ? load_image+0x3b0/0x3b0
[  345.318184][ T9220]  ? __lock_acquire+0x7c50/0x7c50
[  345.323277][ T9220]  ? nf_nat_ipv4_local_fn+0x3e5/0x530
[  345.328725][ T9220]  should_fail_ex+0x399/0x4d0
[  345.333439][ T9220]  should_failslab+0x5/0x20
[  345.337956][ T9220]  slab_pre_alloc_hook+0x59/0x310
[  345.342992][ T9220]  ? nf_hook+0x9a/0x370
[  345.347162][ T9220]  kmem_cache_alloc+0x56/0x2f0
[  345.351937][ T9220]  ? skb_clone+0x1e7/0x370
[  345.356370][ T9220]  skb_clone+0x1e7/0x370
[  345.360626][ T9220]  ? ip_mc_output+0x223/0x5e0
[  345.365345][ T9220]  ip_mc_output+0x230/0x5e0
[  345.369865][ T9220]  ip_send_skb+0x129/0x1c0
[  345.374294][ T9220]  raw_sendmsg+0x1435/0x1930
[  345.378910][ T9220]  ? compat_raw_ioctl+0x60/0x60
[  345.383779][ T9220]  ? verify_lock_unused+0x140/0x140
[  345.388999][ T9220]  ? aa_sk_perm+0x7e5/0x920
[  345.393516][ T9220]  ? tomoyo_socket_sendmsg_permission+0x212/0x2f0
[  345.399953][ T9220]  ? sock_rps_record_flow+0x19/0x3f0
[  345.405343][ T9220]  ? inet_sendmsg+0x78/0x2f0
[  345.409946][ T9220]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  345.415241][ T9220]  ? security_socket_sendmsg+0x7c/0xa0
[  345.420716][ T9220]  ? inet_send_prepare+0x260/0x260
[  345.425846][ T9220]  ____sys_sendmsg+0x59b/0x970
[  345.430626][ T9220]  ? __lock_acquire+0x7c50/0x7c50
[  345.435676][ T9220]  ? __sys_sendmsg_sock+0x30/0x30
[  345.440713][ T9220]  ? __import_iovec+0x315/0x500
[  345.445576][ T9220]  ? import_iovec+0x6f/0xa0
[  345.450084][ T9220]  ___sys_sendmsg+0x21c/0x290
[  345.454795][ T9220]  ? __sys_sendmsg+0x270/0x270
[  345.459605][ T9220]  ? __lock_acquire+0x7c50/0x7c50
[  345.464665][ T9220]  ? __fdget+0x17c/0x200
[  345.468938][ T9220]  __se_sys_sendmsg+0x19e/0x270
[  345.473803][ T9220]  ? ct_nmi_exit+0x145/0x1c0
[  345.478401][ T9220]  ? __x64_sys_sendmsg+0x80/0x80
[  345.483361][ T9220]  ? lockdep_hardirqs_on+0x94/0x140
[  345.488576][ T9220]  do_syscall_64+0x4c/0xa0
[  345.493087][ T9220]  ? clear_bhb_loop+0x45/0xa0
[  345.497770][ T9220]  ? clear_bhb_loop+0x45/0xa0
[  345.502454][ T9220]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  345.508365][ T9220] RIP: 0033:0x7fa0b5f8e969
[  345.512786][ T9220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.532397][ T9220] RSP: 002b:00007fa0b6d24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  345.540817][ T9220] RAX: ffffffffffffffda RBX: 00007fa0b61b5fa0 RCX: 00007fa0b5f8e969
[  345.548880][ T9220] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  345.556859][ T9220] RBP: 00007fa0b6d24090 R08: 0000000000000000 R09: 0000000000000000
[  345.564833][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.572807][ T9220] R13: 0000000000000000 R14: 00007fa0b61b5fa0 R15: 00007ffe285c4248
[  345.580798][ T9220]  </TASK>
[  345.742887][ T9025] device hsr_slave_0 entered promiscuous mode
[  345.774867][ T9025] device hsr_slave_1 entered promiscuous mode
[  345.793752][ T9025] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  345.801378][ T9025] Cannot create hsr debugfs directory
[  348.087255][ T3624] udevd[3624]: worker [9198] terminated by signal 33 (Unknown signal 33)
[  348.119743][ T3624] udevd[3624]: worker [9198] failed while handling '/devices/virtual/net/lapb8'
[  348.183555][ T3624] udevd[3624]: worker [9199] terminated by signal 33 (Unknown signal 33)
[  348.192250][ T3624] udevd[3624]: worker [9199] failed while handling '/devices/netdevsim0/net/eth3'
[  348.578244][ T9255] netlink: 'syz.4.1726': attribute type 21 has an invalid length.
[  348.626757][ T9255] netlink: 'syz.4.1726': attribute type 5 has an invalid length.
[  348.679433][ T9254] netlink: 'syz.3.1728': attribute type 10 has an invalid length.
[  348.731579][ T9254] device veth0_vlan left promiscuous mode
[  348.899772][ T9254] device veth0_vlan entered promiscuous mode
[  349.013480][ T9254] team0: Device veth0_vlan failed to register rx_handler
[  349.545324][ T9025] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  349.569665][ T9025] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  349.620756][ T9025] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  349.662100][ T9025] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  350.113151][ T9025] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.202214][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  350.236286][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  350.259244][ T9280] netlink: 'syz.1.1738': attribute type 27 has an invalid length.
[  350.310492][ T9025] 8021q: adding VLAN 0 to HW filter on device team0
[  350.328857][ T9280] netlink: 'syz.1.1738': attribute type 3 has an invalid length.
[  350.382423][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  350.401340][ T9280] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1738'.
[  350.432108][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  350.491665][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.498954][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.628832][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  350.666156][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  350.721099][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  350.738411][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.745635][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.772665][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  350.828696][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  350.861926][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  350.890076][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  350.920398][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  350.956877][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  350.967751][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  350.987430][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  351.007625][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  351.023569][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  351.033350][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  351.051806][ T9025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  351.434802][ T9300] netlink: 'syz.2.1745': attribute type 10 has an invalid length.
[  351.492301][ T9300] device veth0_vlan left promiscuous mode
[  351.527912][ T9300] device veth0_vlan entered promiscuous mode
[  351.559585][ T9300] team0: Device veth0_vlan failed to register rx_handler
[  351.796344][ T9298] netlink: 'syz.1.1743': attribute type 10 has an invalid length.
[  351.812584][ T9298] device veth0_vlan left promiscuous mode
[  351.933155][ T9298] device veth0_vlan entered promiscuous mode
[  352.072144][ T9298] team0: Device veth0_vlan failed to register rx_handler
[  352.271534][ T9025] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.298178][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  352.319067][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  352.431665][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  352.455167][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  352.604843][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  352.630478][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  352.660631][ T9025] device veth0_vlan entered promiscuous mode
[  352.670256][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  352.690278][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  352.715564][ T9316] FAULT_INJECTION: forcing a failure.
[  352.715564][ T9316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.722198][ T9025] device veth1_vlan entered promiscuous mode
[  352.775425][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  352.795663][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  352.811142][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  352.823385][ T9316] CPU: 0 PID: 9316 Comm: syz.3.1750 Not tainted 6.1.136-syzkaller #0
[  352.828693][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  352.831504][ T9316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  352.831518][ T9316] Call Trace:
[  352.845127][ T9025] device veth0_macvtap entered promiscuous mode
[  352.849451][ T9316]  <TASK>
[  352.849464][ T9316]  dump_stack_lvl+0x168/0x22e
[  352.860942][ T9025] device veth1_macvtap entered promiscuous mode
[  352.861922][ T9316]  ? show_regs_print_info+0x12/0x12
[  352.878081][ T9316]  ? load_image+0x3b0/0x3b0
[  352.882606][ T9316]  ? __lock_acquire+0x7c50/0x7c50
[  352.887646][ T9316]  should_fail_ex+0x399/0x4d0
[  352.892334][ T9316]  _copy_from_user+0x2c/0x170
[  352.897033][ T9316]  iovec_from_user+0x143/0x360
[  352.901811][ T9316]  __import_iovec+0x6d/0x500
[  352.906413][ T9316]  ? __might_fault+0xa6/0x120
[  352.911104][ T9316]  import_iovec+0x6f/0xa0
[  352.915460][ T9316]  ___sys_recvmsg+0x433/0x510
[  352.920173][ T9316]  ? __sys_recvmsg+0x270/0x270
[  352.924968][ T9316]  ? common_file_perm+0x171/0x1c0
[  352.930029][ T9316]  ? __fget_files+0x44a/0x4d0
[  352.934748][ T9316]  ? __fdget+0x17c/0x200
[  352.939018][ T9316]  __x64_sys_recvmsg+0x1eb/0x2b0
[  352.943984][ T9316]  ? ___sys_recvmsg+0x510/0x510
[  352.948858][ T9316]  ? lockdep_hardirqs_on+0x94/0x140
[  352.954073][ T9316]  do_syscall_64+0x4c/0xa0
[  352.958500][ T9316]  ? clear_bhb_loop+0x45/0xa0
[  352.963266][ T9316]  ? clear_bhb_loop+0x45/0xa0
[  352.967952][ T9316]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  352.973878][ T9316] RIP: 0033:0x7ff2c8f8e969
[  352.978298][ T9316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.997916][ T9316] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  353.006337][ T9316] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  353.014317][ T9316] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  353.022297][ T9316] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  353.030274][ T9316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.038249][ T9316] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  353.046269][ T9316]  </TASK>
[  353.076283][ T9318] netlink: 'syz.1.1751': attribute type 27 has an invalid length.
[  353.092970][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.113644][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.123739][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.132503][ T9318] netlink: 'syz.1.1751': attribute type 3 has an invalid length.
[  353.134512][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.134531][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.134550][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.136472][ T9025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.189478][ T9318] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1751'.
[  353.265930][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  353.274772][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  353.302517][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  353.326429][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  353.337875][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.355618][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.373493][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.392208][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.414559][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.449430][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.472635][ T9025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.491098][ T9025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.516606][ T9025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  353.539968][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  353.557157][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  353.572139][ T9025] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.588445][ T9025] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.599203][ T9025] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.621174][ T9025] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.781871][ T9330] udevd[9330]: failed to send result of seq 12318 to main daemon: Connection refused
[  353.865725][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.884980][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.925345][ T9333] netlink: 'syz.2.1757': attribute type 10 has an invalid length.
