last executing test programs:

2.657710868s ago: executing program 1 (id=5678):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(r1, &(0x7f0000001280)={&(0x7f00000010c0)=@in6={0xa, 0x4e1b, 0x3, @remote, 0x5}, 0x80, 0x0}, 0x4c810)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33a2d912}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000010001000000000000"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYBLOB='&'], 0x10)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000000)={'erspan0\x00', 0x200})
close(r3)

2.638479618s ago: executing program 2 (id=5679):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000bc0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f0000000200)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>r2}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x11, 0x18, &(0x7f0000001a80)=ANY=[@ANYBLOB="180000000300000000000000030000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000080850000002d000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8=r4, @ANYRESDEC=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r5}, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000540)=""/229, 0xe5}], 0x1}, 0x40010002)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffd, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x3}, 0x2880, 0x4, 0x0, 0x0, 0x0, 0x40004, 0x8b04}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x3, r9, 0x7e0}, 0x38)
close(0x3)
write$cgroup_subtree(r8, &(0x7f0000000580)=ANY=[], 0xfdef)
r10 = gettid()
r11 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x6, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x7}, r10, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000180000000100000000000000", @ANYRES32, @ANYBLOB='s\x00\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000000000000000850000007d00000095"], 0x0}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r11, 0x40042408, r13)
r14 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r14, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r15 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r15, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r15, &(0x7f0000000040)=ANY=[], 0xfdef)

2.627501919s ago: executing program 0 (id=5680):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(r1, &(0x7f0000001280)={&(0x7f00000010c0)=@in6={0xa, 0x4e1b, 0x3, @remote, 0x5}, 0x80, 0x0}, 0x4c810)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33a2d912}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000010001000000000000"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

2.621993299s ago: executing program 3 (id=5681):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2, &(0x7f0000000000), 0x4) (fail_nth: 3)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000cc0)={0x3}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x8000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb0100180000000000000048000000480000000500000000000000000000090300000000000000000000010500000008000000000000000000000300000000020000000200c90e78740000000000000100000d0000000003"], 0x0, 0x65}, 0x28)
close(r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000003080)={r1, 0x0, 0x0, 0x1000, 0x0, &(0x7f0000001f00)=""/4096, 0xfff, 0x0, 0x41, 0x0, &(0x7f0000002f00)="dcf76fb323cd0bff0158b7c2a0801cfcbc655ef3cf5408cc843fc4d04ff6054dbdced4fdf21c16fba9fb2849494591240f68512e990d046e171754b8d24401dc65", 0x0, 0x1, 0x0, 0xba87}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b0b, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xa, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098e", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.103870615s ago: executing program 2 (id=5682):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x402, 0x0, 0xfffffffe, 0x0, 0x0, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xc}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x48}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)
close(r1)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2420, 0x0, 0x0, 0x3, 0x3, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0xf, 0x2, 0xff, 0x0, 0xfffffffffffffffd, 0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x1}, 0x81400, 0xca, 0xfffffffd, 0x5, 0xdf1e, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x5)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
r5 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xfffffffffffffffc}, 0x104101, 0x4, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/30], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYBLOB="3eca", @ANYRES8=r3], 0x9a)

2.090516595s ago: executing program 0 (id=5683):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, 0x0, 0x4, 0x1000, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000100)=r0, 0x120)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x22, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x4, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb}, 0x100000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000600)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000400), 0x12)
r3 = openat$cgroup_int(r1, &(0x7f0000000040)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000180)=0x3, 0x12)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x3, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f020000d706000020000000620a04ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x1000})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000080))

1.965610509s ago: executing program 1 (id=5684):
socket$kcm(0xa, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8993, &(0x7f0000000200)={'bond0\x00', @local})
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="86beed1a6155c29adeedadb97c7afccea5a05e0183c04d1511c759a2a255b255ec7ad5a43e27ed90774c4ea988631b5df1ac5a9c9c8c7422149cb77b9d37616fc4fa9ac842131fc9ce1d2837f29296bb1819e188ab5a2a0fb49549cbdef2fc79f025f0488030d440447e33d27ec5fe0c35332cb2b8bb55189ec6ad8af1c1bae00ba10bf90193f85098e1a8f2e30e6da3b1b48684689ea609830d3e1f5e2e2cd115a2cfb45723ad2cfef19502c08f06ac059b0534b860c30345bcd32bd28ba27276a405d39159c9ecffbb8cdc4821eb710ae4"], 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)="2e00000010008188040f46ecdb4cb9cca7480ef431000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x8, 0x2, 0x4}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r9 = getpid()
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0xa, 0x9, 0x2, 0x7, 0x0, 0x80, 0x40000, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x46, 0x2, @perf_bp={&(0x7f0000000140), 0x2}, 0x10000, 0x200, 0x8, 0x7, 0xf, 0x0, 0x0, 0x0, 0xc4c, 0x0, 0x9}, r9, 0x9, r8, 0x2)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r11, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400))

1.965349739s ago: executing program 3 (id=5685):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x7, 0x2, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0x5, &(0x7f0000000040), 0x4)
r1 = socket$kcm(0x10, 0x2, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000ec0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1e0000000000000000c400b5e4"], 0x20)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000000053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0c00, 0x0)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000100))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a868eaead4f19cdeb7cfc100ceabb4a3999cce5d36ecfe80def20f7187bab75515226f4d9b30e0567612210d492468781999ce795522b726bdf37b15e9afde32a7052cc909eb08cca312c557bff04cf1fbb0dcfe8ac00"/2832], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff4f, 0x0, 0xffffffffffffffff, 0xffffffffffffffc5}, 0x48)
sendmsg$tipc(r3, &(0x7f0000000400)={&(0x7f0000000180)=@name={0x1e, 0x2, 0x2, {{0x0, 0x2}, 0x2}}, 0x10, &(0x7f00000002c0)=[{&(0x7f00000001c0)="bd74f66ca5f80800d0756d6efe57596a83a05ef74541bb9e7b80f21d09b177c8435098a8f932", 0x26}, {&(0x7f0000000200)="fbcf522cf7a994f7aa7f75bbb17c00de48d731821b0d2f97bfb59db0f2b305e2213df4ee52443af36d6b7570e7e99a0306df798ef5e23f3ebc7047d65fe571dec62b16fe3ea665de17c6a9c614b5026a653847c70ac734fc7ee77e32626c94ab5710328d1999218f0096edba8f9d2074321237b538380e64faa185bff60322fc96d400a271290118e843444182b38ee77ca75b1c295cc81b69", 0x99}], 0x2, &(0x7f0000000300)="7dbaf84029955d381accbf8f301c919c9ba3b6ea547756089ccaee6e720fc11f21e12d979ef3e6bc157b7e1dce333e8bba1da4a0a8385fd3e5008c5f17330b68a872ad5a90eb2eef3d30e75ff2bb5addea1d48640f46475ab048364d540b5b52e2afc9b78657dff5d38f4d2f788f7327bf07c0b1ace465d18d50c1b9764ec0cb96b5e0397c242050d1246eb67028ad015aa4beb4e18812725d41d5cee96c10f2080e3c4f0c668e134a0fa2d00887511023cddc948ac5d91a737baa3954a0b32ef372bc53d177f22125ff46922b60ede9c344d90cec7ebbdf9ed419f6", 0xdc, 0x4040001}, 0x20000010)

1.839234023s ago: executing program 2 (id=5686):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710441000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8915, &(0x7f0000000580)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12t\x02\x006\xe3\xd7\\b\x00\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x01\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(\x04\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x02\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x04.\x9aL\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX\xf73\xa1\xa2\'\x00\x00\x00\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')

1.643233719s ago: executing program 3 (id=5687):
socket$kcm(0xa, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8993, &(0x7f0000000200)={'bond0\x00', @local})
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB, @ANYRES64=0x0], 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)="2e00000010008188040f46ecdb4cb9cca7480ef431000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x8, 0x2, 0x4}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r9 = getpid()
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0xa, 0x9, 0x2, 0x7, 0x0, 0x80, 0x40000, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x46, 0x2, @perf_bp={&(0x7f0000000140), 0x2}, 0x10000, 0x200, 0x8, 0x7, 0xf, 0x0, 0x0, 0x0, 0xc4c, 0x0, 0x9}, r9, 0x9, r8, 0x2)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r11, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400))

1.642871809s ago: executing program 0 (id=5688):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffde3)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0xc, 0x9, 0x0, 0x1, 0x2000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xc, 0x9, 0x0, 0x0, 0x80ffffff}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x5}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="1100000000000000004003000100000000000000000000001c00000000000000000f00fd08000000", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c0000000000000000078f0208000000", @ANYRES32=0x0, @ANYBLOB="a00500000000000000000000240000000000000000000000070000009404000044108800000000000000000000000000000000001100000000000000000000c2d63c67000000000000000000"], 0x98}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0110, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext={0x594f, 0x3}, 0x1041a1, 0xc, 0x9, 0x1, 0x0, 0x300, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f00000009c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@fwd={0x4}]}, {0x0, [0x3e, 0x0, 0x30, 0x5f, 0x2e]}}, 0x0, 0x2b, 0x0, 0x1}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000012002f8c35093f974b21b9", 0xf}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="1310000016"], 0xfe33)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
gettid()
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x80000001, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x746f2f51, &(0x7f0000000080)=[{&(0x7f0000000040)="3f0400001c00810ce00f80ecdb4cb9f207c804a01f000000030006fb0a0002000a0ada1b40d80300000000000000", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000005000000080000000f00000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000da6b1fe48cc1c63e7d221", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x50)
r6 = syz_clone(0x2016000, &(0x7f0000000340)="9eefcd80d5426655ddc98a8f80020d090a9dcac2e4ec69bc1b73add4834698556391304b4aa5c59f64f11d65d93b3701ea8931c734448c6cf236777a296a5d6d9003549c5b970b4e0cb875bd375edb2757c644fe6d882c27719a4290c04deeda8fd03bf60eec361e0ff595ea7575a8df33081cb8b6ff48e477d9c8563a39fb78825d82524827a7f4120d093f32d6d0948527a40de609dcd72dab248d42898fdcb72d223846950b571927251bdd2032f1a75223a4eb1e769c66b2cb1683a13a147c697c579c6bc85df5a7a694d23077f4b85ab691ed0e", 0xd6, &(0x7f0000000440), &(0x7f0000000500), &(0x7f0000000540)="f58b99a58cefdc2ebf245fe4704a778871ea6b476fd2d64131d57d82f3fffa11a8328030be528f50fbdaad0593b3de89e959f85fbfc33c")
r7 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000640)={&(0x7f0000000000)={0x2a, 0x0, @broadcast}, 0x10, 0x0}, 0x0)
close(r7)
syz_open_procfs$namespace(r6, &(0x7f0000000580)='ns/user\x00')
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8855b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xea37d383afb94786, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x80000000000, 0x9c, 0x0, 0x40000002, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)

1.61705517s ago: executing program 2 (id=5689):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0xa, 0x3, 0x3a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x10, 0x2}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000002ec0)=ANY=[@ANYBLOB="84010000000000009c110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f541cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebebf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff8279421778d4a914512ca803da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef00000000000000000000373494cd59e8ba04ec8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a4af7464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f952b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf41ba88c7eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d4f237dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b8667b4dd0c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x2080, 0x7c, 0x0, 0xa, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000001700)={0x0, 0xfffffffffffffe77, 0x0}, 0x20000010)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000001000000000000000000000085"], 0x0}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x890c, &(0x7f0000000100))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x64, &(0x7f00000009c0)=r1, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000003c0)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014009080c00000000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4)
recvmsg$kcm(r3, &(0x7f0000001640)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@ethernet={0x1, @random="2448c59403b4"}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0x2}], 0x1, 0x0, 0x0, 0x900}, 0x60)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x74, &(0x7f0000000040)=[{&(0x7f0000000000)="2000000020008107090f9becdb4cb96b02000020fd0000010064000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x0)
r4 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10d, 0xb, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x44934, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x3}, 0x104050, 0xc8, 0x2, 0x4, 0x6, 0x0, 0x211, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)

1.29805645s ago: executing program 2 (id=5690):
socket$kcm(0xa, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8993, &(0x7f0000000200)={'bond0\x00', @local})
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)="2e00000010008188040f46ecdb4cb9cca7480ef431000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x8, 0x2, 0x4}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r9 = getpid()
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0xa, 0x9, 0x2, 0x7, 0x0, 0x80, 0x40000, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x46, 0x2, @perf_bp={&(0x7f0000000140), 0x2}, 0x10000, 0x200, 0x8, 0x7, 0xf, 0x0, 0x0, 0x0, 0xc4c, 0x0, 0x9}, r9, 0x9, r8, 0x2)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r11, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400))

1.29568971s ago: executing program 1 (id=5698):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0xa, 0x3, 0x3a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{}], 0x10, 0x2}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000002ec0)=ANY=[@ANYBLOB="84010000000000009c110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f541cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebebf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff8279421778d4a914512ca803da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef00000000000000000000373494cd59e8ba04ec8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a4af7464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f952b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf41ba88c7eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d4f237dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b8667b4dd0c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x2080, 0x7c, 0x0, 0xa, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000001700)={0x0, 0xfffffffffffffe77, 0x0}, 0x20000010)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000001000000000000000000000085"], 0x0}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x890c, &(0x7f0000000100))
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x64, &(0x7f00000009c0)=r1, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000003c0)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014009080c00000000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4)
recvmsg$kcm(r3, &(0x7f0000001640)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@ethernet={0x1, @random="2448c59403b4"}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0x2}], 0x1, 0x0, 0x0, 0x900}, 0x60)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x74, &(0x7f0000000040)=[{&(0x7f0000000000)="2000000020008107090f9becdb4cb96b02000020fd0000010064000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x0)
r4 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10d, 0xb, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x44934, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x3}, 0x104050, 0xc8, 0x2, 0x4, 0x6, 0x0, 0x211, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)

1.248000941s ago: executing program 3 (id=5691):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(r1, &(0x7f0000001280)={&(0x7f00000010c0)=@in6={0xa, 0x4e1b, 0x3, @remote, 0x5}, 0x80, 0x0}, 0x4c810)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33a2d912}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000010001000000000000"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

931.961781ms ago: executing program 0 (id=5692):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
sendmsg$kcm(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f00000034c0)=[{&(0x7f0000000e00)="e6aa32d992d8a2500450a2cccb8d93473349242af364b2b1b2c8e76fa26376fab03e8832a2cb5a5fcfb1ae163e925630e6a841d8810aa931d441659a54b8bc2ccf739424c6ea9ce59d041cd86436", 0x4e}], 0x1, 0x0, 0x1100}, 0x10)

823.020954ms ago: executing program 3 (id=5693):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(r1, &(0x7f0000001280)={&(0x7f00000010c0)=@in6={0xa, 0x4e1b, 0x3, @remote, 0x5}, 0x80, 0x0}, 0x4c810)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33a2d912}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000010001000a00000001000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000010001000000000000"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f00000001c0)=""/155}, 0x20)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000780)='}', 0x1}], 0x1}, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000000)={'erspan0\x00', 0x200})
close(r3)

790.043586ms ago: executing program 0 (id=5694):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x402, 0x0, 0xfffffffe, 0x0, 0x0, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xc}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x48}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)
close(r1)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2420, 0x0, 0x0, 0x3, 0x3, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0xf, 0x2, 0xff, 0x0, 0xfffffffffffffffd, 0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x1}, 0x81400, 0xca, 0xfffffffd, 0x5, 0xdf1e, 0x400000, 0x0, 0x0, 0xe, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x5)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
r5 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xfffffffffffffffc}, 0x104101, 0x4, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYBLOB="3eca", @ANYRES8=r3], 0x9a)

743.930167ms ago: executing program 1 (id=5695):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, 0x0, 0x4, 0x1000, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000100)=r0, 0x120)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x22, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x4, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb}, 0x100000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891e, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000001540), 0x20)
socket$kcm(0xa, 0x6, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030017000b63d25a80648c2594f92e24fc60100c02", 0x17}], 0x1}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000029c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x800000, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000d000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7"], &(0x7f0000001680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180003000000000034000000340000000300000000000000000000030000000003000000020000000000000000000000000000010500000010000000010000000000000800000000005f"], 0x0, 0x4f}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x17, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000940)={r1, r1})

710.317268ms ago: executing program 2 (id=5696):
socket$kcm(0x10, 0x3, 0x10)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10006}]}, 0x94)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90224fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x9, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYBLOB="0000000000000000b7030000000000008500000087000000b7000000000000008500000008"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b06d25a806c8c6f94f90324fc600e0005000a000200053582c137153e3708000180040010500400", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffff56a, 0x100000000}, 0x250a, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf648d477cb1956d8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x4, 0x32, 0x43a1bd76, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r5 = socket$kcm(0x2, 0x5, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/221}, 0x20)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x4)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[], 0x12)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r4, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000180))
sendmsg$inet(r5, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1}, 0x3e8)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001600)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

