last executing test programs:

4.07926179s ago: executing program 1 (id=1903):
r0 = perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e10000000000000000008500000053000000850000007d00000095"], 0x0, 0x4}, 0x94)
r3 = perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0x9, &(0x7f0000000380), 0x98)
r6 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000340)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="52202a3b2a1a7202"], 0x9)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r8, 0x0, 0x2, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000380), 0x12)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9092dc1b6dbe9ab5becdcc777", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(r1, 0x6, 0xd, &(0x7f0000000040), 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r10 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000e00)='cpuset.mems\x00', 0x2, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x6}, 0x94)
write$cgroup_subtree(r10, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x6a)
sendmsg$inet(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000005a76000000000000", @ANYRES8=r11, @ANYBLOB='\t\x00'/19, @ANYRES32=0x0, @ANYRESDEC=r8, @ANYRESOCT=r6], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r12, 0x0, 0xe, 0x0, &(0x7f0000000440)="0000000000000060145b4ebeada5", 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)

3.680404104s ago: executing program 1 (id=1907):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0, 0x1}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000240)={r0, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], 0x0, 0x68, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0xb1, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4e}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x0, 0x2c, 0x0, 0x28)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280)=r2, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3.132029576s ago: executing program 1 (id=1910):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={&(0x7f0000000040)=@in6={0xa, 0x3, 0x0, @private2}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000200)="80", 0x1}], 0x1, &(0x7f0000000740)=[{0x10, 0x84, 0x8}], 0x10}, 0x41)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x14, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400003c0000000000a6070000008300009500"/32], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e0000000400000004000000020000000000", @ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000300)={r4, 0x0, &(0x7f00000002c0)=""/2, 0x2}, 0x20)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000007c0)={&(0x7f0000000440)="ad2775ab592adce191dd87755474ac4ac8466d07cffb8239cab3b5d72b7a7f704229c6dbc7cee9ad408818c4aad40d84979a45014df7", &(0x7f0000000640)=""/211, &(0x7f00000005c0)="b22b8977df40ad3e7d9d251fe41a", &(0x7f0000000780)="420df6f701d12be9c4ee5b1337a35f2c0130c37123861aeba80d4baf0a1c1d4dd72f4d8fcfe12cb420622c0e857c1ef1eed4bd4a11", 0x8, r2, 0x4}, 0x38)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0), 0x8)
close(r5)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r6, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1e, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=r5, @ANYBLOB="0000000000000100b7020000000085000000151b0816fb48af1f", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000200)='syzkaller\x00', 0x400, 0xe, &(0x7f0000000880)=""/14, 0x41000, 0x20, '\x00', r6, @sk_lookup, r5, 0x8, &(0x7f0000000340)={0x8000003, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x2, 0xc, 0xfffffffb, 0x5}, 0x10, 0x0, r5, 0x2, 0x0, &(0x7f0000000400)=[{0x2, 0x1, 0x2, 0xc}, {0x4, 0x1, 0x0, 0x4}], 0x10, 0x8000}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_devices(r5, &(0x7f00000003c0)={'c', ' *:* ', 'rwm\x00'}, 0xa)
sendmsg(0xffffffffffffffff, 0x0, 0x40000040)
r8 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x2, 0x2, 0x8, 0x9, 0x0, 0x6, 0x2, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x8}, 0x2000, 0xff, 0x9, 0x0, 0x4, 0x145d, 0x1, 0x0, 0x3f8, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2d, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000005000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000008520000005000000181a0000", @ANYRES32=r2, @ANYBLOB="000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000317f8f51853570000000b7000000200000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850084fe7ab864f2593cab846c9dc310580000828b287ccd11934b3250f1069fc98d01f5d927c77f0e4c2e1ef24d9d859e90eb298b1502d3fe3142f10379c01b0bb07c15e8ec7cf33882c0bc94b7d0d34c96ca87c754ead1e46925355cb35477", @ANYRES32=r4, @ANYBLOB="0000000001010000bc9850001000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800009bffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000054f03000dac0000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = syz_clone(0x8d2ab000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r1, &(0x7f0000000280)=r9, 0x12)
gettid()
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f0000000040)={0x2, 0x80, 0x7f, 0x5, 0x6, 0x10, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0x400, 0x7fffffffffffffff, 0xfffff001, 0x2, 0x1, 0x8, 0x1, 0x0, 0x2, 0x0, 0x8})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

2.536326341s ago: executing program 2 (id=1916):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x42, 0x32, 0x43e1bd76, 0x7, 0x8, 0x20a, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000004000000bca30000000000002403000040feffff720af0ff0000000171a4f1ff000000001f030000000000002e0a0200000000002600030008ff000e61148c00000000001d430000000000007a0af0ff00581c1f6114660000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000006000000010001004900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f00000006c0), &(0x7f00000003c0)=""/14, 0x2}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8902, &(0x7f0000000080))
r4 = socket$kcm(0x2, 0x922000000001, 0x106)
r5 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0e00009bd029ef8020ab"], 0xfe33)
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x84, 0x22, &(0x7f0000000000)=r8, 0x10)
sendmsg$kcm(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x24004001)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x25, &(0x7f00000002c0)=r9, 0x8)
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000600)="ff", 0x1}], 0x1}, 0x400100f)
perf_event_open(&(0x7f0000000040)={0x3, 0xfffffffffffffe58, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x1}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1f, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x59}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x89a0, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r0, 0x29, 0x10, 0x0, 0x0)

2.488337054s ago: executing program 0 (id=1917):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa067707"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x300, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.336765002s ago: executing program 1 (id=1918):
socketpair(0x28, 0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0xc8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x7, 0x0, &(0x7f00000004c0)="630b008646dc3f", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$kcm(0x28, 0x5, 0x0)
close(r2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x3f, 0x1, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51}, 0x28)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x19300}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x9, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], &(0x7f0000000000)='GPL\x00', 0x5, 0xb4, &(0x7f000000cf3d)=""/180}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0xf4, 0x0, 0xfe, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x3}, 0x6000, 0x0, 0x4, 0x6, 0x0, 0xa000000a, 0xfffc, 0x0, 0x5}, 0x0, 0xb, 0xffffffffffffffff, 0x4)
r6 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r6, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x9, 0x0, &(0x7f0000000040)="b90103600040f00000", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})

2.335049072s ago: executing program 0 (id=1926):
r0 = socket$kcm(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x40, 0x0, 0x8, 0x0, 0x0, 0x61000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2002, 0x0, @perf_bp={0x0, 0x4}, 0xa100, 0xc8, 0x3, 0x9, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xa}, 0x828, 0xfffffffffffff000, 0xfffd, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xc, 0xffffffffffffffff, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890c, &(0x7f0000000000))
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce2200182f00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa35f088be"], 0xfdef)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0xffca}, 0x164)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:', @ANYRESDEC], 0x1d)
setsockopt$sock_attach_bpf(r0, 0x29, 0x37, &(0x7f0000000040), 0xcf)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)="68dd64c90b429cb3f3cfb5da5670a7ba950bb63afa52eca5658cfb9239a617fb6b2307af22e4a4c3619ce5074ce9735e1366d74c6273a6972918f84ddb59d62da9e4f4751b533e9c918c66a530a3ad3182f83b173322b983ecb5bfce58d273917de8e0bcea3541d50573c810c990bad830041c69f6f8209b18ed175560c37d4001b7c48801")
r8 = perf_event_open$cgroup(&(0x7f00000001c0)={0x1, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r8, 0x4008240b, &(0x7f00000013c0))
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x7, 0x4, 0x0, 0x3be3d60c}, {0x6, 0xb, 0xca}]})

2.256157767s ago: executing program 3 (id=1919):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800040604000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x1f00, 0x0, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

2.136630284s ago: executing program 2 (id=1920):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xcfa4)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001880)="5c00000012006b1e003de3d86e6c1dff05137e0300000000000000b68675f8001d000a00a0e69ee517d34442bc24eab556a7e60f1e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000800030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0xf, &(0x7f00000001c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000900)=r3, 0x4)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f0000000280)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r6, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r6, &(0x7f0000000100)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f2384", 0x16}, {&(0x7f0000000340)="5ed0fc370c692126507f36d1a5f9318998f1517031f1680f8bf2", 0x1a}], 0x2}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
r8 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000001340)=@hci={0x1f, 0x5865, 0x31}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000000)="b8b2821400000081000000008100cf1f8203", 0x12}], 0x1}, 0x20048090)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0x33, 0x0, &(0x7f0000000180)="b90103606908068c3c270040e700009e0ff008001ffff2e1ffff8100632f0806a5e65181a957ff59821ab6abc50af2cbd1024f", 0x0, 0x8104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.030239441s ago: executing program 0 (id=1921):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000000000000000000d03000000000000000000000204000000000000000000000b020000000000000061"], 0x0, 0x52}, 0x20) (async)
r0 = socket$kcm(0x29, 0x5, 0x0) (async, rerun: 32)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x6, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0xe8, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) (async, rerun: 32)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="d80000001c0081030081f782db44b904021d080201000000040000a118000c000600141a62600e1208000f0100810401a8001600200001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x4001) (async, rerun: 64)
r2 = socket$kcm(0x10, 0x400000002, 0x0) (rerun: 64)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0xfe33) (async, rerun: 32)
sendmsg$kcm(r0, &(0x7f0000000a40)={&(0x7f00000003c0)=@can={0x1d, r1}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000440)="83bc7649f46d5ba3c138ce072163159e9bd19c0488e3890e2db34d", 0x1b}, {&(0x7f0000000480)="46e6b3d5086c9fe03e4eac6e53275e912617d92e1c373a9c2afecdbedd8a0bd236e8bf156d16", 0x26}, {&(0x7f00000004c0)="d8279372e2fe2b4d97f262bf9e879693b991c17f6db24e06b1b1e529820cec17260a3a38499050c76d75b7fcf513d1dd06452088918c0487a0daf790e4b6f3c5f9ef40fe99f925d05c985988c6215a3d1d2f2863f5cf03aca52fa5130183c2794f4f1a52549f2ad791856ef5785947351fc0ff647f7518098afa5b233013751d0ebe7e36acf0ec08645118c03be7686016bbf3881ead7248d58959f0e16329f153414101e5c466d7d0ca64333a16024cab572275ef9292f65524d908993bc715baf1268bdc61845a2777f851a9ea5c7fd2462f81501bada75255662ca222572e1c93d8b85d475de6", 0xe8}, {&(0x7f00000005c0)="b4280c38523f9cd1c57d12d8e189db8ffa212fd8b8ee4bdf8a8939c17ba01ee097306a72b9fdc52bedf955231c54ab2b6b2915da0f8704a5ca6f4f2ba76e654dee749110e99a764a316532aa86e9e039520c4978b3d8d13e36e38b306ec51ede54a844b24d157a617d72dc21f54a65af8fc9ce7740075d225f22613b316b8e791aadf9446aee39b6c0ce2d3aec12a3f78302457a4e427f126fc68c893ddce34563f81e", 0xa3}, {&(0x7f0000000680)="aea16c314419005c81670c779930b30fbd39f52bce8233a926f8a30d72a3b4e7813b3f6977fbee631756044c21ec833b0e971216747ea80738007f72c62f7b8180a1e1dc7e115ab2465dbfea691d7d5b6140cbd33dc60a63c80bdcad5a509f38408e480cffe21942e33f66a3efe16944e0dfc1c94a240a84d918f33556c9702b8889b3bf5b7edcff5d952a8c9dc5157b3694330e5d6ac2b725482ff30d9ee83c3a5162a89695115b436db98e54cf5f9508c9728ff659c25f18fc718ca973778196afc841b6c2182ddb8cf4be332d8a74a8ed437b9e29b9e7ad244d176061", 0xde}, {&(0x7f0000000780)="dd8f117067ede250b8fb2699116a742971ff501ef5a862ca9fed96d32380936307a3fbcb132a18d374291aece4e2351eac3b6656157599b6092d2ed1d74de338212ec42f7a28624e39fa27d0ebf20402d48fdf944e8c73d20dcf5d94560b443a7216882e7e08a2635b3193e8e33d3a00b64ed2c88675accb0699a652c933384eea5f7845869b93bcb9ed3fd64ba4e17942730c73d7b2e3a716797ca53c8dc16655cf535c407a2f5de2b22ffc6b83625113651443b5a653f8af3e14e91d975baab7e44ebc04bd181e", 0xc8}], 0x6, &(0x7f0000000900)=[{0x110, 0x88, 0x7, "fef895c5c6a70ffb67ce468468d7e39def121ea1656261c260203902023262370e73bc5e30ed2b50a096e6999fba7e6513184e63f16fe83477934cdf3d17d5522f3f2c8c3783ace0be5ad632fba4de889b1cac360f87fb52d199eb2f2b39d949f6281d6ecc39f95c969b1f17884b5fda4845d2fba512dfab059843900060e5b7dc69e6f46b3ada2cbac2a2bd1981612f6b550f15d8e2988b56a938a2126c5aece8c6544f7c2ec2ebdc6de793ebc9e2f713d77e32d706d9f17143152dfb782fc18c60c75fe28b33261db9abea08613aca3aab639b6928789b58796b43d20548b230dd54785e78ed040333efe3269e68ecb0b899a7326778f99c768a2214c6"}], 0x110}, 0x4000) (rerun: 32)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000505d25a806c8c6f94f90524fc600a080a0002000000051d82c137153e374c0c0980fc6310000300", 0x33fe0}], 0x1}, 0x0)

2.001852042s ago: executing program 3 (id=1922):
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x77}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x9, 0x92, 0x3, 0x9, 0x0, 0x100000080001, 0x91239, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x3, 0x1}, 0x102200, 0x1, 0xb, 0x6, 0x3, 0x8, 0x43, 0x0, 0xe18a, 0x0, 0x1000000000000007}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x16, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2000000, 0x7}, 0x800, 0xab, 0x6, 0x6, 0xfffffffffdf7bbfe, 0x0, 0x5, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0x4000000000e, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x20000000009, 0x64019, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7a, 0x1, @perf_config_ext={0xf4, 0x3}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x5)
socketpair(0x1d, 0x2, 0x2, 0x0)
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

1.686940551s ago: executing program 3 (id=1923):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000640)=@framed={{}, [@printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffd}, {0x85, 0x0, 0x0, 0x71}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.685993791s ago: executing program 0 (id=1932):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800040604000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x1f00, 0x0, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

1.679710781s ago: executing program 2 (id=1933):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r0=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x19, 0x14, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r1, &(0x7f0000000580)={&(0x7f00000000c0), 0x10, &(0x7f00000004c0), 0x300}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x12, &(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000000000711184000000000085100000020000008500002f631602e182d4bc00000000007b8af8ff0000b7080000030000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000b341c01d4e00000007040000f0ffffffb70200d2cbf1958dff5df000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x2c}, 0x8)

1.460703614s ago: executing program 1 (id=1924):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01cebab7cbc9fed8744c3d36001800000000130e504d5e11bc9e1b96586482f707f9000000240000002400000009000100000000000000000300000000040000000200000000000000070000000000000c00000000000000000000005f00"], &(0x7f0000000800)=""/169, 0x45, 0xa9, 0x1}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1}, 0x50)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000380)="5c00000014006b03000000d86e6c1d00028409fcffff564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6aee6d700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x84)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000240)={r1})
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x80a, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080c30000000e8fe55a1190015000600142603600e120900180000000401a80016000a0004400a080000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={0xffffffffffffffff}, 0x4)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000001c0)=r5, 0x4)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r0}, 0x38)

1.460302384s ago: executing program 2 (id=1925):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x4000}, 0x3500000000000000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, r1, 0xa)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580)=0x2, 0x0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x2, 0x2, 0x73)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000000c0)="06ff03076844268cb89e14f00800", 0x0, 0xfe, 0x60000000, 0x13, 0x0, 0x0, 0x0}, 0x50)

1.385226248s ago: executing program 0 (id=1927):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={&(0x7f0000000040)=@in6={0xa, 0x3, 0x0, @private2}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000200)="80", 0x1}], 0x1, &(0x7f0000000740)=[{0x10, 0x84, 0x8}], 0x10}, 0x41)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x14, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400003c0000000000a6070000008300009500"/32], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e0000000400000004000000020000000000", @ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000300)={r4, 0x0, &(0x7f00000002c0)=""/2, 0x2}, 0x20)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000007c0)={&(0x7f0000000440)="ad2775ab592adce191dd87755474ac4ac8466d07cffb8239cab3b5d72b7a7f704229c6dbc7cee9ad408818c4aad40d84979a45014df7", &(0x7f0000000640)=""/211, &(0x7f00000005c0)="b22b8977df40ad3e7d9d251fe41a", &(0x7f0000000780)="420df6f701d12be9c4ee5b1337a35f2c0130c37123861aeba80d4baf0a1c1d4dd72f4d8fcfe12cb420622c0e857c1ef1eed4bd4a11", 0x8, r2, 0x4}, 0x38)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
r5 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0), 0x8)
close(r5)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r6, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1e, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=r5, @ANYBLOB="0000000000000100b7020000000085000000151b0816fb48af1f", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000200)='syzkaller\x00', 0x400, 0xe, &(0x7f0000000880)=""/14, 0x41000, 0x20, '\x00', r6, @sk_lookup, r5, 0x8, &(0x7f0000000340)={0x8000003, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x2, 0xc, 0xfffffffb, 0x5}, 0x10, 0x0, r5, 0x2, 0x0, &(0x7f0000000400)=[{0x2, 0x1, 0x2, 0xc}, {0x4, 0x1, 0x0, 0x4}], 0x10, 0x8000}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_devices(r5, &(0x7f00000003c0)={'c', ' *:* ', 'rwm\x00'}, 0xa)
sendmsg(0xffffffffffffffff, 0x0, 0x40000040)
r8 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x2, 0x2, 0x8, 0x9, 0x0, 0x6, 0x2, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x8}, 0x2000, 0xff, 0x9, 0x0, 0x4, 0x145d, 0x1, 0x0, 0x3f8, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2d, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000005000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000008520000005000000181a0000", @ANYRES32=r2, @ANYBLOB="000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000317f8f51853570000000b7000000200000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850084fe7ab864f2593cab846c9dc310580000828b287ccd11934b3250f1069fc98d01f5d927c77f0e4c2e1ef24d9d859e90eb298b1502d3fe3142f10379c01b0bb07c15e8ec7cf33882c0bc94b7d0d34c96ca87c754ead1e46925355cb35477", @ANYRES32=r4, @ANYBLOB="0000000001010000bc9850001000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800009bffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000054f03000dac0000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = syz_clone(0x8d2ab000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r1, &(0x7f0000000280)=r9, 0x12)
gettid()
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f0000000040)={0x2, 0x80, 0x7f, 0x5, 0x6, 0x10, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0x400, 0x7fffffffffffffff, 0xfffff001, 0x2, 0x1, 0x8, 0x1, 0x0, 0x2, 0x0, 0x8})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

1.279436715s ago: executing program 3 (id=1928):
r0 = perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e10000000000000000008500000053000000850000007d00000095"], 0x0, 0x4}, 0x94)
r3 = perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0x9, &(0x7f0000000380), 0x98)
r6 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x3, 0x5, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000340)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="52202a3b2a1a7202"], 0x9)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r8, 0x0, 0x2, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000380), 0x12)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9092dc1b6dbe9ab5becdcc777", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_attach_bpf(r1, 0x6, 0xd, &(0x7f0000000040), 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r10 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000e00)='cpuset.mems\x00', 0x2, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x6}, 0x94)
write$cgroup_subtree(r10, &(0x7f0000000100)=ANY=[@ANYBLOB='N-N:N/'], 0x6a)
sendmsg$inet(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000005a76000000000000", @ANYRES8=r11, @ANYBLOB='\t\x00'/19, @ANYRES32=0x0, @ANYRESDEC=r8, @ANYRESOCT=r6], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r12, 0x0, 0xe, 0x0, &(0x7f0000000440)="0000000000000060145b4ebeada5", 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)

1.200463069s ago: executing program 2 (id=1929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000900000006"], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000100), &(0x7f00000002c0)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000740)={r3, &(0x7f0000000700), &(0x7f0000001980)=""/210}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x5, 0x3, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], 0x0, 0x9f, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x35, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r5 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x49}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x84, 0x64, &(0x7f0000000000)=r7, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x16, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3ff}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x4, 0x1, 0xc, 0x8, 0x5, 0x1, 0xc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x17}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0x34, &(0x7f00000001c0)=""/52, 0x41000, 0x5c, '\x00', r4, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x4, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x7, 0x0, 0x6}, 0x10, 0x0, r7, 0x4, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x0, 0x5, 0x3, 0x4}, {0xfffffffd, 0x1, 0x4, 0xc}, {0x4, 0x3, 0xc, 0x7}, {0x0, 0x2, 0x5, 0xc}], 0x10, 0x6f}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000280)={r8}, 0xc)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r9, r0}, 0xc)