[  353.939969][ T9333] device veth0_vlan left promiscuous mode
[  354.116754][ T9333] device veth0_vlan entered promiscuous mode
[  354.668966][ T9333] team0: Device veth0_vlan failed to register rx_handler
[  354.742195][   T63] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  354.825768][ T1269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.854822][ T1269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.896050][ T1269] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  355.003225][ T9348] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1763'.
[  355.102925][ T9357] netlink: 'syz.0.1663': attribute type 21 has an invalid length.
[  355.114269][ T9357] netlink: 'syz.0.1663': attribute type 5 has an invalid length.
[  355.149716][ T9359] netlink: 'syz.4.1764': attribute type 27 has an invalid length.
[  355.158366][ T9359] netlink: 'syz.4.1764': attribute type 3 has an invalid length.
[  355.178411][ T9359] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1764'.
[  356.563299][ T9378] netlink: 'syz.3.1771': attribute type 10 has an invalid length.
[  356.583493][ T9378] device veth0_vlan left promiscuous mode
[  356.687027][ T9378] device veth0_vlan entered promiscuous mode
[  356.730528][ T9378] team0: Device veth0_vlan failed to register rx_handler
[  357.025390][ T9381] netlink: 'syz.2.1773': attribute type 29 has an invalid length.
[  357.567801][ T9399] netlink: 'syz.4.1778': attribute type 27 has an invalid length.
[  357.591924][ T9399] netlink: 'syz.4.1778': attribute type 3 has an invalid length.
[  357.617945][ T9399] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1778'.
[  357.737897][ T9401] netlink: 'syz.3.1779': attribute type 21 has an invalid length.
[  359.068775][ T9423] validate_nla: 2 callbacks suppressed
[  359.068817][ T9423] netlink: 'syz.1.1789': attribute type 10 has an invalid length.
[  359.116937][ T9423] device veth0_vlan left promiscuous mode
[  359.151870][ T9423] device veth0_vlan entered promiscuous mode
[  359.222781][ T9423] team0: Device veth0_vlan failed to register rx_handler
[  359.466967][ T9424] netlink: 'syz.0.1788': attribute type 12 has an invalid length.
[  359.483884][ T9424] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1788'.
[  359.507498][ T9426] netlink: 'syz.2.1790': attribute type 21 has an invalid length.
[  359.525658][ T9426] netlink: 'syz.2.1790': attribute type 5 has an invalid length.
[  359.667683][ T9433] netlink: 'syz.3.1793': attribute type 27 has an invalid length.
[  359.696407][ T9433] netlink: 'syz.3.1793': attribute type 3 has an invalid length.
[  359.723922][ T9433] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1793'.
[  359.764953][ T9437] netlink: 'syz.0.1794': attribute type 25 has an invalid length.
[  360.050286][ T9445] netlink: 'syz.1.1807': attribute type 27 has an invalid length.
[  360.081057][ T9445] netlink: 'syz.1.1807': attribute type 3 has an invalid length.
[  360.113036][ T9445] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1807'.
[  360.229104][ T9437] device syzkaller0 entered promiscuous mode
[  360.259167][ T9447] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1797'.
[  364.331847][ T9460] netlink: 'syz.2.1802': attribute type 10 has an invalid length.
[  364.343247][ T9460] device veth0_vlan left promiscuous mode
[  364.350007][ T9460] device veth0_vlan entered promiscuous mode
[  364.357889][ T9460] team0: Device veth0_vlan failed to register rx_handler
[  364.494003][ T9464] netlink: 'syz.1.1804': attribute type 25 has an invalid length.
[  364.847933][ T9464] device syzkaller0 entered promiscuous mode
[  364.859175][ T9479] netlink: 'syz.0.1810': attribute type 27 has an invalid length.
[  364.877905][ T9479] netlink: 'syz.0.1810': attribute type 3 has an invalid length.
[  364.891713][ T9479] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1810'.
[  364.901821][ T9469] netlink: 'syz.3.1806': attribute type 21 has an invalid length.
[  364.924294][ T9469] netlink: 'syz.3.1806': attribute type 5 has an invalid length.
[  364.957417][ T9466] netlink: 'syz.4.1805': attribute type 12 has an invalid length.
[  364.993915][ T9466] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1805'.
[  368.388413][ T9504] netlink: 'syz.1.1819': attribute type 10 has an invalid length.
[  368.448977][ T9504] device veth0_vlan left promiscuous mode
[  368.529166][ T9504] device veth0_vlan entered promiscuous mode
[  368.653240][ T9504] team0: Device veth0_vlan failed to register rx_handler
[  369.377143][ T9512] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1822'.
[  369.516482][ T9519] Ÿë
: port 1(veth0_to_bridge) entered blocking state
[  369.574377][ T9519] Ÿë
: port 1(veth0_to_bridge) entered disabled state
[  369.643298][ T9519] device veth0_to_bridge entered promiscuous mode
[  369.753112][ T9518] netlink: 'syz.4.1824': attribute type 12 has an invalid length.
[  369.781429][ T9518] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1824'.
[  369.826212][ T9518] FAULT_INJECTION: forcing a failure.
[  369.826212][ T9518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.833652][ T9521] Ÿë
: port 2(erspan0) entered blocking state
[  369.886940][ T9518] CPU: 1 PID: 9518 Comm: syz.4.1824 Not tainted 6.1.136-syzkaller #0
[  369.895097][ T9518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  369.900999][ T9521] Ÿë
: port 2(erspan0) entered disabled state
[  369.905171][ T9518] Call Trace:
[  369.905189][ T9518]  <TASK>
[  369.905199][ T9518]  dump_stack_lvl+0x168/0x22e
[  369.905233][ T9518]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  369.905257][ T9518]  ? show_regs_print_info+0x12/0x12
[  369.905282][ T9518]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  369.905316][ T9518]  should_fail_ex+0x399/0x4d0
[  369.944528][ T9518]  _copy_to_user+0x2c/0x130
[  369.949065][ T9518]  simple_read_from_buffer+0xe3/0x150
[  369.954450][ T9518]  proc_fail_nth_read+0x19a/0x210
[  369.959486][ T9518]  ? proc_fault_inject_write+0x2f0/0x2f0
[  369.965130][ T9518]  ? fsnotify_perm+0x248/0x550
[  369.969918][ T9518]  ? proc_fault_inject_write+0x2f0/0x2f0
[  369.975560][ T9518]  vfs_read+0x2c0/0x920
[  369.979738][ T9518]  ? kernel_read+0x1e0/0x1e0
[  369.984347][ T9518]  ? __fget_files+0x28/0x4d0
[  369.988951][ T9518]  ? __fget_files+0x44a/0x4d0
[  369.993657][ T9518]  ? __fdget_pos+0x2ae/0x360
[  369.998272][ T9518]  ? ksys_read+0x71/0x240
[  370.002608][ T9518]  ksys_read+0x143/0x240
[  370.006862][ T9518]  ? vfs_write+0x960/0x960
[  370.011297][ T9518]  ? lockdep_hardirqs_on+0x94/0x140
[  370.016517][ T9518]  do_syscall_64+0x4c/0xa0
[  370.020944][ T9518]  ? clear_bhb_loop+0x45/0xa0
[  370.025635][ T9518]  ? clear_bhb_loop+0x45/0xa0
[  370.030320][ T9518]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  370.036259][ T9518] RIP: 0033:0x7fa0b5f8d37c
[  370.040690][ T9518] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  370.060313][ T9518] RSP: 002b:00007fa0b6d24030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  370.068753][ T9518] RAX: ffffffffffffffda RBX: 00007fa0b61b5fa0 RCX: 00007fa0b5f8d37c
[  370.076743][ T9518] RDX: 000000000000000f RSI: 00007fa0b6d240a0 RDI: 000000000000000a
[  370.084729][ T9518] RBP: 00007fa0b6d24090 R08: 0000000000000000 R09: 0000000000000000
[  370.092705][ T9518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.100685][ T9518] R13: 0000000000000000 R14: 00007fa0b61b5fa0 R15: 00007ffe285c4248
[  370.108696][ T9518]  </TASK>
[  370.135037][ T9521] device erspan0 entered promiscuous mode
[  370.229938][ T9523] GPL: port 1(erspan0) entered blocking state
[  370.247422][ T9523] GPL: port 1(erspan0) entered disabled state
[  370.265473][ T9523] device erspan0 entered promiscuous mode
[  370.277177][ T9526] GPL: port 1(erspan0) entered blocking state
[  370.283430][ T9526] GPL: port 1(erspan0) entered forwarding state
[  370.918326][ T9550] netlink: 'syz.2.1835': attribute type 10 has an invalid length.
[  370.943994][ T9555] netlink: 'syz.4.1837': attribute type 2 has an invalid length.
[  370.962464][ T9550] device veth0_vlan left promiscuous mode
[  371.013897][ T9555] netlink: 'syz.4.1837': attribute type 1 has an invalid length.
[  371.258714][ T9550] device veth0_vlan entered promiscuous mode
[  371.442003][ T9550] team0: Device veth0_vlan failed to register rx_handler
[  373.969735][ T9558] netlink: 'syz.0.1838': attribute type 39 has an invalid length.
[  374.092338][ T9565] delete_channel: no stack
[  374.126279][ T9565] delete_channel: no stack
[  374.270502][ T9575] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1840'.
[  374.311116][ T9575] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1840'.
[  374.344085][ T9566] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1840'.
[  374.620360][ T9575] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1840'.
[  376.601132][ T9659] sctp: [Deprecated]: syz.0.1850 (pid 9659) Use of struct sctp_assoc_value in delayed_ack socket option.
[  376.601132][ T9659] Use struct sctp_sack_info instead
[  376.758407][ T9663] netlink: 'syz.2.1852': attribute type 2 has an invalid length.
[  376.793896][ T9663] netlink: 'syz.2.1852': attribute type 1 has an invalid length.
[  377.088988][ T9669] netlink: 'syz.1.1853': attribute type 10 has an invalid length.
[  377.174031][ T9669] device veth0_vlan left promiscuous mode
[  377.186678][ T9669] device veth0_vlan entered promiscuous mode
[  377.227903][ T9669] team0: Device veth0_vlan failed to register rx_handler
[  377.361162][ T9673] netlink: 'syz.3.1855': attribute type 39 has an invalid length.
[  378.272155][ T9678] netlink: 'syz.2.1856': attribute type 27 has an invalid length.
[  378.295988][ T9678] netlink: 'syz.2.1856': attribute type 3 has an invalid length.
[  378.311131][ T9678] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1856'.
[  379.058632][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  379.065059][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  380.966735][ T9700] netlink: 'syz.0.1863': attribute type 21 has an invalid length.