582.984462ms ago: executing program 1 (id=5697):
socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r2)
sendmsg$tipc(r2, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)="174a8a1c08079feec019b8c7abf2e5046bd0", 0x12, 0x24000840}, 0x20040089)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x5, 0x1ff}, 0x0, 0xe5, 0x43a1bd72, 0x7, 0x9, 0x6, 0xffff, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x4, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000002240)=@generic={&(0x7f0000001240)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYBLOB="7f0000017f00000a0000000800786a00"/28, @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r6 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xf}, 0x104101, 0x4, 0x0, 0x8, 0x9, 0x10000000, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r7, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f0000000080)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0xef, &(0x7f00000001c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x38, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=r8, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000100000000000000010000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701000078ffffffb702000008000000b70300000008000085000000a0000000b7080000000000007b8af8ff00000000b7080000001000007b8af0ff00000000bfa100", @ANYRES32, @ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r9, 0x0, 0x8, 0x0, &(0x7f00000006c0)="0000000005000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f0000000180)=r0, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8948, &(0x7f0000000000)='lo:\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x00 \'Y\x17]\x15c\xcaR\xdd\x98OGK\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb7s\xb0\x00\x00\x00\x00\xf5\a\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'5\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0R\xd3\x8a\xe1n\x97\xea\xf1\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB\x01\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\tb\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18\x00\b\x00\x00Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xbf\xe3?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\fr\xf1\xec\xd9CD\x80\xb4^\x8cw;\x87\xea\x8c\x8bJ\x9a\x0ej\x8f\x8e^\xe6\xa6\xaa\x910\fD\xabFU\xa0D;\xd6\xd1\xeer\x9d\x02\xd9\xf7d`\xbfv\x15.\xe4\x82|)K\x99\x98&?\xcd\xe5\xa8\xba~$;g\t\x02\x84+\x90\xab\x816$/\x92\"\xef\xf7\x18\xfaE\xfe\xf7\n\xb2\x7fC\xbb\xbdg#F\n\vu\xe2\xe9\b\xa2\xf1\x94Fb\x92\xc9\xddP\xf0m35+\xdd\xac3\x00\xdd\xfb\b\xc0\x95\xe8\xa5\xec\x9e\xbfA\x7f\xff\xb8\xe2\xe2HNy$\xd4\xc6\x9dd\t\xf6\xed\x10\x15%\r\x1aD\f>\xdcZ\xb9\xd7Z\x88\x9b\xdff[\x90\xfa\x9a{b\xf4Dq')
sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c0503e0200001", @ANYRES64], 0x30}, 0x40880)

293.444621ms ago: executing program 0 (id=5699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fc0600000000000000000000850000004100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000eedcc49e23abcc5dc3cd38aa0e2c7d80b4a817e575b6978d8cf945ec", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b7040000020000008500000033000000850000000700000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x1d, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xd19}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_fd={0x18, 0x0, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xb8b5}}, @map_val={0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xfffffffa}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000900)='syzkaller\x00', 0x4, 0xbc, &(0x7f0000000940)=""/188, 0x41000, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000a40)={0x2, 0xa, 0x6, 0x80000000}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000a80)=[r2, r2, r2, r2, r2, r2, r2, r0, r2], &(0x7f0000000ac0)=[{0x2, 0x2, 0x6, 0x6}, {0x0, 0x4, 0x0, 0x6}, {0x4, 0x5, 0x6}, {0x0, 0x5, 0xa, 0x4}, {0x0, 0x1, 0xb, 0x6}, {0x1, 0x5, 0xe}, {0x0, 0x4}, {0x8, 0x5, 0x8, 0xc}, {0x4, 0x4, 0x3, 0x9}], 0x10, 0x6000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r3, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x50)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x78, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x107220, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r4 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000005, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x11540}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r6)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r1, 0x0, 0xff91, 0x0, &(0x7f0000000300)="0000091651c0eb9d3f1d1dd8a067fd32952be521c3772b0a1f82287f5f4afa3c46b2b59b6920900b5adb8de6b89f8fb04e3eed22335e825e621739c83a9855f06ccc9f2de25a4b2df3b65cf8637df6482eb42a0f3ac0878f8ddb842193", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r7 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0x1a, &(0x7f00000001c0)=[{&(0x7f0000000380)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00e517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb000011d600a0680d4bbd6df1db6f1078bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40000d0)

67.543497ms ago: executing program 3 (id=5700):
socket$kcm(0xa, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f00000010c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)='\\', 0x1}], 0x1}, 0x4000040)
sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000180)="84", 0x1}], 0x1}, 0x8040)
close(r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8993, &(0x7f0000000200)={'bond0\x00', @local})
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB, @ANYRES64=0x0], 0x20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000080)="2e00000010008188040f46ecdb4cb9cca7480ef431000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x8000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x8, 0x2, 0x4}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r9 = getpid()
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0xa, 0x9, 0x2, 0x7, 0x0, 0x80, 0x40000, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x46, 0x2, @perf_bp={&(0x7f0000000140), 0x2}, 0x10000, 0x200, 0x8, 0x7, 0xf, 0x0, 0x0, 0x0, 0xc4c, 0x0, 0x9}, r9, 0x9, r8, 0x2)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r11, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400))

0s ago: executing program 1 (id=5701):
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r0, &(0x7f0000000340)={&(0x7f00000002c0)=@in6={0xa, 0x4e23, 0x0, @loopback}, 0x80, &(0x7f0000000b00)}, 0x200ce0c0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xff97, &(0x7f0000000dc0)=[{&(0x7f0000000080)='\x00', 0x12}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x20040080)

kernel console output (not intermixed with test programs):