506.0462ms ago: executing program 0 (id=1930):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f00000000c0)="d80000001e0081064e81f782db44b9040a02080006007c09e8fe78190a0015c00200142603600e120800110024000000a80009001100014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef40900d1001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
recvmsg(r0, &(0x7f00000003c0)={&(0x7f0000000280)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="180900000000000000000000000000008500", @ANYRES32=r0, @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
socket$kcm(0xa, 0x3, 0x73)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x4)
r4 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[@ANYRES32=r4, @ANYRES32=r2, @ANYBLOB="3e32356c33993e0fdc3e4daa3577e71d29d62b50ae7021c98ce97c84228d09eab5a49879ed676131ee6adc71c603670800000000000000006e000000", @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000440)={0x0, 0x690f}, 0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(r3)
socket$kcm(0x10, 0x2, 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES8=r0], 0x50)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4048880)
r5 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'ip6gre0\x00', 0x200})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2000, 0x0, 0x0, 0x6, 0x1, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xe8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000000)='cpu&\t\t')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x8, 0x200}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0x2)

505.77568ms ago: executing program 3 (id=1931):
socketpair(0x2b, 0x5, 0x200005, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8991, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00l \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
socketpair(0x3, 0x800, 0x0, &(0x7f0000000000))

379.084248ms ago: executing program 3 (id=1934):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@volatile={0x0, 0x0, 0x0, 0x9, 0x2}, @fwd={0x4}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, &(0x7f0000000540)=""/246, 0x36, 0xf6, 0x1}, 0x28)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='cgroup.clone_children\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000c00)=ANY=[@ANYBLOB="61128c00000000006113730000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf670000000000001500fdff0fff52e84407000009300000240600000ee60000bf050000000000001c63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e71a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387bfa1bc9b49da28724ba9cd79fbee8f97af876d0e30c19555ffdd7d73815b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f42407107000cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08124d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cb003841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e75414c91fce6c86287945bd8d258442760000ff010000000000000000000000300807f2f3906c1d45d05ba9df828d35376fed399fa311ff63a34f0c0b82b4f2825e729eb9b7f4c9ab3be5bc011ff29904bbc424880247fabe7325a6e8d139e99d2b2fbf7e84fca3b21c78840b858ce900a4eb9c2b8b9b7fb664d2aeac991ca09b1afc0ef7aed4541a2f7275130a9fa3853481c81e919c000000000000000000000000b1e0e4b55e0d5d8c657b4853fc18ec43be33e5f971cceda04d95c87489910ce692ee55c536d1671bffd4c9b98efb741b13f0ab26ac191c74"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000300)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0xc0}]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a33120813", 0x0, 0xbffffffe, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r5, r4}, 0xc)

164.43163ms ago: executing program 2 (id=1935):
r0 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0a00000002000000030000000b00000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000004f0000008a6ef94fb9c1ec1ca20cf4c109da653ea6d49b4283e45107650c3a8a727494509b617b7dfb6e5a2e4647b02430d45d6a83fc2da6fb40802ce8733b17eb7db97a9c34df0b2f0e26f72fdf06341eb8b3cd1b51d05af56e15da952d438b3f55f5fb1a66c4ed5ba75332d1423d6a68ca02ecfa586dd80c1aae4c83028f1e4e21daeea809e5841ab9a8766bc2460f05d8892751795462265f03c088a6c379706729217d6664c7f789de192f82b12e6c000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r3}, 0xc)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x9, 0x7, @dev, 0x39}, 0x80, 0x0}, 0xe07e872420dfefca)
recvmsg$kcm(r2, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000034c0)=""/4092, 0xffc}, {&(0x7f00000044c0)=""/4091, 0xffb}, {&(0x7f0000000b80)=""/4094, 0xffe}], 0x3}, 0x40016002)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029ea69801d76ab0a272a2a788bab6c95f79725074", 0xd5}], 0x1}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x40000120)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
recvmsg$kcm(r2, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x6, 0x100000001}, 0x808, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa335, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffbffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x4, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0xf, &(0x7f00000009c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000dc21cbdc801aba1904034816b8ef9ae311f0d220ed0dda37140a5ab6579548ebd93db5a03726638958d8f0ba5c2ee5bb498a463070cdc718216dba95bd1d12412027db0563d0a9a77da9739988ed13fae3c71b96a346e4204bcd9adf3b9d38f9dad9d23cf657f46a7da654367bd14430140b9d15f130b5abe9257b95a39ddeec1c1592e81671ad8ec035ccc5ec5028a25b1553184a41d12da58fcf152c7b7420f4d9ff7c9d346c2db3cacc97e4"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80100, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x100904, 0x401, 0x25, 0x0, 0x1, 0x200, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000580)="5c0000005a006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36500001a44dd021d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d49380e78ff6a1577ae18c819945fb4e37e70e4509c5", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6, <r7=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYRESHEX=r5], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000280)={r3}, 0xc)
recvmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)=""/43, 0x2b}], 0x1, 0x0, 0xae}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

0s ago: executing program 1 (id=1936):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@li, {}, {0x7, 0x1, 0x4}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffc}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000000)='syzkaller\x00', 0xa}, 0x94)
socket$kcm(0x10, 0x3, 0x10) (async)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@li, {}, {0x7, 0x1, 0x4}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffc}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000000)='syzkaller\x00', 0xa}, 0x94) (async)

kernel console output (not intermixed with test programs):