[  381.003753][ T9700] netlink: 'syz.0.1863': attribute type 5 has an invalid length.
[  381.285883][ T9707] netlink: 'syz.3.1866': attribute type 10 has an invalid length.
[  381.322587][ T9707] device veth0_vlan left promiscuous mode
[  381.401796][ T9707] device veth0_vlan entered promiscuous mode
[  381.524491][ T9707] team0: Device veth0_vlan failed to register rx_handler
[  381.856829][ T9711] netlink: 'syz.1.1867': attribute type 2 has an invalid length.
[  381.876107][ T9711] netlink: 'syz.1.1867': attribute type 1 has an invalid length.
[  382.875799][ T9719] netlink: 'syz.4.1870': attribute type 10 has an invalid length.
[  382.952131][ T9725] netlink: 'syz.0.1872': attribute type 27 has an invalid length.
[  382.975036][ T9725] netlink: 'syz.0.1872': attribute type 3 has an invalid length.
[  382.988048][ T9725] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1872'.
[  383.387956][ T9719] device veth0_vlan left promiscuous mode
[  383.395439][ T9719] device veth0_vlan entered promiscuous mode
[  383.403398][ T9719] team0: Device veth0_vlan failed to register rx_handler
[  384.365574][ T9732] netlink: 'syz.2.1874': attribute type 39 has an invalid length.
[  384.575152][ T9740] netlink: 'syz.4.1878': attribute type 21 has an invalid length.
[  384.604039][ T9740] netlink: 'syz.4.1878': attribute type 5 has an invalid length.
[  384.649398][ T9746] sctp: [Deprecated]: syz.3.1882 (pid 9746) Use of struct sctp_assoc_value in delayed_ack socket option.
[  384.649398][ T9746] Use struct sctp_sack_info instead
[  384.874078][ T9757] netlink: 'syz.0.1883': attribute type 21 has an invalid length.
[  384.882003][ T9757] netlink: 'syz.0.1883': attribute type 5 has an invalid length.
[  384.998615][ T9754] netlink: 1762 bytes leftover after parsing attributes in process `syz.1.1885'.
[  385.392747][ T9769] device veth0_vlan left promiscuous mode
[  385.465858][ T9769] device veth0_vlan entered promiscuous mode
[  385.678627][ T9769] team0: Device veth0_vlan failed to register rx_handler
[  386.927506][ T9789] sctp: [Deprecated]: syz.2.1897 (pid 9789) Use of struct sctp_assoc_value in delayed_ack socket option.
[  386.927506][ T9789] Use struct sctp_sack_info instead
[  387.263688][ T9796] validate_nla: 1 callbacks suppressed
[  387.263725][ T9796] netlink: 'syz.1.1899': attribute type 21 has an invalid length.
[  387.301892][ T9796] netlink: 'syz.1.1899': attribute type 5 has an invalid length.
[  387.456233][ T9805] FAULT_INJECTION: forcing a failure.
[  387.456233][ T9805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.497289][ T9805] CPU: 0 PID: 9805 Comm: syz.2.1904 Not tainted 6.1.136-syzkaller #0
[  387.505430][ T9805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  387.515517][ T9805] Call Trace:
[  387.518822][ T9805]  <TASK>
[  387.521775][ T9805]  dump_stack_lvl+0x168/0x22e
[  387.526524][ T9805]  ? show_regs_print_info+0x12/0x12
[  387.531764][ T9805]  ? load_image+0x3b0/0x3b0
[  387.536303][ T9805]  ? __lock_acquire+0x7c50/0x7c50
[  387.541375][ T9805]  ? verify_lock_unused+0x140/0x140
[  387.546617][ T9805]  should_fail_ex+0x399/0x4d0
[  387.551336][ T9805]  _copy_from_user+0x2c/0x170
[  387.556059][ T9805]  ___sys_sendmsg+0x155/0x290
[  387.560780][ T9805]  ? __sys_sendmsg+0x270/0x270
[  387.565601][ T9805]  ? __lock_acquire+0x7c50/0x7c50
[  387.570688][ T9805]  ? __fdget+0x17c/0x200
[  387.574978][ T9805]  __se_sys_sendmsg+0x19e/0x270
[  387.579862][ T9805]  ? ct_nmi_exit+0x145/0x1c0
[  387.584482][ T9805]  ? __x64_sys_sendmsg+0x80/0x80
[  387.589496][ T9805]  ? lockdep_hardirqs_on+0x94/0x140
[  387.594739][ T9805]  do_syscall_64+0x4c/0xa0
[  387.599191][ T9805]  ? clear_bhb_loop+0x45/0xa0
[  387.603901][ T9805]  ? clear_bhb_loop+0x45/0xa0
[  387.608609][ T9805]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  387.614552][ T9805] RIP: 0033:0x7ff502f8e969
[  387.618994][ T9805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.638655][ T9805] RSP: 002b:00007ff503d19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.647124][ T9805] RAX: ffffffffffffffda RBX: 00007ff5031b5fa0 RCX: 00007ff502f8e969
[  387.655111][ T9805] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  387.663091][ T9805] RBP: 00007ff503d19090 R08: 0000000000000000 R09: 0000000000000000
[  387.671066][ T9805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.679042][ T9805] R13: 0000000000000000 R14: 00007ff5031b5fa0 R15: 00007ffeecdbed38
[  387.687036][ T9805]  </TASK>
[  387.702134][ T9815] delete_channel: no stack
[  387.717043][ T9815] delete_channel: no stack
[  387.872245][ T9816] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1905'.
[  387.913798][ T9816] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1905'.
[  387.941132][ T9815] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1905'.
[  388.012201][ T9808] netlink: 'syz.4.1906': attribute type 10 has an invalid length.
[  388.053192][ T9808] device veth0_vlan left promiscuous mode
[  388.379150][ T9808] device veth0_vlan entered promiscuous mode
[  388.420644][ T9808] team0: Device veth0_vlan failed to register rx_handler
[  389.421774][ T9819] netlink: 'syz.2.1908': attribute type 21 has an invalid length.
[  389.443793][ T9819] netlink: 'syz.2.1908': attribute type 5 has an invalid length.
[  389.576371][ T9825] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1905'.
[  390.317795][ T9844] sctp: [Deprecated]: syz.4.1914 (pid 9844) Use of struct sctp_assoc_value in delayed_ack socket option.
[  390.317795][ T9844] Use struct sctp_sack_info instead
[  391.695158][ T9862] sctp: [Deprecated]: syz.1.1918 (pid 9862) Use of struct sctp_assoc_value in delayed_ack socket option.
[  391.695158][ T9862] Use struct sctp_sack_info instead
[  392.029490][ T9870] netlink: 'syz.0.1922': attribute type 21 has an invalid length.
[  392.055951][ T9871] FAULT_INJECTION: forcing a failure.
[  392.055951][ T9871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.076340][ T9870] netlink: 'syz.0.1922': attribute type 5 has an invalid length.
[  392.087202][ T9864] netlink: 'syz.4.1923': attribute type 10 has an invalid length.
[  392.115424][ T9864] device veth0_vlan left promiscuous mode
[  392.533375][ T9864] device veth0_vlan entered promiscuous mode
[  392.618882][ T9871] CPU: 1 PID: 9871 Comm: syz.3.1924 Not tainted 6.1.136-syzkaller #0
[  392.627120][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  392.637202][ T9871] Call Trace:
[  392.640506][ T9871]  <TASK>
[  392.643463][ T9871]  dump_stack_lvl+0x168/0x22e
[  392.648188][ T9871]  ? show_regs_print_info+0x12/0x12
[  392.653423][ T9871]  ? load_image+0x3b0/0x3b0
[  392.657958][ T9871]  ? __lock_acquire+0x7c50/0x7c50
[  392.663024][ T9871]  should_fail_ex+0x399/0x4d0
[  392.667741][ T9871]  _copy_from_user+0x2c/0x170
[  392.672456][ T9871]  kstrtouint_from_user+0xbe/0x150
[  392.677622][ T9871]  ? kstrtol_from_user+0x150/0x150
[  392.682803][ T9871]  proc_fail_nth_write+0x85/0x1f0
[  392.687873][ T9871]  ? proc_fail_nth_read+0x210/0x210
[  392.693106][ T9871]  ? common_file_perm+0x171/0x1c0
[  392.698163][ T9871]  ? proc_fail_nth_read+0x210/0x210
[  392.703394][ T9871]  vfs_write+0x2c4/0x960
[  392.707693][ T9871]  ? file_end_write+0x250/0x250
[  392.712589][ T9871]  ? __fget_files+0x28/0x4d0
[  392.717218][ T9871]  ? __fget_files+0x44a/0x4d0
[  392.721950][ T9871]  ? __fdget_pos+0x2ae/0x360
[  392.726576][ T9871]  ? ksys_write+0x71/0x240
[  392.731036][ T9871]  ksys_write+0x143/0x240
[  392.735411][ T9871]  ? __ia32_sys_read+0x80/0x80
[  392.740206][ T9871]  ? lockdep_hardirqs_on+0x94/0x140
[  392.745449][ T9871]  do_syscall_64+0x4c/0xa0
[  392.749901][ T9871]  ? clear_bhb_loop+0x45/0xa0
[  392.754607][ T9871]  ? clear_bhb_loop+0x45/0xa0
[  392.759312][ T9871]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  392.765245][ T9871] RIP: 0033:0x7ff2c8f8d41f
[  392.769689][ T9871] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  392.789329][ T9871] RSP: 002b:00007ff2c9d66030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  392.797776][ T9871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff2c8f8d41f
[  392.805773][ T9871] RDX: 0000000000000001 RSI: 00007ff2c9d660a0 RDI: 0000000000000004
[  392.813770][ T9871] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  392.821768][ T9871] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  392.829765][ T9871] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  392.837789][ T9871]  </TASK>
[  392.848041][ T9864] team0: Device veth0_vlan failed to register rx_handler
[  392.883208][ T9877] delete_channel: no stack
[  392.896931][ T9877] delete_channel: no stack
[  392.969456][ T9877] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1925'.
[  392.989403][ T9877] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1925'.
[  393.015598][ T9872] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1925'.
[  393.256614][ T9880] netlink: 'syz.4.1930': attribute type 27 has an invalid length.
[  393.339089][ T9880] netlink: 'syz.4.1930': attribute type 3 has an invalid length.
[  393.364067][ T9880] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1930'.
[  393.439830][ T9877] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1925'.
[  394.230475][ T9901] sctp: [Deprecated]: syz.3.1934 (pid 9901) Use of struct sctp_assoc_value in delayed_ack socket option.