18.589173][T19445] RBP: 00007fc5d5d48090 R08: 0000000000000000 R09: 0000000000000000
[  818.597167][T19445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  818.605165][T19445] R13: 00007fc5d5016038 R14: 00007fc5d5015fa0 R15: 00007ffe7eb6fad8
[  818.613179][T19445]  </TASK>
[  818.977840][T19457] netlink: 'syz.2.4490': attribute type 21 has an invalid length.
[  819.011467][T19457] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4490'.
[  819.267994][T19467] netlink: 'syz.0.4494': attribute type 10 has an invalid length.
[  819.284854][T19467] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4494'.
[  819.443709][T19475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4496'.
[  819.670022][T19478] netlink: 192436 bytes leftover after parsing attributes in process `syz.0.4500'.
[  819.708481][T19478] openvswitch: netlink: Message has 20476 unknown bytes.
[  822.078722][T19490] __nla_validate_parse: 1 callbacks suppressed
[  822.078740][T19490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4512'.
[  822.213584][T19495] netlink: 'syz.1.4506': attribute type 21 has an invalid length.
[  822.230253][T19495] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4506'.
[  823.482955][T19513] FAULT_INJECTION: forcing a failure.
[  823.482955][T19513] name failslab, interval 1, probability 0, space 0, times 0
[  823.507347][T19513] CPU: 0 PID: 19513 Comm: syz.0.4514 Not tainted syzkaller #0
[  823.514919][T19513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  823.525059][T19513] Call Trace:
[  823.528406][T19513]  <TASK>
[  823.531422][T19513]  dump_stack_lvl+0x18c/0x250
[  823.536200][T19513]  ? show_regs_print_info+0x20/0x20
[  823.541519][T19513]  ? load_image+0x420/0x420
[  823.546131][T19513]  ? __lock_acquire+0x7d40/0x7d40
[  823.551265][T19513]  should_fail_ex+0x39d/0x4d0
[  823.556055][T19513]  should_failslab+0x9/0x20
[  823.560638][T19513]  slab_pre_alloc_hook+0x59/0x310
[  823.565772][T19513]  kmem_cache_alloc+0x5a/0x2d0
[  823.570789][T19513]  ? alloc_empty_file+0x9e/0x1d0
[  823.575831][T19513]  alloc_empty_file+0x9e/0x1d0
[  823.580706][T19513]  path_openat+0x113/0x3230
[  823.585287][T19513]  ? trace_call_bpf+0x5e9/0x6c0
[  823.590240][T19513]  ? trace_call_bpf+0xc3/0x6c0
[  823.595163][T19513]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  823.601057][T19513]  ? do_filp_open+0x430/0x430
[  823.605807][T19513]  ? perf_trace_lock+0x304/0x3b0
[  823.610847][T19513]  ? trace_event_raw_event_lock+0x250/0x250
[  823.616859][T19513]  do_filp_open+0x1f5/0x430
[  823.621430][T19513]  ? alloc_fd+0x58f/0x630
[  823.625853][T19513]  ? vfs_tmpfile+0x490/0x490
[  823.630599][T19513]  ? _raw_spin_unlock+0x28/0x40
[  823.635541][T19513]  ? alloc_fd+0x58f/0x630
[  823.639988][T19513]  do_sys_openat2+0x134/0x1d0
[  823.644753][T19513]  ? do_sys_open+0xe0/0xe0
[  823.649251][T19513]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  823.655315][T19513]  ? lock_chain_count+0x20/0x20
[  823.660260][T19513]  __x64_sys_openat+0x139/0x160
[  823.665212][T19513]  do_syscall_64+0x55/0xa0
[  823.669698][T19513]  ? clear_bhb_loop+0x40/0x90
[  823.674456][T19513]  ? clear_bhb_loop+0x40/0x90
[  823.679224][T19513]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  823.685194][T19513] RIP: 0033:0x7fc8d675d68e
[  823.689685][T19513] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  823.709370][T19513] RSP: 002b:00007fc8d766bec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  823.717874][T19513] RAX: ffffffffffffffda RBX: 00007fc8d766c6c0 RCX: 00007fc8d675d68e
[  823.725924][T19513] RDX: 0000000000000000 RSI: 00007fc8d766bf90 RDI: ffffffffffffff9c
[  823.733964][T19513] RBP: 00007fc8d766c090 R08: 0000000000000000 R09: 0000000000000000
[  823.742013][T19513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  823.750060][T19513] R13: 00007fc8d6a16038 R14: 00007fc8d6a15fa0 R15: 00007ffded8d1188
[  823.758160][T19513]  </TASK>
[  823.806712][T19517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4510'.
[  824.820594][T19536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4517'.
[  825.172697][T19542] netlink: 'syz.2.4520': attribute type 21 has an invalid length.
[  825.180765][T19542] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4520'.
[  825.344937][T19545] netlink: 'syz.1.4521': attribute type 10 has an invalid length.
[  825.352924][T19545] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4521'.
[  827.571149][T19575] netlink: 'syz.0.4530': attribute type 10 has an invalid length.
[  827.582684][T19575] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4530'.
[  827.618940][T19580] netlink: 'syz.1.4532': attribute type 21 has an invalid length.
[  827.628185][T19580] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4532'.
[  829.469834][T19610] netlink: 'syz.0.4543': attribute type 21 has an invalid length.
[  829.481447][T19610] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4543'.
[  829.918914][T19624] netlink: 'syz.1.4544': attribute type 10 has an invalid length.
[  829.942507][T19624] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4544'.
[  830.190634][T19632] hsr0: left allmulticast mode
[  830.202816][T19632] hsr_slave_0: left allmulticast mode
[  830.225956][T19632] hsr_slave_1: left allmulticast mode
[  830.260432][T19632] bridge0: port 4(hsr0) entered disabled state
[  831.089222][T19632] bridge0: port 3(batadv0) entered disabled state
[  831.098135][T19632] bridge_slave_1: left allmulticast mode
[  831.103961][T19632] bridge0: port 2(bridge_slave_1) entered disabled state
[  831.113629][T19632] bridge_slave_0: left allmulticast mode
[  831.119866][T19632] bridge_slave_0: left promiscuous mode
[  831.126186][T19632] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.312827][T19643] netlink: 'syz.3.4553': attribute type 21 has an invalid length.
[  831.321086][T19643] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4553'.
[  832.723173][T19665] netlink: 'syz.2.4561': attribute type 10 has an invalid length.
[  832.751572][T19665] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4561'.
[  832.775510][T19660] netlink: 'syz.1.4560': attribute type 10 has an invalid length.
[  832.783501][T19660] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4560'.
[  833.467374][T19679] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4565'.
[  836.754996][T13967] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  837.096504][T19727] netlink: 64859 bytes leftover after parsing attributes in process `syz.3.4583'.
[  837.165345][T19721] netlink: 'syz.3.4583': attribute type 21 has an invalid length.
[  837.850125][T19734] netlink: 'syz.1.4588': attribute type 10 has an invalid length.
[  837.871494][T19734] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4588'.
[  837.957721][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  837.970201][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  837.984554][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  837.998648][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  838.009448][   T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  838.018977][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  838.610619][T19737] chnl_net:caif_netlink_parms(): no params data found
[  838.644419][T13967] Bluetooth: hci4: unexpected subevent 0x0e length: 150 > 15
[  838.861550][T19737] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.869186][T19737] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.877419][T19737] bridge_slave_0: entered allmulticast mode
[  838.896537][T19737] bridge_slave_0: entered promiscuous mode
[  838.938411][T19737] bridge0: port 2(bridge_slave_1) entered blocking state
[  838.980192][T19737] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.991246][T19737] bridge_slave_1: entered allmulticast mode
[  839.006575][T19737] bridge_slave_1: entered promiscuous mode
[  839.107053][T16451] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.201861][T19737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  839.262452][T19737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  839.406890][T16451] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.452700][T19775] netlink: 'syz.0.4598': attribute type 10 has an invalid length.
[  839.468616][T19775] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4598'.
[  839.560179][T16451] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.599480][T19737] team0: Port device team_slave_0 added
[  839.612777][T19737] team0: Port device team_slave_1 added
[  839.659969][T19737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  839.669862][T19737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  839.696299][T19737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  839.710811][T19737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  839.719535][T19737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  839.746364][T19737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  839.790127][T13967] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  839.839851][T16451] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.925097][T19737] hsr_slave_0: entered promiscuous mode
[  839.955025][T19737] hsr_slave_1: entered promiscuous mode
[  840.124534][T13967] Bluetooth: hci1: command tx timeout
[  840.682144][T19737] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  840.692947][T19737] Cannot create hsr debugfs directory
[  841.075406][T19810] netlink: 'syz.0.4611': attribute type 10 has an invalid length.
[  841.202938][T19810] veth0_vlan: left promiscuous mode
[  841.222979][T19810] veth0_vlan: entered promiscuous mode
[  841.261863][T19810] team0: Device veth0_vlan failed to register rx_handler
[  841.828677][T19819] netlink: 'syz.3.4614': attribute type 10 has an invalid length.
[  841.900075][T19819] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4614'.
[  842.101747][T13967] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  842.204325][T13967] Bluetooth: hci1: command tx timeout
[  843.364399][T19843] netlink: 'syz.0.4619': attribute type 10 has an invalid length.
[  843.372309][T19843] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4619'.
[  843.584629][T19856] FAULT_INJECTION: forcing a failure.
[  843.584629][T19856] name failslab, interval 1, probability 0, space 0, times 0
[  843.599046][T19856] CPU: 1 PID: 19856 Comm: syz.0.4622 Not tainted syzkaller #0
[  843.606573][T19856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  843.616675][T19856] Call Trace:
[  843.619991][T19856]  <TASK>
[  843.622997][T19856]  dump_stack_lvl+0x18c/0x250
[  843.627740][T19856]  ? show_regs_print_info+0x20/0x20
[  843.633011][T19856]  ? load_image+0x420/0x420
[  843.637565][T19856]  ? __might_sleep+0xe0/0xe0
[  843.642237][T19856]  should_fail_ex+0x39d/0x4d0
[  843.646954][T19856]  should_failslab+0x9/0x20
[  843.651517][T19856]  slab_pre_alloc_hook+0x59/0x310
[  843.656604][T19856]  ? sk_prot_alloc+0xe7/0x210
[  843.661329][T19856]  ? sk_prot_alloc+0xe7/0x210
[  843.666049][T19856]  __kmem_cache_alloc_node+0x53/0x250
[  843.671477][T19856]  ? sk_prot_alloc+0xe7/0x210
[  843.676212][T19856]  __kmalloc+0xa4/0x230
[  843.680420][T19856]  sk_prot_alloc+0xe7/0x210
[  843.684988][T19856]  ? sk_alloc+0x24/0x360
[  843.689280][T19856]  sk_alloc+0x3a/0x360
[  843.693390][T19856]  ? bpf_ctx_init+0x163/0x1a0
[  843.698113][T19856]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  843.703692][T19856]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  843.709089][T19856]  ? lockdep_hardirqs_on+0x98/0x150
[  843.714319][T19856]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  843.720522][T19856]  ? cpu_online+0x60/0x60
[  843.724901][T19856]  bpf_prog_test_run+0x321/0x390
[  843.729879][T19856]  __sys_bpf+0x49d/0x890
[  843.734176][T19856]  ? bpf_link_show_fdinfo+0x390/0x390
[  843.739591][T19856]  ? lock_chain_count+0x20/0x20
[  843.744464][T19856]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  843.750477][T19856]  __x64_sys_bpf+0x7c/0x90
[  843.754916][T19856]  do_syscall_64+0x55/0xa0
[  843.759374][T19856]  ? clear_bhb_loop+0x40/0x90
[  843.764077][T19856]  ? clear_bhb_loop+0x40/0x90
[  843.768782][T19856]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  843.774712][T19856] RIP: 0033:0x7fc8d679ce59
[  843.779150][T19856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  843.798779][T19856] RSP: 002b:00007fc8d766c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  843.807226][T19856] RAX: ffffffffffffffda RBX: 00007fc8d6a15fa0 RCX: 00007fc8d679ce59
[  843.815231][T19856] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  843.823230][T19856] RBP: 00007fc8d766c090 R08: 0000000000000000 R09: 0000000000000000
[  843.831235][T19856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  843.839229][T19856] R13: 00007fc8d6a16038 R14: 00007fc8d6a15fa0 R15: 00007ffded8d1188
[  843.847246][T19856]  </TASK>
[  844.256989][T19867] netlink: 'syz.1.4625': attribute type 9 has an invalid length.
[  844.273070][T19867] netlink: 154020 bytes leftover after parsing attributes in process `syz.1.4625'.
[  844.316112][T13967] Bluetooth: hci1: command tx timeout
[  844.410109][T19737] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  845.205321][T19737] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  845.260053][T19891] netlink: 'syz.0.4629': attribute type 21 has an invalid length.
[  845.286665][T19891] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4629'.
[  845.343517][T19737] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  845.539328][T19737] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  846.365231][T13967] Bluetooth: hci1: command tx timeout
[  847.578458][T19737] 8021q: adding VLAN 0 to HW filter on device bond0
[  847.740695][T19737] 8021q: adding VLAN 0 to HW filter on device team0
[  847.854102][T16451] hsr_slave_0: left promiscuous mode
[  847.861299][T16451] hsr_slave_1: left promiscuous mode
[  847.875528][T16451] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  847.894407][T16451] batman_adv: batadv0: Removing interface: batadv_slave_0
[  847.903976][T16451] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  847.918059][T16451] batman_adv: batadv0: Removing interface: batadv_slave_1
[  847.928230][T16451] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  847.936663][T16451] batman_adv: batadv0: Removing interface: virt_wifi0
[  847.960879][T16451] veth1_macvtap: left allmulticast mode
[  847.967113][T16451] veth1_macvtap: left promiscuous mode
[  847.972697][T16451] veth0_macvtap: left promiscuous mode
[  847.978603][T16451] veth1_vlan: left promiscuous mode
[  847.983991][T16451] veth0_vlan: left promiscuous mode
[  849.797440][T16451] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  850.189218][T16451] .` (unregistering): Released all slaves
[  850.270822][T18571] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.278022][T18571] bridge0: port 1(bridge_slave_0) entered forwarding state
[  850.289195][T18571] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.296446][T18571] bridge0: port 2(bridge_slave_1) entered forwarding state
[  850.761511][T19957] netlink: 'syz.3.4648': attribute type 10 has an invalid length.
[  850.942674][T19962] netlink: 'syz.1.4650': attribute type 7 has an invalid length.
[  850.987556][T19737] 8021q: adding VLAN 0 to HW filter on device batadv0
[  851.086978][T19737] veth0_vlan: entered promiscuous mode
[  851.125570][T19737] veth1_vlan: entered promiscuous mode
[  851.179724][T19966] FAULT_INJECTION: forcing a failure.
[  851.179724][T19966] name failslab, interval 1, probability 0, space 0, times 0
[  851.214560][T19966] CPU: 1 PID: 19966 Comm: syz.0.4652 Not tainted syzkaller #0
[  851.222110][T19966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  851.232212][T19966] Call Trace:
[  851.235531][T19966]  <TASK>
[  851.238515][T19966]  dump_stack_lvl+0x18c/0x250
[  851.243265][T19966]  ? show_regs_print_info+0x20/0x20
[  851.248541][T19966]  ? load_image+0x420/0x420
[  851.249858][T19737] veth0_macvtap: entered promiscuous mode
[  851.253087][T19966]  ? __might_sleep+0xe0/0xe0
[  851.263467][T19966]  ? __lock_acquire+0x7d40/0x7d40
[  851.268556][T19966]  should_fail_ex+0x39d/0x4d0
[  851.273324][T19966]  should_failslab+0x9/0x20
[  851.277912][T19966]  slab_pre_alloc_hook+0x59/0x310
[  851.282997][T19966]  ? apparmor_sk_alloc_security+0x77/0x100
[  851.288860][T19966]  __kmem_cache_alloc_node+0x53/0x250
[  851.294307][T19966]  ? lockdep_hardirqs_on+0x98/0x150
[  851.299552][T19966]  ? apparmor_sk_alloc_security+0x77/0x100
[  851.305416][T19966]  kmalloc_trace+0x2a/0xe0
[  851.309877][T19966]  apparmor_sk_alloc_security+0x77/0x100
[  851.315544][T19966]  security_sk_alloc+0x6e/0xa0
[  851.320342][T19966]  sk_prot_alloc+0x101/0x210
[  851.324995][T19966]  sk_alloc+0x3a/0x360
[  851.329104][T19966]  inet6_create+0x7f0/0x11d0
[  851.333723][T19966]  ? inet6_create+0x83/0x11d0
[  851.338435][T19966]  __sock_create+0x4a6/0x940
[  851.343067][T19966]  __sys_socketpair+0x1c1/0x550
[  851.347952][T19966]  __x64_sys_socketpair+0x9b/0xb0
[  851.353037][T19966]  do_syscall_64+0x55/0xa0
[  851.357484][T19966]  ? clear_bhb_loop+0x40/0x90
[  851.362219][T19966]  ? clear_bhb_loop+0x40/0x90
[  851.366940][T19966]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  851.372862][T19966] RIP: 0033:0x7fc8d679ce59
[  851.377304][T19966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  851.396935][T19966] RSP: 002b:00007fc8d766c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  851.405383][T19966] RAX: ffffffffffffffda RBX: 00007fc8d6a15fa0 RCX: 00007fc8d679ce59
[  851.413382][T19966] RDX: 00000000000000ff RSI: 0000000000000003 RDI: 000000000000000a
[  851.421372][T19966] RBP: 00007fc8d766c090 R08: 0000000000000000 R09: 0000000000000000
[  851.429363][T19966] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  851.437353][T19966] R13: 00007fc8d6a16038 R14: 00007fc8d6a15fa0 R15: 00007ffded8d1188
[  851.445370][T19966]  </TASK>
[  851.517016][T19737] veth1_macvtap: entered promiscuous mode
[  851.596299][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  851.649828][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.694368][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  851.709964][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.724443][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  851.736264][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.765700][T19737] batman_adv: batadv0: Interface activated: batadv_slave_0
[  851.834797][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  851.859773][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.904409][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  851.929452][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.951205][T19737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  851.961428][T19737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  851.973846][T19737] batman_adv: batadv0: Interface activated: batadv_slave_1
[  851.988375][T19737] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  851.997408][T19737] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  852.008573][T19737] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  852.018561][T19737] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  852.224032][T16451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  852.263628][T16451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  852.318390][T18570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  852.338503][T18570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  852.793368][T19994] netlink: 'syz.0.4660': attribute type 10 has an invalid length.
[  852.809322][T19994] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4660'.
[  853.007500][T19997] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4661'.
[  854.180343][T20012] netlink: 'syz.0.4666': attribute type 7 has an invalid length.