link: 60 bytes leftover after parsing attributes in process `syz.0.1035'.
[  216.170761][ T8780] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1036'.
[  216.197087][ T8782] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1035'.
[  216.566180][ T8802] netlink: 'syz.2.1045': attribute type 10 has an invalid length.
[  217.318176][ T8832] netlink: 'syz.1.1055': attribute type 3 has an invalid length.
[  217.732000][ T8839] netlink: 'syz.0.1057': attribute type 10 has an invalid length.
[  218.401686][ T8860] netlink: 'syz.2.1068': attribute type 10 has an invalid length.
[  219.294220][ T8888] netlink: 'syz.3.1078': attribute type 10 has an invalid length.
[  219.704775][ T8906] __nla_validate_parse: 15 callbacks suppressed
[  219.704792][ T8906] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1086'.
[  219.760368][ T8906] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1086'.
[  219.786567][ T8906] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1086'.
[  219.801596][ T8906] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1086'.
[  219.867880][ T8912] netlink: 'syz.3.1089': attribute type 10 has an invalid length.
[  220.248760][ T8929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1097'.
[  220.340367][ T8929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1097'.
[  220.569049][ T8934] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1097'.
[  220.606632][ T8929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1097'.
[  220.756913][ T8944] netlink: 'syz.1.1103': attribute type 10 has an invalid length.
[  220.768070][ T8944] team0: Device veth1_macvtap failed to register rx_handler
[  221.821874][ T8966] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1110'.
[  221.837525][ T8966] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1110'.
[  222.177850][ T8979] netlink: 'syz.0.1116': attribute type 10 has an invalid length.
[  222.762410][ T9000] netlink: 'syz.3.1125': attribute type 10 has an invalid length.
[  222.794239][ T9000] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  222.801706][ T9000] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  222.812526][ T9000] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  222.918241][ T9007] netlink: 'syz.0.1128': attribute type 10 has an invalid length.
[  222.930784][ T9002] FAULT_INJECTION: forcing a failure.
[  222.930784][ T9002] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  222.961705][ T9002] CPU: 0 PID: 9002 Comm: syz.1.1126 Not tainted syzkaller #0
[  222.969135][ T9002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.979324][ T9002] Call Trace:
[  222.982612][ T9002]  <TASK>
[  222.985553][ T9002]  dump_stack_lvl+0x18c/0x250
[  222.990249][ T9002]  ? show_regs_print_info+0x20/0x20
[  222.995444][ T9002]  ? load_image+0x400/0x400
[  222.999947][ T9002]  ? __lock_acquire+0x7d40/0x7d40
[  223.004972][ T9002]  ? mark_lock+0x94/0x320
[  223.009387][ T9002]  should_fail_ex+0x39d/0x4d0
[  223.014072][ T9002]  prepare_alloc_pages+0x1e2/0x5f0
[  223.019201][ T9002]  __alloc_pages+0x134/0x460
[  223.023796][ T9002]  ? zone_statistics+0x170/0x170
[  223.028739][ T9002]  ? do_wp_page+0x7ca/0x35f0
[  223.033322][ T9002]  ? do_wp_page+0xfc5/0x35f0
[  223.037926][ T9002]  __folio_alloc+0x10/0x20
[  223.042341][ T9002]  vma_alloc_folio+0x47a/0x8f0
[  223.047122][ T9002]  do_wp_page+0x1243/0x35f0
[  223.051643][ T9002]  ? folio_put+0xd0/0xd0
[  223.055983][ T9002]  ? do_raw_spin_lock+0x11f/0x2c0
[  223.061040][ T9002]  ? __rwlock_init+0x150/0x150
[  223.065832][ T9002]  handle_mm_fault+0x135d/0x4c00
[  223.070782][ T9002]  ? handle_mm_fault+0xe7/0x4c00
[  223.075732][ T9002]  ? numa_migrate_prep+0x350/0x350
[  223.080958][ T9002]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  223.086267][ T9002]  do_user_addr_fault+0x730/0x12c0
[  223.091405][ T9002]  exc_page_fault+0x64/0x100
[  223.096031][ T9002]  asm_exc_page_fault+0x26/0x30
[  223.100876][ T9002] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  223.106708][ T9002] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  223.126330][ T9002] RSP: 0018:ffffc9000d217718 EFLAGS: 00050206
[  223.132399][ T9002] RAX: ffffffff8426e901 RBX: 1ffff92001a42fc7 RCX: 00000000000035d0
[  223.140371][ T9002] RDX: 0000000000000000 RSI: ffff888025f0cce8 RDI: 000020000000d000
[  223.148350][ T9002] RBP: ffffc9000d217878 R08: ffff888025f102b7 R09: 1ffff11004be2056
[  223.156331][ T9002] R10: dffffc0000000000 R11: ffffed1004be2057 R12: ffff888025f000e8
[  223.164306][ T9002] R13: 00000000000101d0 R14: 00000000000101d0 R15: ffffc9000d217e48
[  223.172290][ T9002]  ? _copy_to_iter+0x221/0x1120
[  223.177159][ T9002]  _copy_to_iter+0x24f/0x1120
[  223.181850][ T9002]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  223.187748][ T9002]  ? iov_iter_init+0x1e0/0x1e0
[  223.192507][ T9002]  ? __virt_addr_valid+0x18c/0x540
[  223.197626][ T9002]  ? __virt_addr_valid+0x469/0x540
[  223.202754][ T9002]  ? __phys_addr_symbol+0x2f/0x70
[  223.207777][ T9002]  ? __check_object_size+0x506/0xa20
[  223.213084][ T9002]  __skb_datagram_iter+0xdb/0x780
[  223.218107][ T9002]  ? tsk_importance+0x150/0x150
[  223.222960][ T9002]  ? skb_copy_datagram_iter+0x200/0x200
[  223.228507][ T9002]  skb_copy_datagram_iter+0xb1/0x200
[  223.233792][ T9002]  tipc_recvstream+0x72b/0xe70
[  223.238652][ T9002]  ? tipc_sendstream+0x70/0x70
[  223.243443][ T9002]  ____sys_recvmsg+0x2ce/0x5e0
[  223.248240][ T9002]  ? __sys_recvmsg_sock+0x50/0x50
[  223.253377][ T9002]  ? import_iovec+0x73/0xa0
[  223.257901][ T9002]  ___sys_recvmsg+0x216/0x590
[  223.262581][ T9002]  ? __sys_recvmsg+0x2a0/0x2a0
[  223.267345][ T9002]  ? ksys_write+0x1c4/0x260
[  223.271859][ T9002]  ? __fget_files+0x43d/0x4b0
[  223.276558][ T9002]  __x64_sys_recvmsg+0x20c/0x2e0
[  223.281489][ T9002]  ? perf_trace_preemptirq_template+0x269/0x330
[  223.287731][ T9002]  ? ___sys_recvmsg+0x590/0x590
[  223.292593][ T9002]  ? lockdep_hardirqs_on+0x98/0x150
[  223.297795][ T9002]  do_syscall_64+0x55/0xa0
[  223.302210][ T9002]  ? clear_bhb_loop+0x40/0x90
[  223.306899][ T9002]  ? clear_bhb_loop+0x40/0x90
[  223.311578][ T9002]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.317646][ T9002] RIP: 0033:0x7fef2599acb9
[  223.322058][ T9002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  223.341925][ T9002] RSP: 002b:00007fef26894028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  223.350341][ T9002] RAX: ffffffffffffffda RBX: 00007fef25c15fa0 RCX: 00007fef2599acb9
[  223.358312][ T9002] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000008
[  223.366281][ T9002] RBP: 00007fef26894090 R08: 0000000000000000 R09: 0000000000000000
[  223.374263][ T9002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  223.382260][ T9002] R13: 00007fef25c16038 R14: 00007fef25c15fa0 R15: 00007fffe9210368
[  223.390256][ T9002]  </TASK>
[  224.044994][ T9035] netlink: 'syz.3.1139': attribute type 10 has an invalid length.
[  224.241827][ T9039] netlink: 'syz.1.1141': attribute type 10 has an invalid length.
[  224.286990][ T9039] team0: entered promiscuous mode
[  224.296709][ T9039] team_slave_0: entered promiscuous mode
[  224.320507][ T9039] team_slave_1: entered promiscuous mode
[  224.339392][ T9039] mac80211_hwsim hwsim6 O3ãc¤±: entered promiscuous mode
[  224.367160][ T9039] team0: entered allmulticast mode
[  224.393069][ T9039] team_slave_0: entered allmulticast mode
[  224.411718][ T9039] team_slave_1: entered allmulticast mode
[  224.432081][ T9039] mac80211_hwsim hwsim6 O3ãc¤±: entered allmulticast mode
[  224.460348][ T9039] bridge0: port 3(team0) entered blocking state
[  224.477829][ T9039] bridge0: port 3(team0) entered disabled state
[  224.497078][ T9039] bridge0: port 3(team0) entered blocking state
[  224.503478][ T9039] bridge0: port 3(team0) entered forwarding state
[  225.116633][ T9069] netlink: 'syz.2.1152': attribute type 10 has an invalid length.
[  225.261470][ T9077] __nla_validate_parse: 18 callbacks suppressed
[  225.261485][ T9077] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1154'.
[  225.329022][ T9077] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1154'.
[  225.371548][ T9079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1154'.
[  225.425285][ T9077] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1154'.
[  225.588472][ T9086] netlink: 'syz.0.1158': attribute type 10 has an invalid length.
[  225.597099][ T9086] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1158'.
[  225.762456][ T9093] FAULT_INJECTION: forcing a failure.
[  225.762456][ T9093] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  225.783762][ T9093] CPU: 1 PID: 9093 Comm: syz.0.1161 Not tainted syzkaller #0
[  225.791187][ T9093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  225.801265][ T9093] Call Trace:
[  225.804560][ T9093]  <TASK>
[  225.807518][ T9093]  dump_stack_lvl+0x18c/0x250
[  225.812227][ T9093]  ? show_regs_print_info+0x20/0x20
[  225.817516][ T9093]  ? load_image+0x400/0x400
[  225.822016][ T9093]  ? __lock_acquire+0x7d40/0x7d40
[  225.827057][ T9093]  ? mark_lock+0x94/0x320
[  225.831421][ T9093]  should_fail_ex+0x39d/0x4d0
[  225.836140][ T9093]  prepare_alloc_pages+0x1e2/0x5f0
[  225.841291][ T9093]  __alloc_pages+0x134/0x460
[  225.845912][ T9093]  ? zone_statistics+0x170/0x170
[  225.850880][ T9093]  ? do_wp_page+0x7ca/0x35f0
[  225.855498][ T9093]  ? do_wp_page+0xfc5/0x35f0
[  225.860110][ T9093]  __folio_alloc+0x10/0x20
[  225.860510][ T9098] netlink: 'syz.3.1163': attribute type 10 has an invalid length.
[  225.864528][ T9093]  vma_alloc_folio+0x47a/0x8f0
[  225.877193][ T9093]  do_wp_page+0x1243/0x35f0
[  225.881749][ T9093]  ? folio_put+0xd0/0xd0
[  225.886012][ T9093]  ? do_raw_spin_lock+0x11f/0x2c0
[  225.891034][ T9093]  ? __rwlock_init+0x150/0x150
[  225.895806][ T9093]  handle_mm_fault+0x135d/0x4c00
[  225.900775][ T9093]  ? handle_mm_fault+0xe7/0x4c00
[  225.905722][ T9093]  ? numa_migrate_prep+0x350/0x350
[  225.911007][ T9093]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  225.916289][ T9093]  do_user_addr_fault+0x730/0x12c0
[  225.921413][ T9093]  exc_page_fault+0x64/0x100
[  225.926018][ T9093]  asm_exc_page_fault+0x26/0x30
[  225.930889][ T9093] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  225.936798][ T9093] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[  225.956429][ T9093] RSP: 0018:ffffc90019707a70 EFLAGS: 00050206
[  225.962495][ T9093] RAX: ffffffff84294f01 RBX: 0000000000000240 RCX: 0000000000000180
[  225.970460][ T9093] RDX: 0000000000000000 RSI: ffff88802189a0c0 RDI: 0000200000002000
[  225.978423][ T9093] RBP: ffffc90019707ba8 R08: ffff88802189a23f R09: 1ffff11004313447
[  225.986389][ T9093] R10: dffffc0000000000 R11: ffffed1004313448 R12: 0000200000002180
[  225.994363][ T9093] R13: 0000000000000001 R14: 0000200000001f40 R15: ffff88802189a000
[  226.002378][ T9093]  ? _copy_from_user+0x91/0xe0
[  226.007179][ T9093]  _copy_to_user+0x85/0xa0
[  226.011635][ T9093]  bpf_test_finish+0x3f5/0x650
[  226.016402][ T9093]  ? convert_skb_to___skb+0x420/0x420
[  226.021776][ T9093]  ? rcuref_put_slowpath+0xe1/0x150
[  226.026971][ T9093]  ? rep_movs_alternative+0x4a/0x90
[  226.032168][ T9093]  bpf_prog_test_run_xdp+0x8a9/0x10e0
[  226.037543][ T9093]  ? dev_put+0x80/0x80
[  226.041791][ T9093]  ? dev_put+0x80/0x80
[  226.045850][ T9093]  bpf_prog_test_run+0x321/0x390
[  226.050785][ T9093]  __sys_bpf+0x49d/0x890
[  226.055023][ T9093]  ? bpf_link_show_fdinfo+0x390/0x390
[  226.060403][ T9093]  ? lock_chain_count+0x20/0x20
[  226.065254][ T9093]  __x64_sys_bpf+0x7c/0x90
[  226.069669][ T9093]  do_syscall_64+0x55/0xa0
[  226.074090][ T9093]  ? clear_bhb_loop+0x40/0x90
[  226.078757][ T9093]  ? clear_bhb_loop+0x40/0x90
[  226.083434][ T9093]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  226.089317][ T9093] RIP: 0033:0x7f2bf739acb9
[  226.093811][ T9093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.113425][ T9093] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  226.121835][ T9093] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  226.129800][ T9093] RDX: 0000000000000024 RSI: 0000200000000200 RDI: 000000000000000a
[  226.137767][ T9093] RBP: 00007f2bf833f090 R08: 0000000000000000 R09: 0000000000000000
[  226.145727][ T9093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  226.153689][ T9093] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  226.161696][ T9093]  </TASK>
[  226.481751][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1168'.
[  226.491884][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1168'.
[  226.518694][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1168'.
[  226.538025][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1168'.
[  226.815794][ T9128] netlink: 'syz.1.1175': attribute type 10 has an invalid length.
[  226.867568][ T9128] team0: Device veth1_macvtap failed to register rx_handler
[  227.188692][ T9147] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1182'.
[  227.911407][ T9173] netlink: 'syz.2.1191': attribute type 10 has an invalid length.
[  228.347967][ T9183] netlink: 'syz.0.1196': attribute type 10 has an invalid length.
[  228.359792][ T9183] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  228.367699][ T9183] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  228.382658][ T9183] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  228.653570][ T9193] netlink: 'syz.3.1200': attribute type 10 has an invalid length.
[  228.886338][ T9199] netlink: 'syz.3.1204': attribute type 10 has an invalid length.
[  228.907999][ T9199] batman_adv: batadv0: Adding interface: hsr_slave_1
[  228.926078][ T9199] batman_adv: batadv0: The MTU of interface hsr_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.963285][ T9199] batman_adv: batadv0: Interface activated: hsr_slave_1
[  229.335994][ T9217] FAULT_INJECTION: forcing a failure.
[  229.335994][ T9217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.353691][ T9217] CPU: 1 PID: 9217 Comm: syz.2.1209 Not tainted syzkaller #0
[  229.361093][ T9217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  229.371154][ T9217] Call Trace:
[  229.374446][ T9217]  <TASK>
[  229.377390][ T9217]  dump_stack_lvl+0x18c/0x250
[  229.382092][ T9217]  ? show_regs_print_info+0x20/0x20
[  229.387308][ T9217]  ? load_image+0x400/0x400
[  229.391838][ T9217]  ? __might_fault+0xaa/0x120
[  229.396526][ T9217]  ? __lock_acquire+0x7d40/0x7d40
[  229.401569][ T9217]  should_fail_ex+0x39d/0x4d0
[  229.406273][ T9217]  _copy_from_user+0x2f/0xe0
[  229.410886][ T9217]  bpf_prog_test_run_skb+0x266/0x12b0
[  229.416267][ T9217]  ? __fget_files+0x28/0x4b0
[  229.420868][ T9217]  ? __fget_files+0x28/0x4b0
[  229.425470][ T9217]  ? __fget_files+0x43d/0x4b0
[  229.430171][ T9217]  ? cpu_online+0x60/0x60
[  229.434517][ T9217]  bpf_prog_test_run+0x321/0x390
[  229.439470][ T9217]  __sys_bpf+0x49d/0x890
[  229.443727][ T9217]  ? bpf_link_show_fdinfo+0x390/0x390
[  229.449136][ T9217]  __x64_sys_bpf+0x7c/0x90
[  229.453592][ T9217]  do_syscall_64+0x55/0xa0
[  229.458032][ T9217]  ? clear_bhb_loop+0x40/0x90
[  229.462726][ T9217]  ? clear_bhb_loop+0x40/0x90
[  229.467422][ T9217]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  229.473329][ T9217] RIP: 0033:0x7effb8f9acb9
[  229.477758][ T9217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  229.497567][ T9217] RSP: 002b:00007effb9ecd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  229.505997][ T9217] RAX: ffffffffffffffda RBX: 00007effb9216090 RCX: 00007effb8f9acb9
[  229.513987][ T9217] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  229.521963][ T9217] RBP: 00007effb9ecd090 R08: 0000000000000000 R09: 0000000000000000
[  229.529940][ T9217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.537915][ T9217] R13: 00007effb9216128 R14: 00007effb9216090 R15: 00007ffca1e1c818
[  229.545911][ T9217]  </TASK>
[  230.248369][ T9215] wg2: entered allmulticast mode
[  230.263070][ T9218] wg2: entered promiscuous mode
[  230.573562][ T9230] netlink: 'syz.3.1214': attribute type 10 has an invalid length.
[  232.930848][ T9242] __nla_validate_parse: 14 callbacks suppressed
[  232.930866][ T9242] netlink: 14546 bytes leftover after parsing attributes in process `syz.0.1217'.
[  232.953837][ T9243] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1216'.
[  232.973939][ T9243] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1216'.
[  233.000469][ T9243] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1216'.
[  233.031205][ T9243] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1216'.
[  233.134966][ T9249] FAULT_INJECTION: forcing a failure.
[  233.134966][ T9249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.178975][ T9249] CPU: 1 PID: 9249 Comm: syz.3.1220 Not tainted syzkaller #0
[  233.186407][ T9249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  233.196474][ T9249] Call Trace:
[  233.199758][ T9249]  <TASK>
[  233.202683][ T9249]  dump_stack_lvl+0x18c/0x250
[  233.207365][ T9249]  ? show_regs_print_info+0x20/0x20
[  233.212557][ T9249]  ? load_image+0x400/0x400
[  233.217052][ T9249]  ? __might_fault+0xaa/0x120
[  233.221718][ T9249]  ? __lock_acquire+0x7d40/0x7d40
[  233.226744][ T9249]  should_fail_ex+0x39d/0x4d0
[  233.231506][ T9249]  _copy_from_user+0x2f/0xe0
[  233.236088][ T9249]  __sys_bpf+0x23e/0x890
[  233.240330][ T9249]  ? bpf_link_show_fdinfo+0x390/0x390
[  233.245702][ T9249]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  233.251860][ T9249]  __x64_sys_bpf+0x7c/0x90
[  233.256266][ T9249]  do_syscall_64+0x55/0xa0
[  233.260672][ T9249]  ? clear_bhb_loop+0x40/0x90
[  233.265337][ T9249]  ? clear_bhb_loop+0x40/0x90
[  233.270001][ T9249]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  233.275881][ T9249] RIP: 0033:0x7f5cb4b9acb9
[  233.280291][ T9249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  233.299906][ T9249] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  233.308354][ T9249] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  233.316321][ T9249] RDX: 0000000000000028 RSI: 00002000000001c0 RDI: 0000000000000012
[  233.324285][ T9249] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  233.332245][ T9249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.340204][ T9249] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  233.348181][ T9249]  </TASK>
[  233.678226][ T9266] netlink: 'syz.0.1227': attribute type 10 has an invalid length.
[  233.732156][ T9269] netlink: 'syz.2.1226': attribute type 6 has an invalid length.
[  233.748382][ T9269] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1226'.
[  233.835864][ T9275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1229'.
[  233.852524][ T9275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1229'.
[  233.871180][ T9275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1229'.
[  233.881863][ T9275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1229'.
[  234.563838][ T9298] netlink: 'syz.3.1239': attribute type 10 has an invalid length.
[  235.130762][ T9325] netlink: 'syz.3.1251': attribute type 10 has an invalid length.
[  235.370024][ T9334] netlink: 'syz.3.1256': attribute type 9 has an invalid length.
[  235.377662][ T9335] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  235.391416][ T9335] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  235.423549][ T9335] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  235.476036][ T9335] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  236.010198][ T9357] validate_nla: 1 callbacks suppressed
[  236.010214][ T9357] netlink: 'syz.0.1264': attribute type 10 has an invalid length.
[  236.411031][ T9373] cgroup: fork rejected by pids controller in /syz1
[  236.429575][ T9377] FAULT_INJECTION: forcing a failure.
[  236.429575][ T9377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.456172][ T9377] CPU: 1 PID: 9377 Comm: syz.3.1273 Not tainted syzkaller #0
[  236.463612][ T9377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  236.473784][ T9377] Call Trace:
[  236.477067][ T9377]  <TASK>
[  236.479987][ T9377]  dump_stack_lvl+0x18c/0x250
[  236.484674][ T9377]  ? show_regs_print_info+0x20/0x20
[  236.489868][ T9377]  ? load_image+0x400/0x400
[  236.494363][ T9377]  ? __lock_acquire+0x7d40/0x7d40
[  236.499391][ T9377]  ? snprintf+0xe9/0x140
[  236.503631][ T9377]  should_fail_ex+0x39d/0x4d0
[  236.508306][ T9377]  _copy_to_user+0x2f/0xa0
[  236.512710][ T9377]  simple_read_from_buffer+0xe7/0x150
[  236.518084][ T9377]  proc_fail_nth_read+0x1e8/0x260
[  236.523103][ T9377]  ? proc_fault_inject_write+0x360/0x360
[  236.528749][ T9377]  ? fsnotify_perm+0x271/0x5e0
[  236.533508][ T9377]  ? proc_fault_inject_write+0x360/0x360
[  236.539141][ T9377]  vfs_read+0x28b/0x970
[  236.543294][ T9377]  ? kernel_read+0x1e0/0x1e0
[  236.547878][ T9377]  ? __fget_files+0x28/0x4b0
[  236.552459][ T9377]  ? __fget_files+0x28/0x4b0
[  236.557044][ T9377]  ? __fget_files+0x43d/0x4b0
[  236.561722][ T9377]  ? __fdget_pos+0x2a3/0x330
[  236.566309][ T9377]  ? ksys_read+0x75/0x260
[  236.570633][ T9377]  ksys_read+0x150/0x260
[  236.574872][ T9377]  ? vfs_write+0x990/0x990
[  236.579281][ T9377]  ? lockdep_hardirqs_on+0x98/0x150
[  236.584471][ T9377]  do_syscall_64+0x55/0xa0
[  236.588876][ T9377]  ? clear_bhb_loop+0x40/0x90
[  236.593538][ T9377]  ? clear_bhb_loop+0x40/0x90
[  236.598233][ T9377]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  236.604213][ T9377] RIP: 0033:0x7f5cb4b5b58e
[  236.608620][ T9377] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  236.628303][ T9377] RSP: 002b:00007f5cb5aeefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  236.636712][ T9377] RAX: ffffffffffffffda RBX: 00007f5cb5aef6c0 RCX: 00007f5cb4b5b58e
[  236.644685][ T9377] RDX: 000000000000000f RSI: 00007f5cb5aef0a0 RDI: 0000000000000004
[  236.652734][ T9377] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  236.660697][ T9377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.668747][ T9377] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  236.676734][ T9377]  </TASK>
[  239.024053][ T9387] netlink: 'syz.3.1278': attribute type 10 has an invalid length.
[  239.455279][ T9400] __nla_validate_parse: 18 callbacks suppressed
[  239.455298][ T9400] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1284'.