[  394.230475][ T9901] Use struct sctp_sack_info instead
[  395.704218][ T9915] netlink: 'syz.3.1939': attribute type 21 has an invalid length.
[  395.712425][ T9915] netlink: 'syz.3.1939': attribute type 5 has an invalid length.
[  395.792763][ T9924] netlink: 'syz.4.1941': attribute type 10 has an invalid length.
[  395.815667][ T9924] device veth0_vlan left promiscuous mode
[  395.843339][ T9924] device veth0_vlan entered promiscuous mode
[  395.855919][ T9924] team0: Device veth0_vlan failed to register rx_handler
[  396.368787][ T9943] netlink: 'syz.0.1946': attribute type 21 has an invalid length.
[  396.387264][ T9943] netlink: 'syz.0.1946': attribute type 5 has an invalid length.
[  396.490726][ T9942] netlink: 'syz.3.1948': attribute type 27 has an invalid length.
[  396.665880][ T9953] sctp: [Deprecated]: syz.4.1950 (pid 9953) Use of struct sctp_assoc_value in delayed_ack socket option.
[  396.665880][ T9953] Use struct sctp_sack_info instead
[  396.709686][ T9942] netlink: 'syz.3.1948': attribute type 3 has an invalid length.
[  396.799003][ T9942] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1948'.
[  397.292735][ T9961] netlink: 'syz.1.1952': attribute type 29 has an invalid length.
[  397.901781][ T9974] device veth0_vlan left promiscuous mode
[  397.955539][ T9974] device veth0_vlan entered promiscuous mode
[  398.045790][ T9974] team0: Device veth0_vlan failed to register rx_handler
[  398.491202][ T9975] validate_nla: 2 callbacks suppressed
[  398.491243][ T9975] netlink: 'syz.0.1957': attribute type 10 has an invalid length.
[  398.762891][ T9975] 8021q: adding VLAN 0 to HW filter on device team0
[  398.820369][ T9975] bond0: (slave team0): Enslaving as an active interface with an up link
[  398.843918][ T9979] netlink: 'syz.4.1958': attribute type 21 has an invalid length.
[  398.890404][ T9979] netlink: 'syz.4.1958': attribute type 5 has an invalid length.
[  400.000631][T10001] sctp: [Deprecated]: syz.0.1963 (pid 10001) Use of struct sctp_assoc_value in delayed_ack socket option.
[  400.000631][T10001] Use struct sctp_sack_info instead
[  400.197574][T10002] netlink: 'syz.4.1965': attribute type 27 has an invalid length.
[  400.520867][T10003] netlink: 'syz.3.1964': attribute type 10 has an invalid length.
[  400.531124][T10002] netlink: 'syz.4.1965': attribute type 3 has an invalid length.
[  400.574162][T10003] device veth0_vlan left promiscuous mode
[  400.581156][T10003] device veth0_vlan entered promiscuous mode
[  400.594038][T10002] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1965'.
[  400.697572][T10003] team0: Device veth0_vlan failed to register rx_handler
[  401.292708][T10018] netlink: 'syz.0.1967': attribute type 21 has an invalid length.
[  401.328767][T10018] netlink: 'syz.0.1967': attribute type 5 has an invalid length.
[  401.521656][T10022] netlink: 'syz.2.1970': attribute type 2 has an invalid length.
[  401.610830][T10029] netlink: 'syz.2.1970': attribute type 21 has an invalid length.
[  401.713669][T10029] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1970'.
[  401.745146][T10024] device veth0_vlan left promiscuous mode
[  402.086961][T10024] device veth0_vlan entered promiscuous mode
[  402.266259][T10024] team0: Device veth0_vlan failed to register rx_handler
[  402.665384][T10043] sctp: [Deprecated]: syz.0.1977 (pid 10043) Use of struct sctp_assoc_value in delayed_ack socket option.
[  402.665384][T10043] Use struct sctp_sack_info instead
[  404.491485][T10066] validate_nla: 1 callbacks suppressed
[  404.491749][T10066] netlink: 'syz.2.1985': attribute type 10 has an invalid length.
[  404.529166][T10066] device veth0_vlan left promiscuous mode
[  404.620212][T10066] device veth0_vlan entered promiscuous mode
[  404.775262][T10066] team0: Device veth0_vlan failed to register rx_handler
[  405.011817][T10075] netlink: 'syz.4.1987': attribute type 10 has an invalid length.
[  405.025725][T10075] device veth0_vlan left promiscuous mode
[  405.052938][T10075] device veth0_vlan entered promiscuous mode
[  405.120932][T10075] team0: Device veth0_vlan failed to register rx_handler
[  405.304098][T10080] netlink: 'syz.3.1990': attribute type 21 has an invalid length.
[  405.311968][T10080] netlink: 'syz.3.1990': attribute type 5 has an invalid length.
[  405.906834][T10093] sctp: [Deprecated]: syz.4.1992 (pid 10093) Use of struct sctp_assoc_value in delayed_ack socket option.
[  405.906834][T10093] Use struct sctp_sack_info instead
[  406.177548][T10106] netlink: 'syz.0.1997': attribute type 27 has an invalid length.
[  406.204332][T10106] netlink: 'syz.0.1997': attribute type 3 has an invalid length.
[  406.268566][T10106] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1997'.
[  407.969450][T10162] netlink: 'syz.3.2003': attribute type 10 has an invalid length.
[  407.983852][T10162] device veth0_vlan left promiscuous mode
[  407.990623][T10162] device veth0_vlan entered promiscuous mode
[  408.000441][T10162] team0: Device veth0_vlan failed to register rx_handler
[  408.105617][T10165] netlink: 'syz.1.2006': attribute type 21 has an invalid length.
[  408.125578][T10165] netlink: 'syz.1.2006': attribute type 5 has an invalid length.
[  408.138337][T10166] netlink: 'syz.4.2005': attribute type 10 has an invalid length.
[  408.156298][T10166] device veth0_vlan left promiscuous mode
[  408.165790][T10166] device veth0_vlan entered promiscuous mode
[  408.181634][T10166] team0: Device veth0_vlan failed to register rx_handler
[  408.620965][T10175] sctp: [Deprecated]: syz.4.2010 (pid 10175) Use of struct sctp_assoc_value in delayed_ack socket option.
[  408.620965][T10175] Use struct sctp_sack_info instead
[  409.229940][T10184] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2013'.
[  410.697571][T10210] validate_nla: 2 callbacks suppressed
[  410.697592][T10210] netlink: 'syz.3.2023': attribute type 10 has an invalid length.
[  410.844658][T10210] device veth0_vlan left promiscuous mode
[  410.851725][T10210] device veth0_vlan entered promiscuous mode
[  410.948290][T10210] team0: Device veth0_vlan failed to register rx_handler
[  411.187287][T10216] sctp: [Deprecated]: syz.0.2025 (pid 10216) Use of struct sctp_assoc_value in delayed_ack socket option.
[  411.187287][T10216] Use struct sctp_sack_info instead
[  411.967213][T10229] netlink: 'syz.3.2030': attribute type 27 has an invalid length.
[  412.017069][T10229] netlink: 'syz.3.2030': attribute type 3 has an invalid length.
[  412.070064][T10229] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2030'.
[  414.062869][T10252] netlink: 'syz.0.2037': attribute type 10 has an invalid length.
[  414.107054][T10255] sctp: [Deprecated]: syz.1.2038 (pid 10255) Use of struct sctp_assoc_value in delayed_ack socket option.
[  414.107054][T10255] Use struct sctp_sack_info instead
[  414.548462][T10252] device veth0_vlan left promiscuous mode
[  414.643803][T10252] device veth0_vlan entered promiscuous mode
[  415.010414][T10252] team0: Device veth0_vlan failed to register rx_handler
[  415.681620][T10261] netlink: 'syz.2.2040': attribute type 21 has an invalid length.
[  415.690625][T10261] netlink: 'syz.2.2040': attribute type 5 has an invalid length.
[  415.715756][T10263] netlink: 'syz.3.2039': attribute type 10 has an invalid length.
[  415.729562][T10263] device veth0_vlan left promiscuous mode
[  415.738362][T10263] device veth0_vlan entered promiscuous mode
[  415.751669][T10263] team0: Device veth0_vlan failed to register rx_handler
[  415.953057][T10252] syz.0.2037 (10252) used greatest stack depth: 17920 bytes left
[  416.047533][T10281] netlink: 'syz.3.2046': attribute type 27 has an invalid length.
[  416.076353][T10281] netlink: 'syz.3.2046': attribute type 3 has an invalid length.
[  416.111150][T10281] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2046'.
[  416.220800][T10282] device pim6reg1 entered promiscuous mode
[  416.293181][T10276] netlink: 'syz.4.2047': attribute type 39 has an invalid length.
[  419.567258][T10302] sctp: [Deprecated]: syz.0.2052 (pid 10302) Use of struct sctp_assoc_value in delayed_ack socket option.
[  419.567258][T10302] Use struct sctp_sack_info instead
[  419.824795][T10308] netlink: 'syz.4.2056': attribute type 10 has an invalid length.
[  419.877642][T10308] device veth0_vlan left promiscuous mode
[  419.927587][T10308] device veth0_vlan entered promiscuous mode
[  420.058386][T10308] team0: Device veth0_vlan failed to register rx_handler
[  420.362760][T10320] netlink: 'syz.2.2060': attribute type 21 has an invalid length.
[  420.383748][T10320] netlink: 'syz.2.2060': attribute type 5 has an invalid length.
[  420.987081][T10335] netlink: 'syz.2.2065': attribute type 27 has an invalid length.
[  421.034116][T10335] netlink: 'syz.2.2065': attribute type 3 has an invalid length.
[  421.075560][T10335] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2065'.
[  421.448720][T10349] FAULT_INJECTION: forcing a failure.