[  854.222362][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  854.261206][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  854.275824][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  854.303974][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  854.321680][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  854.334682][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  854.795257][T20028] netlink: 'syz.3.4669': attribute type 10 has an invalid length.
[  854.834747][T20028] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4669'.
[  854.928790][T20032] netlink: 16054 bytes leftover after parsing attributes in process `syz.2.4671'.
[  855.039271][T20014] chnl_net:caif_netlink_parms(): no params data found
[  855.120803][   T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.201770][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.262355][T20038] netlink: 'syz.3.4672': attribute type 10 has an invalid length.
[  855.353438][T20038] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.449054][T20038] bridge_slave_1: left allmulticast mode
[  855.464887][T20038] bridge_slave_1: left promiscuous mode
[  855.484507][T20038] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.513930][T20014] bridge0: port 1(bridge_slave_0) entered blocking state
[  855.524490][T20014] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.531881][T20014] bridge_slave_0: entered allmulticast mode
[  855.546357][T20014] bridge_slave_0: entered promiscuous mode
[  855.572699][T20014] bridge0: port 2(bridge_slave_1) entered blocking state
[  855.595853][T20014] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.616458][T20014] bridge_slave_1: entered allmulticast mode
[  855.625165][T20014] bridge_slave_1: entered promiscuous mode
[  855.698129][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.737697][T20014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  855.751332][T20014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  855.806927][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.863327][T20014] team0: Port device team_slave_0 added
[  855.897759][T20014] team0: Port device team_slave_1 added
[  856.015218][T20014] batman_adv: batadv0: Adding interface: batadv_slave_0
[  856.022261][T20014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  856.085522][T20014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  856.105224][T20014] batman_adv: batadv0: Adding interface: batadv_slave_1
[  856.123777][T20014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  856.200439][T20014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  856.387654][T20014] hsr_slave_0: entered promiscuous mode
[  856.439721][T20014] hsr_slave_1: entered promiscuous mode
[  856.448748][T13967] Bluetooth: hci2: command tx timeout
[  856.651731][T20063] netlink: 'syz.2.4680': attribute type 10 has an invalid length.
[  856.671942][T20063] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4680'.
[  856.697087][T20063] hsr0: entered promiscuous mode
[  856.707277][T20063] bridge0: port 3(hsr0) entered blocking state
[  856.722323][T20063] bridge0: port 3(hsr0) entered disabled state
[  856.736475][T20063] hsr0: entered allmulticast mode
[  856.742184][T20063] hsr_slave_0: entered allmulticast mode
[  856.754067][T20063] hsr_slave_1: entered allmulticast mode
[  856.787687][T20063] bridge0: port 3(hsr0) entered blocking state
[  856.794955][T20063] bridge0: port 3(hsr0) entered forwarding state
[  856.863915][   T59] tipc: Left network mode
[  858.177025][T20093] netlink: 'syz.2.4683': attribute type 10 has an invalid length.
[  858.319802][T20093] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.485279][T20093] bridge_slave_1: left allmulticast mode
[  858.524561][T13967] Bluetooth: hci2: command tx timeout
[  858.574518][T20093] bridge_slave_1: left promiscuous mode
[  858.606637][T20093] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.779614][T20093] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  859.128440][T20117] netlink: 'syz.0.4688': attribute type 10 has an invalid length.
[  859.147507][T20117] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4688'.
[  859.656655][T20014] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  859.685892][T20014] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  860.448270][T20014] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  860.501623][T20014] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  860.610265][T13967] Bluetooth: hci2: command tx timeout
[  860.805514][T20014] 8021q: adding VLAN 0 to HW filter on device bond0
[  860.874818][T20014] 8021q: adding VLAN 0 to HW filter on device team0
[  860.932739][T16451] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.940019][T16451] bridge0: port 1(bridge_slave_0) entered forwarding state
[  860.991990][T16451] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.999350][T16451] bridge0: port 2(bridge_slave_1) entered forwarding state
[  861.684883][T20166] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4699'.
[  861.803028][T20163] netlink: 'syz.2.4698': attribute type 10 has an invalid length.
[  861.834957][T20163] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4698'.
[  861.875392][T13967] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  862.000245][T20014] 8021q: adding VLAN 0 to HW filter on device batadv0
[  862.483201][T20014] veth0_vlan: entered promiscuous mode
[  862.694471][T13967] Bluetooth: hci2: command tx timeout
[  862.826898][T20185] netlink: 'syz.2.4703': attribute type 6 has an invalid length.
[  862.846144][T20185] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4703'.
[  863.133275][   T59] hsr_slave_0: left promiscuous mode
[  863.174896][   T59] hsr_slave_1: left promiscuous mode
[  863.220182][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  863.240738][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  863.265553][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  863.306355][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  863.327254][   T59] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  863.364302][   T59] batman_adv: batadv0: Removing interface: virt_wifi0
[  863.549863][T13967] Bluetooth: hci4: unexpected subevent 0x0e length: 150 > 15
[  864.263736][   T59] veth1_macvtap: left promiscuous mode
[  864.291428][   T59] veth0_macvtap: left promiscuous mode
[  864.314695][   T59] veth1_vlan: left promiscuous mode
[  864.320059][   T59] veth0_vlan: left promiscuous mode
[  866.279155][T20014] veth1_vlan: entered promiscuous mode
[  866.304985][T20234] netlink: 'syz.3.4711': attribute type 10 has an invalid length.
[  866.312888][T20234] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4711'.
[  866.487641][T20014] veth0_macvtap: entered promiscuous mode
[  866.521911][T20014] veth1_macvtap: entered promiscuous mode
[  866.617903][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  866.645855][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.664384][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  866.684402][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.705281][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  866.718320][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.741111][T20014] batman_adv: batadv0: Interface activated: batadv_slave_0
[  866.753545][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.778430][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.804446][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  866.838889][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.877800][T20014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.899707][T20014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.921762][T20014] batman_adv: batadv0: Interface activated: batadv_slave_1
[  866.965823][T20255] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.4716'.
[  866.984465][T20256] netlink: 'syz.2.4716': attribute type 6 has an invalid length.
[  866.992297][T20256] netlink: 168 bytes leftover after parsing attributes in process `syz.2.4716'.
[  867.012423][T20014] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  867.045841][T20014] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  867.087568][T20014] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  867.114253][T20014] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  867.226129][T20258] netlink: 'syz.3.4717': attribute type 21 has an invalid length.
[  867.239432][T20258] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4717'.
[  867.378857][T13967] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  867.452544][T18571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  867.484468][T18571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  867.583307][T16444] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  867.606183][T16444] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  867.841381][T20268] netlink: 'syz.2.4721': attribute type 10 has an invalid length.
[  867.849506][T20268] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4721'.
[  868.225443][T13967] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  868.268974][T20282] netlink: 'syz.1.4726': attribute type 21 has an invalid length.
[  868.287528][T20282] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4726'.
[  869.165435][T20312] netlink: 'syz.3.4739': attribute type 21 has an invalid length.
[  869.173434][T20312] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4739'.
[  869.277683][T13967] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  869.310560][T20318] FAULT_INJECTION: forcing a failure.
[  869.310560][T20318] name failslab, interval 1, probability 0, space 0, times 0
[  869.364553][T20318] CPU: 0 PID: 20318 Comm: syz.1.4742 Not tainted syzkaller #0
[  869.372128][T20318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  869.382250][T20318] Call Trace:
[  869.385588][T20318]  <TASK>
[  869.388576][T20318]  dump_stack_lvl+0x18c/0x250
[  869.393329][T20318]  ? show_regs_print_info+0x20/0x20
[  869.398600][T20318]  ? load_image+0x420/0x420
[  869.403180][T20318]  ? __lock_acquire+0x7d40/0x7d40
[  869.408290][T20318]  should_fail_ex+0x39d/0x4d0
[  869.413043][T20318]  should_failslab+0x9/0x20
[  869.417616][T20318]  slab_pre_alloc_hook+0x59/0x310
[  869.422713][T20318]  ? bpf_test_init+0x9f/0x140
[  869.427449][T20318]  ? bpf_test_init+0x9f/0x140
[  869.432192][T20318]  __kmem_cache_alloc_node+0x53/0x250
[  869.437644][T20318]  ? bpf_test_init+0x9f/0x140
[  869.442380][T20318]  __kmalloc+0xa4/0x230
[  869.446620][T20318]  bpf_test_init+0x9f/0x140
[  869.451191][T20318]  bpf_prog_test_run_xdp+0x4d1/0x10e0
[  869.456673][T20318]  ? dev_put+0x80/0x80
[  869.460820][T20318]  ? dev_put+0x80/0x80
[  869.464952][T20318]  bpf_prog_test_run+0x321/0x390
[  869.469958][T20318]  __sys_bpf+0x49d/0x890
[  869.474271][T20318]  ? bpf_link_show_fdinfo+0x390/0x390
[  869.479727][T20318]  ? lock_chain_count+0x20/0x20
[  869.484662][T20318]  __x64_sys_bpf+0x7c/0x90
[  869.489145][T20318]  do_syscall_64+0x55/0xa0
[  869.493616][T20318]  ? clear_bhb_loop+0x40/0x90
[  869.498362][T20318]  ? clear_bhb_loop+0x40/0x90
[  869.503099][T20318]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  869.509053][T20318] RIP: 0033:0x7f3fa759ce59
[  869.513530][T20318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  869.533222][T20318] RSP: 002b:00007f3fa84ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  869.541717][T20318] RAX: ffffffffffffffda RBX: 00007f3fa7815fa0 RCX: 00007f3fa759ce59
[  869.549729][T20318] RDX: 000000000000003b RSI: 0000200000000000 RDI: 000000000000000a
[  869.557735][T20318] RBP: 00007f3fa84ee090 R08: 0000000000000000 R09: 0000000000000000
[  869.565752][T20318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  869.573752][T20318] R13: 00007f3fa7816038 R14: 00007f3fa7815fa0 R15: 00007ffd7532d678
[  869.581777][T20318]  </TASK>
[  869.680958][T20321] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4743'.
[  869.729046][T20321] netlink: get zone limit has 4 unknown bytes
[  869.796210][T20321] netlink: 15743 bytes leftover after parsing attributes in process `syz.3.4743'.
[  870.425010][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  870.431437][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  871.195306][T20340] netlink: 'syz.0.4751': attribute type 21 has an invalid length.
[  871.203362][T20340] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4751'.
[  871.328678][T13967] Bluetooth: hci4: unexpected subevent 0x0e length: 150 > 15
[  871.827833][T20364] netlink: 'syz.3.4758': attribute type 10 has an invalid length.
[  871.884369][T20364] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4758'.
[  871.950835][T20361] netlink: 'syz.1.4759': attribute type 10 has an invalid length.
[  871.981537][T20361] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4759'.
[  871.995579][T20361] hsr0: entered promiscuous mode
[  872.005597][T20361] bridge0: port 3(hsr0) entered blocking state
[  872.039661][T20361] bridge0: port 3(hsr0) entered disabled state
[  872.078305][T20361] hsr0: entered allmulticast mode
[  872.086600][T20361] hsr_slave_0: entered allmulticast mode
[  872.092919][T20361] hsr_slave_1: entered allmulticast mode
[  872.203443][T20361] bridge0: port 3(hsr0) entered blocking state
[  872.210072][T20361] bridge0: port 3(hsr0) entered forwarding state
[  872.513710][T20376] netlink: 'syz.1.4763': attribute type 10 has an invalid length.
[  872.557309][T20376] team0: Device veth1_macvtap failed to register rx_handler
[  872.627538][T20378] netlink: 'syz.2.4764': attribute type 21 has an invalid length.
[  872.639524][T20378] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4764'.
[  872.807389][T13967] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  873.664097][T20407] netlink: 'syz.2.4776': attribute type 21 has an invalid length.
[  873.885233][T20411] netlink: 'syz.2.4777': attribute type 21 has an invalid length.
[  873.898056][T20411] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4777'.
[  874.523879][T13967] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  875.366694][T20432] netlink: 16399 bytes leftover after parsing attributes in process `syz.2.4786'.
[  876.557713][T13967] Bluetooth: hci4: unexpected subevent 0x0e length: 150 > 15
[  876.769843][T20456] netlink: 'syz.1.4793': attribute type 10 has an invalid length.
[  876.896479][T20456] team0: Device wg1 is of different type
[  879.445104][T20501] netlink: 'syz.3.4811': attribute type 1 has an invalid length.
[  879.453087][T20501] netlink: 146340 bytes leftover after parsing attributes in process `syz.3.4811'.
[  879.480218][T20504] netlink: 'syz.0.4808': attribute type 10 has an invalid length.
[  879.537383][T20504] team0: Device wg1 is of different type
[  880.908840][T20528] syzkaller0: entered promiscuous mode
[  880.918404][T20528] syzkaller0: entered allmulticast mode
[  880.930759][T20528] FAULT_INJECTION: forcing a failure.
[  880.930759][T20528] name failslab, interval 1, probability 0, space 0, times 0
[  880.953145][T20528] CPU: 1 PID: 20528 Comm: syz.0.4817 Not tainted syzkaller #0
[  880.960691][T20528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  880.970799][T20528] Call Trace:
[  880.974116][T20528]  <TASK>
[  880.977094][T20528]  dump_stack_lvl+0x18c/0x250
[  880.981851][T20528]  ? show_regs_print_info+0x20/0x20
[  880.987119][T20528]  ? load_image+0x420/0x420
[  880.991693][T20528]  ? __might_sleep+0xe0/0xe0
[  880.996338][T20528]  ? __lock_acquire+0x7d40/0x7d40
[  881.001426][T20528]  should_fail_ex+0x39d/0x4d0
[  881.006171][T20528]  should_failslab+0x9/0x20
[  881.010735][T20528]  slab_pre_alloc_hook+0x59/0x310
[  881.015826][T20528]  kmem_cache_alloc_node+0x60/0x320
[  881.021084][T20528]  ? __alloc_skb+0x103/0x2c0
[  881.025734][T20528]  __alloc_skb+0x103/0x2c0
[  881.030201][T20528]  rtmsg_ifinfo_build_skb+0x8c/0x260
[  881.035544][T20528]  rtnetlink_event+0x1b7/0x260
[  881.040356][T20528]  notifier_call_chain+0x197/0x380
[  881.045527][T20528]  dev_change_tx_queue_len+0x12e/0x280
[  881.051055][T20528]  ? dev_set_mtu+0x1c0/0x1c0
[  881.055734][T20528]  ? dev_ifsioc+0x1b1/0xc40
[  881.060316][T20528]  dev_ioctl+0x7b4/0x1140
[  881.064712][T20528]  sock_do_ioctl+0x239/0x310
[  881.069369][T20528]  ? sock_show_fdinfo+0xb0/0xb0
[  881.074297][T20528]  sock_ioctl+0x5ba/0x7e0
[  881.078684][T20528]  ? sock_poll+0x3e0/0x3e0
[  881.083183][T20528]  ? bpf_lsm_file_ioctl+0x9/0x10
[  881.088180][T20528]  ? security_file_ioctl+0x80/0xa0
[  881.093356][T20528]  ? sock_poll+0x3e0/0x3e0
[  881.097824][T20528]  __se_sys_ioctl+0xfd/0x170
[  881.102473][T20528]  do_syscall_64+0x55/0xa0
[  881.106935][T20528]  ? clear_bhb_loop+0x40/0x90
[  881.111677][T20528]  ? clear_bhb_loop+0x40/0x90
[  881.116412][T20528]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  881.122361][T20528] RIP: 0033:0x7fc8d679ce59
[  881.126819][T20528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  881.146479][T20528] RSP: 002b:00007fc8d766c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  881.154952][T20528] RAX: ffffffffffffffda RBX: 00007fc8d6a15fa0 RCX: 00007fc8d679ce59
[  881.162972][T20528] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000007
[  881.170997][T20528] RBP: 00007fc8d766c090 R08: 0000000000000000 R09: 0000000000000000
[  881.179018][T20528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  881.187038][T20528] R13: 00007fc8d6a16038 R14: 00007fc8d6a15fa0 R15: 00007ffded8d1188
[  881.195083][T20528]  </TASK>
[  881.503052][T20539] netlink: 'syz.1.4821': attribute type 21 has an invalid length.
[  881.510999][T20539] netlink: 128 bytes leftover after parsing attributes in process `syz.1.4821'.
[  881.539844][T20541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4822'.
[  881.574342][T20541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4822'.
[  881.594809][T20541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4822'.
[  881.614772][T20541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4822'.
[  881.885234][T20547] netlink: 'syz.0.4823': attribute type 10 has an invalid length.
[  881.893412][T20547] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4823'.
[  881.931671][T20552] netlink: 'syz.3.4824': attribute type 10 has an invalid length.
[  881.950398][T20552] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4824'.
[  883.783574][T20579] netlink: 'syz.2.4836': attribute type 10 has an invalid length.
[  883.797080][T20579] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4836'.
[  883.901463][T20588] netlink: 'syz.3.4837': attribute type 10 has an invalid length.
[  883.974444][T20588] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4837'.
[  884.476129][T20600] netlink: 'syz.3.4842': attribute type 10 has an invalid length.
[  884.494996][T20600] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4842'.
[  886.286732][T20618] netlink: 'syz.1.4848': attribute type 10 has an invalid length.
[  886.330169][T20618] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4848'.
[  886.517063][T20621] netlink: 'syz.0.4850': attribute type 10 has an invalid length.
[  886.574568][T20621] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4850'.
[  887.080182][T20631] netlink: 'syz.1.4860': attribute type 10 has an invalid length.
[  887.094876][T20631] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4860'.
[  887.364823][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  887.433825][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  887.445013][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  887.454500][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  887.462368][   T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  887.470125][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  888.379710][T16447] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  888.450953][T20648] netlink: 'syz.2.4858': attribute type 10 has an invalid length.