[  239.482253][ T9400] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1284'.
[  239.501589][ T9400] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1284'.
[  239.542054][ T9400] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1284'.
[  239.645052][ T5773] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  239.655500][ T5773] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  239.664300][ T5773] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  239.678334][ T5773] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  239.688661][ T5773] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  239.698979][ T5773] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  240.185979][ T9404] chnl_net:caif_netlink_parms(): no params data found
[  240.333109][ T9404] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.350662][ T9404] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.358495][ T9404] bridge_slave_0: entered allmulticast mode
[  240.365993][ T9404] bridge_slave_0: entered promiscuous mode
[  240.384764][ T9404] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.392050][ T9404] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.414009][ T9404] bridge_slave_1: entered allmulticast mode
[  240.421721][ T9404] bridge_slave_1: entered promiscuous mode
[  240.442325][ T9432] netlink: 'syz.3.1294': attribute type 10 has an invalid length.
[  240.477485][ T9404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.495854][ T9404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.571894][ T9404] team0: Port device team_slave_0 added
[  240.599649][ T9404] team0: Port device team_slave_1 added
[  240.644867][ T9437] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1296'.
[  240.661418][ T9404] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.684282][ T9404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.710848][ T9404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.735255][ T9404] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.746630][ T9404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.782088][ T9404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  240.796957][ T9437] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1296'.
[  240.821028][ T9440] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1296'.
[  240.840354][ T9443] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1296'.
[  240.911121][ T9404] hsr_slave_0: entered promiscuous mode
[  240.921214][ T9404] hsr_slave_1: entered promiscuous mode
[  240.936548][ T9404] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  240.946227][ T9404] Cannot create hsr debugfs directory
[  241.047638][ T9452] netlink: 'syz.0.1299': attribute type 12 has an invalid length.
[  241.055804][ T9452] netlink: 14585 bytes leftover after parsing attributes in process `syz.0.1299'.
[  241.274318][ T9404] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.429280][ T9404] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.536048][ T9404] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.628703][ T9404] netdevsim netdevsim1 ªªªªªª (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.654266][ T9467] netlink: 'syz.3.1305': attribute type 10 has an invalid length.
[  241.734924][ T5773] Bluetooth: hci1: command tx timeout
[  241.799490][ T9474] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1308'.
[  241.976857][ T9404] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  242.048258][ T9404] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  242.084634][ T9404] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  242.111037][ T9404] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  242.175550][ T9487] FAULT_INJECTION: forcing a failure.
[  242.175550][ T9487] name failslab, interval 1, probability 0, space 0, times 0
[  242.219933][ T9487] CPU: 1 PID: 9487 Comm: syz.0.1313 Not tainted syzkaller #0
[  242.227418][ T9487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  242.237510][ T9487] Call Trace:
[  242.240809][ T9487]  <TASK>
[  242.243755][ T9487]  dump_stack_lvl+0x18c/0x250
[  242.248464][ T9487]  ? show_regs_print_info+0x20/0x20
[  242.253693][ T9487]  ? load_image+0x400/0x400
[  242.258225][ T9487]  ? __might_sleep+0xe0/0xe0
[  242.262837][ T9487]  ? __lock_acquire+0x7d40/0x7d40
[  242.267891][ T9487]  should_fail_ex+0x39d/0x4d0
[  242.272601][ T9487]  should_failslab+0x9/0x20
[  242.277132][ T9487]  slab_pre_alloc_hook+0x59/0x310
[  242.282183][ T9487]  ? apparmor_sk_alloc_security+0x77/0x100
[  242.288106][ T9487]  __kmem_cache_alloc_node+0x53/0x250
[  242.293522][ T9487]  ? apparmor_sk_alloc_security+0x77/0x100
[  242.299383][ T9487]  kmalloc_trace+0x2a/0xe0
[  242.303846][ T9487]  apparmor_sk_alloc_security+0x77/0x100
[  242.309498][ T9487]  security_sk_alloc+0x6e/0xa0
[  242.314272][ T9487]  sk_prot_alloc+0x101/0x210
[  242.318857][ T9487]  ? sk_alloc+0x24/0x360
[  242.323093][ T9487]  sk_alloc+0x3a/0x360
[  242.327160][ T9487]  ? bpf_ctx_init+0x163/0x1a0
[  242.331850][ T9487]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  242.337421][ T9487]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  242.342827][ T9487]  ? __fget_files+0x28/0x4b0
[  242.347433][ T9487]  ? __fget_files+0x28/0x4b0
[  242.352040][ T9487]  ? __fget_files+0x43d/0x4b0
[  242.356736][ T9487]  ? cpu_online+0x60/0x60
[  242.361067][ T9487]  bpf_prog_test_run+0x321/0x390
[  242.366000][ T9487]  __sys_bpf+0x49d/0x890
[  242.370233][ T9487]  ? bpf_link_show_fdinfo+0x390/0x390
[  242.375606][ T9487]  ? lock_chain_count+0x20/0x20
[  242.380453][ T9487]  __x64_sys_bpf+0x7c/0x90
[  242.384859][ T9487]  do_syscall_64+0x55/0xa0
[  242.389267][ T9487]  ? clear_bhb_loop+0x40/0x90
[  242.393934][ T9487]  ? clear_bhb_loop+0x40/0x90
[  242.398776][ T9487]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  242.404661][ T9487] RIP: 0033:0x7f2bf739acb9
[  242.409064][ T9487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  242.428679][ T9487] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  242.437089][ T9487] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  242.445150][ T9487] RDX: 0000000000000050 RSI: 0000200000002300 RDI: 000000000000000a
[  242.453119][ T9487] RBP: 00007f2bf833f090 R08: 0000000000000000 R09: 0000000000000000
[  242.461083][ T9487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.469065][ T9487] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  242.477043][ T9487]  </TASK>
[  242.698158][ T9404] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.779998][ T9404] 8021q: adding VLAN 0 to HW filter on device team0
[  242.843643][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.850849][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.880308][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.887655][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.976415][ T9510] netlink: 'syz.2.1318': attribute type 9 has an invalid length.
[  243.092700][ T9514] netlink: 'syz.3.1319': attribute type 10 has an invalid length.
[  243.354810][ T9524] netlink: 'syz.2.1324': attribute type 39 has an invalid length.
[  243.391642][ T9404] 8021q: adding VLAN 0 to HW filter on device batadv0
[  243.587129][ T9404] veth0_vlan: entered promiscuous mode
[  243.611253][ T9404] veth1_vlan: entered promiscuous mode
[  243.679381][ T9404] veth0_macvtap: entered promiscuous mode
[  243.691897][ T9404] veth1_macvtap: entered promiscuous mode
[  243.720956][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.736767][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.747060][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.757947][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.771587][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.788520][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.801732][ T9404] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.814012][ T5773] Bluetooth: hci1: command tx timeout
[  243.853931][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.866189][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.877066][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.887871][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.898129][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.909061][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.919337][ T9404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.930145][ T9404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.942558][ T9404] batman_adv: batadv0: Interface activated: batadv_slave_1
[  243.968656][ T9404] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  243.989693][ T9404] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  244.000855][ T9404] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  244.016480][ T9404] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  244.611493][ T2982] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.651820][ T2982] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  244.721998][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.745653][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  244.773358][ T9547] netlink: 'syz.3.1329': attribute type 12 has an invalid length.
[  244.792073][ T9547] __nla_validate_parse: 10 callbacks suppressed
[  244.792088][ T9547] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1329'.
[  244.824060][ T9548] netlink: 'syz.2.1330': attribute type 10 has an invalid length.
[  245.122183][ T9558] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1333'.
[  245.139249][ T9558] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1333'.
[  245.153130][ T9558] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1333'.
[  245.196837][ T9558] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1333'.
[  245.461744][ T9561] netlink: 'syz.3.1336': attribute type 9 has an invalid length.
[  245.475902][ T9561] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.1336'.
[  245.554229][ T9566] netlink: 'syz.0.1337': attribute type 9 has an invalid length.
[  245.609644][ T9561] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1336'.
[  245.895832][ T5773] Bluetooth: hci1: command tx timeout
[  245.953188][ T9578] netlink: 'syz.3.1342': attribute type 10 has an invalid length.
[  246.127878][ T9585] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1345'.
[  246.166924][ T9585] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1345'.
[  246.192716][ T9585] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1345'.
[  246.653936][ T9605] netlink: 'syz.2.1354': attribute type 10 has an invalid length.
[  246.804022][ T9612] netlink: 'syz.0.1356': attribute type 10 has an invalid length.
[  246.842884][ T9612] batman_adv: batadv0: Adding interface: hsr_slave_1
[  246.851946][ T9612] batman_adv: batadv0: The MTU of interface hsr_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.889557][ T9612] batman_adv: batadv0: Interface activated: hsr_slave_1
[  247.389786][ T9635] FAULT_INJECTION: forcing a failure.
[  247.389786][ T9635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.422401][ T9637] netlink: 'syz.3.1367': attribute type 10 has an invalid length.
[  247.430893][ T9635] CPU: 0 PID: 9635 Comm: syz.2.1366 Not tainted syzkaller #0
[  247.438394][ T9635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  247.448586][ T9635] Call Trace:
[  247.451970][ T9635]  <TASK>
[  247.455098][ T9635]  dump_stack_lvl+0x18c/0x250
[  247.459926][ T9635]  ? show_regs_print_info+0x20/0x20
[  247.465264][ T9635]  ? load_image+0x400/0x400
[  247.469921][ T9635]  ? __might_fault+0xaa/0x120
[  247.474813][ T9635]  ? __lock_acquire+0x7d40/0x7d40
[  247.480006][ T9635]  should_fail_ex+0x39d/0x4d0
[  247.484857][ T9635]  _copy_from_user+0x2f/0xe0
[  247.489568][ T9635]  kstrtouint_from_user+0xde/0x170
[  247.494832][ T9635]  ? kstrtol_from_user+0x190/0x190
[  247.500207][ T9635]  proc_fail_nth_write+0x8f/0x250
[  247.505453][ T9635]  ? proc_fail_nth_read+0x260/0x260
[  247.510858][ T9635]  ? proc_fail_nth_read+0x260/0x260
[  247.516211][ T9635]  vfs_write+0x296/0x990
[  247.520630][ T9635]  ? file_end_write+0x250/0x250
[  247.525613][ T9635]  ? __fget_files+0x28/0x4b0
[  247.530318][ T9635]  ? __fget_files+0x28/0x4b0
[  247.535032][ T9635]  ? __fget_files+0x43d/0x4b0
[  247.539861][ T9635]  ? __fdget_pos+0x2a3/0x330
[  247.544529][ T9635]  ? ksys_write+0x75/0x260
[  247.549086][ T9635]  ksys_write+0x150/0x260
[  247.553510][ T9635]  ? __ia32_sys_read+0x90/0x90
[  247.558381][ T9635]  ? lockdep_hardirqs_on+0x98/0x150
[  247.563682][ T9635]  do_syscall_64+0x55/0xa0
[  247.568154][ T9635]  ? clear_bhb_loop+0x40/0x90
[  247.572915][ T9635]  ? clear_bhb_loop+0x40/0x90
[  247.577694][ T9635]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  247.583667][ T9635] RIP: 0033:0x7effb8f5b58e
[  247.588164][ T9635] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  247.608269][ T9635] RSP: 002b:00007effb9eedfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  247.616752][ T9635] RAX: ffffffffffffffda RBX: 00007effb9eee6c0 RCX: 00007effb8f5b58e
[  247.624792][ T9635] RDX: 0000000000000001 RSI: 00007effb9eee0a0 RDI: 0000000000000006
[  247.632808][ T9635] RBP: 00007effb9eee090 R08: 0000000000000000 R09: 0000000000000000
[  247.640852][ T9635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.648891][ T9635] R13: 00007effb9216038 R14: 00007effb9215fa0 R15: 00007ffca1e1c818
[  247.657106][ T9635]  </TASK>
[  247.984034][ T5773] Bluetooth: hci1: command tx timeout
[  248.737741][ T9678] netlink: 'syz.2.1380': attribute type 10 has an invalid length.
[  249.512924][ T9687] netlink: 'syz.2.1384': attribute type 27 has an invalid length.
[  249.533646][ T9687] netlink: 'syz.2.1384': attribute type 4 has an invalid length.
[  249.968123][ T9699] __nla_validate_parse: 16 callbacks suppressed
[  249.968141][ T9699] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1389'.
[  250.040762][ T9699] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1389'.
[  250.060772][ T9701] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1389'.
[  250.080255][ T9699] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1389'.
[  250.334674][ T9710] netlink: 'syz.3.1393': attribute type 10 has an invalid length.
[  250.363702][ T9711] netlink: 'syz.0.1391': attribute type 21 has an invalid length.
[  250.371764][ T9711] netlink: 'syz.0.1391': attribute type 1 has an invalid length.
[  250.803725][ T9721] netlink: 'syz.3.1396': attribute type 29 has an invalid length.
[  251.261124][ T9731] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1398'.
[  251.372817][ T9731] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1398'.
[  251.480425][ T9734] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1398'.
[  251.565039][ T9737] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1398'.
[  251.851177][ T9747] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  251.946363][ T9749] validate_nla: 2 callbacks suppressed
[  251.946380][ T9749] netlink: 'syz.3.1405': attribute type 10 has an invalid length.
[  252.638547][ T9764] netlink: 'syz.2.1411': attribute type 21 has an invalid length.
[  252.654784][ T9764] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1411'.
[  252.668583][ T9764] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  252.675900][ T9764] IPv6: NLM_F_CREATE should be set when creating new route
[  252.683158][ T9764] IPv6: NLM_F_CREATE should be set when creating new route
[  252.690443][ T9764] IPv6: NLM_F_CREATE should be set when creating new route
[  252.849797][ T9771] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1414'.
[  252.973860][ T9773] netlink: 'syz.2.1416': attribute type 10 has an invalid length.
[  253.130070][ T9775] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  253.180325][ T9775] CPU: 0 PID: 9775 Comm: syz.3.1417 Not tainted syzkaller #0
[  253.187781][ T9775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  253.196163][ T9779] FAULT_INJECTION: forcing a failure.
[  253.196163][ T9779] name failslab, interval 1, probability 0, space 0, times 0
[  253.197938][ T9775] Call Trace:
[  253.213915][ T9775]  <TASK>
[  253.216880][ T9775]  dump_stack_lvl+0x18c/0x250
[  253.221615][ T9775]  ? show_regs_print_info+0x20/0x20
[  253.226872][ T9775]  ? load_image+0x400/0x400
[  253.231445][ T9775]  sysfs_warn_dup+0x8e/0xa0
[  253.235978][ T9775]  sysfs_do_create_link_sd+0xc0/0x110
[  253.241367][ T9775]  device_add_class_symlinks+0x1cf/0x240
[  253.247024][ T9775]  device_add+0x507/0xc20
[  253.251370][ T9775]  wiphy_register+0x1dad/0x2ae0
[  253.256386][ T9775]  ? cfg80211_event_work+0x40/0x40
[  253.261529][ T9775]  ? minstrel_ht_alloc+0x88a/0x990
[  253.266667][ T9775]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  253.272746][ T9775]  ieee80211_register_hw+0x3464/0x4250
[  253.278252][ T9775]  ? ieee80211_tasklet_handler+0x20/0x20
[  253.284001][ T9775]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  253.289918][ T9775]  ? __debug_object_init+0xec/0x450
[  253.295139][ T9775]  ? __asan_memset+0x22/0x40
[  253.299738][ T9775]  ? __hrtimer_init+0x186/0x270
[  253.304597][ T9775]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  253.310353][ T9775]  ? mac80211_hwsim_free+0x220/0x220
[  253.315639][ T9775]  ? rcu_is_watching+0x15/0xb0
[  253.320410][ T9775]  ? kstrndup+0xbd/0x140
[  253.324668][ T9775]  hwsim_new_radio_nl+0xdc9/0x1a90
[  253.329794][ T9775]  ? __nla_validate+0x50/0x50
[  253.334494][ T9775]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  253.340844][ T9775]  ? __nla_parse+0x40/0x50
[  253.345271][ T9775]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  253.351615][ T9775]  genl_family_rcv_msg_doit+0x211/0x310
[  253.357181][ T9775]  ? end_current_label_crit_section+0x170/0x170
[  253.363426][ T9775]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  253.369336][ T9775]  ? bpf_lsm_capable+0x9/0x10
[  253.374015][ T9775]  ? security_capable+0x89/0xb0
[  253.378878][ T9775]  genl_rcv_msg+0x619/0x7a0
[  253.383399][ T9775]  ? genl_bind+0x360/0x360
[  253.387818][ T9775]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  253.394151][ T9775]  ? perf_trace_lock+0x304/0x3b0
[  253.399110][ T9775]  netlink_rcv_skb+0x241/0x4d0
[  253.403877][ T9775]  ? genl_bind+0x360/0x360
[  253.408301][ T9775]  ? netlink_ack+0x1180/0x1180
[  253.413084][ T9775]  ? __lock_acquire+0x7d40/0x7d40
[  253.418207][ T9775]  ? net_generic+0x1e/0x240
[  253.422735][ T9775]  ? down_read+0x1ac/0x2e0
[  253.427159][ T9775]  genl_rcv+0x28/0x40
[  253.431145][ T9775]  netlink_unicast+0x751/0x8d0
[  253.435928][ T9775]  netlink_sendmsg+0x8d0/0xbf0
[  253.440783][ T9775]  ? perf_trace_lock+0x304/0x3b0
[  253.445733][ T9775]  ? netlink_getsockopt+0x590/0x590
[  253.450960][ T9775]  ? aa_sock_msg_perm+0x94/0x150
[  253.455927][ T9775]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  253.461342][ T9775]  ? security_socket_sendmsg+0x80/0xa0
[  253.466812][ T9775]  ? netlink_getsockopt+0x590/0x590
[  253.472059][ T9775]  ____sys_sendmsg+0x5ba/0x960
[  253.476842][ T9775]  ? __asan_memset+0x22/0x40
[  253.481439][ T9775]  ? __sys_sendmsg_sock+0x30/0x30
[  253.486467][ T9775]  ? __import_iovec+0x5f2/0x850
[  253.491423][ T9775]  ? import_iovec+0x73/0xa0
[  253.495951][ T9775]  ___sys_sendmsg+0x2a6/0x360
[  253.500677][ T9775]  ? __sys_sendmsg+0x2a0/0x2a0
[  253.505518][ T9775]  __se_sys_sendmsg+0x1c2/0x2b0
[  253.510379][ T9775]  ? __x64_sys_sendmsg+0x80/0x80
[  253.515349][ T9775]  ? lockdep_hardirqs_on+0x98/0x150
[  253.520548][ T9775]  do_syscall_64+0x55/0xa0
[  253.524965][ T9775]  ? clear_bhb_loop+0x40/0x90
[  253.529666][ T9775]  ? clear_bhb_loop+0x40/0x90
[  253.534345][ T9775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  253.540234][ T9775] RIP: 0033:0x7f5cb4b9acb9
[  253.544656][ T9775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.564441][ T9775] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.572869][ T9775] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  253.580871][ T9775] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  253.589039][ T9775] RBP: 00007f5cb4c08bf7 R08: 0000000000000000 R09: 0000000000000000
[  253.597023][ T9775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.605118][ T9775] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  253.613148][ T9775]  </TASK>
[  253.616777][ T9779] CPU: 1 PID: 9779 Comm: syz.0.1418 Not tainted syzkaller #0
[  253.624281][ T9779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  253.634381][ T9779] Call Trace:
[  253.637682][ T9779]  <TASK>
[  253.640631][ T9779]  dump_stack_lvl+0x18c/0x250
[  253.645381][ T9779]  ? show_regs_print_info+0x20/0x20
[  253.650608][ T9779]  ? load_image+0x400/0x400
[  253.655147][ T9779]  ? __asan_memset+0x22/0x40
[  253.659774][ T9779]  should_fail_ex+0x39d/0x4d0
[  253.664498][ T9779]  should_failslab+0x9/0x20
[  253.669021][ T9779]  slab_pre_alloc_hook+0x59/0x310
[  253.674080][ T9779]  ? __debug_object_init+0xec/0x450
[  253.679315][ T9779]  kmem_cache_alloc+0x5a/0x2d0
[  253.684107][ T9779]  ? slab_build_skb+0x2b/0x3f0
[  253.688916][ T9779]  slab_build_skb+0x2b/0x3f0
[  253.693548][ T9779]  bpf_prog_test_run_skb+0x3c8/0x12b0
[  253.698945][ T9779]  ? __fget_files+0x28/0x4b0
[  253.703555][ T9779]  ? __fget_files+0x28/0x4b0
[  253.708174][ T9779]  ? __fget_files+0x43d/0x4b0
[  253.712891][ T9779]  ? cpu_online+0x60/0x60
[  253.717240][ T9779]  bpf_prog_test_run+0x321/0x390
[  253.722205][ T9779]  __sys_bpf+0x49d/0x890
[  253.726476][ T9779]  ? bpf_link_show_fdinfo+0x390/0x390
[  253.731898][ T9779]  ? __sys_bpf+0xc/0x890
[  253.736160][ T9779]  __x64_sys_bpf+0x7c/0x90
[  253.740600][ T9779]  do_syscall_64+0x55/0xa0
[  253.745039][ T9779]  ? clear_bhb_loop+0x40/0x90
[  253.749735][ T9779]  ? clear_bhb_loop+0x40/0x90
[  253.754433][ T9779]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  253.760371][ T9779] RIP: 0033:0x7f2bf739acb9
[  253.764808][ T9779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.784443][ T9779] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  253.792900][ T9779] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  253.800916][ T9779] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  253.808909][ T9779] RBP: 00007f2bf833f090 R08: 0000000000000000 R09: 0000000000000000