[  421.448720][T10349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.506741][T10349] CPU: 0 PID: 10349 Comm: syz.3.2070 Not tainted 6.1.136-syzkaller #0
[  421.514975][T10349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  421.525072][T10349] Call Trace:
[  421.528375][T10349]  <TASK>
[  421.531326][T10349]  dump_stack_lvl+0x168/0x22e
[  421.536054][T10349]  ? show_regs_print_info+0x12/0x12
[  421.541290][T10349]  ? load_image+0x3b0/0x3b0
[  421.545840][T10349]  ? __lock_acquire+0x7c50/0x7c50
[  421.550919][T10349]  should_fail_ex+0x399/0x4d0
[  421.555638][T10349]  ? 0xffffffffa0000d18
[  421.559815][T10349]  _copy_to_user+0x2c/0x130
[  421.564362][T10349]  ? 0xffffffffa0000d18
[  421.568558][T10349]  bpf_obj_get_info_by_fd+0x17ca/0x2c00
[  421.574169][T10349]  ? bpf_map_get_fd_by_id+0x310/0x310
[  421.579589][T10349]  ? get_pid_task+0x1c/0x1e0
[  421.584265][T10349]  ? __might_fault+0xa6/0x120
[  421.588985][T10349]  ? __might_fault+0xc2/0x120
[  421.593708][T10349]  ? __might_fault+0xa6/0x120
[  421.598419][T10349]  ? bpf_lsm_bpf+0x5/0x10
[  421.602788][T10349]  ? security_bpf+0x7a/0xa0
[  421.607345][T10349]  __sys_bpf+0x46d/0x6d0
[  421.611608][T10349]  ? bpf_link_show_fdinfo+0x310/0x310
[  421.617015][T10349]  ? lock_chain_count+0x20/0x20
[  421.621890][T10349]  __x64_sys_bpf+0x78/0x90
[  421.626321][T10349]  do_syscall_64+0x4c/0xa0
[  421.630756][T10349]  ? clear_bhb_loop+0x45/0xa0
[  421.635444][T10349]  ? clear_bhb_loop+0x45/0xa0
[  421.640129][T10349]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  421.646055][T10349] RIP: 0033:0x7ff2c8f8e969
[  421.650496][T10349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.670121][T10349] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  421.678549][T10349] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  421.686530][T10349] RDX: 0000000000000010 RSI: 0000200000000600 RDI: 000000000000000f
[  421.694507][T10349] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  421.702484][T10349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.710465][T10349] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  421.718462][T10349]  </TASK>
[  421.917811][T10355] netlink: 'syz.1.2072': attribute type 10 has an invalid length.
[  421.962552][T10355] device veth0_vlan left promiscuous mode
[  421.973150][T10355] device veth0_vlan entered promiscuous mode
[  421.981919][T10355] team0: Device veth0_vlan failed to register rx_handler
[  422.088871][T10363] netlink: 'syz.2.2075': attribute type 21 has an invalid length.
[  422.106142][T10363] netlink: 'syz.2.2075': attribute type 5 has an invalid length.
[  424.633153][T10393] netlink: 'syz.1.2085': attribute type 10 has an invalid length.
[  424.697848][T10393] device veth0_vlan left promiscuous mode
[  424.734558][T10391] sctp: [Deprecated]: syz.4.2086 (pid 10391) Use of struct sctp_assoc_value in delayed_ack socket option.
[  424.734558][T10391] Use struct sctp_sack_info instead
[  424.785605][T10390] netlink: 'syz.2.2084': attribute type 27 has an invalid length.
[  424.856551][T10390] netlink: 'syz.2.2084': attribute type 3 has an invalid length.
[  424.937778][T10390] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2084'.
[  425.080755][T10393] device veth0_vlan entered promiscuous mode
[  425.583138][T10393] team0: Device veth0_vlan failed to register rx_handler
[  427.163230][T10404] netlink: 'syz.0.2087': attribute type 10 has an invalid length.
[  427.192018][T10404] device veth0_vlan left promiscuous mode
[  427.201313][T10404] device veth0_vlan entered promiscuous mode
[  427.209960][T10404] team0: Device veth0_vlan failed to register rx_handler
[  427.356879][T10410] netlink: 'syz.2.2090': attribute type 21 has an invalid length.
[  427.378119][T10410] netlink: 'syz.2.2090': attribute type 5 has an invalid length.
[  427.473770][T10412] netlink: 'syz.3.2091': attribute type 21 has an invalid length.
[  427.495340][T10412] netlink: 'syz.3.2091': attribute type 5 has an invalid length.
[  428.445533][T10431] sctp: [Deprecated]: syz.2.2099 (pid 10431) Use of struct sctp_assoc_value in delayed_ack socket option.
[  428.445533][T10431] Use struct sctp_sack_info instead
[  428.826907][T10439] FAULT_INJECTION: forcing a failure.
[  428.826907][T10439] name failslab, interval 1, probability 0, space 0, times 0
[  428.839575][T10439] CPU: 1 PID: 10439 Comm: syz.1.2102 Not tainted 6.1.136-syzkaller #0
[  428.847755][T10439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  428.857845][T10439] Call Trace:
[  428.861157][T10439]  <TASK>
[  428.864118][T10439]  dump_stack_lvl+0x168/0x22e
[  428.868840][T10439]  ? show_regs_print_info+0x12/0x12
[  428.874071][T10439]  ? load_image+0x3b0/0x3b0
[  428.878635][T10439]  should_fail_ex+0x399/0x4d0
[  428.883368][T10439]  should_failslab+0x5/0x20
[  428.887906][T10439]  slab_pre_alloc_hook+0x59/0x310
[  428.892988][T10439]  kmem_cache_alloc+0x56/0x2f0
[  428.897791][T10439]  ? __sigqueue_alloc+0x40c/0x520
[  428.902863][T10439]  ? __sigqueue_alloc+0x32/0x520
[  428.907859][T10439]  __sigqueue_alloc+0x40c/0x520
[  428.912759][T10439]  __send_signal_locked+0x22f/0xde0
[  428.918001][T10439]  force_sig_info_to_task+0x2fd/0x3d0
[  428.923422][T10439]  force_sig+0xb7/0x100
[  428.927625][T10439]  ? send_sig+0xf0/0xf0
[  428.931824][T10439]  ? try_fixup_enqcmd_gp+0x190/0x190
[  428.937151][T10439]  ? lockdep_hardirqs_on+0x94/0x140
[  428.942416][T10439]  exc_general_protection+0xcf/0x1f0
[  428.947770][T10439]  ? do_syscall_64+0x58/0xa0
[  428.952404][T10439]  asm_exc_general_protection+0x22/0x30
[  428.958001][T10439] RIP: 0033:0x7fd4e63674b9
[  428.962445][T10439] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66
[  428.982089][T10439] RSP: 002b:00007fd4e72757c8 EFLAGS: 00010283
[  428.988198][T10439] RAX: 0000000000000999 RBX: 00007fd4e7275d30 RCX: 00007fd4e6574120
[  428.996204][T10439] RDX: 9999999999999999 RSI: 00007fd4e64107b4 RDI: 9999999999999999
[  429.004222][T10439] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  429.012228][T10439] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073
[  429.020237][T10439] R13: 00007fd4e7275eb0 R14: 9999999999999999 R15: 0000000000000000
[  429.028261][T10439]  </TASK>
[  429.634997][T10449] netlink: 'syz.4.2101': attribute type 27 has an invalid length.
[  429.658284][T10449] netlink: 'syz.4.2101': attribute type 3 has an invalid length.
[  429.681870][T10449] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2101'.
[  429.868313][T10452] netlink: 'syz.1.2104': attribute type 10 has an invalid length.
[  429.885729][T10452] device veth0_vlan left promiscuous mode
[  429.905643][T10452] device veth0_vlan entered promiscuous mode
[  429.966045][T10452] team0: Device veth0_vlan failed to register rx_handler
[  430.554370][T10454] netlink: 'syz.3.2105': attribute type 21 has an invalid length.
[  430.584024][T10454] netlink: 'syz.3.2105': attribute type 5 has an invalid length.
[  431.482835][T10484] device veth0_vlan left promiscuous mode
[  431.604483][T10484] device veth0_vlan entered promiscuous mode
[  431.612364][T10484] team0: Device veth0_vlan failed to register rx_handler
[  432.162618][T10491] sctp: [Deprecated]: syz.0.2118 (pid 10491) Use of struct sctp_assoc_value in delayed_ack socket option.
[  432.162618][T10491] Use struct sctp_sack_info instead
[  432.186256][T10490] validate_nla: 5 callbacks suppressed
[  432.186296][T10490] netlink: 'syz.3.2119': attribute type 27 has an invalid length.
[  432.255265][T10490] netlink: 'syz.3.2119': attribute type 3 has an invalid length.
[  432.341130][T10490] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2119'.
[  433.558462][T10498] netlink: 'syz.4.2121': attribute type 21 has an invalid length.
[  433.595635][T10498] netlink: 'syz.4.2121': attribute type 5 has an invalid length.
[  434.077559][T10509] netlink: 'syz.4.2125': attribute type 21 has an invalid length.
[  434.117317][T10509] netlink: 'syz.4.2125': attribute type 5 has an invalid length.
[  434.794362][T10528] netlink: 'syz.1.2132': attribute type 27 has an invalid length.
[  434.828094][T10528] netlink: 'syz.1.2132': attribute type 3 has an invalid length.
[  434.871272][T10528] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2132'.
[  436.701425][T10533] sctp: [Deprecated]: syz.0.2133 (pid 10533) Use of struct sctp_assoc_value in delayed_ack socket option.
[  436.701425][T10533] Use struct sctp_sack_info instead
[  436.885501][T10539] netlink: 'syz.3.2135': attribute type 21 has an invalid length.
[  436.914335][T10539] netlink: 'syz.3.2135': attribute type 5 has an invalid length.
[  437.428360][T10556] netlink: 'syz.0.2142': attribute type 21 has an invalid length.
[  437.444167][T10556] netlink: 'syz.0.2142': attribute type 5 has an invalid length.
[  437.533544][T10559] netlink: 'syz.4.2145': attribute type 2 has an invalid length.
[  437.560057][T10559] netlink: 'syz.4.2145': attribute type 1 has an invalid length.
[  437.911376][T10565] netlink: 'syz.3.2157': attribute type 2 has an invalid length.
[  437.929218][T10565] netlink: 'syz.3.2157': attribute type 1 has an invalid length.
[  438.207859][T10574] sctp: [Deprecated]: syz.3.2150 (pid 10574) Use of struct sctp_assoc_value in delayed_ack socket option.
[  438.207859][T10574] Use struct sctp_sack_info instead
[  439.334620][T10585] netlink: 'syz.4.2153': attribute type 21 has an invalid length.
[  439.361658][T10585] netlink: 'syz.4.2153': attribute type 5 has an invalid length.
[  439.939038][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  439.945588][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  440.760566][T10602] netlink: 'syz.3.2159': attribute type 2 has an invalid length.
[  440.798642][T10602] netlink: 'syz.3.2159': attribute type 1 has an invalid length.
[  442.432061][T10629] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2165'.
[  442.463241][T10626] sctp: [Deprecated]: syz.0.2166 (pid 10626) Use of struct sctp_assoc_value in delayed_ack socket option.