[  888.474614][T20648] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4858'.
[  888.577793][T16447] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.197364][T16447] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.567256][   T51] Bluetooth: hci3: command tx timeout
[  889.801725][T16447] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.842824][T20667] netlink: 'syz.0.4863': attribute type 10 has an invalid length.
[  889.867531][T20667] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4863'.
[  890.313827][T20637] chnl_net:caif_netlink_parms(): no params data found
[  890.369057][T20680] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.4868'.
[  891.018041][T20637] bridge0: port 1(bridge_slave_0) entered blocking state
[  891.037579][T20637] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.047379][T20637] bridge_slave_0: entered allmulticast mode
[  891.060787][T20637] bridge_slave_0: entered promiscuous mode
[  891.127997][T20637] bridge0: port 2(bridge_slave_1) entered blocking state
[  891.150317][T20637] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.162959][T20637] bridge_slave_1: entered allmulticast mode
[  891.172889][T20637] bridge_slave_1: entered promiscuous mode
[  891.317784][T20637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  891.391392][T20637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.512005][T20637] team0: Port device team_slave_0 added
[  891.548674][T20637] team0: Port device team_slave_1 added
[  891.595104][T20637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  891.602256][T20637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  891.644516][   T51] Bluetooth: hci3: command tx timeout
[  891.651869][T20637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  891.694360][T20637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  891.701394][T20637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  891.778020][T20637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  892.166772][T20637] hsr_slave_0: entered promiscuous mode
[  892.181349][T20637] hsr_slave_1: entered promiscuous mode
[  892.239233][T20637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  892.260561][T20637] Cannot create hsr debugfs directory
[  892.273736][T16447] tipc: Left network mode
[  892.921573][T20717] netlink: 'syz.2.4875': attribute type 10 has an invalid length.
[  892.935350][T20717] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4875'.
[  892.950823][T20719] netlink: 'syz.1.4874': attribute type 10 has an invalid length.
[  892.959123][T20719] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4874'.
[  893.749663][   T51] Bluetooth: hci3: command tx timeout
[  894.473880][T20738] netlink: 'syz.0.4888': attribute type 21 has an invalid length.
[  894.508799][T20738] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4888'.
[  895.724507][T20760] netlink: 'syz.1.4885': attribute type 10 has an invalid length.
[  895.732401][T20760] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4885'.
[  895.805025][   T51] Bluetooth: hci3: command tx timeout
[  896.001712][T20768] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.4887'.
[  896.175584][T20775] FAULT_INJECTION: forcing a failure.
[  896.175584][T20775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  896.231736][T20775] CPU: 1 PID: 20775 Comm: syz.1.4889 Not tainted syzkaller #0
[  896.239296][T20775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  896.249410][T20775] Call Trace:
[  896.252736][T20775]  <TASK>
[  896.255714][T20775]  dump_stack_lvl+0x18c/0x250
[  896.260455][T20775]  ? show_regs_print_info+0x20/0x20
[  896.265714][T20775]  ? load_image+0x420/0x420
[  896.270281][T20775]  ? __might_fault+0xaa/0x120
[  896.275015][T20775]  ? __lock_acquire+0x7d40/0x7d40
[  896.280107][T20775]  should_fail_ex+0x39d/0x4d0
[  896.284860][T20775]  _copy_from_user+0x2f/0xe0
[  896.289504][T20775]  ___sys_sendmsg+0x1c7/0x360
[  896.294336][T20775]  ? __sys_sendmsg+0x2a0/0x2a0
[  896.299154][T20775]  ? trace_call_bpf+0xc3/0x6c0
[  896.303976][T20775]  __se_sys_sendmsg+0x1c2/0x2b0
[  896.308857][T20775]  ? __x64_sys_sendmsg+0x80/0x80
[  896.313835][T20775]  ? lockdep_hardirqs_on+0x98/0x150
[  896.319073][T20775]  do_syscall_64+0x55/0xa0
[  896.323520][T20775]  ? clear_bhb_loop+0x40/0x90
[  896.328231][T20775]  ? clear_bhb_loop+0x40/0x90
[  896.332950][T20775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  896.338875][T20775] RIP: 0033:0x7f3fa759ce59
[  896.343340][T20775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  896.362998][T20775] RSP: 002b:00007f3fa84cd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  896.371446][T20775] RAX: ffffffffffffffda RBX: 00007f3fa7816090 RCX: 00007f3fa759ce59
[  896.379443][T20775] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000e
[  896.387438][T20775] RBP: 00007f3fa84cd090 R08: 0000000000000000 R09: 0000000000000000
[  896.395430][T20775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  896.403421][T20775] R13: 00007f3fa7816128 R14: 00007f3fa7816090 R15: 00007ffd7532d678
[  896.411445][T20775]  </TASK>
[  896.422870][T20774] netlink: 'syz.0.4890': attribute type 10 has an invalid length.
[  896.437369][T20774] syz_tun: entered promiscuous mode
[  896.716710][T20637] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  896.755385][T20637] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  896.908000][T16447] hsr_slave_0: left promiscuous mode
[  896.925589][T16447] hsr_slave_1: left promiscuous mode
[  896.939324][T16447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  896.969004][T16447] batman_adv: batadv0: Removing interface: batadv_slave_0
[  896.983728][T16447] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  896.991862][T16447] batman_adv: batadv0: Removing interface: batadv_slave_1
[  897.020714][T16447] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  897.031386][T16447] batman_adv: batadv0: Removing interface: virt_wifi0
[  897.042018][T16447] hsr0: left allmulticast mode
[  897.048781][T16447] bridge0: port 3(hsr0) entered disabled state
[  897.058343][T16447] bridge_slave_0: left allmulticast mode
[  897.064324][T16447] bridge_slave_0: left promiscuous mode
[  897.070354][T16447] bridge0: port 1(bridge_slave_0) entered disabled state
[  897.112335][T16447] veth1_macvtap: left promiscuous mode
[  897.124654][T16447] veth0_macvtap: left promiscuous mode
[  898.594681][T20637] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  898.608740][T20785] netlink: 'syz.0.4891': attribute type 21 has an invalid length.
[  898.620059][T20785] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4891'.
[  898.654389][T20637] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  899.047365][T20823] netlink: 'syz.1.4896': attribute type 10 has an invalid length.
[  899.061419][T20823] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4896'.
[  899.179358][T20637] 8021q: adding VLAN 0 to HW filter on device bond0
[  899.251837][T20637] 8021q: adding VLAN 0 to HW filter on device team0
[  899.314701][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  899.321931][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  899.359088][T16451] bridge0: port 2(bridge_slave_1) entered blocking state
[  899.366432][T16451] bridge0: port 2(bridge_slave_1) entered forwarding state
[  899.543471][T20835] netlink: 'syz.1.4897': attribute type 29 has an invalid length.
[  899.611102][T20637] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  899.663102][T20835] netlink: 'syz.1.4897': attribute type 29 has an invalid length.
[  900.057416][T20852] netlink: 'syz.2.4901': attribute type 21 has an invalid length.
[  900.095071][T20852] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4901'.
[  900.133379][T20846] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4900'.
[  900.297088][T20637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  900.501289][T20637] veth0_vlan: entered promiscuous mode
[  900.622663][T20637] veth1_vlan: entered promiscuous mode
[  900.752175][T20637] veth0_macvtap: entered promiscuous mode
[  900.804982][T20637] veth1_macvtap: entered promiscuous mode
[  900.863491][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  900.887866][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  900.914343][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  900.954385][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  900.977152][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  901.001740][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  901.031335][T20637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  901.062754][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  901.079392][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  901.097454][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  901.115134][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  901.125723][T20637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  901.141818][T20637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  901.157370][T20637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  901.241709][T20637] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  901.279733][T20637] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  901.288829][T20637] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  901.297994][T20637] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  901.431464][T20878] netlink: 'syz.1.4905': attribute type 10 has an invalid length.
[  901.449724][T20878] syz_tun: entered promiscuous mode
[  901.468049][T20878] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  901.709926][T20880] netlink: 'syz.0.4904': attribute type 10 has an invalid length.
[  901.734791][T20880] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4904'.
[  901.990180][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  902.054132][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  902.442619][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  902.451919][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  903.042652][T20914] netlink: 'syz.2.4916': attribute type 10 has an invalid length.
[  903.056773][T20914] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4916'.
[  903.918404][T20943] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.4921'.
[  903.954634][T20943] netlink: 22856 bytes leftover after parsing attributes in process `syz.2.4921'.
[  904.182659][T20949] netlink: 'syz.3.4927': attribute type 10 has an invalid length.
[  904.193138][T20949] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4927'.
[  904.205417][T20949] hsr0: entered promiscuous mode
[  905.288806][T20949] bridge0: port 3(hsr0) entered blocking state
[  905.295604][T20949] bridge0: port 3(hsr0) entered disabled state
[  905.302053][T20949] hsr0: entered allmulticast mode
[  905.308005][T20949] hsr_slave_0: entered allmulticast mode
[  905.313721][T20949] hsr_slave_1: entered allmulticast mode
[  905.322103][T20949] bridge0: port 3(hsr0) entered blocking state
[  905.328523][T20949] bridge0: port 3(hsr0) entered forwarding state
[  906.279368][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  906.516955][T20992] netlink: 'syz.2.4940': attribute type 10 has an invalid length.
[  906.534554][T20992] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4940'.
[  906.575442][T20995] netlink: 'syz.3.4941': attribute type 29 has an invalid length.
[  906.628596][T20995] netlink: 'syz.3.4941': attribute type 29 has an invalid length.
[  908.423583][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  908.936501][T21032] netlink: 'syz.0.4955': attribute type 29 has an invalid length.
[  908.975251][T21032] netlink: 'syz.0.4955': attribute type 29 has an invalid length.
[  909.234304][T21038] netlink: 'syz.2.4958': attribute type 21 has an invalid length.
[  909.254385][T21038] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4958'.
[  909.312671][T21036] netlink: 'syz.3.4956': attribute type 10 has an invalid length.
[  909.325529][T21036] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4956'.
[  909.355149][T21043] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.4960'.
[  909.952046][T21054] netlink: 'syz.1.4964': attribute type 10 has an invalid length.
[  909.962966][T21054] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4964'.
[  910.122895][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  910.131926][T21057] netlink: 'syz.3.4965': attribute type 10 has an invalid length.
[  910.174636][T21057] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4965'.
[  910.368182][T21063] netlink: 'syz.0.4968': attribute type 9 has an invalid length.
[  910.521489][T21068] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4970'.
[  910.571116][T21067] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4969'.
[  910.758975][T21069] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4968'.
[  910.785526][T21069] netlink: del zone limit has 4 unknown bytes
[  911.449580][   T51] Bluetooth: hci3: unexpected event 0x35 length: 15 > 6
[  912.249922][T21091] validate_nla: 2 callbacks suppressed
[  912.249942][T21091] netlink: 'syz.1.4976': attribute type 3 has an invalid length.
[  912.299116][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  912.317976][T21091] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.4976'.
[  913.217767][T21095] netlink: 'syz.3.4979': attribute type 10 has an invalid length.
[  913.233585][T21095] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4979'.
[  913.245780][T21097] netlink: 'syz.2.4980': attribute type 21 has an invalid length.
[  914.238185][T21119] syzkaller0: entered promiscuous mode
[  914.266640][T21119] syzkaller0: entered allmulticast mode
[  914.874337][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  915.976629][T21134] netlink: 'syz.1.4991': attribute type 10 has an invalid length.
[  915.985210][T21134] __nla_validate_parse: 1 callbacks suppressed
[  915.985227][T21134] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4991'.
[  916.027864][T21137] netlink: 'syz.2.4992': attribute type 21 has an invalid length.
[  916.054746][T21137] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4992'.
[  917.751999][T21158] FAULT_INJECTION: forcing a failure.
[  917.751999][T21158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  917.771158][T21158] CPU: 0 PID: 21158 Comm: syz.3.5000 Not tainted syzkaller #0
[  917.778801][T21158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  917.788992][T21158] Call Trace:
[  917.792403][T21158]  <TASK>
[  917.795475][T21158]  dump_stack_lvl+0x18c/0x250
[  917.800341][T21158]  ? show_regs_print_info+0x20/0x20
[  917.805709][T21158]  ? load_image+0x420/0x420
[  917.810405][T21158]  ? __might_fault+0xaa/0x120
[  917.815247][T21158]  ? __lock_acquire+0x7d40/0x7d40
[  917.820470][T21158]  should_fail_ex+0x39d/0x4d0
[  917.825357][T21158]  _copy_from_user+0x2f/0xe0
[  917.830121][T21158]  restore_altstack+0xac/0x4c0
[  917.835047][T21158]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  917.841218][T21158]  ? __ia32_sys_sigaltstack+0x2a0/0x2a0
[  917.846966][T21158]  ? _raw_spin_unlock_irq+0x23/0x50
[  917.852311][T21158]  ? lockdep_hardirqs_on+0x98/0x150
[  917.857692][T21158]  __ia32_sys_rt_sigreturn+0x239/0x860
[  917.863312][T21158]  ? _raw_spin_unlock_irq+0x2e/0x50
[  917.868688][T21158]  ? x64_setup_rt_frame+0xc40/0xc40
[  917.874065][T21158]  ? arch_do_signal_or_restart+0x4d8/0x800
[  917.880123][T21158]  ? perf_trace_preemptirq_template+0xac/0x330
[  917.886472][T21158]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  917.892634][T21158]  ? lock_chain_count+0x20/0x20
[  917.897700][T21158]  ? lockdep_hardirqs_on+0x98/0x150
[  917.903082][T21158]  do_syscall_64+0x55/0xa0
[  917.907626][T21158]  ? clear_bhb_loop+0x40/0x90
[  917.912443][T21158]  ? clear_bhb_loop+0x40/0x90
[  917.917281][T21158]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  917.923302][T21158] RIP: 0033:0x7fdaf993e1d9
[  917.927871][T21158] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
[  917.947623][T21158] RSP: 002b:00007fdafa873a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  917.956207][T21158] RAX: ffffffffffffffda RBX: 00007fdaf9c15fa0 RCX: 00007fdaf993e1d9
[  917.964316][T21158] RDX: 00007fdafa873a80 RSI: 00007fdafa873bb0 RDI: 0000000000000011
[  917.972432][T21158] RBP: 00007fdafa874090 R08: 0000000000000000 R09: 0000000000000000
[  917.980545][T21158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  917.988658][T21158] R13: 00007fdaf9c16038 R14: 00007fdaf9c15fa0 R15: 00007ffea0cb2578
[  917.996938][T21158]  </TASK>
[  919.066945][T21162] netlink: 'syz.2.5003': attribute type 21 has an invalid length.
[  919.090596][T21162] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5003'.
[  919.123740][T21165] netlink: 'syz.3.5004': attribute type 10 has an invalid length.
[  919.137654][T21165] netlink: 'syz.3.5004': attribute type 10 has an invalid length.
[  919.146890][T21165] netlink: 209216 bytes leftover after parsing attributes in process `syz.3.5004'.
[  919.175869][T21165] openvswitch: netlink: Message has 4 unknown bytes.
[  919.435440][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  920.105124][T21195] netlink: 'syz.2.5014': attribute type 21 has an invalid length.
[  920.129697][T21195] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5014'.
[  921.006406][   T51] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  921.899584][T21222] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.5025'.
[  921.928847][T21222] syzkaller0: entered promiscuous mode
[  921.935184][T21222] syzkaller0: entered allmulticast mode
[  921.981432][T21224] netlink: 'syz.2.5026': attribute type 21 has an invalid length.
[  921.989482][T21224] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5026'.
[  922.147137][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  922.857047][T21236] netlink: 'syz.2.5031': attribute type 39 has an invalid length.
[  923.936360][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  925.945619][T21276] FAULT_INJECTION: forcing a failure.
[  925.945619][T21276] name failslab, interval 1, probability 0, space 0, times 0
[  925.971087][T21276] CPU: 0 PID: 21276 Comm: syz.3.5046 Not tainted syzkaller #0
[  925.978645][T21276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  925.988757][T21276] Call Trace:
[  925.992088][T21276]  <TASK>
[  925.995067][T21276]  dump_stack_lvl+0x18c/0x250
[  925.999832][T21276]  ? show_regs_print_info+0x20/0x20
[  926.005108][T21276]  ? load_image+0x420/0x420
[  926.009683][T21276]  ? __might_sleep+0xe0/0xe0
[  926.014341][T21276]  ? __lock_acquire+0x7d40/0x7d40
[  926.019427][T21276]  should_fail_ex+0x39d/0x4d0
[  926.024173][T21276]  should_failslab+0x9/0x20
[  926.028740][T21276]  slab_pre_alloc_hook+0x59/0x310
[  926.033846][T21276]  ? call_usermodehelper_setup+0x8e/0x260
[  926.039625][T21276]  __kmem_cache_alloc_node+0x53/0x250
[  926.045069][T21276]  ? call_usermodehelper_setup+0x8e/0x260
[  926.050842][T21276]  kmalloc_trace+0x2a/0xe0
[  926.055323][T21276]  call_usermodehelper_setup+0x8e/0x260
[  926.060916][T21276]  ? __request_module+0x600/0x600
[  926.065989][T21276]  __request_module+0x3bb/0x600
[  926.070884][T21276]  ? module_enforce_rwx_sections+0x150/0x150
[  926.076974][T21276]  ? __lock_acquire+0x7d40/0x7d40
[  926.082088][T21276]  pppox_create+0x9d/0x1a0
[  926.086573][T21276]  __sock_create+0x4a6/0x940
[  926.091263][T21276]  __sys_socketpair+0x1c1/0x550
[  926.096170][T21276]  __x64_sys_socketpair+0x9b/0xb0
[  926.101235][T21276]  do_syscall_64+0x55/0xa0
[  926.105711][T21276]  ? clear_bhb_loop+0x40/0x90
[  926.110445][T21276]  ? clear_bhb_loop+0x40/0x90
[  926.115150][T21276]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  926.121068][T21276] RIP: 0033:0x7fdaf999ce59