[  253.816984][ T9779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.824972][ T9779] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  253.832985][ T9779]  </TASK>
[  253.852890][ T9775] netlink: 'syz.3.1417': attribute type 10 has an invalid length.
[  253.917815][ T9775] team0: Port device dummy0 added
[  253.928603][ T9780] netlink: 'syz.3.1417': attribute type 10 has an invalid length.
[  254.152925][ T9796] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  254.237337][ T9780] team0: Port device dummy0 removed
[  254.280843][ T9800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.296890][ T9780] dummy0: entered promiscuous mode
[  254.345599][ T9780] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  254.357465][ T9800] netlink: 'syz.0.1422': attribute type 29 has an invalid length.
[  254.427987][ T9800] netlink: 'syz.0.1422': attribute type 29 has an invalid length.
[  254.444859][ T9801] netlink: 'syz.0.1422': attribute type 29 has an invalid length.
[  254.909358][ T9814] netlink: 'syz.0.1428': attribute type 10 has an invalid length.
[  255.199657][ T9826] __nla_validate_parse: 13 callbacks suppressed
[  255.199674][ T9826] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1434'.
[  255.224587][ T9824] netlink: 'syz.0.1432': attribute type 3 has an invalid length.
[  255.234798][ T9824] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1432'.
[  255.249780][ T9826] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1434'.
[  255.270173][ T9824] netlink: 3752 bytes leftover after parsing attributes in process `syz.0.1432'.
[  255.281013][ T9828] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1434'.
[  255.315852][ T9826] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1434'.
[  255.529486][ T9837] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  255.987155][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  255.993573][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  256.269751][ T9856] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1444'.
[  256.299720][ T9856] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1444'.
[  256.325833][ T9856] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1444'.
[  256.356369][ T9856] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1444'.
[  257.711283][ T9879] validate_nla: 3 callbacks suppressed
[  257.711299][ T9879] netlink: 'syz.0.1452': attribute type 10 has an invalid length.
[  258.106617][ T9890] netlink: 'syz.0.1457': attribute type 10 has an invalid length.
[  258.296196][ T9895] netlink: 'syz.2.1458': attribute type 21 has an invalid length.
[  259.172745][ T9913] netlink: 'syz.0.1466': attribute type 10 has an invalid length.
[  259.846933][ T9933] netlink: 'syz.2.1472': attribute type 29 has an invalid length.
[  259.891232][ T9933] netlink: 'syz.2.1472': attribute type 29 has an invalid length.
[  259.961223][ T9934] netlink: 'syz.2.1472': attribute type 29 has an invalid length.
[  260.398438][ T9942] __nla_validate_parse: 14 callbacks suppressed
[  260.398455][ T9942] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1474'.
[  260.426342][ T9942] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1474'.
[  260.460448][ T9942] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1474'.
[  260.489735][ T9942] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1474'.
[  260.500861][ T9944] FAULT_INJECTION: forcing a failure.
[  260.500861][ T9944] name failslab, interval 1, probability 0, space 0, times 0
[  260.544694][ T9944] CPU: 0 PID: 9944 Comm: syz.3.1475 Not tainted syzkaller #0
[  260.552137][ T9944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  260.562241][ T9944] Call Trace:
[  260.565541][ T9944]  <TASK>
[  260.568491][ T9944]  dump_stack_lvl+0x18c/0x250
[  260.573214][ T9944]  ? sctp_sendmsg+0x1575/0x28c0
[  260.578103][ T9944]  ? ___sys_sendmsg+0x2a6/0x360
[  260.582997][ T9944]  ? show_regs_print_info+0x20/0x20
[  260.588228][ T9944]  ? load_image+0x400/0x400
[  260.592786][ T9944]  should_fail_ex+0x39d/0x4d0
[  260.597503][ T9944]  should_failslab+0x9/0x20
[  260.602037][ T9944]  slab_pre_alloc_hook+0x59/0x310
[  260.607188][ T9944]  ? sctp_add_bind_addr+0x8c/0x360
[  260.612327][ T9944]  __kmem_cache_alloc_node+0x53/0x250
[  260.617726][ T9944]  ? sctp_add_bind_addr+0x8c/0x360
[  260.622865][ T9944]  kmalloc_trace+0x2a/0xe0
[  260.627310][ T9944]  sctp_add_bind_addr+0x8c/0x360
[  260.632280][ T9944]  sctp_copy_local_addr_list+0x315/0x4f0
[  260.637934][ T9944]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  260.643737][ T9944]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  260.649990][ T9944]  ? sctp_v4_is_any+0x35/0x60
[  260.654661][ T9944]  ? sctp_copy_one_addr+0x8c/0x350
[  260.659790][ T9944]  sctp_bind_addr_copy+0xb3/0x3c0
[  260.664825][ T9944]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  260.671160][ T9944]  sctp_connect_new_asoc+0x2f9/0x6a0
[  260.676439][ T9944]  ? __sctp_connect+0xd80/0xd80
[  260.681279][ T9944]  ? __local_bh_enable_ip+0x13a/0x1c0
[  260.686646][ T9944]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  260.692182][ T9944]  ? security_sctp_bind_connect+0x89/0xb0
[  260.697905][ T9944]  sctp_sendmsg+0x1575/0x28c0
[  260.702581][ T9944]  ? sctp_getsockopt+0xb60/0xb60
[  260.707509][ T9944]  ? aa_sk_perm+0x83c/0x970
[  260.712021][ T9944]  ? aa_af_perm+0x330/0x330
[  260.716512][ T9944]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  260.722926][ T9944]  ? sock_rps_record_flow+0x19/0x3f0
[  260.728215][ T9944]  ? inet_sendmsg+0xe9/0x2f0
[  260.732813][ T9944]  ? inet_send_prepare+0x260/0x260
[  260.737941][ T9944]  ____sys_sendmsg+0x5ba/0x960
[  260.742741][ T9944]  ? __lock_acquire+0x7d40/0x7d40
[  260.747783][ T9944]  ? __asan_memset+0x22/0x40
[  260.752374][ T9944]  ? __sys_sendmsg_sock+0x30/0x30
[  260.757419][ T9944]  ? __import_iovec+0x5f2/0x850
[  260.762365][ T9944]  ? import_iovec+0x73/0xa0
[  260.766868][ T9944]  ___sys_sendmsg+0x2a6/0x360
[  260.771542][ T9944]  ? get_pid_task+0x20/0x1e0
[  260.776132][ T9944]  ? __sys_sendmsg+0x2a0/0x2a0
[  260.780911][ T9944]  ? __lock_acquire+0x7d40/0x7d40
[  260.785943][ T9944]  __se_sys_sendmsg+0x1c2/0x2b0
[  260.790802][ T9944]  ? __x64_sys_sendmsg+0x80/0x80
[  260.795840][ T9944]  ? lockdep_hardirqs_on+0x98/0x150
[  260.801032][ T9944]  do_syscall_64+0x55/0xa0
[  260.805441][ T9944]  ? clear_bhb_loop+0x40/0x90
[  260.810130][ T9944]  ? clear_bhb_loop+0x40/0x90
[  260.814812][ T9944]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  260.820705][ T9944] RIP: 0033:0x7f5cb4b9acb9
[  260.825114][ T9944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  260.844733][ T9944] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.853162][ T9944] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  260.861128][ T9944] RDX: 0000000000000c54 RSI: 0000200000000380 RDI: 0000000000000003
[  260.869096][ T9944] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  260.877062][ T9944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  260.885025][ T9944] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  260.893006][ T9944]  </TASK>
[  261.131074][ T9950] netlink: 'syz.2.1479': attribute type 10 has an invalid length.
[  261.174419][ T9952] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1478'.
[  262.906438][ T9640] syz.1.1365 (9640) used greatest stack depth: 17408 bytes left
[  262.935521][ T9971] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1485'.
[  262.958914][ T9971] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1485'.
[  262.978739][ T9971] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1485'.
[  263.008871][ T9971] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1485'.
[  263.391204][ T9980] netlink: 'syz.2.1489': attribute type 10 has an invalid length.
[  263.582876][ T9643] syz.1.1365 (9643) used greatest stack depth: 16872 bytes left
[  263.770411][ T9987] netlink: 'syz.2.1491': attribute type 29 has an invalid length.
[  263.849395][ T9987] netlink: 'syz.2.1491': attribute type 29 has an invalid length.
[  263.871081][ T9988] netlink: 'syz.2.1491': attribute type 29 has an invalid length.
[  264.015854][ T9990] netlink: 'syz.0.1492': attribute type 10 has an invalid length.
[  264.082679][ T9990] bridge0: port 3(team0) entered disabled state
[  264.101844][ T9990] team0: left allmulticast mode
[  264.117112][ T9990] team_slave_0: left allmulticast mode
[  264.153726][ T9990] team_slave_1: left allmulticast mode
[  264.159322][ T9990] team0: left promiscuous mode
[  264.191584][ T9990] team_slave_0: left promiscuous mode
[  264.199230][ T9990] team_slave_1: left promiscuous mode
[  264.214300][ T9990] bridge0: port 3(team0) entered disabled state
[  264.339992][ T9990] batman_adv: batadv0: Adding interface: team0
[  264.354549][ T9990] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.430759][ T9990] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  264.627223][T10001] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1496'.
[  264.909620][T10007] netlink: 'syz.1.1499': attribute type 10 has an invalid length.
[  264.990513][T10007] team0: Device veth1_macvtap failed to register rx_handler
[  265.808171][T10036] __nla_validate_parse: 3 callbacks suppressed
[  265.808187][T10036] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1507'.
[  265.878012][T10036] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1507'.
[  265.919132][T10039] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1507'.
[  265.965841][T10036] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1507'.
[  267.020824][T10097] netlink: 'syz.3.1512': attribute type 29 has an invalid length.
[  267.030814][T10097] netlink: 'syz.3.1512': attribute type 29 has an invalid length.
[  267.058624][T10097] netlink: 'syz.3.1512': attribute type 29 has an invalid length.
[  267.141277][T10101] netlink: 'syz.1.1514': attribute type 10 has an invalid length.
[  267.168215][T10105] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1516'.
[  267.169583][T10101] team0: Device veth1_macvtap failed to register rx_handler
[  267.228617][T10105] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1516'.
[  267.241876][T10107] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1516'.
[  267.263657][T10105] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1516'.
[  268.172388][T10140] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1527'.
[  268.181831][T10140] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1527'.
[  268.540097][T10154] FAULT_INJECTION: forcing a failure.
[  268.540097][T10154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.569009][T10154] CPU: 1 PID: 10154 Comm: syz.1.1532 Not tainted syzkaller #0
[  268.576554][T10154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  268.586664][T10154] Call Trace:
[  268.589976][T10154]  <TASK>
[  268.592939][T10154]  dump_stack_lvl+0x18c/0x250
[  268.597668][T10154]  ? show_regs_print_info+0x20/0x20
[  268.602917][T10154]  ? load_image+0x400/0x400
[  268.607468][T10154]  ? __might_fault+0xaa/0x120
[  268.612187][T10154]  ? __lock_acquire+0x7d40/0x7d40
[  268.617266][T10154]  should_fail_ex+0x39d/0x4d0
[  268.621997][T10154]  _copy_from_user+0x2f/0xe0
[  268.626628][T10154]  ___sys_sendmsg+0x1c7/0x360
[  268.631363][T10154]  ? __sys_sendmsg+0x2a0/0x2a0
[  268.636208][T10154]  ? trace_call_bpf+0xc3/0x6c0
[  268.641064][T10154]  __se_sys_sendmsg+0x1c2/0x2b0
[  268.645964][T10154]  ? __x64_sys_sendmsg+0x80/0x80
[  268.651038][T10154]  ? lockdep_hardirqs_on+0x98/0x150
[  268.656251][T10154]  do_syscall_64+0x55/0xa0
[  268.660682][T10154]  ? clear_bhb_loop+0x40/0x90
[  268.665365][T10154]  ? clear_bhb_loop+0x40/0x90
[  268.670040][T10154]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  268.675933][T10154] RIP: 0033:0x7f186579acb9
[  268.680346][T10154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.699956][T10154] RSP: 002b:00007f1866676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.708387][T10154] RAX: ffffffffffffffda RBX: 00007f1865a15fa0 RCX: 00007f186579acb9
[  268.716466][T10154] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  268.724443][T10154] RBP: 00007f1866676090 R08: 0000000000000000 R09: 0000000000000000
[  268.732414][T10154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.740390][T10154] R13: 00007f1865a16038 R14: 00007f1865a15fa0 R15: 00007ffcb25c4ee8
[  268.748421][T10154]  </TASK>
[  268.962473][T10160] validate_nla: 4 callbacks suppressed
[  268.962486][T10160] netlink: 'syz.2.1534': attribute type 7 has an invalid length.
[  268.988221][T10160] netlink: 'syz.2.1534': attribute type 21 has an invalid length.
[  269.118387][T10170] netlink: 'syz.0.1538': attribute type 10 has an invalid length.
[  269.583281][T10186] netlink: 'syz.1.1545': attribute type 29 has an invalid length.
[  269.591718][T10186] netlink: 'syz.1.1545': attribute type 29 has an invalid length.
[  269.607414][T10186] netlink: 'syz.1.1545': attribute type 29 has an invalid length.
[  270.139688][T10202] netlink: 'syz.1.1551': attribute type 10 has an invalid length.
[  270.170284][T10202] team0: Device veth1_macvtap failed to register rx_handler
[  270.314046][T10208] netlink: 'syz.3.1554': attribute type 2 has an invalid length.
[  270.817916][T10221] FAULT_INJECTION: forcing a failure.
[  270.817916][T10221] name failslab, interval 1, probability 0, space 0, times 0
[  270.835080][T10221] CPU: 0 PID: 10221 Comm: syz.0.1559 Not tainted syzkaller #0
[  270.842591][T10221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  270.852646][T10221] Call Trace:
[  270.855923][T10221]  <TASK>
[  270.858857][T10221]  dump_stack_lvl+0x18c/0x250
[  270.863544][T10221]  ? show_regs_print_info+0x20/0x20
[  270.868746][T10221]  ? load_image+0x400/0x400
[  270.873260][T10221]  should_fail_ex+0x39d/0x4d0
[  270.877943][T10221]  should_failslab+0x9/0x20
[  270.882444][T10221]  slab_pre_alloc_hook+0x59/0x310
[  270.887469][T10221]  ? nf_ct_ext_add+0x1ab/0x440
[  270.892229][T10221]  ? nf_ct_ext_add+0x1ab/0x440
[  270.897072][T10221]  __kmem_cache_alloc_node+0x53/0x250
[  270.902543][T10221]  ? nf_ct_ext_add+0x1ab/0x440
[  270.907301][T10221]  __kmalloc_node_track_caller+0xa2/0x230
[  270.913019][T10221]  krealloc+0x86/0x120
[  270.917095][T10221]  nf_ct_ext_add+0x1ab/0x440
[  270.921683][T10221]  init_conntrack+0x69c/0xf10
[  270.926374][T10221]  ? early_drop+0x7f0/0x7f0
[  270.930871][T10221]  ? nf_conntrack_find_get+0x650/0x650
[  270.936326][T10221]  ? __local_bh_enable_ip+0x13a/0x1c0
[  270.941690][T10221]  ? __siphash_unaligned+0x22e/0x3a0
[  270.946983][T10221]  nf_conntrack_in+0xc06/0x15c0
[  270.951849][T10221]  ? nf_ct_pernet+0x270/0x270
[  270.956531][T10221]  ? ipt_do_table+0x2c1/0x15e0
[  270.961390][T10221]  ? ipv4_conntrack_defrag+0x29d/0x5a0
[  270.966854][T10221]  ? ipv4_conntrack_local+0x123/0x200
[  270.972223][T10221]  ? ipv4_conntrack_in+0x20/0x20
[  270.977176][T10221]  nf_hook_slow+0xbd/0x200
[  270.981621][T10221]  ? nf_hook+0x390/0x390
[  270.985875][T10221]  nf_hook+0x228/0x390
[  270.989957][T10221]  ? nf_hook+0xa2/0x390
[  270.994140][T10221]  ? __ip_local_out+0x5f0/0x5f0
[  270.998989][T10221]  ? nf_hook+0x390/0x390
[  271.003339][T10221]  ? ip_fast_csum+0x1ee/0x2b0
[  271.008010][T10221]  __ip_local_out+0x4db/0x5f0
[  271.012682][T10221]  ? nf_hook+0x390/0x390
[  271.016921][T10221]  ip_send_skb+0x4c/0x1d0
[  271.021252][T10221]  raw_sendmsg+0x163e/0x1c00
[  271.025849][T10221]  ? compat_raw_ioctl+0x70/0x70
[  271.030696][T10221]  ? __lock_acquire+0x1273/0x7d40
[  271.035727][T10221]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  271.042224][T10221]  ? sock_rps_record_flow+0x19/0x3f0
[  271.047593][T10221]  ? inet_sendmsg+0x7c/0x2f0
[  271.052193][T10221]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  271.057467][T10221]  ? security_socket_sendmsg+0x80/0xa0
[  271.062922][T10221]  ? inet_send_prepare+0x260/0x260
[  271.068026][T10221]  ____sys_sendmsg+0x5ba/0x960
[  271.072795][T10221]  ? __lock_acquire+0x7d40/0x7d40
[  271.077834][T10221]  ? __asan_memset+0x22/0x40
[  271.082440][T10221]  ? __sys_sendmsg_sock+0x30/0x30
[  271.087481][T10221]  ? __import_iovec+0x3fa/0x850
[  271.092361][T10221]  ? import_iovec+0x73/0xa0
[  271.096874][T10221]  ___sys_sendmsg+0x2a6/0x360
[  271.101558][T10221]  ? __sys_sendmsg+0x2a0/0x2a0
[  271.106334][T10221]  ? __lock_acquire+0x7d40/0x7d40
[  271.111372][T10221]  __se_sys_sendmsg+0x1c2/0x2b0
[  271.116223][T10221]  ? __x64_sys_sendmsg+0x80/0x80
[  271.121172][T10221]  ? lockdep_hardirqs_on+0x98/0x150
[  271.126384][T10221]  do_syscall_64+0x55/0xa0
[  271.130817][T10221]  ? clear_bhb_loop+0x40/0x90
[  271.135501][T10221]  ? clear_bhb_loop+0x40/0x90
[  271.140176][T10221]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.146072][T10221] RIP: 0033:0x7f2bf739acb9
[  271.150480][T10221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  271.170425][T10221] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.178851][T10221] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  271.186910][T10221] RDX: 0000000020000040 RSI: 0000200000000440 RDI: 0000000000000010
[  271.194883][T10221] RBP: 00007f2bf833f090 R08: 0000000000000000 R09: 0000000000000000
[  271.202857][T10221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.210823][T10221] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  271.218801][T10221]  </TASK>
[  271.557109][T10235] netlink: 'syz.2.1565': attribute type 10 has an invalid length.
[  272.326994][T10257] __nla_validate_parse: 15 callbacks suppressed
[  272.327031][T10257] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1572'.
[  272.933317][T10272] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.1577'.
[  273.171995][T10277] netlink: 'syz.2.1578': attribute type 10 has an invalid length.
[  273.304341][T10279] netlink: 212416 bytes leftover after parsing attributes in process `syz.3.1579'.
[  274.339960][T10282] netlink: 'syz.3.1581': attribute type 2 has an invalid length.
[  274.393138][T10282] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1581'.
[  275.819878][T10305] netlink: 'syz.1.1588': attribute type 10 has an invalid length.
[  275.830637][T10305] team0: Device veth1_macvtap failed to register rx_handler
[  275.852526][T10303] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode
[  276.085725][T10312] netlink: 'syz.3.1592': attribute type 29 has an invalid length.
[  276.165105][T10312] netlink: 'syz.3.1592': attribute type 29 has an invalid length.
[  276.189237][T10314] netlink: 'syz.3.1592': attribute type 29 has an invalid length.
[  277.494699][T10345] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.1601'.
[  279.458764][T10344] netlink: 'syz.1.1603': attribute type 10 has an invalid length.
[  279.474939][T10344] team0: Device veth1_macvtap failed to register rx_handler
[  279.764970][T10365] netlink: 'syz.1.1610': attribute type 39 has an invalid length.
[  280.013280][T10368] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1613'.
[  280.278866][T10379] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1617'.
[  280.360335][T10381] netlink: 'syz.1.1618': attribute type 10 has an invalid length.
[  280.373494][T10381] team0: Device veth1_macvtap failed to register rx_handler
[  282.901465][T10413] FAULT_INJECTION: forcing a failure.
[  282.901465][T10413] name failslab, interval 1, probability 0, space 0, times 0
[  282.949590][T10415] netlink: 'syz.1.1631': attribute type 11 has an invalid length.
[  282.958251][T10413] CPU: 0 PID: 10413 Comm: syz.3.1630 Not tainted syzkaller #0
[  282.965848][T10413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  282.975940][T10413] Call Trace:
[  282.979247][T10413]  <TASK>
[  282.982298][T10413]  dump_stack_lvl+0x18c/0x250
[  282.987029][T10413]  ? show_regs_print_info+0x20/0x20
[  282.992271][T10413]  ? load_image+0x400/0x400
[  282.996818][T10413]  ? __might_sleep+0xe0/0xe0
[  283.001452][T10413]  ? __lock_acquire+0x7d40/0x7d40
[  283.006522][T10413]  should_fail_ex+0x39d/0x4d0
[  283.011244][T10413]  should_failslab+0x9/0x20
[  283.015807][T10413]  slab_pre_alloc_hook+0x59/0x310
[  283.020868][T10413]  ? sk_prot_alloc+0xe7/0x210
[  283.025587][T10413]  ? sk_prot_alloc+0xe7/0x210
[  283.030296][T10413]  __kmem_cache_alloc_node+0x53/0x250
[  283.035713][T10413]  ? sk_prot_alloc+0xe7/0x210
[  283.040399][T10413]  __kmalloc+0xa4/0x230
[  283.044747][T10413]  sk_prot_alloc+0xe7/0x210
[  283.049615][T10413]  ? sk_alloc+0x24/0x360
[  283.053864][T10413]  sk_alloc+0x3a/0x360
[  283.058023][T10413]  ? bpf_ctx_init+0x163/0x1a0
[  283.062817][T10413]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  283.068402][T10413]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  283.073869][T10413]  ? __fget_files+0x28/0x4b0
[  283.078457][T10413]  ? __fget_files+0x28/0x4b0
[  283.083058][T10413]  ? __fget_files+0x43d/0x4b0
[  283.087753][T10413]  ? cpu_online+0x60/0x60
[  283.092089][T10413]  bpf_prog_test_run+0x321/0x390
[  283.097037][T10413]  __sys_bpf+0x49d/0x890
[  283.101281][T10413]  ? bpf_link_show_fdinfo+0x390/0x390
[  283.106669][T10413]  ? lock_chain_count+0x20/0x20
[  283.111532][T10413]  __x64_sys_bpf+0x7c/0x90
[  283.115945][T10413]  do_syscall_64+0x55/0xa0
[  283.120375][T10413]  ? clear_bhb_loop+0x40/0x90
[  283.125090][T10413]  ? clear_bhb_loop+0x40/0x90
[  283.129793][T10413]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  283.135694][T10413] RIP: 0033:0x7f5cb4b9acb9
[  283.140200][T10413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  283.159815][T10413] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  283.168234][T10413] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  283.176206][T10413] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  283.184267][T10413] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  283.192247][T10413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.200215][T10413] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  283.208292][T10413]  </TASK>
[  283.226558][T10418] netlink: 'syz.2.1632': attribute type 10 has an invalid length.
[  284.273882][T10442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1641'.
[  284.306050][T10442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1641'.
[  284.364742][T10442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1641'.
[  284.394288][T10442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1641'.