[  442.463241][T10626] Use struct sctp_sack_info instead
[  442.558433][T10627] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2165'.
[  442.729598][T10634] validate_nla: 2 callbacks suppressed
[  442.729639][T10634] netlink: 'syz.3.2170': attribute type 21 has an invalid length.
[  442.808164][T10634] netlink: 'syz.3.2170': attribute type 5 has an invalid length.
[  443.998923][T10649] netlink: 'syz.2.2174': attribute type 2 has an invalid length.
[  444.049470][T10649] netlink: 'syz.2.2174': attribute type 1 has an invalid length.
[  444.898048][T10643] netlink: 'syz.4.2175': attribute type 21 has an invalid length.
[  444.944503][T10643] netlink: 'syz.4.2175': attribute type 5 has an invalid length.
[  445.172486][T10652] FAULT_INJECTION: forcing a failure.
[  445.172486][T10652] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  445.264536][T10652] CPU: 1 PID: 10652 Comm: syz.1.2176 Not tainted 6.1.136-syzkaller #0
[  445.272773][T10652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  445.282865][T10652] Call Trace:
[  445.286179][T10652]  <TASK>
[  445.289141][T10652]  dump_stack_lvl+0x168/0x22e
[  445.293869][T10652]  ? show_regs_print_info+0x12/0x12
[  445.299125][T10652]  ? load_image+0x3b0/0x3b0
[  445.303680][T10652]  ? __lock_acquire+0x7c50/0x7c50
[  445.308762][T10652]  should_fail_ex+0x399/0x4d0
[  445.313575][T10652]  _copy_from_user+0x2c/0x170
[  445.318305][T10652]  __sys_bpf+0x265/0x6d0
[  445.322601][T10652]  ? bpf_link_show_fdinfo+0x310/0x310
[  445.328037][T10652]  ? lock_chain_count+0x20/0x20
[  445.332954][T10652]  __x64_sys_bpf+0x78/0x90
[  445.337422][T10652]  do_syscall_64+0x4c/0xa0
[  445.341887][T10652]  ? clear_bhb_loop+0x45/0xa0
[  445.347047][T10652]  ? clear_bhb_loop+0x45/0xa0
[  445.351764][T10652]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  445.357710][T10652] RIP: 0033:0x7fd4e638e969
[  445.362160][T10652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.381803][T10652] RSP: 002b:00007fd4e7276038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  445.390263][T10652] RAX: ffffffffffffffda RBX: 00007fd4e65b5fa0 RCX: 00007fd4e638e969
[  445.398278][T10652] RDX: 0000000000000020 RSI: 00002000000002c0 RDI: 0000000000000002
[  445.406288][T10652] RBP: 00007fd4e7276090 R08: 0000000000000000 R09: 0000000000000000
[  445.414308][T10652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.422319][T10652] R13: 0000000000000000 R14: 00007fd4e65b5fa0 R15: 00007ffc22bd1428
[  445.430351][T10652]  </TASK>
[  445.516311][T10658] netlink: 'syz.0.2178': attribute type 2 has an invalid length.
[  445.535221][T10658] netlink: 'syz.0.2178': attribute type 1 has an invalid length.
[  446.969694][T10689] netlink: 'syz.3.2187': attribute type 21 has an invalid length.
[  446.995092][T10689] netlink: 'syz.3.2187': attribute type 5 has an invalid length.
[  447.441989][T10694] sctp: [Deprecated]: syz.2.2189 (pid 10694) Use of struct sctp_assoc_value in delayed_ack socket option.
[  447.441989][T10694] Use struct sctp_sack_info instead
[  448.263808][T10701] netlink: 'syz.4.2190': attribute type 21 has an invalid length.
[  448.308563][T10701] netlink: 'syz.4.2190': attribute type 5 has an invalid length.
[  448.514921][T10705] netlink: 'syz.1.2191': attribute type 2 has an invalid length.
[  448.522894][T10705] netlink: 'syz.1.2191': attribute type 1 has an invalid length.
[  448.788852][T10711] netlink: 'syz.0.2194': attribute type 25 has an invalid length.
[  450.868082][T10744] netlink: 'syz.0.2202': attribute type 21 has an invalid length.
[  450.885642][T10745] sctp: [Deprecated]: syz.1.2204 (pid 10745) Use of struct sctp_assoc_value in delayed_ack socket option.
[  450.885642][T10745] Use struct sctp_sack_info instead
[  450.965508][T10744] netlink: 'syz.0.2202': attribute type 5 has an invalid length.
[  452.708093][T10754] netlink: 'syz.4.2206': attribute type 2 has an invalid length.
[  452.884099][T10754] netlink: 'syz.4.2206': attribute type 1 has an invalid length.
[  453.207805][T10760] netlink: 'syz.2.2205': attribute type 21 has an invalid length.
[  453.362424][T10760] netlink: 'syz.2.2205': attribute type 5 has an invalid length.
[  453.417654][T10773] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.2213'.
[  453.476231][T10773] openvswitch: netlink: Message has 41214 unknown bytes.
[  454.251108][T10787] FAULT_INJECTION: forcing a failure.
[  454.251108][T10787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.454664][T10787] CPU: 0 PID: 10787 Comm: syz.2.2216 Not tainted 6.1.136-syzkaller #0
[  454.462897][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  454.473088][T10787] Call Trace:
[  454.476426][T10787]  <TASK>
[  454.479382][T10787]  dump_stack_lvl+0x168/0x22e
[  454.484191][T10787]  ? show_regs_print_info+0x12/0x12
[  454.489450][T10787]  ? load_image+0x3b0/0x3b0
[  454.494009][T10787]  ? __lock_acquire+0x7c50/0x7c50
[  454.499187][T10787]  should_fail_ex+0x399/0x4d0
[  454.503912][T10787]  _copy_from_user+0x2c/0x170
[  454.508634][T10787]  iovec_from_user+0x143/0x360
[  454.513442][T10787]  __import_iovec+0x6d/0x500
[  454.518158][T10787]  ? __might_fault+0xc2/0x120
[  454.522900][T10787]  import_iovec+0x6f/0xa0
[  454.527368][T10787]  ___sys_sendmsg+0x1e4/0x290
[  454.532106][T10787]  ? __sys_sendmsg+0x270/0x270
[  454.537040][T10787]  ? __lock_acquire+0x7c50/0x7c50
[  454.542137][T10787]  ? __fdget+0x17c/0x200
[  454.546436][T10787]  __se_sys_sendmsg+0x19e/0x270
[  454.551336][T10787]  ? ct_nmi_exit+0x145/0x1c0
[  454.556171][T10787]  ? __x64_sys_sendmsg+0x80/0x80
[  454.561252][T10787]  ? lockdep_hardirqs_on+0x94/0x140
[  454.566514][T10787]  do_syscall_64+0x4c/0xa0
[  454.570988][T10787]  ? clear_bhb_loop+0x45/0xa0
[  454.575716][T10787]  ? clear_bhb_loop+0x45/0xa0
[  454.580450][T10787]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  454.586410][T10787] RIP: 0033:0x7ff502f8e969
[  454.591039][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.610785][T10787] RSP: 002b:00007ff503d19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  454.619256][T10787] RAX: ffffffffffffffda RBX: 00007ff5031b5fa0 RCX: 00007ff502f8e969
[  454.627277][T10787] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000004
[  454.635723][T10787] RBP: 00007ff503d19090 R08: 0000000000000000 R09: 0000000000000000
[  454.643824][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.651837][T10787] R13: 0000000000000000 R14: 00007ff5031b5fa0 R15: 00007ffeecdbed38
[  454.661800][T10787]  </TASK>
[  454.829333][T10790] netlink: 'syz.1.2217': attribute type 27 has an invalid length.
[  454.863201][T10790] netlink: 'syz.1.2217': attribute type 3 has an invalid length.
[  454.884468][T10790] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2217'.
[  455.261814][T10802] netlink: 'syz.4.2219': attribute type 21 has an invalid length.
[  455.341984][T10802] netlink: 'syz.4.2219': attribute type 5 has an invalid length.
[  456.781675][T10828] netlink: 'syz.0.2226': attribute type 21 has an invalid length.
[  456.804705][T10828] netlink: 'syz.0.2226': attribute type 5 has an invalid length.
[  457.373958][ T4260] Bluetooth: hci2: command 0x0406 tx timeout
[  457.723875][T10842] sctp: [Deprecated]: syz.1.2233 (pid 10842) Use of struct sctp_assoc_value in delayed_ack socket option.
[  457.723875][T10842] Use struct sctp_sack_info instead
[  458.213899][T10849] netlink: 'syz.2.2232': attribute type 27 has an invalid length.
[  458.223393][T10849] netlink: 'syz.2.2232': attribute type 3 has an invalid length.
[  458.443323][T10849] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2232'.
[  459.414776][T10876] netlink: 'syz.1.2244': attribute type 10 has an invalid length.
[  459.537953][T10876] device veth0_vlan left promiscuous mode
[  459.630572][T10876] device veth0_vlan entered promiscuous mode
[  459.797492][T10876] team0: Device veth0_vlan failed to register rx_handler
[  461.058599][T10890] sctp: [Deprecated]: syz.2.2248 (pid 10890) Use of struct sctp_assoc_value in delayed_ack socket option.
[  461.058599][T10890] Use struct sctp_sack_info instead
[  462.194425][T10914] netlink: 'syz.4.2256': attribute type 27 has an invalid length.
[  462.203524][T10914] netlink: 'syz.4.2256': attribute type 3 has an invalid length.
[  462.293336][T10920] netlink: 'syz.1.2257': attribute type 10 has an invalid length.
[  462.373771][T10914] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2256'.
[  462.393985][T10920] device veth0_vlan left promiscuous mode
[  462.417536][T10920] device veth0_vlan entered promiscuous mode
[  462.456436][T10920] team0: Device veth0_vlan failed to register rx_handler
[  465.104541][T10936] netlink: 'syz.0.2271': attribute type 10 has an invalid length.
[  465.160562][T10936] device veth0_vlan left promiscuous mode
[  465.599282][T10936] device veth0_vlan entered promiscuous mode
[  465.760911][T10936] team0: Device veth0_vlan failed to register rx_handler
[  466.061454][T10945] sctp: [Deprecated]: syz.4.2265 (pid 10945) Use of struct sctp_assoc_value in delayed_ack socket option.
[  466.061454][T10945] Use struct sctp_sack_info instead
[  467.087327][T10954] netlink: 'syz.3.2269': attribute type 21 has an invalid length.
[  467.231528][T10954] netlink: 'syz.3.2269': attribute type 5 has an invalid length.