[  926.125515][T21276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  926.145184][T21276] RSP: 002b:00007fdafa874028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  926.153647][T21276] RAX: ffffffffffffffda RBX: 00007fdaf9c15fa0 RCX: 00007fdaf999ce59
[  926.161642][T21276] RDX: 0000000000000003 RSI: 0000000000000003 RDI: 0000000000000018
[  926.169644][T21276] RBP: 00007fdafa874090 R08: 0000000000000000 R09: 0000000000000000
[  926.177657][T21276] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  926.185686][T21276] R13: 00007fdaf9c16038 R14: 00007fdaf9c15fa0 R15: 00007ffea0cb2578
[  926.193749][T21276]  </TASK>
[  926.501312][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  926.756642][   T51] Bluetooth: hci0: unexpected subevent 0x0e length: 150 > 15
[  928.000478][T21302] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.5054'.
[  928.494003][T21310] netlink: 'syz.3.5057': attribute type 21 has an invalid length.
[  928.509682][T21310] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5057'.
[  928.750972][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  929.001229][T21326] netlink: 'syz.0.5063': attribute type 10 has an invalid length.
[  929.019440][T21326] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5063'.
[  929.905748][T21346] netlink: 'syz.3.5068': attribute type 10 has an invalid length.
[  929.988956][T21346] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5068'.
[  930.204910][T21353] netlink: 'syz.2.5069': attribute type 21 has an invalid length.
[  930.213449][T21353] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5069'.
[  930.426012][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  930.725068][T21363] netlink: 'syz.0.5074': attribute type 2 has an invalid length.
[  930.733704][T21363] netlink: 119 bytes leftover after parsing attributes in process `syz.0.5074'.
[  930.836276][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  931.116826][T21379] netlink: 'syz.0.5079': attribute type 10 has an invalid length.
[  931.129262][T21379] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5079'.
[  931.205253][T21383] netlink: 'syz.1.5081': attribute type 21 has an invalid length.
[  931.215434][T21383] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5081'.
[  931.625320][T21396] netlink: 'syz.0.5092': attribute type 10 has an invalid length.
[  931.655410][T21396] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5092'.
[  931.776484][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  931.783106][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  932.285144][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  932.352163][T21411] netlink: 'syz.1.5089': attribute type 10 has an invalid length.
[  932.371618][T21411] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5089'.
[  932.388911][T21413] netlink: 'syz.3.5091': attribute type 21 has an invalid length.
[  933.149928][T21437] __nla_validate_parse: 2 callbacks suppressed
[  933.149947][T21437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5100'.
[  933.695318][T21447] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5103'.
[  934.582016][T21459] validate_nla: 1 callbacks suppressed
[  934.582038][T21459] netlink: 'syz.1.5107': attribute type 22 has an invalid length.
[  934.632154][T21459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5107'.
[  934.665318][T21455] netlink: 'syz.2.5104': attribute type 10 has an invalid length.
[  934.679924][T21455] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5104'.
[  934.951984][T21468] netlink: 'syz.1.5108': attribute type 10 has an invalid length.
[  935.014343][T21468] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5108'.
[  935.161949][T21467] netlink: 'syz.3.5110': attribute type 10 has an invalid length.
[  935.180768][T21467] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5110'.
[  935.725163][T13967] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  935.756848][T13967] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  935.768452][T13967] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  935.895013][T13967] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  935.984514][T13967] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  936.024938][T13967] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  936.459966][T21478] chnl_net:caif_netlink_parms(): no params data found
[  936.576291][T21478] bridge0: port 1(bridge_slave_0) entered blocking state
[  936.583872][T21478] bridge0: port 1(bridge_slave_0) entered disabled state
[  936.597562][T21478] bridge_slave_0: entered allmulticast mode
[  936.608326][T21478] bridge_slave_0: entered promiscuous mode
[  936.621856][T21478] bridge0: port 2(bridge_slave_1) entered blocking state
[  936.631990][T21478] bridge0: port 2(bridge_slave_1) entered disabled state
[  936.645544][T21478] bridge_slave_1: entered allmulticast mode
[  936.653361][T21478] bridge_slave_1: entered promiscuous mode
[  936.710747][T21478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  936.731421][T21478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  936.779421][T21478] team0: Port device team_slave_0 added
[  936.797826][T21478] team0: Port device team_slave_1 added
[  936.973520][T21478] batman_adv: batadv0: Adding interface: batadv_slave_0
[  936.998906][T21478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  937.064484][T21478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  937.115797][T21478] batman_adv: batadv0: Adding interface: batadv_slave_1
[  937.122830][T21478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  937.241846][T21478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  937.255632][T21492] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5114'.
[  937.337456][T21492] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  937.364970][T21492] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  937.392959][T21492] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  937.429650][T21492] bond0 (unregistering): Released all slaves
[  937.636470][T16447] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  937.877763][T16447] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  937.990858][T21504] netlink: 'syz.3.5119': attribute type 10 has an invalid length.
[  938.018977][T21504] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5119'.
[  938.087802][T21478] hsr_slave_0: entered promiscuous mode
[  938.129696][T21478] hsr_slave_1: entered promiscuous mode
[  938.137867][T21478] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  938.144537][   T51] Bluetooth: hci4: command tx timeout
[  938.161097][T21478] Cannot create hsr debugfs directory
[  938.182451][T21512] netlink: 'syz.2.5120': attribute type 10 has an invalid length.
[  938.212887][T21512] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5120'.
[  938.257485][T16447] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.373621][T16447] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.804971][T21531] netlink: 'syz.2.5126': attribute type 21 has an invalid length.
[  939.834421][T21531] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5126'.
[  940.234246][   T51] Bluetooth: hci4: command tx timeout
[  940.346453][   T51] Bluetooth: hci1: unexpected subevent 0x0e length: 150 > 15
[  941.317607][T21565] netlink: 'syz.3.5131': attribute type 10 has an invalid length.
[  941.367568][T21565] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5131'.
[  942.054414][T21478] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  942.284783][   T51] Bluetooth: hci4: command tx timeout
[  942.681880][T21584] netlink: 'syz.3.5136': attribute type 21 has an invalid length.
[  942.690513][T21584] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5136'.
[  942.769949][T21588] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5137'.
[  942.808856][T21478] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  942.914323][T21478] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  942.935507][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  942.996968][T21596] 
€Â0: renamed from batadv_slave_1 (while UP)
[  943.114751][T21478] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  943.788118][T21478] 8021q: adding VLAN 0 to HW filter on device bond0
[  943.980663][T21478] 8021q: adding VLAN 0 to HW filter on device team0
[  944.077860][T21627] netlink: 'syz.1.5144': attribute type 10 has an invalid length.
[  944.091871][T21627] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5144'.
[  944.126428][T21626] netlink: 'syz.2.5146': attribute type 21 has an invalid length.
[  944.143004][T21626] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5146'.
[  944.242706][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  944.249994][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  944.366116][   T51] Bluetooth: hci4: command tx timeout
[  944.432700][T21631] netlink: 'syz.2.5147': attribute type 2 has an invalid length.
[  944.451837][T21631] netlink: 184 bytes leftover after parsing attributes in process `syz.2.5147'.
[  944.501984][T16451] bridge0: port 2(bridge_slave_1) entered blocking state
[  944.509305][T16451] bridge0: port 2(bridge_slave_1) entered forwarding state
[  944.530590][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  944.641245][T16447] hsr_slave_0: left promiscuous mode
[  944.665593][T16447] hsr_slave_1: left promiscuous mode
[  944.684379][T16447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  944.704557][T16447] batman_adv: batadv0: Removing interface: batadv_slave_0
[  944.722162][T16447] batman_adv: batadv0: Interface deactivated: 
€Â0
[  944.744967][T16447] batman_adv: batadv0: Removing interface: 
€Â0
[  944.805198][T16447] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  944.832142][T16447] batman_adv: batadv0: Removing interface: virt_wifi0
[  945.758660][T16447] veth1_macvtap: left promiscuous mode
[  945.769333][T16447] veth0_macvtap: left promiscuous mode
[  945.790804][T16447] veth1_vlan: left promiscuous mode
[  946.437589][T16447] team0 (unregistering): Port device team_slave_1 removed
[  946.491521][T16447] team0 (unregistering): Port device team_slave_0 removed
[  946.963380][T21646] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5150'.
[  946.979803][T21643] netlink: 'syz.3.5151': attribute type 10 has an invalid length.
[  946.994641][T21643] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5151'.
[  947.289024][T21666] netlink: 'syz.1.5155': attribute type 21 has an invalid length.
[  947.338990][T21666] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5155'.
[  947.819353][T21478] 8021q: adding VLAN 0 to HW filter on device batadv0
[  947.839877][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  947.887180][T21676] netlink: 'syz.2.5156': attribute type 10 has an invalid length.
[  947.895993][T21676] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5156'.
[  948.028956][T21478] veth0_vlan: entered promiscuous mode
[  948.085290][T21478] veth1_vlan: entered promiscuous mode
[  948.216554][T21478] veth0_macvtap: entered promiscuous mode
[  948.249865][T21478] veth1_macvtap: entered promiscuous mode
[  948.298897][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.334267][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.369335][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.417248][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.469052][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.512000][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.562539][T21478] batman_adv: batadv0: Interface activated: batadv_slave_0
[  948.618050][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  948.654248][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.699640][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: 
€Â0
[  948.744756][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.764275][T21478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  948.784233][T21478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.796187][T21478] batman_adv: batadv0: Interface activated: batadv_slave_1
[  948.803733][T21689] netlink: 'syz.2.5160': attribute type 10 has an invalid length.
[  948.824422][T21689] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5160'.
[  948.896217][T21478] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  948.926687][T21478] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  948.936822][T21478] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  948.945843][T21478] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  949.130009][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.141334][T21701] netlink: 'syz.2.5164': attribute type 21 has an invalid length.
[  949.153067][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  949.157907][T21701] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5164'.
[  949.213543][T16445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.233081][T16445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  949.422781][   T51] Bluetooth: hci2: unexpected subevent 0x0e length: 150 > 15
[  949.941823][T21723] netlink: 'syz.3.5172': attribute type 21 has an invalid length.
[  949.949997][T21723] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5172'.
[  950.094782][T21729] netlink: 'syz.3.5175': attribute type 2 has an invalid length.
[  950.108871][T21729] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5175'.
[  950.168450][T21725] netlink: 'syz.0.5173': attribute type 10 has an invalid length.
[  950.181918][T21725] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5173'.
[  950.198234][T21725] hsr0: entered promiscuous mode
[  950.211764][T21725] bridge0: port 3(hsr0) entered blocking state
[  950.225067][T21725] bridge0: port 3(hsr0) entered disabled state
[  950.239325][T21725] hsr0: entered allmulticast mode
[  950.246807][T21725] hsr_slave_0: entered allmulticast mode
[  950.253308][T21725] hsr_slave_1: entered allmulticast mode
[  950.331889][T21725] bridge0: port 3(hsr0) entered blocking state
[  950.341098][T21725] bridge0: port 3(hsr0) entered forwarding state
[  950.459190][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  950.604829][T21739] netlink: 'syz.2.5176': attribute type 10 has an invalid length.
[  950.613052][T21739] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5176'.
[  951.241804][   T51] Bluetooth: hci3: unexpected subevent 0x0e length: 150 > 15
[  951.594791][T21770] netlink: 'syz.3.5189': attribute type 10 has an invalid length.
[  951.613604][T21770] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5189'.
[  951.849841][T21773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5191'.
[  953.444777][T21802] FAULT_INJECTION: forcing a failure.
[  953.444777][T21802] name failslab, interval 1, probability 0, space 0, times 0
[  953.489404][T21802] CPU: 0 PID: 21802 Comm: syz.2.5202 Not tainted syzkaller #0
[  953.496966][T21802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  953.507076][T21802] Call Trace:
[  953.510401][T21802]  <TASK>
[  953.513372][T21802]  dump_stack_lvl+0x18c/0x250
[  953.518118][T21802]  ? show_regs_print_info+0x20/0x20
[  953.523384][T21802]  ? load_image+0x420/0x420
[  953.527957][T21802]  ? __might_sleep+0xe0/0xe0
[  953.532599][T21802]  ? __lock_acquire+0x7d40/0x7d40
[  953.537676][T21802]  ? rcu_is_watching+0x15/0xb0
[  953.542504][T21802]  should_fail_ex+0x39d/0x4d0
[  953.547242][T21802]  should_failslab+0x9/0x20
[  953.551808][T21802]  slab_pre_alloc_hook+0x59/0x310
[  953.556901][T21802]  kmem_cache_alloc_node+0x60/0x320
[  953.562162][T21802]  ? __alloc_skb+0x103/0x2c0
[  953.566819][T21802]  __alloc_skb+0x103/0x2c0
[  953.571289][T21802]  kcm_sendmsg+0x947/0x28b0
[  953.575887][T21802]  ? kcm_getsockopt+0x280/0x280
[  953.580808][T21802]  ? aa_sock_msg_perm+0x94/0x150
[  953.585813][T21802]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  953.591151][T21802]  ? security_socket_sendmsg+0x80/0xa0
[  953.596659][T21802]  ? kcm_getsockopt+0x280/0x280
[  953.601565][T21802]  ____sys_sendmsg+0x5ba/0x960
[  953.606466][T21802]  ? __asan_memset+0x22/0x40
[  953.611092][T21802]  ? __sys_sendmsg_sock+0x30/0x30
[  953.616147][T21802]  ? __import_iovec+0x5f2/0x850
[  953.621030][T21802]  ? import_iovec+0x73/0xa0
[  953.625572][T21802]  ___sys_sendmsg+0x2a6/0x360
[  953.630278][T21802]  ? get_pid_task+0x20/0x1e0
[  953.634905][T21802]  ? __sys_sendmsg+0x2a0/0x2a0
[  953.639713][T21802]  ? __lock_acquire+0x7d40/0x7d40
[  953.644801][T21802]  __se_sys_sendmsg+0x1c2/0x2b0
[  953.649705][T21802]  ? __x64_sys_sendmsg+0x80/0x80
[  953.654688][T21802]  ? lockdep_hardirqs_on+0x98/0x150
[  953.659917][T21802]  do_syscall_64+0x55/0xa0
[  953.664358][T21802]  ? clear_bhb_loop+0x40/0x90
[  953.669072][T21802]  ? clear_bhb_loop+0x40/0x90
[  953.673793][T21802]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  953.679725][T21802] RIP: 0033:0x7f472a99ce59
[  953.684179][T21802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  953.703824][T21802] RSP: 002b:00007f472b7be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  953.712270][T21802] RAX: ffffffffffffffda RBX: 00007f472ac15fa0 RCX: 00007f472a99ce59
[  953.720267][T21802] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[  953.728268][T21802] RBP: 00007f472b7be090 R08: 0000000000000000 R09: 0000000000000000
[  953.736269][T21802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  953.744268][T21802] R13: 00007f472ac16038 R14: 00007f472ac15fa0 R15: 00007ffc5144e1a8
[  953.752462][T21802]  </TASK>
[  953.836815][T21807] netlink: 'syz.1.5201': attribute type 10 has an invalid length.
[  953.864540][T21807] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5201'.
[  954.312000][T21826] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5211'.
[  955.333059][T21855] netlink: 'syz.2.5223': attribute type 29 has an invalid length.
[  955.341445][T21855] netlink: 'syz.2.5223': attribute type 3 has an invalid length.
[  955.380492][T21855] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5223'.
[  956.160137][T21862] FAULT_INJECTION: forcing a failure.
[  956.160137][T21862] name failslab, interval 1, probability 0, space 0, times 0
[  956.173305][T21862] CPU: 0 PID: 21862 Comm: syz.0.5225 Not tainted syzkaller #0
[  956.180825][T21862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  956.190937][T21862] Call Trace:
[  956.194267][T21862]  <TASK>
[  956.197251][T21862]  dump_stack_lvl+0x18c/0x250
[  956.201991][T21862]  ? show_regs_print_info+0x20/0x20
[  956.207259][T21862]  ? load_image+0x420/0x420
[  956.211851][T21862]  should_fail_ex+0x39d/0x4d0
[  956.216602][T21862]  should_failslab+0x9/0x20
[  956.221170][T21862]  slab_pre_alloc_hook+0x59/0x310
[  956.226262][T21862]  ? ida_alloc_range+0x5e7/0x860
[  956.231253][T21862]  __kmem_cache_alloc_node+0x53/0x250
[  956.236694][T21862]  ? ida_alloc_range+0x5e7/0x860
[  956.241689][T21862]  kmalloc_trace+0x2a/0xe0
[  956.246171][T21862]  ida_alloc_range+0x5e7/0x860
[  956.251011][T21862]  ? idr_replace+0x1b0/0x1b0
[  956.255679][T21862]  __xdp_reg_mem_model+0x218/0x5c0
[  956.260870][T21862]  ? kvmalloc_node+0x70/0x180
[  956.265611][T21862]  ? xdp_reg_mem_model+0x40/0x40
[  956.270632][T21862]  xdp_reg_mem_model+0x22/0x40
[  956.275461][T21862]  bpf_test_run_xdp_live+0x262/0x1b20
[  956.280909][T21862]  ? 0xffffffffa0004240
[  956.285132][T21862]  ? 0xffffffffa0004240
[  956.289335][T21862]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[  956.295285][T21862]  ? 0xffffffffa0004240
[  956.299500][T21862]  ? xdp_convert_md_to_buff+0x330/0x330
[  956.305152][T21862]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  956.311470][T21862]  ? _copy_from_user+0xa5/0xe0
[  956.316301][T21862]  ? bpf_test_init+0x119/0x140
[  956.321126][T21862]  ? xdp_convert_md_to_buff+0x5b/0x330
[  956.326650][T21862]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[  956.332112][T21862]  ? dev_put+0x80/0x80