[  284.428586][T10448] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1644'.
[  284.480053][T10450] netlink: 'syz.0.1645': attribute type 10 has an invalid length.
[  284.667253][T10457] FAULT_INJECTION: forcing a failure.
[  284.667253][T10457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.707862][T10457] CPU: 0 PID: 10457 Comm: syz.0.1648 Not tainted syzkaller #0
[  284.715476][T10457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  284.725622][T10457] Call Trace:
[  284.728901][T10457]  <TASK>
[  284.731822][T10457]  dump_stack_lvl+0x18c/0x250
[  284.736516][T10457]  ? show_regs_print_info+0x20/0x20
[  284.741708][T10457]  ? load_image+0x400/0x400
[  284.746214][T10457]  ? __might_fault+0xaa/0x120
[  284.750886][T10457]  ? __lock_acquire+0x7d40/0x7d40
[  284.755917][T10457]  should_fail_ex+0x39d/0x4d0
[  284.760594][T10457]  _copy_from_user+0x2f/0xe0
[  284.765178][T10457]  sk_setsockopt+0x26b/0x2bc0
[  284.769851][T10457]  ? sockopt_capable+0x60/0x60
[  284.774612][T10457]  ? aa_sk_perm+0x83c/0x970
[  284.779113][T10457]  ? __fget_files+0x28/0x4b0
[  284.783709][T10457]  ? aa_af_perm+0x330/0x330
[  284.788216][T10457]  ? __fget_files+0x28/0x4b0
[  284.792802][T10457]  ? __fget_files+0x28/0x4b0
[  284.797392][T10457]  ? aa_sock_opt_perm+0x74/0x100
[  284.802325][T10457]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  284.807863][T10457]  ? security_socket_setsockopt+0x7e/0xa0
[  284.813580][T10457]  do_sock_setsockopt+0x11b/0x1a0
[  284.818618][T10457]  __x64_sys_setsockopt+0x182/0x200
[  284.823861][T10457]  do_syscall_64+0x55/0xa0
[  284.828275][T10457]  ? clear_bhb_loop+0x40/0x90
[  284.832945][T10457]  ? clear_bhb_loop+0x40/0x90
[  284.837614][T10457]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  284.843521][T10457] RIP: 0033:0x7f2bf739acb9
[  284.847940][T10457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  284.867548][T10457] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  284.875959][T10457] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  284.883921][T10457] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000004
[  284.891882][T10457] RBP: 00007f2bf833f090 R08: 0000000000000000 R09: 0000000000000000
[  284.899852][T10457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.907903][T10457] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  284.915876][T10457]  </TASK>
[  285.175586][T10472] netlink: 'syz.1.1655': attribute type 10 has an invalid length.
[  285.273522][T10472] team0: Port device netdevsim0 added
[  285.297424][T10478] netlink: 'syz.0.1656': attribute type 10 has an invalid length.
[  285.364808][T10482] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1658'.
[  285.382966][T10482] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1658'.
[  285.446969][T10485] FAULT_INJECTION: forcing a failure.
[  285.446969][T10485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.460983][T10485] CPU: 1 PID: 10485 Comm: syz.3.1660 Not tainted syzkaller #0
[  285.468484][T10485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  285.478585][T10485] Call Trace:
[  285.481874][T10485]  <TASK>
[  285.484833][T10485]  dump_stack_lvl+0x18c/0x250
[  285.489567][T10485]  ? show_regs_print_info+0x20/0x20
[  285.494805][T10485]  ? load_image+0x400/0x400
[  285.499365][T10485]  ? __might_fault+0xaa/0x120
[  285.504066][T10485]  ? __lock_acquire+0x7d40/0x7d40
[  285.509097][T10485]  should_fail_ex+0x39d/0x4d0
[  285.513798][T10485]  _copy_from_user+0x2f/0xe0
[  285.518400][T10485]  ____sys_sendmsg+0x2fd/0x960
[  285.523164][T10485]  ? __lock_acquire+0x7d40/0x7d40
[  285.528217][T10485]  ? __sys_sendmsg_sock+0x30/0x30
[  285.533246][T10485]  ? __import_iovec+0x5f2/0x850
[  285.538095][T10485]  ? import_iovec+0x73/0xa0
[  285.542595][T10485]  ___sys_sendmsg+0x2a6/0x360
[  285.547311][T10485]  ? get_pid_task+0x20/0x1e0
[  285.551897][T10485]  ? __sys_sendmsg+0x2a0/0x2a0
[  285.556675][T10485]  ? __lock_acquire+0x7d40/0x7d40
[  285.561707][T10485]  __se_sys_sendmsg+0x1c2/0x2b0
[  285.566560][T10485]  ? __x64_sys_sendmsg+0x80/0x80
[  285.571501][T10485]  ? lockdep_hardirqs_on+0x98/0x150
[  285.576700][T10485]  do_syscall_64+0x55/0xa0
[  285.581111][T10485]  ? clear_bhb_loop+0x40/0x90
[  285.585786][T10485]  ? clear_bhb_loop+0x40/0x90
[  285.590458][T10485]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  285.596345][T10485] RIP: 0033:0x7f5cb4b9acb9
[  285.600766][T10485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  285.620465][T10485] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.628876][T10485] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  285.636838][T10485] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  285.644802][T10485] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  285.652763][T10485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.660722][T10485] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  285.668693][T10485]  </TASK>
[  286.206675][T10513] netlink: 'syz.2.1669': attribute type 1 has an invalid length.
[  286.223866][T10513] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1669'.
[  286.349614][T10515] netlink: 'syz.1.1670': attribute type 10 has an invalid length.
[  286.464736][T10515] team0: Device veth1_macvtap failed to register rx_handler
[  289.152238][T10521] netlink: 'syz.2.1672': attribute type 21 has an invalid length.
[  289.174107][T10521] netlink: 'syz.2.1672': attribute type 6 has an invalid length.
[  289.182063][T10521] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1672'.
[  289.808386][T10547] netlink: 'syz.1.1683': attribute type 10 has an invalid length.
[  289.819708][T10547] team0: Device veth1_macvtap failed to register rx_handler
[  289.848342][T10549] netlink: 'syz.2.1682': attribute type 2 has an invalid length.
[  289.866453][T10549] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1682'.
[  290.068685][T10561] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1689'.
[  290.079668][T10561] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1689'.
[  290.104167][T10564] netlink: 'syz.0.1690': attribute type 19 has an invalid length.
[  290.128148][T10560] syzkaller0: tun_chr_ioctl cmd 1074025677
[  290.143997][T10560] syzkaller0: linktype set to 280
[  290.203882][T10561] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1689'.
[  290.247976][T10569] netlink: 'syz.1.1688': attribute type 21 has an invalid length.
[  290.258254][T10569] netlink: 'syz.1.1688': attribute type 6 has an invalid length.
[  290.273685][T10569] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1688'.
[  290.283546][T10564] netlink: 'syz.0.1690': attribute type 19 has an invalid length.
[  290.313731][T10566] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1689'.
[  290.349600][T10574] netlink: 'syz.3.1691': attribute type 10 has an invalid length.
[  290.393968][T10564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  290.440275][T10575] netlink: 'syz.3.1691': attribute type 11 has an invalid length.
[  290.503485][T10575] netlink: 184116 bytes leftover after parsing attributes in process `syz.3.1691'.
[  290.585899][T10580] netlink: 'syz.2.1692': attribute type 21 has an invalid length.
[  290.613779][T10580] netlink: 'syz.2.1692': attribute type 6 has an invalid length.
[  290.626933][T10580] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1692'.
[  290.881764][T10590] netlink: 'syz.3.1697': attribute type 10 has an invalid length.
[  291.304128][T10595] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1700'.
[  291.628446][T10608] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1703'.
[  292.161311][T10623] team0: Device veth1_macvtap failed to register rx_handler
[  292.732489][T10634] netlink: zone id is out of range
[  292.763042][T10634] netlink: set zone limit has 8 unknown bytes
[  293.579542][T10665] FAULT_INJECTION: forcing a failure.
[  293.579542][T10665] name failslab, interval 1, probability 0, space 0, times 0
[  293.592337][T10665] CPU: 1 PID: 10665 Comm: syz.0.1722 Not tainted syzkaller #0
[  293.599826][T10665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  293.609904][T10665] Call Trace:
[  293.613211][T10665]  <TASK>
[  293.616165][T10665]  dump_stack_lvl+0x18c/0x250
[  293.620873][T10665]  ? __sctp_connect+0x5b7/0xd80
[  293.625739][T10665]  ? sctp_setsockopt+0x6d8/0x11e0
[  293.630782][T10665]  ? show_regs_print_info+0x20/0x20
[  293.635990][T10665]  ? load_image+0x400/0x400
[  293.640596][T10665]  should_fail_ex+0x39d/0x4d0
[  293.645294][T10665]  should_failslab+0x9/0x20
[  293.649810][T10665]  slab_pre_alloc_hook+0x59/0x310
[  293.654886][T10665]  ? sctp_add_bind_addr+0x8c/0x360
[  293.660006][T10665]  __kmem_cache_alloc_node+0x53/0x250
[  293.665377][T10665]  ? sctp_add_bind_addr+0x8c/0x360
[  293.670492][T10665]  kmalloc_trace+0x2a/0xe0
[  293.674906][T10665]  sctp_add_bind_addr+0x8c/0x360
[  293.679843][T10665]  sctp_copy_local_addr_list+0x315/0x4f0
[  293.685473][T10665]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  293.691187][T10665]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  293.697291][T10665]  ? sctp_v4_is_any+0x35/0x60
[  293.701965][T10665]  ? sctp_copy_one_addr+0x8c/0x350
[  293.707091][T10665]  sctp_bind_addr_copy+0xb3/0x3c0
[  293.712115][T10665]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  293.718454][T10665]  sctp_connect_new_asoc+0x2f9/0x6a0
[  293.723735][T10665]  ? __sctp_connect+0xd80/0xd80
[  293.728579][T10665]  ? mark_lock+0x94/0x320
[  293.732896][T10665]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  293.738698][T10665]  __sctp_connect+0x5b7/0xd80
[  293.743372][T10665]  ? sctp_send_asconf+0x170/0x170
[  293.748474][T10665]  ? __local_bh_enable_ip+0x13a/0x1c0
[  293.753849][T10665]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  293.759472][T10665]  ? security_sctp_bind_connect+0x89/0xb0
[  293.765187][T10665]  sctp_setsockopt_connectx+0x104/0x1a0
[  293.770726][T10665]  sctp_setsockopt+0x6d8/0x11e0
[  293.775581][T10665]  ? sock_common_recvmsg+0x190/0x190
[  293.780876][T10665]  do_sock_setsockopt+0x175/0x1a0
[  293.785914][T10665]  ? __fdget+0x180/0x210
[  293.790276][T10665]  __x64_sys_setsockopt+0x182/0x200
[  293.795548][T10665]  do_syscall_64+0x55/0xa0
[  293.800059][T10665]  ? clear_bhb_loop+0x40/0x90
[  293.804742][T10665]  ? clear_bhb_loop+0x40/0x90
[  293.809424][T10665]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.815312][T10665] RIP: 0033:0x7f2bf739acb9
[  293.819733][T10665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  293.839338][T10665] RSP: 002b:00007f2bf833f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  293.847746][T10665] RAX: ffffffffffffffda RBX: 00007f2bf7615fa0 RCX: 00007f2bf739acb9
[  293.855708][T10665] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000003
[  293.863669][T10665] RBP: 00007f2bf833f090 R08: 0000000000000010 R09: 0000000000000000
[  293.871627][T10665] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.879591][T10665] R13: 00007f2bf7616038 R14: 00007f2bf7615fa0 R15: 00007ffc33255cc8
[  293.887571][T10665]  </TASK>
[  294.796744][T10697] team0: Device veth1_macvtap failed to register rx_handler
[  295.611363][T10714] validate_nla: 4 callbacks suppressed
[  295.611378][T10714] netlink: 'syz.2.1734': attribute type 21 has an invalid length.
[  295.643880][T10714] __nla_validate_parse: 10 callbacks suppressed
[  295.643897][T10714] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1734'.
[  295.725585][T10717] netlink: 'syz.3.1736': attribute type 13 has an invalid length.
[  296.085730][T10726] FAULT_INJECTION: forcing a failure.
[  296.085730][T10726] name failslab, interval 1, probability 0, space 0, times 0
[  296.104474][T10726] CPU: 1 PID: 10726 Comm: syz.3.1740 Not tainted syzkaller #0
[  296.112009][T10726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  296.122096][T10726] Call Trace:
[  296.125407][T10726]  <TASK>
[  296.128356][T10726]  dump_stack_lvl+0x18c/0x250
[  296.133070][T10726]  ? sctp_sendmsg+0x1575/0x28c0
[  296.137955][T10726]  ? ___sys_sendmsg+0x2a6/0x360
[  296.142855][T10726]  ? show_regs_print_info+0x20/0x20
[  296.148097][T10726]  ? load_image+0x400/0x400
[  296.152687][T10726]  should_fail_ex+0x39d/0x4d0
[  296.157499][T10726]  should_failslab+0x9/0x20
[  296.162040][T10726]  slab_pre_alloc_hook+0x59/0x310
[  296.167116][T10726]  ? sctp_add_bind_addr+0x8c/0x360
[  296.172277][T10726]  __kmem_cache_alloc_node+0x53/0x250
[  296.177699][T10726]  ? sctp_add_bind_addr+0x8c/0x360
[  296.182844][T10726]  kmalloc_trace+0x2a/0xe0
[  296.187295][T10726]  sctp_add_bind_addr+0x8c/0x360
[  296.192306][T10726]  sctp_copy_local_addr_list+0x315/0x4f0
[  296.198023][T10726]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  296.203782][T10726]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  296.209887][T10726]  ? sctp_v4_is_any+0x35/0x60
[  296.214571][T10726]  ? sctp_copy_one_addr+0x8c/0x350
[  296.219783][T10726]  sctp_bind_addr_copy+0xb3/0x3c0
[  296.224816][T10726]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  296.231154][T10726]  sctp_connect_new_asoc+0x2f9/0x6a0
[  296.236449][T10726]  ? __sctp_connect+0xd80/0xd80
[  296.241292][T10726]  ? __local_bh_enable_ip+0x13a/0x1c0
[  296.246668][T10726]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  296.252211][T10726]  ? security_sctp_bind_connect+0x89/0xb0
[  296.258036][T10726]  sctp_sendmsg+0x1575/0x28c0
[  296.262817][T10726]  ? sctp_getsockopt+0xb60/0xb60
[  296.267763][T10726]  ? aa_sk_perm+0x83c/0x970
[  296.272301][T10726]  ? aa_af_perm+0x330/0x330
[  296.276823][T10726]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  296.283258][T10726]  ? sock_rps_record_flow+0x19/0x3f0
[  296.288568][T10726]  ? inet_sendmsg+0xe9/0x2f0
[  296.293159][T10726]  ? inet_send_prepare+0x260/0x260
[  296.298276][T10726]  ____sys_sendmsg+0x5ba/0x960
[  296.303067][T10726]  ? __lock_acquire+0x7d40/0x7d40
[  296.308114][T10726]  ? __asan_memset+0x22/0x40
[  296.312705][T10726]  ? __sys_sendmsg_sock+0x30/0x30
[  296.317736][T10726]  ? __import_iovec+0x5f2/0x850
[  296.322600][T10726]  ? import_iovec+0x73/0xa0
[  296.327113][T10726]  ___sys_sendmsg+0x2a6/0x360
[  296.331900][T10726]  ? __sys_sendmsg+0x2a0/0x2a0
[  296.336698][T10726]  ? __lock_acquire+0x7d40/0x7d40
[  296.341787][T10726]  __se_sys_sendmsg+0x1c2/0x2b0
[  296.346645][T10726]  ? __x64_sys_sendmsg+0x80/0x80
[  296.351777][T10726]  ? lockdep_hardirqs_on+0x98/0x150
[  296.356985][T10726]  do_syscall_64+0x55/0xa0
[  296.361408][T10726]  ? clear_bhb_loop+0x40/0x90
[  296.366094][T10726]  ? clear_bhb_loop+0x40/0x90
[  296.370783][T10726]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  296.376673][T10726] RIP: 0033:0x7f5cb4b9acb9
[  296.381090][T10726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  296.400702][T10726] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.409204][T10726] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  296.417171][T10726] RDX: 0000000000008054 RSI: 0000200000000ac0 RDI: 0000000000000004
[  296.425228][T10726] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  296.433194][T10726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  296.441164][T10726] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  296.449187][T10726]  </TASK>
[  296.595656][T10735] IPv6: Can't replace route, no match found
[  296.627703][T10735] netlink: 'syz.0.1743': attribute type 13 has an invalid length.
[  296.915743][T10745] netlink: 'syz.0.1746': attribute type 10 has an invalid length.
[  297.303242][T10754] netlink: 16170 bytes leftover after parsing attributes in process `syz.3.1751'.
[  297.446369][T10763] veth0_vlan: left promiscuous mode
[  297.881920][T10778] netlink: 129384 bytes leftover after parsing attributes in process `syz.1.1757'.
[  298.232903][T10787] netlink: 'syz.2.1758': attribute type 10 has an invalid length.
[  298.498290][T10796] FAULT_INJECTION: forcing a failure.
[  298.498290][T10796] name failslab, interval 1, probability 0, space 0, times 0
[  298.584099][T10796] CPU: 1 PID: 10796 Comm: syz.3.1760 Not tainted syzkaller #0
[  298.591624][T10796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  298.601704][T10796] Call Trace:
[  298.605011][T10796]  <TASK>
[  298.607955][T10796]  dump_stack_lvl+0x18c/0x250
[  298.612669][T10796]  ? show_regs_print_info+0x20/0x20
[  298.617902][T10796]  ? load_image+0x400/0x400
[  298.622432][T10796]  ? __might_sleep+0xe0/0xe0
[  298.627045][T10796]  ? __lock_acquire+0x7d40/0x7d40
[  298.632192][T10796]  ? sctp_outq_tail+0x604/0x8a0
[  298.637070][T10796]  should_fail_ex+0x39d/0x4d0
[  298.641782][T10796]  should_failslab+0x9/0x20
[  298.646310][T10796]  slab_pre_alloc_hook+0x59/0x310
[  298.651371][T10796]  kmem_cache_alloc_node+0x60/0x320
[  298.656600][T10796]  ? __alloc_skb+0x103/0x2c0
[  298.661229][T10796]  __alloc_skb+0x103/0x2c0
[  298.665680][T10796]  _sctp_make_chunk+0x5e/0x420
[  298.670478][T10796]  sctp_make_datafrag_empty+0x12b/0x240
[  298.676055][T10796]  ? sctp_make_ecne+0x340/0x340
[  298.680926][T10796]  ? sctp_auth_send_cid+0x69/0x250
[  298.686054][T10796]  sctp_datamsg_from_user+0x722/0xee0
[  298.691523][T10796]  sctp_sendmsg_to_asoc+0x107f/0x1830
[  298.696928][T10796]  ? __asan_memcpy+0x40/0x70
[  298.701521][T10796]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  298.706895][T10796]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  298.712712][T10796]  ? __sctp_connect+0xd80/0xd80
[  298.717558][T10796]  ? __local_bh_enable_ip+0x13a/0x1c0
[  298.722933][T10796]  ? _local_bh_enable+0xa0/0xa0
[  298.727870][T10796]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  298.733762][T10796]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  298.739558][T10796]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  298.745099][T10796]  ? security_sctp_bind_connect+0x89/0xb0
[  298.750815][T10796]  sctp_sendmsg+0x1b83/0x28c0
[  298.755493][T10796]  ? sctp_getsockopt+0xb60/0xb60
[  298.760420][T10796]  ? aa_sk_perm+0x83c/0x970
[  298.764927][T10796]  ? aa_af_perm+0x330/0x330
[  298.769424][T10796]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  298.775863][T10796]  ? sock_rps_record_flow+0x19/0x3f0
[  298.781145][T10796]  ? inet_sendmsg+0x7c/0x2f0
[  298.785722][T10796]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  298.791000][T10796]  ? security_socket_sendmsg+0x80/0xa0
[  298.796461][T10796]  ? inet_send_prepare+0x260/0x260
[  298.801568][T10796]  ____sys_sendmsg+0x5ba/0x960
[  298.806331][T10796]  ? __lock_acquire+0x7d40/0x7d40
[  298.811441][T10796]  ? __asan_memset+0x22/0x40
[  298.816027][T10796]  ? __sys_sendmsg_sock+0x30/0x30
[  298.821053][T10796]  ? __import_iovec+0x5f2/0x850
[  298.825909][T10796]  ? import_iovec+0x73/0xa0
[  298.830465][T10796]  ___sys_sendmsg+0x2a6/0x360
[  298.835143][T10796]  ? __sys_sendmsg+0x2a0/0x2a0
[  298.839922][T10796]  ? trace_call_bpf+0xc3/0x6c0
[  298.844708][T10796]  __se_sys_sendmsg+0x1c2/0x2b0
[  298.849566][T10796]  ? __x64_sys_sendmsg+0x80/0x80
[  298.854510][T10796]  ? lockdep_hardirqs_on+0x98/0x150
[  298.859704][T10796]  do_syscall_64+0x55/0xa0
[  298.864148][T10796]  ? clear_bhb_loop+0x40/0x90
[  298.868824][T10796]  ? clear_bhb_loop+0x40/0x90
[  298.873492][T10796]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  298.879376][T10796] RIP: 0033:0x7f5cb4b9acb9
[  298.883784][T10796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.903388][T10796] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.911796][T10796] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  298.919758][T10796] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  298.927721][T10796] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  298.935731][T10796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  298.943697][T10796] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  298.951704][T10796]  </TASK>
[  299.913017][T10820] netlink: 'syz.1.1770': attribute type 10 has an invalid length.
[  299.928809][T10820] team0: Device veth1_macvtap failed to register rx_handler
[  300.652395][T10828] netlink: 'syz.1.1773': attribute type 10 has an invalid length.
[  300.698904][T10828] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.720247][T10834] netlink: 'syz.3.1775': attribute type 29 has an invalid length.
[  300.735093][T10828] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.791174][T10834] netlink: 'syz.3.1775': attribute type 29 has an invalid length.
[  300.804073][T10839] netlink: 'syz.3.1775': attribute type 29 has an invalid length.
[  300.833818][T10834] netlink: 'syz.3.1775': attribute type 29 has an invalid length.
[  300.854500][T10834] netlink: 'syz.3.1775': attribute type 29 has an invalid length.
[  301.358102][T10849] FAULT_INJECTION: forcing a failure.
[  301.358102][T10849] name failslab, interval 1, probability 0, space 0, times 0
[  301.439061][T10849] CPU: 0 PID: 10849 Comm: syz.1.1777 Not tainted syzkaller #0
[  301.446616][T10849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  301.456711][T10849] Call Trace:
[  301.460014][T10849]  <TASK>
[  301.462963][T10849]  dump_stack_lvl+0x18c/0x250
[  301.467668][T10849]  ? sctp_sendmsg+0x1575/0x28c0
[  301.472560][T10849]  ? ___sys_sendmsg+0x2a6/0x360
[  301.477442][T10849]  ? show_regs_print_info+0x20/0x20
[  301.482670][T10849]  ? load_image+0x400/0x400
[  301.487223][T10849]  should_fail_ex+0x39d/0x4d0
[  301.492001][T10849]  should_failslab+0x9/0x20
[  301.496538][T10849]  slab_pre_alloc_hook+0x59/0x310
[  301.501609][T10849]  ? sctp_add_bind_addr+0x8c/0x360
[  301.506781][T10849]  __kmem_cache_alloc_node+0x53/0x250
[  301.512192][T10849]  ? sctp_add_bind_addr+0x8c/0x360
[  301.517336][T10849]  kmalloc_trace+0x2a/0xe0
[  301.521813][T10849]  sctp_add_bind_addr+0x8c/0x360
[  301.526818][T10849]  sctp_copy_local_addr_list+0x315/0x4f0
[  301.532504][T10849]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  301.538270][T10849]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  301.544376][T10849]  ? sctp_v4_is_any+0x35/0x60
[  301.549071][T10849]  ? sctp_copy_one_addr+0x8c/0x350
[  301.554204][T10849]  sctp_bind_addr_copy+0xb3/0x3c0
[  301.559237][T10849]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  301.565616][T10849]  sctp_connect_new_asoc+0x2f9/0x6a0
[  301.570906][T10849]  ? __sctp_connect+0xd80/0xd80