[  469.282814][T10970] netlink: 'syz.2.2272': attribute type 27 has an invalid length.
[  469.398358][T10963] netlink: 'syz.0.2270': attribute type 21 has an invalid length.
[  469.417413][T10963] netlink: 'syz.0.2270': attribute type 5 has an invalid length.
[  469.439340][T10970] netlink: 'syz.2.2272': attribute type 3 has an invalid length.
[  469.656719][T10970] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2272'.
[  471.245621][T10996] sctp: [Deprecated]: syz.4.2279 (pid 10996) Use of struct sctp_assoc_value in delayed_ack socket option.
[  471.245621][T10996] Use struct sctp_sack_info instead
[  472.446802][T11018] netlink: 'syz.0.2286': attribute type 21 has an invalid length.
[  472.475271][T11018] netlink: 'syz.0.2286': attribute type 5 has an invalid length.
[  473.221593][T11029] netlink: 'syz.1.2292': attribute type 27 has an invalid length.
[  473.250845][T11029] netlink: 'syz.1.2292': attribute type 3 has an invalid length.
[  473.295457][T11029] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2292'.
[  474.600178][T11042] sctp: [Deprecated]: syz.1.2295 (pid 11042) Use of struct sctp_assoc_value in delayed_ack socket option.
[  474.600178][T11042] Use struct sctp_sack_info instead
[  474.967977][T11045] netlink: 'syz.4.2296': attribute type 21 has an invalid length.
[  475.011954][T11045] netlink: 'syz.4.2296': attribute type 5 has an invalid length.
[  477.602580][T11069] netlink: 'syz.0.2305': attribute type 27 has an invalid length.
[  477.670769][T11069] netlink: 'syz.0.2305': attribute type 3 has an invalid length.
[  477.712571][T11069] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2305'.
[  477.894532][T11080] netlink: 62967 bytes leftover after parsing attributes in process `syz.1.2308'.
[  478.101273][T11083] sctp: [Deprecated]: syz.3.2309 (pid 11083) Use of struct sctp_assoc_value in delayed_ack socket option.
[  478.101273][T11083] Use struct sctp_sack_info instead
[  480.211472][T11120] netlink: 'syz.2.2323': attribute type 27 has an invalid length.
[  480.251610][T11120] netlink: 'syz.2.2323': attribute type 3 has an invalid length.
[  480.285210][T11120] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2323'.
[  484.049058][T11163] netlink: 'syz.2.2337': attribute type 21 has an invalid length.
[  484.083033][T11163] netlink: 'syz.2.2337': attribute type 5 has an invalid length.
[  484.193327][T11164] netlink: 'syz.4.2334': attribute type 10 has an invalid length.
[  484.239160][T11164] team0: Device veth1_vlan failed to register rx_handler
[  484.498137][T11170] netlink: 'syz.3.2339': attribute type 29 has an invalid length.
[  484.537082][T11170] netlink: 'syz.3.2339': attribute type 29 has an invalid length.
[  484.648922][T11173] netlink: 'syz.1.2341': attribute type 27 has an invalid length.
[  484.689920][T11173] netlink: 'syz.1.2341': attribute type 3 has an invalid length.
[  484.766167][T11173] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2341'.
[  484.842327][T11174] netlink: 'syz.3.2339': attribute type 29 has an invalid length.
[  488.183403][T11190] sctp: [Deprecated]: syz.2.2346 (pid 11190) Use of struct sctp_assoc_value in delayed_ack socket option.
[  488.183403][T11190] Use struct sctp_sack_info instead
[  489.407437][T11210] netlink: 'syz.2.2353': attribute type 21 has an invalid length.
[  489.465119][T11210] netlink: 'syz.2.2353': attribute type 5 has an invalid length.
[  490.102418][T11223] netlink: 'syz.4.2355': attribute type 27 has an invalid length.
[  490.314041][T11223] netlink: 'syz.4.2355': attribute type 3 has an invalid length.
[  490.482011][T11223] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2355'.
[  491.019085][T11235] netlink: 'syz.2.2360': attribute type 29 has an invalid length.
[  491.052708][T11235] netlink: 'syz.2.2360': attribute type 29 has an invalid length.
[  491.905223][T11235] netlink: 'syz.2.2360': attribute type 29 has an invalid length.
[  493.380299][T11242] sctp: [Deprecated]: syz.0.2361 (pid 11242) Use of struct sctp_assoc_value in delayed_ack socket option.
[  493.380299][T11242] Use struct sctp_sack_info instead
[  493.803369][T11254] netlink: 'syz.2.2367': attribute type 21 has an invalid length.
[  493.831739][T11254] netlink: 'syz.2.2367': attribute type 5 has an invalid length.
[  496.353505][T11285] netlink: 'syz.0.2374': attribute type 27 has an invalid length.
[  496.478684][T11285] netlink: 'syz.0.2374': attribute type 3 has an invalid length.
[  496.775475][T11285] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2374'.
[  496.834763][T11289] sctp: [Deprecated]: syz.4.2378 (pid 11289) Use of struct sctp_assoc_value in delayed_ack socket option.
[  496.834763][T11289] Use struct sctp_sack_info instead
[  498.918222][T11300] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2382'.
[  499.100313][T11300] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2382'.
[  499.524297][T11305] netlink: 'syz.3.2385': attribute type 21 has an invalid length.
[  499.584011][T11305] netlink: 'syz.3.2385': attribute type 5 has an invalid length.
[  500.008607][T11320] netlink: 'syz.4.2388': attribute type 21 has an invalid length.
[  500.434577][T11324] can: request_module (can-proto-3) failed.
[  500.520717][T11332] sctp: [Deprecated]: syz.1.2393 (pid 11332) Use of struct sctp_assoc_value in delayed_ack socket option.
[  500.520717][T11332] Use struct sctp_sack_info instead
[  501.261704][T11336] netlink: 'syz.3.2394': attribute type 27 has an invalid length.
[  501.285321][T11336] netlink: 'syz.3.2394': attribute type 3 has an invalid length.
[  501.293231][T11336] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2394'.
[  501.377360][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  501.384050][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  501.665894][T11352] sctp: [Deprecated]: syz.4.2398 (pid 11352) Use of struct sctp_assoc_value in delayed_ack socket option.
[  501.665894][T11352] Use struct sctp_sack_info instead
[  503.876363][T11367] TCP: TCP_TX_DELAY enabled
[  503.897311][T11368] netlink: 'syz.0.2400': attribute type 21 has an invalid length.
[  503.933776][T11368] netlink: 'syz.0.2400': attribute type 5 has an invalid length.
[  504.135224][T11370] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  504.151634][T11374] sctp: [Deprecated]: syz.1.2406 (pid 11374) Use of struct sctp_assoc_value in delayed_ack socket option.
[  504.151634][T11374] Use struct sctp_sack_info instead
[  504.170249][T11370] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  504.177851][T11376] FAULT_INJECTION: forcing a failure.
[  504.177851][T11376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  504.229624][T11376] CPU: 1 PID: 11376 Comm: syz.4.2405 Not tainted 6.1.136-syzkaller #0
[  504.244167][T11376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  504.256102][T11376] Call Trace:
[  504.261937][T11376]  <TASK>
[  504.266303][T11376]  dump_stack_lvl+0x168/0x22e
[  504.271547][T11376]  ? show_regs_print_info+0x12/0x12
[  504.280779][T11376]  ? load_image+0x3b0/0x3b0
[  504.285714][T11376]  ? __might_fault+0xa6/0x120
[  504.290589][T11376]  should_fail_ex+0x399/0x4d0
[  504.295751][T11376]  copyin+0x1b/0x120
[  504.299734][T11376]  _copy_from_iter+0x45a/0x10c0
[  504.304717][T11376]  ? copyout_mc+0x110/0x110
[  504.310198][T11376]  ? __virt_addr_valid+0x188/0x540
[  504.315492][T11376]  ? __virt_addr_valid+0x188/0x540
[  504.320689][T11376]  ? __virt_addr_valid+0x465/0x540
[  504.325908][T11376]  ? __check_object_size+0x500/0xa40
[  504.331352][T11376]  netlink_sendmsg+0x746/0xbc0
[  504.336320][T11376]  ? netlink_getsockopt+0x540/0x540
[  504.341633][T11376]  ? aa_sock_msg_perm+0x94/0x150
[  504.346799][T11376]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  504.352216][T11376]  ? security_socket_sendmsg+0x7c/0xa0
[  504.358034][T11376]  ? netlink_getsockopt+0x540/0x540
[  504.363644][T11376]  ____sys_sendmsg+0x59b/0x970
[  504.368791][T11376]  ? __sys_sendmsg_sock+0x30/0x30
[  504.374035][T11376]  ? __import_iovec+0x315/0x500
[  504.379147][T11376]  ? import_iovec+0x6f/0xa0
[  504.383831][T11376]  ___sys_sendmsg+0x21c/0x290
[  504.388578][T11376]  ? __sys_sendmsg+0x270/0x270
[  504.393598][T11376]  ? __lock_acquire+0x7c50/0x7c50
[  504.398892][T11376]  ? __fdget+0x17c/0x200
[  504.403478][T11376]  __se_sys_sendmsg+0x19e/0x270
[  504.408578][T11376]  ? ct_nmi_exit+0x145/0x1c0
[  504.413314][T11376]  ? __x64_sys_sendmsg+0x80/0x80
[  504.418432][T11376]  ? lockdep_hardirqs_on+0x94/0x140
[  504.423896][T11376]  do_syscall_64+0x4c/0xa0
[  504.429248][T11376]  ? clear_bhb_loop+0x45/0xa0
[  504.434075][T11376]  ? clear_bhb_loop+0x45/0xa0
[  504.439261][T11376]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.445584][T11376] RIP: 0033:0x7fa0b5f8e969
[  504.450134][T11376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.470064][T11376] RSP: 002b:00007fa0b6d24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.479258][T11376] RAX: ffffffffffffffda RBX: 00007fa0b61b5fa0 RCX: 00007fa0b5f8e969
[  504.489182][T11376] RDX: 0000000020000800 RSI: 0000200000000600 RDI: 0000000000000003
[  504.497588][T11376] RBP: 00007fa0b6d24090 R08: 0000000000000000 R09: 0000000000000000
[  504.505777][T11376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.515202][T11376] R13: 0000000000000000 R14: 00007fa0b61b5fa0 R15: 00007ffe285c4248
[  504.524079][T11376]  </TASK>
[  505.239949][T11383] netlink: 'syz.1.2407': attribute type 21 has an invalid length.