[  956.336254][T21862]  ? dev_put+0x80/0x80
[  956.340383][T21862]  bpf_prog_test_run+0x321/0x390
[  956.345390][T21862]  __sys_bpf+0x49d/0x890
[  956.349696][T21862]  ? bpf_link_show_fdinfo+0x390/0x390
[  956.355152][T21862]  ? lock_chain_count+0x20/0x20
[  956.360060][T21862]  __x64_sys_bpf+0x7c/0x90
[  956.364525][T21862]  do_syscall_64+0x55/0xa0
[  956.368977][T21862]  ? clear_bhb_loop+0x40/0x90
[  956.373703][T21862]  ? clear_bhb_loop+0x40/0x90
[  956.378439][T21862]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  956.384376][T21862] RIP: 0033:0x7f248bf9ce59
[  956.388838][T21862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  956.408494][T21862] RSP: 002b:00007f248cf23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  956.416953][T21862] RAX: ffffffffffffffda RBX: 00007f248c215fa0 RCX: 00007f248bf9ce59
[  956.424972][T21862] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  956.432984][T21862] RBP: 00007f248cf23090 R08: 0000000000000000 R09: 0000000000000000
[  956.441000][T21862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.449005][T21862] R13: 00007f248c216038 R14: 00007f248c215fa0 R15: 00007fff265218b8
[  956.457039][T21862]  </TASK>
[  959.375092][T21910] FAULT_INJECTION: forcing a failure.
[  959.375092][T21910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  959.407692][T21910] CPU: 0 PID: 21910 Comm: syz.1.5240 Not tainted syzkaller #0
[  959.415240][T21910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  959.425343][T21910] Call Trace:
[  959.428670][T21910]  <TASK>
[  959.431649][T21910]  dump_stack_lvl+0x18c/0x250
[  959.436416][T21910]  ? lock_chain_count+0x20/0x20
[  959.441323][T21910]  ? show_regs_print_info+0x20/0x20
[  959.446587][T21910]  ? load_image+0x420/0x420
[  959.451149][T21910]  ? lockdep_hardirqs_on+0x98/0x150
[  959.456415][T21910]  should_fail_ex+0x39d/0x4d0
[  959.461254][T21910]  copyin+0x1a/0x90
[  959.465134][T21910]  _copy_from_iter+0x54f/0x12e0
[  959.470050][T21910]  ? lock_chain_count+0x20/0x20
[  959.474987][T21910]  ? copyout_mc+0x70/0x70
[  959.479378][T21910]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  959.485612][T21910]  copy_page_from_iter+0x7b/0x100
[  959.490706][T21910]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  959.496594][T21910]  packet_sendmsg+0x33ff/0x4c30
[  959.501511][T21910]  ? trace_irq_disable+0xbb/0xe0
[  959.506555][T21910]  ? __might_sleep+0xe0/0xe0
[  959.511223][T21910]  ? aa_sk_perm+0x83c/0x970
[  959.515802][T21910]  ? packet_getsockopt+0xad0/0xad0
[  959.520981][T21910]  ? tomoyo_gc_thread+0x7d6/0x1410
[  959.526167][T21910]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  959.532199][T21910]  ? aa_sock_msg_perm+0x94/0x150
[  959.537194][T21910]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  959.542540][T21910]  ? security_socket_sendmsg+0x80/0xa0
[  959.548057][T21910]  ? packet_getsockopt+0xad0/0xad0
[  959.553240][T21910]  ____sys_sendmsg+0x5ba/0x960
[  959.558056][T21910]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  959.564301][T21910]  ? __asan_memset+0x22/0x40
[  959.568965][T21910]  ? __sys_sendmsg_sock+0x30/0x30
[  959.574045][T21910]  ? __import_iovec+0x3fa/0x850
[  959.578954][T21910]  ? import_iovec+0x73/0xa0
[  959.583508][T21910]  ___sys_sendmsg+0x2a6/0x360
[  959.588255][T21910]  ? __sys_sendmsg+0x2a0/0x2a0
[  959.593071][T21910]  ? rcu_is_watching+0x5a/0xb0
[  959.597960][T21910]  __se_sys_sendmsg+0x1c2/0x2b0
[  959.602881][T21910]  ? __x64_sys_sendmsg+0x80/0x80
[  959.607901][T21910]  ? syscall_enter_from_user_mode+0x2e/0x80
[  959.613871][T21910]  do_syscall_64+0x55/0xa0
[  959.618345][T21910]  ? clear_bhb_loop+0x40/0x90
[  959.623079][T21910]  ? clear_bhb_loop+0x40/0x90
[  959.627821][T21910]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  959.633777][T21910] RIP: 0033:0x7f3fa759ce59
[  959.638261][T21910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  959.657938][T21910] RSP: 002b:00007f3fa84ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  959.666424][T21910] RAX: ffffffffffffffda RBX: 00007f3fa7815fa0 RCX: 00007f3fa759ce59
[  959.674448][T21910] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  959.682486][T21910] RBP: 00007f3fa84ee090 R08: 0000000000000000 R09: 0000000000000000
[  959.690520][T21910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  959.698563][T21910] R13: 00007f3fa7816038 R14: 00007f3fa7815fa0 R15: 00007ffd7532d678
[  959.706620][T21910]  </TASK>
[  960.441005][T21929] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5245'.
[  964.524608][T13967] Bluetooth: hci1: command 0x0406 tx timeout
[  964.823298][T21978] netlink: 'syz.0.5261': attribute type 10 has an invalid length.
[  964.867473][T21978] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5261'.
[  965.257900][T21994] mac80211_hwsim hwsim47 ..ãc¤±: renamed from wlan1 (while UP)
[  966.368166][T22010] netlink: 'syz.1.5272': attribute type 10 has an invalid length.
[  966.391903][T22010] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5272'.
[  967.920120][T22039] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5281'.
[  969.148104][T22056] netlink: 'syz.3.5286': attribute type 10 has an invalid length.
[  969.159487][T22056] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5286'.
[  970.761928][T22085] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5298'.
[  970.836384][T22086] netlink: 'syz.0.5299': attribute type 10 has an invalid length.
[  970.852042][T22086] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5299'.
[  972.512522][T22107] netlink: 'syz.1.5307': attribute type 10 has an invalid length.
[  973.136011][T22107] team0 (unregistering): Port device team_slave_0 removed
[  973.161896][T22107] team0 (unregistering): Port device team_slave_1 removed
[  973.341882][T22121] netlink: 'syz.3.5309': attribute type 10 has an invalid length.
[  973.350592][T22121] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5309'.
[  973.495498][T22123] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5311'.
[  975.412753][T22156] bridge0: port 1(bridge_slave_0) entered disabled state
[  975.454342][T22159] netlink: 'syz.3.5322': attribute type 10 has an invalid length.
[  975.470289][T22159] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5322'.
[  976.802487][T22174] netlink: 'syz.2.5329': attribute type 21 has an invalid length.
[  976.810740][T22174] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5329'.
[  978.265670][T22186] netlink: 'syz.0.5334': attribute type 10 has an invalid length.
[  978.283095][T22186] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5334'.
[  978.346082][T22193] netlink: 'syz.3.5336': attribute type 2 has an invalid length.
[  978.354087][T22193] netlink: 51 bytes leftover after parsing attributes in process `syz.3.5336'.
[  978.481998][T22195] netlink: 'syz.2.5337': attribute type 21 has an invalid length.
[  979.887320][T13967] Bluetooth: hci2: command 0x0406 tx timeout
[  980.246121][T22226] netlink: 'syz.2.5347': attribute type 10 has an invalid length.
[  980.254073][T22226] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5347'.
[  980.551686][T22232] netlink: 'syz.3.5349': attribute type 25 has an invalid length.
[  980.565446][T22232] netlink: 'syz.3.5349': attribute type 28 has an invalid length.
[  980.587580][T22230] netlink: 'syz.0.5348': attribute type 10 has an invalid length.
[  980.598961][T22230] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5348'.
[  982.103554][T22251] netlink: 'syz.0.5356': attribute type 10 has an invalid length.
[  982.119541][T22251] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5356'.
[  983.064645][T22268] netlink: 'syz.3.5361': attribute type 29 has an invalid length.
[  983.067114][T22259] netlink: 'syz.2.5358': attribute type 10 has an invalid length.
[  983.093449][T22259] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5358'.
[  983.111699][T22268] netlink: 'syz.3.5361': attribute type 29 has an invalid length.
[  983.177229][T22271] netlink: 'syz.3.5361': attribute type 29 has an invalid length.
[  983.205711][T22268] netlink: 'syz.3.5361': attribute type 29 has an invalid length.
[  983.217027][T22270] netlink: 'syz.0.5360': attribute type 7 has an invalid length.
[  985.104763][T22311] netlink: 'syz.2.5369': attribute type 10 has an invalid length.
[  985.113179][T22311] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5369'.
[  985.152031][T22309] netlink: 'syz.0.5370': attribute type 25 has an invalid length.
[  985.205343][T22309] netlink: 'syz.0.5370': attribute type 28 has an invalid length.
[  985.357403][T22316] netlink: 212912 bytes leftover after parsing attributes in process `syz.3.5373'.
[  985.398006][T22314] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5372'.
[  985.410646][T22316] openvswitch: netlink: IP tunnel dst address not specified
[  987.135644][T22349] validate_nla: 3 callbacks suppressed
[  987.135666][T22349] netlink: 'syz.0.5385': attribute type 10 has an invalid length.
[  987.187785][T22349] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5385'.
[  988.719169][T22363] mac80211_hwsim hwsim41 .3ãc¤±: renamed from wlan1 (while UP)
[  989.517176][T22366] netlink: 'syz.1.5393': attribute type 21 has an invalid length.
[  989.525361][T22366] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5393'.
[  989.732398][T22372] netlink: 'syz.3.5396': attribute type 10 has an invalid length.
[  989.758444][T22372] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5396'.
[  990.125884][T22386] netlink: 'syz.3.5401': attribute type 39 has an invalid length.
[  991.462779][T22399] syzkaller0: entered promiscuous mode
[  991.478786][T22399] syzkaller0: entered allmulticast mode
[  991.632454][T22406] netlink: 'syz.3.5408': attribute type 10 has an invalid length.
[  991.642384][T22406] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5408'.
[  993.180605][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  993.188783][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  993.678184][T22438] netlink: 'syz.1.5421': attribute type 10 has an invalid length.
[  993.695863][T22438] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5421'.
[  994.258603][T22434] netlink: 'syz.0.5419': attribute type 22 has an invalid length.
[  994.314746][T22434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5419'.
[  996.097963][T22477] netlink: 'syz.2.5432': attribute type 10 has an invalid length.
[  996.109575][T22477] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5432'.
[  996.295298][T22482] netlink: 'syz.0.5437': attribute type 10 has an invalid length.
[  996.330473][T22482] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  996.838496][T22486] netlink: 'syz.0.5437': attribute type 39 has an invalid length.
[ 1000.042036][T22520] netlink: 'syz.3.5448': attribute type 10 has an invalid length.
[ 1000.064447][T22520] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5448'.
[ 1000.195542][T22519] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.5446'.
[ 1000.232235][T22519] bridge_slave_1: default FDB implementation only supports local addresses
[ 1004.257054][T22554] netlink: 'syz.3.5460': attribute type 10 has an invalid length.
[ 1004.286276][T22554] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5460'.
[ 1007.516224][T22584] FAULT_INJECTION: forcing a failure.
[ 1007.516224][T22584] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1007.582501][T22584] CPU: 1 PID: 22584 Comm: syz.2.5470 Not tainted syzkaller #0
[ 1007.590154][T22584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1007.600272][T22584] Call Trace:
[ 1007.603596][T22584]  <TASK>
[ 1007.606587][T22584]  dump_stack_lvl+0x18c/0x250
[ 1007.611337][T22584]  ? show_regs_print_info+0x20/0x20
[ 1007.616606][T22584]  ? load_image+0x420/0x420
[ 1007.621172][T22584]  ? __might_fault+0xaa/0x120
[ 1007.625910][T22584]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.631006][T22584]  should_fail_ex+0x39d/0x4d0
[ 1007.635766][T22584]  _copy_from_iter+0x1d9/0x12e0
[ 1007.640695][T22584]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1007.646038][T22584]  ? __virt_addr_valid+0x18c/0x540
[ 1007.651207][T22584]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.656288][T22584]  ? rcu_is_watching+0x15/0xb0
[ 1007.661117][T22584]  ? copyout_mc+0x70/0x70
[ 1007.665503][T22584]  ? __virt_addr_valid+0x18c/0x540
[ 1007.670673][T22584]  ? __virt_addr_valid+0x18c/0x540
[ 1007.675838][T22584]  ? __virt_addr_valid+0x469/0x540
[ 1007.681018][T22584]  ? __check_object_size+0x506/0xa20
[ 1007.686359][T22584]  netlink_sendmsg+0x76b/0xbf0
[ 1007.691198][T22584]  ? netlink_getsockopt+0x590/0x590
[ 1007.696460][T22584]  ? aa_sock_msg_perm+0x94/0x150
[ 1007.701451][T22584]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1007.706799][T22584]  ? security_socket_sendmsg+0x80/0xa0
[ 1007.712311][T22584]  ? netlink_getsockopt+0x590/0x590
[ 1007.717571][T22584]  ____sys_sendmsg+0x5ba/0x960
[ 1007.722414][T22584]  ? __asan_memset+0x22/0x40
[ 1007.727059][T22584]  ? __sys_sendmsg_sock+0x30/0x30
[ 1007.732130][T22584]  ? __import_iovec+0x5f2/0x850
[ 1007.737035][T22584]  ? import_iovec+0x73/0xa0
[ 1007.741584][T22584]  ___sys_sendmsg+0x2a6/0x360
[ 1007.746306][T22584]  ? get_pid_task+0x20/0x1e0
[ 1007.750954][T22584]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1007.755792][T22584]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.760898][T22584]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1007.765804][T22584]  ? __x64_sys_sendmsg+0x80/0x80
[ 1007.770813][T22584]  ? lockdep_hardirqs_on+0x98/0x150
[ 1007.776063][T22584]  do_syscall_64+0x55/0xa0
[ 1007.780523][T22584]  ? clear_bhb_loop+0x40/0x90
[ 1007.785271][T22584]  ? clear_bhb_loop+0x40/0x90
[ 1007.790014][T22584]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1007.795962][T22584] RIP: 0033:0x7f472a99ce59
[ 1007.800430][T22584] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1007.820112][T22584] RSP: 002b:00007f472b7be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1007.828574][T22584] RAX: ffffffffffffffda RBX: 00007f472ac15fa0 RCX: 00007f472a99ce59
[ 1007.836596][T22584] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1007.844615][T22584] RBP: 00007f472b7be090 R08: 0000000000000000 R09: 0000000000000000
[ 1007.852631][T22584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1007.860658][T22584] R13: 00007f472ac16038 R14: 00007f472ac15fa0 R15: 00007ffc5144e1a8
[ 1007.868680][T22584]  </TASK>
[ 1010.606751][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[ 1013.702373][T22665] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.5498'.
[ 1014.435336][T22677] netlink: 'syz.2.5500': attribute type 10 has an invalid length.
[ 1014.460706][T22677] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5500'.
[ 1016.152405][T22705] FAULT_INJECTION: forcing a failure.
[ 1016.152405][T22705] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1016.259936][T22705] CPU: 0 PID: 22705 Comm: syz.0.5509 Not tainted syzkaller #0
[ 1016.267521][T22705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1016.277636][T22705] Call Trace:
[ 1016.280965][T22705]  <TASK>
[ 1016.283969][T22705]  dump_stack_lvl+0x18c/0x250
[ 1016.288719][T22705]  ? show_regs_print_info+0x20/0x20
[ 1016.293980][T22705]  ? load_image+0x420/0x420
[ 1016.298541][T22705]  ? __might_fault+0xaa/0x120
[ 1016.303268][T22705]  ? __lock_acquire+0x7d40/0x7d40
[ 1016.308361][T22705]  should_fail_ex+0x39d/0x4d0
[ 1016.313108][T22705]  _copy_from_iter+0x1d9/0x12e0
[ 1016.318023][T22705]  ? __virt_addr_valid+0x18c/0x540
[ 1016.323196][T22705]  ? __lock_acquire+0x7d40/0x7d40
[ 1016.328280][T22705]  ? copyout_mc+0x70/0x70
[ 1016.332686][T22705]  ? __virt_addr_valid+0x18c/0x540
[ 1016.337900][T22705]  ? __virt_addr_valid+0x18c/0x540
[ 1016.343074][T22705]  ? __virt_addr_valid+0x469/0x540
[ 1016.348248][T22705]  ? __check_object_size+0x506/0xa20
[ 1016.353600][T22705]  kcm_sendmsg+0xd95/0x28b0
[ 1016.358223][T22705]  ? kcm_getsockopt+0x280/0x280
[ 1016.363129][T22705]  ? aa_sock_msg_perm+0x94/0x150
[ 1016.368127][T22705]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1016.373475][T22705]  ? security_socket_sendmsg+0x80/0xa0
[ 1016.378970][T22705]  ? kcm_getsockopt+0x280/0x280
[ 1016.383837][T22705]  ____sys_sendmsg+0x5ba/0x960
[ 1016.388621][T22705]  ? __asan_memset+0x22/0x40
[ 1016.393225][T22705]  ? __sys_sendmsg_sock+0x30/0x30
[ 1016.398260][T22705]  ? __import_iovec+0x5f2/0x850
[ 1016.403130][T22705]  ? import_iovec+0x73/0xa0
[ 1016.407645][T22705]  ___sys_sendmsg+0x2a6/0x360
[ 1016.412343][T22705]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1016.417164][T22705]  ? trace_call_bpf+0xc3/0x6c0
[ 1016.422021][T22705]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1016.426925][T22705]  ? __x64_sys_sendmsg+0x80/0x80
[ 1016.431936][T22705]  ? lockdep_hardirqs_on+0x98/0x150
[ 1016.437194][T22705]  do_syscall_64+0x55/0xa0
[ 1016.441658][T22705]  ? clear_bhb_loop+0x40/0x90
[ 1016.446399][T22705]  ? clear_bhb_loop+0x40/0x90
[ 1016.451142][T22705]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1016.457094][T22705] RIP: 0033:0x7f248bf9ce59
[ 1016.461529][T22705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1016.481193][T22705] RSP: 002b:00007f248cf23028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1016.489658][T22705] RAX: ffffffffffffffda RBX: 00007f248c215fa0 RCX: 00007f248bf9ce59
[ 1016.497671][T22705] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[ 1016.505687][T22705] RBP: 00007f248cf23090 R08: 0000000000000000 R09: 0000000000000000
[ 1016.513682][T22705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1016.521682][T22705] R13: 00007f248c216038 R14: 00007f248c215fa0 R15: 00007fff265218b8
[ 1016.529727][T22705]  </TASK>
[ 1016.554601][T22702] netlink: 'syz.1.5507': attribute type 10 has an invalid length.
[ 1016.562564][T22702] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5507'.
[ 1016.703969][T22708] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1016.713530][T22708] IPv6: NLM_F_CREATE should be set when creating new route
[ 1016.721763][T22708] IPv6: NLM_F_CREATE should be set when creating new route
[ 1016.729247][T22708] IPv6: NLM_F_CREATE should be set when creating new route
[ 1016.857677][T22708] netlink: 'syz.0.5510': attribute type 2 has an invalid length.
[ 1017.902327][T22721] netlink: 'syz.3.5515': attribute type 10 has an invalid length.
[ 1017.921408][T22721] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5515'.
[ 1018.570589][T22738] netlink: 'syz.3.5521': attribute type 10 has an invalid length.
[ 1018.582276][T22738] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5521'.
[ 1020.300101][T22759] netlink: 'syz.0.5530': attribute type 10 has an invalid length.
[ 1020.312943][T22759] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5530'.
[ 1020.677593][T22771] netlink: 'syz.2.5534': attribute type 10 has an invalid length.
[ 1020.713125][T22771] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5534'.
[ 1020.756783][T22774] FAULT_INJECTION: forcing a failure.
[ 1020.756783][T22774] name failslab, interval 1, probability 0, space 0, times 0
[ 1020.779590][T22774] CPU: 0 PID: 22774 Comm: syz.0.5535 Not tainted syzkaller #0
[ 1020.787179][T22774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1020.797305][T22774] Call Trace:
[ 1020.800647][T22774]  <TASK>
[ 1020.803621][T22774]  dump_stack_lvl+0x18c/0x250
[ 1020.808362][T22774]  ? show_regs_print_info+0x20/0x20
[ 1020.813629][T22774]  ? load_image+0x420/0x420
[ 1020.818191][T22774]  should_fail_ex+0x39d/0x4d0
[ 1020.822934][T22774]  should_failslab+0x9/0x20
[ 1020.827497][T22774]  slab_pre_alloc_hook+0x59/0x310
[ 1020.832592][T22774]  ? nf_ct_ext_add+0x1ab/0x440
[ 1020.837407][T22774]  ? nf_ct_ext_add+0x1ab/0x440
[ 1020.842224][T22774]  __kmem_cache_alloc_node+0x53/0x250
[ 1020.847660][T22774]  ? nf_ct_ext_add+0x1ab/0x440
[ 1020.852473][T22774]  __kmalloc_node_track_caller+0xa2/0x230