[  301.575773][T10849]  ? __local_bh_enable_ip+0x13a/0x1c0
[  301.581155][T10849]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  301.586707][T10849]  ? security_sctp_bind_connect+0x89/0xb0
[  301.592434][T10849]  sctp_sendmsg+0x1575/0x28c0
[  301.597132][T10849]  ? sctp_getsockopt+0xb60/0xb60
[  301.602072][T10849]  ? aa_sk_perm+0x83c/0x970
[  301.606599][T10849]  ? aa_af_perm+0x330/0x330
[  301.611098][T10849]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  301.617543][T10849]  ? sock_rps_record_flow+0x19/0x3f0
[  301.622847][T10849]  ? inet_sendmsg+0xe9/0x2f0
[  301.627447][T10849]  ? inet_send_prepare+0x260/0x260
[  301.632568][T10849]  ____sys_sendmsg+0x5ba/0x960
[  301.637347][T10849]  ? __lock_acquire+0x7d40/0x7d40
[  301.642386][T10849]  ? __asan_memset+0x22/0x40
[  301.646976][T10849]  ? __sys_sendmsg_sock+0x30/0x30
[  301.652003][T10849]  ? __import_iovec+0x5f2/0x850
[  301.656918][T10849]  ? import_iovec+0x73/0xa0
[  301.661442][T10849]  ___sys_sendmsg+0x2a6/0x360
[  301.666147][T10849]  ? get_pid_task+0x20/0x1e0
[  301.670760][T10849]  ? __sys_sendmsg+0x2a0/0x2a0
[  301.675564][T10849]  ? __lock_acquire+0x7d40/0x7d40
[  301.680625][T10849]  __se_sys_sendmsg+0x1c2/0x2b0
[  301.685497][T10849]  ? __x64_sys_sendmsg+0x80/0x80
[  301.690470][T10849]  ? lockdep_hardirqs_on+0x98/0x150
[  301.695680][T10849]  do_syscall_64+0x55/0xa0
[  301.700100][T10849]  ? clear_bhb_loop+0x40/0x90
[  301.704777][T10849]  ? clear_bhb_loop+0x40/0x90
[  301.709456][T10849]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  301.715346][T10849] RIP: 0033:0x7f186579acb9
[  301.719776][T10849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  301.739381][T10849] RSP: 002b:00007f1866676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.747798][T10849] RAX: ffffffffffffffda RBX: 00007f1865a15fa0 RCX: 00007f186579acb9
[  301.756199][T10849] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000010
[  301.764167][T10849] RBP: 00007f1866676090 R08: 0000000000000000 R09: 0000000000000000
[  301.772160][T10849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  301.780129][T10849] R13: 00007f1865a16038 R14: 00007f1865a15fa0 R15: 00007ffcb25c4ee8
[  301.788123][T10849]  </TASK>
[  302.092320][T10860] FAULT_INJECTION: forcing a failure.
[  302.092320][T10860] name failslab, interval 1, probability 0, space 0, times 0
[  302.126586][T10862] netlink: 'syz.0.1782': attribute type 10 has an invalid length.
[  302.133726][T10860] CPU: 1 PID: 10860 Comm: syz.1.1780 Not tainted syzkaller #0
[  302.141912][T10860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  302.151992][T10860] Call Trace:
[  302.155294][T10860]  <TASK>
[  302.158230][T10860]  dump_stack_lvl+0x18c/0x250
[  302.162913][T10860]  ? sctp_sendmsg+0x1575/0x28c0
[  302.167752][T10860]  ? ___sys_sendmsg+0x2a6/0x360
[  302.172599][T10860]  ? show_regs_print_info+0x20/0x20
[  302.177842][T10860]  ? load_image+0x400/0x400
[  302.182335][T10860]  ? mark_lock+0x94/0x320
[  302.186659][T10860]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  302.192631][T10860]  should_fail_ex+0x39d/0x4d0
[  302.197307][T10860]  should_failslab+0x9/0x20
[  302.201893][T10860]  slab_pre_alloc_hook+0x59/0x310
[  302.206913][T10860]  ? lockdep_hardirqs_on+0x98/0x150
[  302.212101][T10860]  ? sctp_add_bind_addr+0x8c/0x360
[  302.217216][T10860]  __kmem_cache_alloc_node+0x53/0x250
[  302.222582][T10860]  ? sctp_add_bind_addr+0x8c/0x360
[  302.227690][T10860]  kmalloc_trace+0x2a/0xe0
[  302.232105][T10860]  sctp_add_bind_addr+0x8c/0x360
[  302.237040][T10860]  sctp_copy_local_addr_list+0x315/0x4f0
[  302.242666][T10860]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  302.248377][T10860]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  302.254454][T10860]  ? sctp_v4_is_any+0x35/0x60
[  302.259150][T10860]  ? sctp_copy_one_addr+0x8c/0x350
[  302.264275][T10860]  sctp_bind_addr_copy+0xb3/0x3c0
[  302.269308][T10860]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  302.275636][T10860]  sctp_connect_new_asoc+0x2f9/0x6a0
[  302.280952][T10860]  ? __sctp_connect+0xd80/0xd80
[  302.285824][T10860]  ? __local_bh_enable_ip+0x13a/0x1c0
[  302.291219][T10860]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  302.296775][T10860]  ? security_sctp_bind_connect+0x89/0xb0
[  302.302496][T10860]  sctp_sendmsg+0x1575/0x28c0
[  302.307178][T10860]  ? sctp_getsockopt+0xb60/0xb60
[  302.312105][T10860]  ? aa_sk_perm+0x83c/0x970
[  302.316612][T10860]  ? aa_af_perm+0x330/0x330
[  302.321110][T10860]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  302.327518][T10860]  ? sock_rps_record_flow+0x19/0x3f0
[  302.332795][T10860]  ? inet_sendmsg+0xe9/0x2f0
[  302.337376][T10860]  ? inet_send_prepare+0x260/0x260
[  302.342509][T10860]  ____sys_sendmsg+0x5ba/0x960
[  302.347322][T10860]  ? __lock_acquire+0x7d40/0x7d40
[  302.352361][T10860]  ? __asan_memset+0x22/0x40
[  302.356979][T10860]  ? __sys_sendmsg_sock+0x30/0x30
[  302.362026][T10860]  ? __import_iovec+0x5f2/0x850
[  302.366892][T10860]  ? import_iovec+0x73/0xa0
[  302.371396][T10860]  ___sys_sendmsg+0x2a6/0x360
[  302.376073][T10860]  ? get_pid_task+0x20/0x1e0
[  302.380669][T10860]  ? __sys_sendmsg+0x2a0/0x2a0
[  302.385461][T10860]  __se_sys_sendmsg+0x1c2/0x2b0
[  302.390311][T10860]  ? __x64_sys_sendmsg+0x80/0x80
[  302.395341][T10860]  ? lockdep_hardirqs_on+0x98/0x150
[  302.400532][T10860]  do_syscall_64+0x55/0xa0
[  302.404944][T10860]  ? clear_bhb_loop+0x40/0x90
[  302.409615][T10860]  ? clear_bhb_loop+0x40/0x90
[  302.414315][T10860]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  302.420198][T10860] RIP: 0033:0x7f186579acb9
[  302.424603][T10860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  302.444208][T10860] RSP: 002b:00007f1866676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  302.453308][T10860] RAX: ffffffffffffffda RBX: 00007f1865a15fa0 RCX: 00007f186579acb9
[  302.461273][T10860] RDX: 0000000000000c54 RSI: 0000200000000380 RDI: 0000000000000004
[  302.469241][T10860] RBP: 00007f1866676090 R08: 0000000000000000 R09: 0000000000000000
[  302.477318][T10860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.485395][T10860] R13: 00007f1865a16038 R14: 00007f1865a15fa0 R15: 00007ffcb25c4ee8
[  302.493384][T10860]  </TASK>
[  302.815539][T10874] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1786'.
[  302.826122][T10874] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1786'.
[  302.839941][T10872] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1786'.
[  302.852605][T10874] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1786'.
[  302.879410][T10868] delete_channel: no stack
[  303.114628][T10881] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.132795][T10881] batadv_slave_0: entered promiscuous mode
[  303.691826][T10900] netlink: 'syz.1.1797': attribute type 10 has an invalid length.
[  303.708966][T10900] team0: Device veth1_macvtap failed to register rx_handler
[  304.148872][T10908] syzkaller0: entered promiscuous mode
[  304.207112][T10908] syzkaller0: entered allmulticast mode
[  304.309142][T10922] !1ÿ: renamed from bond_slave_0 (while UP)
[  307.209803][T10946] netlink: 'syz.2.1808': attribute type 10 has an invalid length.
[  308.180877][T10981] netlink: 'syz.0.1818': attribute type 10 has an invalid length.
[  308.330091][T10976] netlink: 'syz.2.1817': attribute type 33 has an invalid length.
[  308.384344][T10976] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1817'.
[  308.634263][T10983] netlink: 'syz.3.1815': attribute type 4 has an invalid length.
[  308.668407][T10983] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1815'.
[  308.710596][T10983] batman_adv: batadv0: Interface deactivated: hsr_slave_1
[  308.789830][T10983] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  310.052438][T11009] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1826'.
[  310.103238][T11011] netlink: 'syz.2.1827': attribute type 10 has an invalid length.
[  310.369515][T11018] pimreg: tun_chr_ioctl cmd 1074025677
[  310.400893][T11018] pimreg: linktype set to 270
[  310.856859][T11043] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1837'.
[  311.146177][T11052] netlink: 'syz.3.1839': attribute type 10 has an invalid length.
[  311.336463][T11057] netlink: 'syz.3.1841': attribute type 11 has an invalid length.
[  311.352253][T11057] netlink: 184116 bytes leftover after parsing attributes in process `syz.3.1841'.
[  311.374355][T11057] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  311.383329][T11057] CPU: 0 PID: 11057 Comm: syz.3.1841 Not tainted syzkaller #0
[  311.390835][T11057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  311.400915][T11057] Call Trace:
[  311.404209][T11057]  <TASK>
[  311.407159][T11057]  dump_stack_lvl+0x18c/0x250
[  311.411849][T11057]  ? show_regs_print_info+0x20/0x20
[  311.417054][T11057]  ? load_image+0x400/0x400
[  311.421585][T11057]  sysfs_warn_dup+0x8e/0xa0
[  311.426088][T11057]  sysfs_do_create_link_sd+0xc0/0x110
[  311.431498][T11057]  device_add_class_symlinks+0x1cf/0x240
[  311.437153][T11057]  device_add+0x507/0xc20
[  311.441501][T11057]  wiphy_register+0x1dad/0x2ae0
[  311.446378][T11057]  ? cfg80211_event_work+0x40/0x40
[  311.451492][T11057]  ? minstrel_ht_alloc+0x88a/0x990
[  311.456615][T11057]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  311.462774][T11057]  ieee80211_register_hw+0x3464/0x4250
[  311.468270][T11057]  ? ieee80211_tasklet_handler+0x20/0x20
[  311.473926][T11057]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  311.479823][T11057]  ? __debug_object_init+0xec/0x450
[  311.485026][T11057]  ? __asan_memset+0x22/0x40
[  311.489616][T11057]  ? __hrtimer_init+0x186/0x270
[  311.494471][T11057]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  311.500240][T11057]  ? mac80211_hwsim_free+0x220/0x220
[  311.505710][T11057]  ? rcu_is_watching+0x15/0xb0
[  311.510472][T11057]  ? kstrndup+0xbd/0x140
[  311.514727][T11057]  hwsim_new_radio_nl+0xdc9/0x1a90
[  311.519933][T11057]  ? __nla_validate+0x50/0x50
[  311.524634][T11057]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  311.530974][T11057]  ? __nla_parse+0x40/0x50
[  311.535397][T11057]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  311.541819][T11057]  genl_family_rcv_msg_doit+0x211/0x310
[  311.547372][T11057]  ? end_current_label_crit_section+0x170/0x170
[  311.553623][T11057]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  311.559525][T11057]  ? bpf_lsm_capable+0x9/0x10
[  311.564205][T11057]  ? security_capable+0x89/0xb0
[  311.569056][T11057]  genl_rcv_msg+0x619/0x7a0
[  311.573676][T11057]  ? genl_bind+0x360/0x360
[  311.578122][T11057]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  311.584476][T11057]  netlink_rcv_skb+0x241/0x4d0
[  311.589257][T11057]  ? genl_bind+0x360/0x360
[  311.593681][T11057]  ? netlink_ack+0x1180/0x1180
[  311.598450][T11057]  ? __lock_acquire+0x7d40/0x7d40
[  311.603472][T11057]  ? net_generic+0x1e/0x240
[  311.608008][T11057]  ? down_read+0x1ac/0x2e0
[  311.612500][T11057]  genl_rcv+0x28/0x40
[  311.616483][T11057]  netlink_unicast+0x751/0x8d0
[  311.621253][T11057]  netlink_sendmsg+0x8d0/0xbf0
[  311.626114][T11057]  ? netlink_getsockopt+0x590/0x590
[  311.631320][T11057]  ? aa_sock_msg_perm+0x94/0x150
[  311.636278][T11057]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  311.641664][T11057]  ? security_socket_sendmsg+0x80/0xa0
[  311.647307][T11057]  ? netlink_getsockopt+0x590/0x590
[  311.652514][T11057]  ____sys_sendmsg+0x5ba/0x960
[  311.657373][T11057]  ? __asan_memset+0x22/0x40
[  311.661966][T11057]  ? __sys_sendmsg_sock+0x30/0x30
[  311.667014][T11057]  ? __import_iovec+0x5f2/0x850
[  311.671885][T11057]  ? import_iovec+0x73/0xa0
[  311.676397][T11057]  ___sys_sendmsg+0x2a6/0x360
[  311.681082][T11057]  ? __sys_sendmsg+0x2a0/0x2a0
[  311.685882][T11057]  __se_sys_sendmsg+0x1c2/0x2b0
[  311.690735][T11057]  ? __x64_sys_sendmsg+0x80/0x80
[  311.695799][T11057]  ? lockdep_hardirqs_on+0x98/0x150
[  311.701015][T11057]  do_syscall_64+0x55/0xa0
[  311.705434][T11057]  ? clear_bhb_loop+0x40/0x90
[  311.710113][T11057]  ? clear_bhb_loop+0x40/0x90
[  311.714796][T11057]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.720688][T11057] RIP: 0033:0x7f5cb4b9acb9
[  311.725113][T11057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  311.744750][T11057] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.753170][T11057] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  311.761141][T11057] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  311.769110][T11057] RBP: 00007f5cb4c08bf7 R08: 0000000000000000 R09: 0000000000000000
[  311.777077][T11057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.785064][T11057] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  311.793050][T11057]  </TASK>
[  311.805307][T11061] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1842'.
[  311.838809][T11061] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1842'.
[  311.865104][T11058] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1842'.
[  311.884145][T11064] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1842'.
[  311.920353][T11058] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1842'.
[  311.938703][T11058] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  311.953196][T11058] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  312.027566][T11060] netlink: 'syz.0.1843': attribute type 10 has an invalid length.
[  312.049723][T11060] batman_adv: batadv0: Adding interface: virt_wifi0
[  312.057179][T11060] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.084551][T11060] batman_adv: batadv0: Interface activated: virt_wifi0
[  312.426893][T11070] IPv6: Can't replace route, no match found
[  312.496400][T11079] netlink: 'syz.1.1849': attribute type 10 has an invalid length.
[  312.505999][T11079] team0: Device veth1_macvtap failed to register rx_handler
[  313.005324][T11093] netlink: 'syz.0.1862': attribute type 10 has an invalid length.
[  313.793450][T11108] bond_slave_1: mtu less than device minimum
[  313.809198][T11109] __nla_validate_parse: 2 callbacks suppressed
[  313.809245][T11109] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1857'.
[  314.017075][ T5773] Bluetooth: hci3: unexpected subevent 0x01 length: 150 > 18
[  314.166120][T11121] netlink: 'syz.2.1863': attribute type 10 has an invalid length.
[  314.415267][T11125] FAULT_INJECTION: forcing a failure.
[  314.415267][T11125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.451455][T11125] CPU: 0 PID: 11125 Comm: syz.2.1864 Not tainted syzkaller #0
[  314.458984][T11125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  314.469153][T11125] Call Trace:
[  314.472462][T11125]  <TASK>
[  314.475417][T11125]  dump_stack_lvl+0x18c/0x250
[  314.480218][T11125]  ? show_regs_print_info+0x20/0x20
[  314.485429][T11125]  ? load_image+0x400/0x400
[  314.490039][T11125]  ? __might_fault+0xaa/0x120
[  314.494728][T11125]  ? __lock_acquire+0x7d40/0x7d40
[  314.499768][T11125]  should_fail_ex+0x39d/0x4d0
[  314.504469][T11125]  _copy_from_iter+0x1d9/0x12e0
[  314.509438][T11125]  ? __might_fault+0xaa/0x120
[  314.514128][T11125]  ? _copy_from_iter+0x24e/0x12e0
[  314.519163][T11125]  ? __virt_addr_valid+0x18c/0x540
[  314.524285][T11125]  ? __lock_acquire+0x7d40/0x7d40
[  314.529340][T11125]  ? copyout_mc+0x70/0x70
[  314.533734][T11125]  ? copyout_mc+0x70/0x70
[  314.538100][T11125]  ? __virt_addr_valid+0x18c/0x540
[  314.543264][T11125]  ? page_copy_sane+0x16a/0x270
[  314.548159][T11125]  copy_page_from_iter+0x7b/0x100
[  314.553232][T11125]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  314.559086][T11125]  tun_get_user+0x15db/0x3ca0
[  314.563808][T11125]  ? aa_file_perm+0x11b/0xee0
[  314.568522][T11125]  ? rcu_read_unlock+0xa0/0xa0
[  314.573327][T11125]  ? tun_get+0x1c/0x2e0
[  314.577508][T11125]  ? __lock_acquire+0x7d40/0x7d40
[  314.582563][T11125]  ? tun_get+0x1c/0x2e0
[  314.586750][T11125]  tun_chr_write_iter+0x119/0x200
[  314.591812][T11125]  vfs_write+0x46c/0x990
[  314.596084][T11125]  ? file_end_write+0x250/0x250
[  314.600938][T11125]  ? __fget_files+0x43d/0x4b0
[  314.605634][T11125]  ? __fdget_pos+0x1d8/0x330
[  314.610262][T11125]  ? ksys_write+0x75/0x260
[  314.614699][T11125]  ksys_write+0x150/0x260
[  314.619044][T11125]  ? __ia32_sys_read+0x90/0x90
[  314.623840][T11125]  ? lockdep_hardirqs_on+0x98/0x150
[  314.629158][T11125]  do_syscall_64+0x55/0xa0
[  314.633602][T11125]  ? clear_bhb_loop+0x40/0x90
[  314.638332][T11125]  ? clear_bhb_loop+0x40/0x90
[  314.643125][T11125]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.649227][T11125] RIP: 0033:0x7effb8f9acb9
[  314.653706][T11125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.673515][T11125] RSP: 002b:00007effb9eee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  314.681958][T11125] RAX: ffffffffffffffda RBX: 00007effb9215fa0 RCX: 00007effb8f9acb9
[  314.689963][T11125] RDX: 000000000000fdef RSI: 0000200000000580 RDI: 00000000000000c8
[  314.697963][T11125] RBP: 00007effb9eee090 R08: 0000000000000000 R09: 0000000000000000
[  314.706055][T11125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  314.714041][T11125] R13: 00007effb9216038 R14: 00007effb9215fa0 R15: 00007ffca1e1c818
[  314.722115][T11125]  </TASK>
[  314.893735][T11136] netlink: 'syz.0.1868': attribute type 10 has an invalid length.
[  315.149495][T11148] netlink: 'syz.0.1873': attribute type 10 has an invalid length.
[  315.951808][T11158] IPv6: NLM_F_REPLACE set, but no existing node found!
[  316.109430][T11158] batman_adv: batadv0: Removing interface: batadv_slave_0
[  316.182065][T11158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  316.210858][T11158] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.284353][T11158] batman_adv: batadv0: Removing interface: hsr_slave_1
[  316.679158][T11158] bond0: (slave batadv0): Releasing backup interface
[  316.717302][T11158] batadv0 (unregistering): left promiscuous mode
[  316.751295][T11178] netlink: 'syz.0.1882': attribute type 10 has an invalid length.
[  316.859809][T11187] netlink: 'syz.3.1885': attribute type 10 has an invalid length.
[  317.043122][T11195] FAULT_INJECTION: forcing a failure.
[  317.043122][T11195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.060205][T11195] CPU: 0 PID: 11195 Comm: syz.3.1887 Not tainted syzkaller #0
[  317.067710][T11195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  317.078051][T11195] Call Trace:
[  317.081330][T11195]  <TASK>
[  317.084272][T11195]  dump_stack_lvl+0x18c/0x250
[  317.089041][T11195]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  317.095194][T11195]  ? show_regs_print_info+0x20/0x20
[  317.100393][T11195]  ? load_image+0x400/0x400
[  317.104902][T11195]  should_fail_ex+0x39d/0x4d0
[  317.109587][T11195]  _copy_to_user+0x2f/0xa0
[  317.114091][T11195]  bpf_verifier_vlog+0x2fa/0x870
[  317.119038][T11195]  __btf_verifier_log+0xe3/0x140
[  317.123984][T11195]  ? btf_check_sec_info+0x350/0x350
[  317.129182][T11195]  ? __lock_acquire+0x7d40/0x7d40
[  317.134203][T11195]  ? btf_parse_hdr+0x1f5/0x710
[  317.138963][T11195]  btf_parse_hdr+0x3b6/0x710
[  317.143552][T11195]  btf_new_fd+0x397/0x9f0
[  317.147887][T11195]  ? bpf_btf_show_fdinfo+0x80/0x80
[  317.152997][T11195]  ? capable+0x88/0xe0
[  317.157075][T11195]  __sys_bpf+0x670/0x890
[  317.161323][T11195]  ? bpf_link_show_fdinfo+0x390/0x390
[  317.166703][T11195]  ? lock_chain_count+0x20/0x20
[  317.171608][T11195]  __x64_sys_bpf+0x7c/0x90
[  317.176042][T11195]  do_syscall_64+0x55/0xa0
[  317.180472][T11195]  ? clear_bhb_loop+0x40/0x90
[  317.185156][T11195]  ? clear_bhb_loop+0x40/0x90
[  317.189923][T11195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  317.195823][T11195] RIP: 0033:0x7f5cb4b9acb9
[  317.200239][T11195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  317.219868][T11195] RSP: 002b:00007f5cb5aef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  317.228386][T11195] RAX: ffffffffffffffda RBX: 00007f5cb4e15fa0 RCX: 00007f5cb4b9acb9
[  317.236381][T11195] RDX: 0000000000000028 RSI: 00002000000003c0 RDI: 0000000000000012
[  317.244371][T11195] RBP: 00007f5cb5aef090 R08: 0000000000000000 R09: 0000000000000000
[  317.252349][T11195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.260344][T11195] R13: 00007f5cb4e16038 R14: 00007f5cb4e15fa0 R15: 00007ffe34064748
[  317.268354][T11195]  </TASK>
[  317.417508][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  317.434385][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  318.504879][T11231] netlink: 'syz.3.1898': attribute type 10 has an invalid length.
[  318.531294][T11231] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1898'.
[  318.542411][T11231] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[  318.549734][T11231] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  318.564646][T11231] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  318.635671][T11234] netlink: 'syz.0.1900': attribute type 2 has an invalid length.
[  318.645543][T11234] netlink: 17267 bytes leftover after parsing attributes in process `syz.0.1900'.
[  318.935219][T11245] netlink: 'syz.0.1911': attribute type 10 has an invalid length.
[  319.076165][T11245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.092992][T11245] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  319.154294][T11252] bond0: entered promiscuous mode
[  319.180179][T11252] bond_slave_0: entered promiscuous mode
[  319.201619][T11252] bond_slave_1: entered promiscuous mode
[  319.209852][T11252] bridge0: entered promiscuous mode
[  319.225209][T11252] batadv0: entered promiscuous mode
[  319.583481][T11262] netlink: 'syz.3.1906': attribute type 4 has an invalid length.
[  319.591572][T11262] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1906'.
[  319.601016][T11262] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  319.798156][T11266] netlink: 'syz.1.1910': attribute type 39 has an invalid length.
[  320.183754][T11278] netlink: 'syz.0.1914': attribute type 10 has an invalid length.
[  320.191703][T11278] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1914'.
[  320.209271][T11278] veth0_vlan: entered allmulticast mode
[  320.227192][T11278] bridge0: port 3(veth0_vlan) entered blocking state