[  505.273909][T11383] netlink: 'syz.1.2407': attribute type 5 has an invalid length.
[  506.379283][T11400] netlink: 'syz.2.2412': attribute type 27 has an invalid length.
[  506.449365][T11400] netlink: 'syz.2.2412': attribute type 3 has an invalid length.
[  506.496772][T11410] sctp: [Deprecated]: syz.3.2416 (pid 11410) Use of struct sctp_assoc_value in delayed_ack socket option.
[  506.496772][T11410] Use struct sctp_sack_info instead
[  506.614896][T11400] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2412'.
[  506.860428][T11417] sctp: [Deprecated]: syz.4.2417 (pid 11417) Use of struct sctp_assoc_value in delayed_ack socket option.
[  506.860428][T11417] Use struct sctp_sack_info instead
[  509.996095][T11470] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2436'.
[  510.111790][T11466] sctp: [Deprecated]: syz.0.2435 (pid 11466) Use of struct sctp_assoc_value in delayed_ack socket option.
[  510.111790][T11466] Use struct sctp_sack_info instead
[  510.159001][T11470] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2436'.
[  513.039174][T11503] FAULT_INJECTION: forcing a failure.
[  513.039174][T11503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.153742][T11503] CPU: 0 PID: 11503 Comm: syz.3.2449 Not tainted 6.1.136-syzkaller #0
[  513.164008][T11503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  513.177527][T11503] Call Trace:
[  513.182073][T11503]  <TASK>
[  513.187416][T11503]  dump_stack_lvl+0x168/0x22e
[  513.192676][T11503]  ? show_regs_print_info+0x12/0x12
[  513.198955][T11503]  ? load_image+0x3b0/0x3b0
[  513.205117][T11503]  ? __lock_acquire+0x7c50/0x7c50
[  513.210889][T11503]  should_fail_ex+0x399/0x4d0
[  513.215803][T11503]  _copy_from_user+0x2c/0x170
[  513.221846][T11503]  bpf_prog_test_run_skb+0x258/0x11b0
[  513.228419][T11503]  ? __fget_files+0x28/0x4d0
[  513.234871][T11503]  ? __fget_files+0x44a/0x4d0
[  513.239819][T11503]  ? cpu_online+0xa0/0xa0
[  513.244207][T11503]  bpf_prog_test_run+0x31e/0x390
[  513.250796][T11503]  __sys_bpf+0x593/0x6d0
[  513.255256][T11503]  ? bpf_link_show_fdinfo+0x310/0x310
[  513.261291][T11503]  ? lock_chain_count+0x20/0x20
[  513.266223][T11503]  __x64_sys_bpf+0x78/0x90
[  513.271136][T11503]  do_syscall_64+0x4c/0xa0
[  513.275895][T11503]  ? clear_bhb_loop+0x45/0xa0
[  513.281239][T11503]  ? clear_bhb_loop+0x45/0xa0
[  513.286241][T11503]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  513.292180][T11503] RIP: 0033:0x7ff2c8f8e969
[  513.296646][T11503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.316384][T11503] RSP: 002b:00007ff2c9d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  513.324850][T11503] RAX: ffffffffffffffda RBX: 00007ff2c91b5fa0 RCX: 00007ff2c8f8e969
[  513.333569][T11503] RDX: 0000000000000050 RSI: 0000200000000400 RDI: 000000000000000a
[  513.342376][T11503] RBP: 00007ff2c9d66090 R08: 0000000000000000 R09: 0000000000000000
[  513.351540][T11503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.361262][T11503] R13: 0000000000000000 R14: 00007ff2c91b5fa0 R15: 00007ffde5e12378
[  513.370119][T11503]  </TASK>
[  514.611891][T11505] sctp: [Deprecated]: syz.3.2450 (pid 11505) Use of struct sctp_assoc_value in delayed_ack socket option.
[  514.611891][T11505] Use struct sctp_sack_info instead
[  516.029750][T11530] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  516.038521][T11530] #PF: supervisor instruction fetch in kernel mode
[  516.045331][T11530] #PF: error_code(0x0010) - not-present page
[  516.051716][T11530] PGD 77a77067 P4D 77a77067 PUD 0 
[  516.057326][T11530] Oops: 0010 [#1] PREEMPT SMP KASAN
[  516.063036][T11530] CPU: 0 PID: 11530 Comm: syz.0.2458 Not tainted 6.1.136-syzkaller #0
[  516.072862][T11530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  516.085647][T11530] RIP: 0010:0x0
[  516.089396][T11530] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  516.104203][T11530] RSP: 0018:ffffc90003537458 EFLAGS: 00010246
[  516.111718][T11530] RAX: 1ffffffff15eb17f RBX: 0000000000000001 RCX: 0000000000000001
[  516.120930][T11530] RDX: ffffc90003537500 RSI: 0000000000000001 RDI: ffff8880778bc000
[  516.131289][T11530] RBP: ffffc90003537570 R08: dffffc0000000000 R09: ffffed100ef17808
[  516.140359][T11530] R10: ffffed100ef17808 R11: 1ffff1100ef17807 R12: ffffe8ffffc5d990
[  516.150288][T11530] R13: ffffffff8af58bf8 R14: 0000000000000000 R15: ffff8880778bc000
[  516.159861][T11530] FS:  00007f1331eac6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  516.172365][T11530] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  516.181702][T11530] CR2: ffffffffffffffd6 CR3: 00000000789cc000 CR4: 00000000003506f0
[  516.192736][T11530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  516.205057][T11530] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  516.215410][T11530] Call Trace:
[  516.219244][T11530]  <TASK>
[  516.222695][T11530]  bond_xdp_xmit+0x309/0x520
[  516.228272][T11530]  ? asm_sysvec_call_function_single+0x16/0x20
[  516.236938][T11530]  ? bond_xdp_xmit+0x93/0x520
[  516.247352][T11530]  ? bond_xdp+0x840/0x840
[  516.252157][T11530]  ? page_pool_put_defragged_page+0x5ca/0x8c0
[  516.259581][T11530]  bq_xmit_all+0xc99/0x10d0
[  516.265892][T11530]  ? verify_lock_unused+0x140/0x140
[  516.272366][T11530]  ? zone_statistics+0x170/0x170
[  516.279038][T11530]  ? bq_enqueue+0x2ee/0x3d0
[  516.283936][T11530]  ? dev_map_enqueue_multi+0xff9/0x1160
[  516.289783][T11530]  ? __dev_flush+0x1b0/0x1b0
[  516.295470][T11530]  ? dev_map_enqueue+0x340/0x340
[  516.301983][T11530]  ? lock_chain_count+0x20/0x20
[  516.307617][T11530]  ? trace_page_pool_state_hold+0xa7/0x250
[  516.314339][T11530]  ? rcu_is_watching+0x11/0xa0
[  516.321175][T11530]  ? trace_xdp_redirect+0xb3/0x2b0
[  516.326414][T11530]  ? __cant_sleep+0x210/0x210
[  516.331422][T11530]  __dev_flush+0xbf/0x1b0
[  516.336604][T11530]  xdp_do_flush+0xa/0x20
[  516.340928][T11530]  bpf_test_run_xdp_live+0x1466/0x1970
[  516.346616][T11530]  ? bpf_test_run_xdp_live+0x45c/0x1970
[  516.353189][T11530]  ? xdp_convert_md_to_buff+0x330/0x330
[  516.359067][T11530]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  516.365357][T11530]  ? bpf_test_init+0x134/0x150
[  516.370169][T11530]  ? xdp_convert_md_to_buff+0x5b/0x330
[  516.376031][T11530]  bpf_prog_test_run_xdp+0x6f1/0xe50
[  516.381492][T11530]  ? dev_put+0x80/0x80
[  516.386046][T11530]  ? dev_put+0x80/0x80
[  516.391022][T11530]  bpf_prog_test_run+0x31e/0x390
[  516.396500][T11530]  __sys_bpf+0x593/0x6d0
[  516.401940][T11530]  ? bpf_link_show_fdinfo+0x310/0x310
[  516.408321][T11530]  ? lock_chain_count+0x20/0x20
[  516.414989][T11530]  __x64_sys_bpf+0x78/0x90
[  516.421011][T11530]  do_syscall_64+0x4c/0xa0
[  516.425894][T11530]  ? clear_bhb_loop+0x45/0xa0
[  516.431575][T11530]  ? clear_bhb_loop+0x45/0xa0
[  516.438044][T11530]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  516.444946][T11530] RIP: 0033:0x7f1330f8e969
[  516.450189][T11530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.476124][T11530] RSP: 002b:00007f1331eac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  516.487471][T11530] RAX: ffffffffffffffda RBX: 00007f13311b6080 RCX: 00007f1330f8e969
[  516.496925][T11530] RDX: 0000000000000050 RSI: 0000200000000280 RDI: 000000000000000a
[  516.507751][T11530] RBP: 00007f1331010ab1 R08: 0000000000000000 R09: 0000000000000000
[  516.517683][T11530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  516.528660][T11530] R13: 0000000000000000 R14: 00007f13311b6080 R15: 00007fffb384ba98
[  516.539995][T11530]  </TASK>
[  516.543605][T11530] Modules linked in:
[  516.548642][T11530] CR2: 0000000000000000
[  516.553940][T11530] ---[ end trace 0000000000000000 ]---
[  516.561260][T11530] RIP: 0010:0x0
[  516.565388][T11530] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  516.574916][T11530] RSP: 0018:ffffc90003537458 EFLAGS: 00010246
[  516.582894][T11530] RAX: 1ffffffff15eb17f RBX: 0000000000000001 RCX: 0000000000000001
[  516.593631][T11530] RDX: ffffc90003537500 RSI: 0000000000000001 RDI: ffff8880778bc000
[  516.602546][T11530] RBP: ffffc90003537570 R08: dffffc0000000000 R09: ffffed100ef17808
[  516.611575][T11530] R10: ffffed100ef17808 R11: 1ffff1100ef17807 R12: ffffe8ffffc5d990
[  516.620678][T11530] R13: ffffffff8af58bf8 R14: 0000000000000000 R15: ffff8880778bc000
[  516.632017][T11530] FS:  00007f1331eac6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  516.642492][T11530] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  516.649464][T11530] CR2: ffffffffffffffd6 CR3: 00000000789cc000 CR4: 00000000003506f0
[  516.658518][T11530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  516.667570][T11530] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  516.676458][T11530] Kernel panic - not syncing: Fatal exception in interrupt
[  516.687197][T11530] Kernel Offset: disabled
[  516.692272][T11530] Rebooting in 86400 seconds..