[  320.243902][T11278] bridge0: port 3(veth0_vlan) entered disabled state
[  320.255021][T11278] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  320.757389][T11295] netlink: 'syz.1.1918': attribute type 10 has an invalid length.
[  320.891020][T11295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.947212][T11295] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  321.094864][T11302] bond0: entered promiscuous mode
[  321.103948][T11302] bond_slave_0: entered promiscuous mode
[  321.109776][T11302] bond_slave_1: entered promiscuous mode
[  321.157107][T11302] batadv0: entered promiscuous mode
[  321.586064][T11323] netlink: 'syz.0.1927': attribute type 39 has an invalid length.
[  322.326031][T11321] netlink: 'syz.1.1924': attribute type 4 has an invalid length.
[  322.354191][T11321] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1924'.
[  322.428954][T11321] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  323.079520][T11352] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1936'.
[  338.875304][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  338.885040][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  338.893088][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  338.901353][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  338.909201][   T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  338.916825][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  338.977868][T11361] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1938'.
[  339.822517][T11363] chnl_net:caif_netlink_parms(): no params data found
[  339.954959][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  339.965517][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  339.973846][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  339.983853][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  339.995565][   T51] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  340.003166][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  340.273311][T11363] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.287802][T11363] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.298813][T11363] bridge_slave_0: entered allmulticast mode
[  340.310466][T11363] bridge_slave_0: entered promiscuous mode
[  340.344084][T11363] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.358462][T11363] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.368532][T11363] bridge_slave_1: entered allmulticast mode
[  340.386760][T11363] bridge_slave_1: entered promiscuous mode
[  340.485491][T11363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  340.511447][T11363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.581415][T11363] team0: Port device team_slave_0 added
[  340.599427][T11363] team0: Port device team_slave_1 added
[  341.013925][   T51] Bluetooth: hci4: command tx timeout
[  342.053806][   T51] Bluetooth: hci5: command tx timeout
[  343.093817][   T51] Bluetooth: hci4: command tx timeout
[  344.133761][   T51] Bluetooth: hci5: command tx timeout
[  345.173763][   T51] Bluetooth: hci4: command tx timeout
[  346.213779][   T51] Bluetooth: hci5: command tx timeout
[  347.253759][   T51] Bluetooth: hci4: command tx timeout
[  348.293711][   T51] Bluetooth: hci5: command tx timeout
[  354.134970][ T5773] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  354.145160][ T5773] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  354.153729][ T5773] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  354.162278][ T5773] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  354.171562][ T5773] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  354.179205][ T5773] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  354.456406][   T51] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  354.472077][   T51] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  354.480725][   T51] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  354.494879][   T51] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  354.504400][   T51] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  354.511776][   T51] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  356.214265][   T51] Bluetooth: hci6: command tx timeout
[  356.533997][   T51] Bluetooth: hci7: command tx timeout
[  358.295442][   T51] Bluetooth: hci6: command tx timeout
[  358.613821][   T51] Bluetooth: hci7: command tx timeout
[  360.373993][   T51] Bluetooth: hci6: command tx timeout
[  360.693839][   T51] Bluetooth: hci7: command tx timeout
[  362.454793][   T51] Bluetooth: hci6: command tx timeout
[  362.773786][   T51] Bluetooth: hci7: command tx timeout
[  400.024868][ T5777] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  400.040797][ T5777] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  400.050193][ T5777] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  400.058986][ T5777] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  400.074292][ T5777] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  400.082597][ T5777] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  400.196026][ T5777] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  400.221636][ T5777] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  400.232372][ T5777] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  400.242187][ T5777] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  400.254201][ T5777] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  400.264454][ T5777] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  402.133866][ T5777] Bluetooth: hci8: command tx timeout
[  402.294026][ T5777] Bluetooth: hci9: command tx timeout
[  404.213855][ T5777] Bluetooth: hci8: command tx timeout
[  404.374326][ T5777] Bluetooth: hci9: command tx timeout
[  406.293876][ T5777] Bluetooth: hci8: command tx timeout
[  406.453943][ T5777] Bluetooth: hci9: command tx timeout
[  408.373800][ T5777] Bluetooth: hci8: command tx timeout
[  408.534062][ T5777] Bluetooth: hci9: command tx timeout
[  415.196839][   T51] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  415.206235][   T51] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  415.214907][   T51] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  415.224199][   T51] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  415.232021][   T51] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  415.239993][   T51] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  415.289316][   T51] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  415.299536][   T51] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  415.307887][   T51] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  415.317554][   T51] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  415.325442][   T51] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  415.332912][   T51] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  417.333874][   T51] Bluetooth: hci11: command tx timeout
[  417.418539][   T51] Bluetooth: hci10: command tx timeout
[  419.413982][   T51] Bluetooth: hci11: command tx timeout
[  419.493981][   T51] Bluetooth: hci10: command tx timeout
[  421.493745][   T51] Bluetooth: hci11: command tx timeout
[  421.573950][   T51] Bluetooth: hci10: command tx timeout
[  423.573748][   T51] Bluetooth: hci11: command tx timeout
[  423.654155][ T5777] Bluetooth: hci10: command tx timeout
[  427.338916][ T5777] Bluetooth: hci1: command 0x0406 tx timeout
[  428.433607][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  428.440302][    C0] rcu: 	0-....: (10501 ticks this GP) idle=46ac/1/0x4000000000000000 softirq=33982/33982 fqs=5188
[  428.451855][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  428.458256][    C0] rcu: 	 number:  1536769          0            0
[  428.464824][    C0] rcu: 	cputime:    26177      26322           31   ==> 52510(ms)
[  428.472609][    C0] rcu: 	(t=10502 jiffies g=40393 q=3045 ncpus=2)
[  428.478959][    C0] CPU: 0 PID: 11349 Comm: syz.2.1935 Not tainted syzkaller #0
[  428.486421][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  428.496471][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xc0/0x120
[  428.502968][    C0] Code: c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 41 c6 04 07 f8 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> bb ca ce f6 65 8b 05 ac 00 76 75 85 c0 74 3c 48 c7 04 24 0e 36
[  428.522573][    C0] RSP: 0018:ffffc90000007180 EFLAGS: 00000206
[  428.528637][    C0] RAX: dffffc0000000004 RBX: 0000000000000a06 RCX: 3e3cf38a0ba09c00
[  428.536606][    C0] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: 0000000000000001
[  428.544670][    C0] RBP: ffffc90000007208 R08: ffffffff911be607 R09: 1ffffffff2237cc0
[  428.552632][    C0] R10: dffffc0000000000 R11: fffffbfff2237cc1 R12: dffffc0000000000
[  428.560599][    C0] R13: ffff888041b47a80 R14: ffffffff9747de10 R15: 1ffff92000000e30
[  428.568572][    C0] FS:  00007effb9ecd6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  428.577496][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  428.584085][    C0] CR2: 00007f18659de2f8 CR3: 000000002f2e6000 CR4: 00000000003506f0
[  428.592077][    C0] DR0: 0000000000000000 DR1: 8000000000000000 DR2: 8000000000000000
[  428.600054][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  428.608025][    C0] Call Trace:
[  428.611316][    C0]  <IRQ>
[  428.614157][    C0]  ? _raw_spin_unlock+0x40/0x40
[  428.619095][    C0]  debug_check_no_obj_freed+0x51f/0x540
[  428.624645][    C0]  slab_free_freelist_hook+0xd2/0x1a0
[  428.630020][    C0]  ? skb_release_data+0x60a/0x800
[  428.635134][    C0]  kmem_cache_free+0xf8/0x270
[  428.639822][    C0]  skb_release_data+0x60a/0x800
[  428.644678][    C0]  kfree_skb_list_reason+0x264/0x460
[  428.650059][    C0]  ? kfree_skb_reason+0x170/0x170
[  428.655103][    C0]  ? do_raw_spin_unlock+0x121/0x230
[  428.660295][    C0]  ? __dev_queue_xmit+0x26b/0x36b0
[  428.665403][    C0]  __dev_queue_xmit+0x1fd6/0x36b0
[  428.670425][    C0]  ? __dev_queue_xmit+0x26b/0x36b0
[  428.675533][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  428.680723][    C0]  ? read_seqbegin+0x1c8/0x270
[  428.685477][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  428.690754][    C0]  ? neigh_event_send+0x110/0x110
[  428.695777][    C0]  ? netdev_core_pick_tx+0x340/0x340
[  428.701052][    C0]  ? __asan_memcpy+0x40/0x70
[  428.705642][    C0]  ? eth_header+0x11b/0x200
[  428.710142][    C0]  ? llc_sysctl_exit+0x70/0x70
[  428.714898][    C0]  ? neigh_resolve_output+0x618/0x730
[  428.720272][    C0]  ip6_finish_output2+0xe3d/0x1630
[  428.725388][    C0]  ? ip6_finish_output2+0x645/0x1630
[  428.730666][    C0]  ? ip6_mtu+0x7d/0x3f0
[  428.734820][    C0]  ? nf_hook+0x390/0x390
[  428.739142][    C0]  ? ip6_finish_output+0x57b/0x820
[  428.744254][    C0]  ndisc_send_skb+0xc26/0x14f0
[  428.749013][    C0]  ? ndisc_send_skb+0x1f5/0x14f0
[  428.753945][    C0]  ? ndisc_mc_map+0x680/0x680
[  428.758610][    C0]  ? skb_dst+0xd0/0xd0
[  428.762684][    C0]  addrconf_rs_timer+0x2d5/0x630
[  428.767633][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  428.773787][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  428.779772][    C0]  call_timer_fn+0x189/0x540
[  428.784352][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  428.790422][    C0]  ? call_timer_fn+0xd2/0x540
[  428.795089][    C0]  ? __run_timers+0x800/0x800
[  428.799772][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  428.805837][    C0]  __run_timers+0x542/0x800
[  428.810338][    C0]  ? detach_timer+0x2b0/0x2b0
[  428.815014][    C0]  run_timer_softirq+0x67/0xf0
[  428.819770][    C0]  handle_softirqs+0x280/0x820
[  428.824617][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  428.829383][    C0]  ? do_softirq+0x1a0/0x1a0
[  428.833890][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  428.839085][    C0]  __irq_exit_rcu+0xd3/0x190
[  428.843663][    C0]  ? irq_exit_rcu+0x20/0x20
[  428.848170][    C0]  irq_exit_rcu+0x9/0x20
[  428.852403][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  428.858029][    C0]  </IRQ>
[  428.860952][    C0]  <TASK>
[  428.863884][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  428.869862][    C0] RIP: 0010:generic_exec_single+0x481/0x4f0
[  428.875752][    C0] Code: 75 11 e8 02 02 0b 00 48 85 db 75 16 e8 f8 01 0b 00 eb 15 e8 f1 01 0b 00 e8 8c fa 07 09 48 85 db 74 ea e8 e2 01 0b 00 fb 31 c0 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 2c 00 00 00 00 43 c7 44 2c 08
[  428.895456][    C0] RSP: 0018:ffffc90003647a00 EFLAGS: 00000246
[  428.901519][    C0] RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000080000
[  428.909486][    C0] RDX: ffffc9000f060000 RSI: 0000000000002e51 RDI: 0000000000002e52
[  428.917448][    C0] RBP: ffffc90003647ad0 R08: ffffffff911be5ff R09: 1ffffffff2237cbf
[  428.925414][    C0] R10: dffffc0000000000 R11: fffffbfff2237cc0 R12: 1ffff920006c8f44
[  428.933379][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920006c8f65
[  428.941359][    C0]  ? event_function+0x300/0x300
[  428.946207][    C0]  ? smp_call_function_single+0x5a0/0x5a0
[  428.951936][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  428.957914][    C0]  ? lock_chain_count+0x20/0x20
[  428.962794][    C0]  ? percpu_counter_add_batch+0x259/0x2a0
[  428.968537][    C0]  ? smp_call_function_single+0xb0/0x5a0
[  428.974181][    C0]  smp_call_function_single+0x36d/0x5a0
[  428.979799][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  428.984993][    C0]  ? event_function+0x300/0x300
[  428.989842][    C0]  ? flush_smp_call_function_queue+0x250/0x250
[  428.995990][    C0]  ? event_function+0x300/0x300
[  429.000841][    C0]  perf_install_in_context+0x5be/0x920
[  429.006305][    C0]  ? exclusive_event_installable+0x2c0/0x2c0
[  429.012278][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  429.017466][    C0]  ? add_event_to_ctx+0x1180/0x1180
[  429.022657][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  429.028813][    C0]  __se_sys_perf_event_open+0x1836/0x1c50
[  429.034537][    C0]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  429.040178][    C0]  ? __x64_sys_perf_event_open+0x20/0xc0
[  429.045891][    C0]  do_syscall_64+0x55/0xa0
[  429.050336][    C0]  ? clear_bhb_loop+0x40/0x90
[  429.055006][    C0]  ? clear_bhb_loop+0x40/0x90
[  429.059677][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  429.065560][    C0] RIP: 0033:0x7effb8f9acb9
[  429.070022][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  429.089642][    C0] RSP: 002b:00007effb9ecd028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  429.098061][    C0] RAX: ffffffffffffffda RBX: 00007effb9216090 RCX: 00007effb8f9acb9
[  429.106031][    C0] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000140
[  429.114085][    C0] RBP: 00007effb9008bf7 R08: 0000000000000002 R09: 0000000000000000
[  429.122048][    C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  429.130028][    C0] R13: 00007effb9216128 R14: 00007effb9216090 R15: 00007ffca1e1c818
[  429.138031][    C0]  </TASK>
[  429.184028][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  429.190383][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  432.966801][ T2966] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.041876][ T2966] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.129181][ T2966] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.175534][ T2966] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.333236][ T2966] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.409405][ T2966] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.491214][ T2966] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.599771][ T2966] team0: Port device netdevsim0 removed
[  433.609712][ T2966] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.798231][ T2966] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.881457][ T2966] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.947781][ T2966] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.045339][ T2966] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.238010][ T2966] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.350988][ T2966] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.422091][ T2966] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.504662][ T2966] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.899530][ T2966] 
[  437.901923][ T2966] ======================================================
[  437.908960][ T2966] WARNING: possible circular locking dependency detected
[  437.916012][ T2966] syzkaller #0 Not tainted
[  437.920452][ T2966] ------------------------------------------------------
[  437.927490][ T2966] kworker/u4:10/2966 is trying to acquire lock:
[  437.933739][ T2966] ffff88807cbccd00 (team->team_lock_key){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  437.943168][ T2966] 
[  437.943168][ T2966] but task is already holding lock:
[  437.950540][ T2966] ffff88805e320768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  437.960928][ T2966] 
[  437.960928][ T2966] which lock already depends on the new lock.
[  437.960928][ T2966] 
[  437.971428][ T2966] 
[  437.971428][ T2966] the existing dependency chain (in reverse order) is:
[  437.980458][ T2966] 
[  437.980458][ T2966] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  437.988223][ T2966]        __mutex_lock+0x136/0xcc0
[  437.993363][ T2966]        ieee80211_open+0x144/0x200
[  437.998584][ T2966]        __dev_open+0x2cb/0x430
[  438.003461][ T2966]        dev_open+0xab/0x190
[  438.008062][ T2966]        team_add_slave+0xaf8/0x26d0
[  438.013367][ T2966]        do_setlink+0xdfe/0x4130
[  438.018314][ T2966]        rtnl_newlink+0x17da/0x20a0
[  438.023529][ T2966]        rtnetlink_rcv_msg+0x869/0xfa0
[  438.029004][ T2966]        netlink_rcv_skb+0x241/0x4d0
[  438.034316][ T2966]        netlink_unicast+0x751/0x8d0
[  438.039629][ T2966]        netlink_sendmsg+0x8d0/0xbf0
[  438.044932][ T2966]        ____sys_sendmsg+0x5ba/0x960
[  438.050238][ T2966]        ___sys_sendmsg+0x2a6/0x360
[  438.055458][ T2966]        __se_sys_sendmsg+0x1c2/0x2b0
[  438.060893][ T2966]        do_syscall_64+0x55/0xa0
[  438.065851][ T2966]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  438.072277][ T2966] 
[  438.072277][ T2966] -> #0 (team->team_lock_key){+.+.}-{3:3}:
[  438.080287][ T2966]        __lock_acquire+0x2df1/0x7d40
[  438.085698][ T2966]        lock_acquire+0x19e/0x420
[  438.090736][ T2966]        __mutex_lock+0x136/0xcc0
[  438.095784][ T2966]        team_del_slave+0x32/0x1c0
[  438.100900][ T2966]        team_device_event+0x28d/0xa20
[  438.106419][ T2966]        notifier_call_chain+0x197/0x380
[  438.112032][ T2966]        unregister_netdevice_many_notify+0x100d/0x1900
[  438.118962][ T2966]        unregister_netdevice_queue+0x32c/0x370
[  438.125187][ T2966]        _cfg80211_unregister_wdev+0x16b/0x580
[  438.131313][ T2966]        ieee80211_remove_interfaces+0x49e/0x690
[  438.137616][ T2966]        ieee80211_unregister_hw+0x5d/0x2a0
[  438.143498][ T2966]        mac80211_hwsim_del_radio+0x289/0x480
[  438.149637][ T2966]        hwsim_exit_net+0x58d/0x650
[  438.154821][ T2966]        cleanup_net+0x70a/0xbb0
[  438.159919][ T2966]        process_scheduled_works+0xa5d/0x15d0
[  438.165969][ T2966]        worker_thread+0xa55/0xfc0
[  438.171061][ T2966]        kthread+0x2fa/0x390
[  438.175626][ T2966]        ret_from_fork+0x48/0x80
[  438.180548][ T2966]        ret_from_fork_asm+0x11/0x20
[  438.185812][ T2966] 
[  438.185812][ T2966] other info that might help us debug this:
[  438.185812][ T2966] 
[  438.196033][ T2966]  Possible unsafe locking scenario:
[  438.196033][ T2966] 
[  438.203474][ T2966]        CPU0                    CPU1
[  438.208830][ T2966]        ----                    ----
[  438.214191][ T2966]   lock(&rdev->wiphy.mtx);
[  438.218678][ T2966]                                lock(team->team_lock_key);
[  438.225942][ T2966]                                lock(&rdev->wiphy.mtx);
[  438.232948][ T2966]   lock(team->team_lock_key);
[  438.237759][ T2966] 
[  438.237759][ T2966]  *** DEADLOCK ***
[  438.237759][ T2966] 
[  438.245885][ T2966] 5 locks held by kworker/u4:10/2966:
[  438.251228][ T2966]  #0: ffff888017c73938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  438.262162][ T2966]  #1: ffffc9000c7a7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  438.272657][ T2966]  #2: ffffffff8e3b2ed0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[  438.282030][ T2966]  #3: ffffffff8e3bfe08 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  438.291929][ T2966]  #4: ffff88805e320768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x29a/0x690
[  438.302687][ T2966] 
[  438.302687][ T2966] stack backtrace:
[  438.308553][ T2966] CPU: 0 PID: 2966 Comm: kworker/u4:10 Not tainted syzkaller #0
[  438.316160][ T2966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  438.326194][ T2966] Workqueue: netns cleanup_net
[  438.330949][ T2966] Call Trace:
[  438.334298][ T2966]  <TASK>
[  438.337209][ T2966]  dump_stack_lvl+0x18c/0x250
[  438.341872][ T2966]  ? load_image+0x400/0x400
[  438.346354][ T2966]  ? show_regs_print_info+0x20/0x20
[  438.351533][ T2966]  ? print_circular_bug+0x12b/0x1a0
[  438.356750][ T2966]  check_noncircular+0x2fc/0x400
[  438.361690][ T2966]  ? print_deadlock_bug+0x5d0/0x5d0
[  438.366883][ T2966]  ? lockdep_lock+0xf5/0x230
[  438.371570][ T2966]  ? __lock_acquire+0x1347/0x7d40
[  438.376609][ T2966]  ? _find_first_zero_bit+0xd3/0x100
[  438.381877][ T2966]  __lock_acquire+0x2df1/0x7d40
[  438.386750][ T2966]  ? verify_lock_unused+0x140/0x140
[  438.391941][ T2966]  ? verify_lock_unused+0x140/0x140
[  438.397127][ T2966]  lock_acquire+0x19e/0x420
[  438.401793][ T2966]  ? team_del_slave+0x32/0x1c0
[  438.406555][ T2966]  ? __might_sleep+0xe0/0xe0
[  438.411183][ T2966]  ? read_lock_is_recursive+0x20/0x20
[  438.416553][ T2966]  __mutex_lock+0x136/0xcc0
[  438.421059][ T2966]  ? team_del_slave+0x32/0x1c0
[  438.425808][ T2966]  ? __lock_acquire+0x7d40/0x7d40
[  438.430808][ T2966]  ? rcu_is_watching+0x15/0xb0
[  438.435553][ T2966]  ? trace_contention_end+0x39/0xe0
[  438.440735][ T2966]  ? __mutex_lock+0x315/0xcc0
[  438.445397][ T2966]  ? team_del_slave+0x32/0x1c0