[ 1020.858263][T22774]  krealloc+0x86/0x120
[ 1020.862397][T22774]  nf_ct_ext_add+0x1ab/0x440
[ 1020.867045][T22774]  init_conntrack+0x69c/0xf10
[ 1020.871768][T22774]  ? early_drop+0x7f0/0x7f0
[ 1020.876315][T22774]  ? nf_conntrack_find_get+0x650/0x650
[ 1020.881820][T22774]  ? __siphash_unaligned+0x22e/0x3a0
[ 1020.887164][T22774]  nf_conntrack_in+0xc06/0x15c0
[ 1020.892099][T22774]  ? nf_ct_pernet+0x270/0x270
[ 1020.896818][T22774]  ? ip6t_do_table+0x1d9/0x1510
[ 1020.901717][T22774]  ? ip6t_alloc_initial_table+0x640/0x640
[ 1020.907485][T22774]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1020.913518][T22774]  ? ipv6_defrag+0x2d6/0x3a0
[ 1020.918160][T22774]  ? ipv6_conntrack_in+0x20/0x20
[ 1020.923142][T22774]  nf_hook_slow+0xbd/0x200
[ 1020.927620][T22774]  __ip6_local_out+0x784/0x8a0
[ 1020.932495][T22774]  ? __ip6_local_out+0x60c/0x8a0
[ 1020.937499][T22774]  ? ip6_dst_hoplimit+0x350/0x350
[ 1020.942588][T22774]  ? __ip6_local_out+0x8a0/0x8a0
[ 1020.947589][T22774]  ? read_lock_is_recursive+0x20/0x20
[ 1020.953030][T22774]  ? csum_partial+0x241/0x2c0
[ 1020.957759][T22774]  ? csum_block_add_ext+0x41/0x50
[ 1020.962842][T22774]  ip6_local_out+0x2a/0x130
[ 1020.967394][T22774]  ? ip6_send_skb+0x10f/0x380
[ 1020.972143][T22774]  ip6_send_skb+0x1d5/0x380
[ 1020.976703][T22774]  udp_v6_send_skb+0xbbb/0x1860
[ 1020.981627][T22774]  udp_v6_push_pending_frames+0x133/0x220
[ 1020.987487][T22774]  udpv6_sendmsg+0xdfe/0x2390
[ 1020.992224][T22774]  ? udpv6_sendmsg+0x2390/0x2390
[ 1020.997199][T22774]  ? udp_v6_early_demux+0xf80/0xf80
[ 1021.002450][T22774]  ? __lock_acquire+0x1273/0x7d40
[ 1021.007543][T22774]  ? inet_send_prepare+0x5c/0x260
[ 1021.012617][T22774]  ? inet6_sendmsg+0x5f/0xd0
[ 1021.017245][T22774]  ? inet6_compat_ioctl+0x3c0/0x3c0
[ 1021.022487][T22774]  ____sys_sendmsg+0x5ba/0x960
[ 1021.027309][T22774]  ? __asan_memset+0x22/0x40
[ 1021.031952][T22774]  ? __sys_sendmsg_sock+0x30/0x30
[ 1021.037018][T22774]  ? __import_iovec+0x5f2/0x850
[ 1021.041924][T22774]  ? import_iovec+0x73/0xa0
[ 1021.046492][T22774]  ___sys_sendmsg+0x2a6/0x360
[ 1021.051208][T22774]  ? get_pid_task+0x20/0x1e0
[ 1021.055857][T22774]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1021.060681][T22774]  ? __lock_acquire+0x7d40/0x7d40
[ 1021.065773][T22774]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1021.070659][T22774]  ? __x64_sys_sendmsg+0x80/0x80
[ 1021.075657][T22774]  ? lockdep_hardirqs_on+0x98/0x150
[ 1021.080913][T22774]  do_syscall_64+0x55/0xa0
[ 1021.085372][T22774]  ? clear_bhb_loop+0x40/0x90
[ 1021.090090][T22774]  ? clear_bhb_loop+0x40/0x90
[ 1021.094816][T22774]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1021.100746][T22774] RIP: 0033:0x7f248bf9ce59
[ 1021.105215][T22774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1021.124902][T22774] RSP: 002b:00007f248cf23028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1021.133368][T22774] RAX: ffffffffffffffda RBX: 00007f248c215fa0 RCX: 00007f248bf9ce59
[ 1021.141405][T22774] RDX: 0000000020040080 RSI: 0000200000000000 RDI: 0000000000000003
[ 1021.149414][T22774] RBP: 00007f248cf23090 R08: 0000000000000000 R09: 0000000000000000
[ 1021.157424][T22774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1021.165481][T22774] R13: 00007f248c216038 R14: 00007f248c215fa0 R15: 00007fff265218b8
[ 1021.173508][T22774]  </TASK>
[ 1021.371360][T22780] FAULT_INJECTION: forcing a failure.
[ 1021.371360][T22780] name failslab, interval 1, probability 0, space 0, times 0
[ 1021.389241][T22780] CPU: 1 PID: 22780 Comm: syz.0.5537 Not tainted syzkaller #0
[ 1021.396780][T22780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1021.406889][T22780] Call Trace:
[ 1021.410218][T22780]  <TASK>
[ 1021.413185][T22780]  dump_stack_lvl+0x18c/0x250
[ 1021.417933][T22780]  ? show_regs_print_info+0x20/0x20
[ 1021.423246][T22780]  ? load_image+0x420/0x420
[ 1021.427842][T22780]  ? __might_sleep+0xe0/0xe0
[ 1021.432492][T22780]  ? __lock_acquire+0x7d40/0x7d40
[ 1021.437567][T22780]  should_fail_ex+0x39d/0x4d0
[ 1021.442305][T22780]  should_failslab+0x9/0x20
[ 1021.446867][T22780]  slab_pre_alloc_hook+0x59/0x310
[ 1021.451959][T22780]  ? tomoyo_encode+0x28b/0x540
[ 1021.456774][T22780]  ? tomoyo_encode+0x28b/0x540
[ 1021.461584][T22780]  __kmem_cache_alloc_node+0x53/0x250
[ 1021.467016][T22780]  ? tomoyo_encode+0x28b/0x540
[ 1021.471828][T22780]  __kmalloc+0xa4/0x230
[ 1021.476044][T22780]  tomoyo_encode+0x28b/0x540
[ 1021.480720][T22780]  tomoyo_realpath_from_path+0x592/0x5d0
[ 1021.486416][T22780]  tomoyo_path_number_perm+0x248/0x620
[ 1021.491935][T22780]  ? tomoyo_path_number_perm+0x217/0x620
[ 1021.497625][T22780]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1021.503147][T22780]  ? ksys_write+0x1c4/0x260
[ 1021.507743][T22780]  ? __fget_files+0x28/0x4b0
[ 1021.512381][T22780]  ? __fget_files+0x28/0x4b0
[ 1021.517042][T22780]  security_file_ioctl+0x70/0xa0
[ 1021.522039][T22780]  __se_sys_ioctl+0x48/0x170
[ 1021.526683][T22780]  do_syscall_64+0x55/0xa0
[ 1021.531141][T22780]  ? clear_bhb_loop+0x40/0x90
[ 1021.535881][T22780]  ? clear_bhb_loop+0x40/0x90
[ 1021.540615][T22780]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1021.546559][T22780] RIP: 0033:0x7f248bf9ce59
[ 1021.551029][T22780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1021.570690][T22780] RSP: 002b:00007f248cf02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1021.579157][T22780] RAX: ffffffffffffffda RBX: 00007f248c216090 RCX: 00007f248bf9ce59
[ 1021.587182][T22780] RDX: 00002000000001c0 RSI: 00000000000089e1 RDI: 0000000000000004
[ 1021.595219][T22780] RBP: 00007f248cf02090 R08: 0000000000000000 R09: 0000000000000000
[ 1021.603232][T22780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1021.611247][T22780] R13: 00007f248c216128 R14: 00007f248c216090 R15: 00007fff265218b8
[ 1021.619287][T22780]  </TASK>
[ 1021.649962][T22780] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1023.305792][T22795] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1023.703081][T22808] netlink: 'syz.3.5548': attribute type 10 has an invalid length.
[ 1023.734586][T22808] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5548'.
[ 1027.437081][T22845] netlink: 'syz.0.5561': attribute type 10 has an invalid length.
[ 1027.454821][T22845] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5561'.
[ 1027.491789][T22847] netlink: 'syz.3.5562': attribute type 10 has an invalid length.
[ 1027.507946][T22847] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5562'.
[ 1028.231109][T13967] Bluetooth: hci1: unexpected subevent 0x01 length: 150 > 18
[ 1028.271075][T22864] netlink: 39927 bytes leftover after parsing attributes in process `syz.2.5568'.
[ 1029.048367][T22886] netlink: 'syz.3.5574': attribute type 10 has an invalid length.
[ 1029.069396][T22886] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5574'.
[ 1029.280082][T22890] netlink: 'syz.0.5575': attribute type 10 has an invalid length.
[ 1029.289194][T22890] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5575'.
[ 1030.286320][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1031.255060][T22921] netlink: 'syz.2.5586': attribute type 10 has an invalid length.
[ 1031.276176][T22921] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5586'.
[ 1032.109952][T22926] netlink: 'syz.0.5587': attribute type 10 has an invalid length.
[ 1032.122834][T22926] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5587'.
[ 1032.167184][T22933] netlink: 'syz.1.5591': attribute type 10 has an invalid length.
[ 1032.179589][T22933] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5591'.
[ 1033.246863][T22962] netlink: 'syz.2.5598': attribute type 10 has an invalid length.
[ 1033.264362][T22962] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5598'.
[ 1033.468759][T22968] netlink: 'syz.1.5601': attribute type 10 has an invalid length.
[ 1033.479535][T22968] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5601'.
[ 1033.681516][T22965] netlink: 'syz.3.5602': attribute type 10 has an invalid length.
[ 1033.704915][T22965] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5602'.
[ 1034.693959][T22990] FAULT_INJECTION: forcing a failure.
[ 1034.693959][T22990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1034.711614][T22990] CPU: 1 PID: 22990 Comm: syz.1.5612 Not tainted syzkaller #0
[ 1034.719168][T22990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1034.729277][T22990] Call Trace:
[ 1034.732609][T22990]  <TASK>
[ 1034.735586][T22990]  dump_stack_lvl+0x18c/0x250
[ 1034.740327][T22990]  ? show_regs_print_info+0x20/0x20
[ 1034.745595][T22990]  ? load_image+0x420/0x420
[ 1034.750228][T22990]  ? __might_fault+0xaa/0x120
[ 1034.754958][T22990]  ? __lock_acquire+0x7d40/0x7d40
[ 1034.760033][T22990]  should_fail_ex+0x39d/0x4d0
[ 1034.764778][T22990]  _copy_from_iter+0x1d9/0x12e0
[ 1034.769684][T22990]  ? __virt_addr_valid+0x18c/0x540
[ 1034.774862][T22990]  ? __lock_acquire+0x7d40/0x7d40
[ 1034.779939][T22990]  ? rcu_is_watching+0x15/0xb0
[ 1034.784775][T22990]  ? copyout_mc+0x70/0x70
[ 1034.789160][T22990]  ? __virt_addr_valid+0x18c/0x540
[ 1034.794321][T22990]  ? __virt_addr_valid+0x18c/0x540
[ 1034.799488][T22990]  ? __virt_addr_valid+0x469/0x540
[ 1034.804658][T22990]  ? __check_object_size+0x506/0xa20
[ 1034.809996][T22990]  kcm_sendmsg+0xd95/0x28b0
[ 1034.814593][T22990]  ? kcm_getsockopt+0x280/0x280
[ 1034.819493][T22990]  ? aa_sock_msg_perm+0x94/0x150
[ 1034.824484][T22990]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1034.829826][T22990]  ? security_socket_sendmsg+0x80/0xa0
[ 1034.835333][T22990]  ? kcm_getsockopt+0x280/0x280
[ 1034.840239][T22990]  ____sys_sendmsg+0x5ba/0x960
[ 1034.845082][T22990]  ? __asan_memset+0x22/0x40
[ 1034.847917][T22988] netlink: 'syz.0.5611': attribute type 10 has an invalid length.
[ 1034.849717][T22990]  ? __sys_sendmsg_sock+0x30/0x30
[ 1034.849779][T22990]  ? __import_iovec+0x5f2/0x850
[ 1034.849813][T22990]  ? import_iovec+0x73/0xa0
[ 1034.849839][T22990]  ___sys_sendmsg+0x2a6/0x360
[ 1034.849869][T22990]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1034.849916][T22990]  ? __lock_acquire+0x7d40/0x7d40
[ 1034.849973][T22990]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1034.850000][T22990]  ? __x64_sys_sendmsg+0x80/0x80
[ 1034.850041][T22990]  ? lockdep_hardirqs_on+0x98/0x150
[ 1034.850073][T22990]  do_syscall_64+0x55/0xa0
[ 1034.850093][T22990]  ? clear_bhb_loop+0x40/0x90
[ 1034.850120][T22990]  ? clear_bhb_loop+0x40/0x90
[ 1034.850150][T22990]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1034.850177][T22990] RIP: 0033:0x7f3fa759ce59
[ 1034.850198][T22990] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1034.850217][T22990] RSP: 002b:00007f3fa84ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1034.850241][T22990] RAX: ffffffffffffffda RBX: 00007f3fa7815fa0 RCX: 00007f3fa759ce59
[ 1034.850257][T22990] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[ 1034.850271][T22990] RBP: 00007f3fa84ee090 R08: 0000000000000000 R09: 0000000000000000
[ 1034.850285][T22990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1034.850298][T22990] R13: 00007f3fa7816038 R14: 00007f3fa7815fa0 R15: 00007ffd7532d678
[ 1034.850331][T22990]  </TASK>
[ 1035.086375][T22988] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5611'.
[ 1039.370768][T23020] netlink: 'syz.2.5622': attribute type 30 has an invalid length.
[ 1039.678732][T23035] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5627'.
[ 1039.714073][T23032] netlink: 'syz.3.5625': attribute type 10 has an invalid length.
[ 1039.728848][T23032] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5625'.
[ 1039.753150][T23035] sctp: [Deprecated]: syz.2.5627 (pid 23035) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1039.753150][T23035] Use struct sctp_sack_info instead
[ 1039.930598][T23042] netlink: 'syz.3.5630': attribute type 1 has an invalid length.
[ 1039.951116][T23042] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.5630'.
[ 1039.982124][T23044] delete_channel: no stack
[ 1039.991671][T23044] delete_channel: no stack
[ 1040.658669][T23058] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.5635'.
[ 1041.322241][T23070] netlink: 'syz.3.5638': attribute type 10 has an invalid length.
[ 1041.336953][T23070] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5638'.
[ 1041.493658][T23078] ref_ctr_offset mismatch. inode: 0x7a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xfe
[ 1043.925747][T23110] ref_ctr_offset mismatch. inode: 0x42 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xfe
[ 1044.002625][T23105] netlink: 'syz.1.5651': attribute type 10 has an invalid length.
[ 1044.019148][T23105] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5651'.
[ 1044.343151][T23116] netlink: 'syz.0.5656': attribute type 10 has an invalid length.
[ 1044.365645][T23116] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5656'.
[ 1044.705747][T23128] netlink: 'syz.0.5659': attribute type 17 has an invalid length.
[ 1044.713719][T23128] netlink: 148 bytes leftover after parsing attributes in process `syz.0.5659'.
[ 1046.358487][T23150] netlink: 'syz.2.5665': attribute type 10 has an invalid length.
[ 1046.368029][T23150] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5665'.
[ 1046.392197][T23148] netlink: 'syz.1.5664': attribute type 10 has an invalid length.
[ 1046.429916][T23148] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5664'.
[ 1046.901074][T23162] netlink: 'syz.2.5669': attribute type 10 has an invalid length.
[ 1046.925199][T23162] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5669'.
[ 1047.201436][T23176] netlink: 830 bytes leftover after parsing attributes in process `syz.1.5674'.
[ 1047.767573][T23184] netlink: 'syz.2.5677': attribute type 10 has an invalid length.
[ 1047.787030][T23184] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5677'.
[ 1048.086423][T23196] FAULT_INJECTION: forcing a failure.
[ 1048.086423][T23196] name failslab, interval 1, probability 0, space 0, times 0
[ 1048.099353][T23196] CPU: 0 PID: 23196 Comm: syz.3.5681 Not tainted syzkaller #0
[ 1048.106887][T23196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1048.117003][T23196] Call Trace:
[ 1048.120332][T23196]  <TASK>
[ 1048.123318][T23196]  dump_stack_lvl+0x18c/0x250
[ 1048.128087][T23196]  ? show_regs_print_info+0x20/0x20
[ 1048.133352][T23196]  ? load_image+0x420/0x420
[ 1048.137921][T23196]  ? __lock_acquire+0x7d40/0x7d40
[ 1048.143012][T23196]  should_fail_ex+0x39d/0x4d0
[ 1048.147762][T23196]  should_failslab+0x9/0x20
[ 1048.152333][T23196]  slab_pre_alloc_hook+0x59/0x310
[ 1048.157423][T23196]  kmem_cache_alloc+0x5a/0x2d0
[ 1048.162238][T23196]  ? sk_prot_alloc+0x57/0x210
[ 1048.166960][T23196]  sk_prot_alloc+0x57/0x210
[ 1048.171506][T23196]  ? sk_alloc+0x24/0x360
[ 1048.175790][T23196]  sk_alloc+0x3a/0x360
[ 1048.179902][T23196]  inet_create+0x7a0/0xfe0
[ 1048.184363][T23196]  ? inet_create+0x9c/0xfe0
[ 1048.188926][T23196]  __sock_create+0x4a6/0x940
[ 1048.193578][T23196]  mptcp_subflow_create_socket+0x10b/0xac0
[ 1048.199422][T23196]  ? mark_lock+0x94/0x320
[ 1048.203788][T23196]  ? __mptcp_subflow_connect+0x1450/0x1450
[ 1048.209629][T23196]  ? lock_chain_count+0x20/0x20
[ 1048.214535][T23196]  __mptcp_nmpc_sk+0x157/0x740
[ 1048.219327][T23196]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1048.224735][T23196]  ? __bpf_trace_subflow_check_data_avail+0x160/0x160
[ 1048.231535][T23196]  mptcp_setsockopt+0x1745/0x3390
[ 1048.236593][T23196]  ? aa_sk_perm+0x83c/0x970
[ 1048.241141][T23196]  ? __fget_files+0x28/0x4b0
[ 1048.245767][T23196]  ? pm_nl_exit_net+0x230/0x230
[ 1048.250646][T23196]  ? aa_af_perm+0x330/0x330
[ 1048.255220][T23196]  ? __fget_files+0x28/0x4b0
[ 1048.259844][T23196]  ? __fget_files+0x28/0x4b0
[ 1048.264470][T23196]  ? aa_sock_opt_perm+0x74/0x100
[ 1048.269469][T23196]  ? sock_common_setsockopt+0x36/0xc0
[ 1048.274892][T23196]  ? sock_common_recvmsg+0x190/0x190
[ 1048.280231][T23196]  do_sock_setsockopt+0x175/0x1a0
[ 1048.285298][T23196]  __x64_sys_setsockopt+0x182/0x200
[ 1048.290536][T23196]  do_syscall_64+0x55/0xa0
[ 1048.294980][T23196]  ? clear_bhb_loop+0x40/0x90
[ 1048.299689][T23196]  ? clear_bhb_loop+0x40/0x90
[ 1048.304400][T23196]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1048.310322][T23196] RIP: 0033:0x7fdaf999ce59
[ 1048.314763][T23196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1048.334408][T23196] RSP: 002b:00007fdafa874028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1048.342862][T23196] RAX: ffffffffffffffda RBX: 00007fdaf9c15fa0 RCX: 00007fdaf999ce59
[ 1048.350869][T23196] RDX: 0000000000000002 RSI: 0000000000000001 RDI: 0000000000000003
[ 1048.358870][T23196] RBP: 00007fdafa874090 R08: 0000000000000004 R09: 0000000000000000
[ 1048.366868][T23196] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1048.374863][T23196] R13: 00007fdaf9c16038 R14: 00007fdaf9c15fa0 R15: 00007ffea0cb2578
[ 1048.382873][T23196]  </TASK>
[ 1048.774485][T23207] netlink: 'syz.3.5685': attribute type 2 has an invalid length.
[ 1048.782421][T23207] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.5685'.
[ 1048.916913][T23209] netlink: 'syz.1.5684': attribute type 10 has an invalid length.
[ 1048.932652][T23209] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5684'.
[ 1049.241782][T23215] netlink: 'syz.3.5687': attribute type 10 has an invalid length.
[ 1049.264725][T23215] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5687'.
[ 1049.336014][T23222] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.5688'.
[ 1049.375439][T23222] bridge_slave_1: default FDB implementation only supports local addresses
[ 1049.685889][T23229] netlink: 'syz.2.5690': attribute type 10 has an invalid length.
[ 1049.714462][T23229] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5690'.
[ 1050.088010][T23245] netlink: 199824 bytes leftover after parsing attributes in process `syz.2.5696'.
[ 1050.131392][T23245] netlink: 212912 bytes leftover after parsing attributes in process `syz.2.5696'.
[ 1050.642183][    C1] 
[ 1050.642193][    C1] ================================
[ 1050.642199][    C1] WARNING: inconsistent lock state
[ 1050.642210][    C1] syzkaller #0 Not tainted
[ 1050.642220][    C1] --------------------------------
[ 1050.642225][    C1] inconsistent {INITIAL USE} -> {IN-NMI} usage.
[ 1050.642233][    C1] syz.0.5699/23250 [HC1[1]:SC0[0]:HE0:SE1] takes:
[ 1050.642254][    C1] ffff88805f1e3a38 (&trie->lock){..-.}-{2:2}, at: trie_delete_elem+0x96/0x6a0
[ 1050.642313][    C1] {INITIAL USE} state was registered at:
[ 1050.642326][    C1]   lock_acquire+0x19e/0x420
[ 1050.642349][    C1]   _raw_spin_lock_irqsave+0xb4/0x100
[ 1050.642372][    C1]   trie_update_elem+0xcd/0xea0
[ 1050.642396][    C1]   bpf_map_update_value+0x660/0x720
[ 1050.642413][    C1]   generic_map_update_batch+0x5ec/0x810
[ 1050.642430][    C1]   bpf_map_do_batch+0x3d7/0x610
[ 1050.642451][    C1]   __sys_bpf+0x381/0x890
[ 1050.642469][    C1]   __x64_sys_bpf+0x7c/0x90
[ 1050.642486][    C1]   do_syscall_64+0x55/0xa0
[ 1050.642503][    C1]   entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1050.642526][    C1] irq event stamp: 1586
[ 1050.642534][    C1] hardirqs last  enabled at (1585): [<ffffffff81dece2f>] ___slab_alloc+0x10ef/0x12f0
[ 1050.642571][    C1] hardirqs last disabled at (1586): [<ffffffff8a863903>] exc_debug+0x73/0x140
[ 1050.642595][    C1] softirqs last  enabled at (1418): [<ffffffff81527243>] __irq_exit_rcu+0xd3/0x190
[ 1050.642620][    C1] softirqs last disabled at (1377): [<ffffffff81527243>] __irq_exit_rcu+0xd3/0x190
[ 1050.642644][    C1] 
[ 1050.642644][    C1] other info that might help us debug this:
[ 1050.642650][    C1]  Possible unsafe locking scenario:
[ 1050.642650][    C1] 
[ 1050.642655][    C1]        CPU0
[ 1050.642659][    C1]        ----
[ 1050.642663][    C1]   lock(&trie->lock);
[ 1050.642675][    C1]   <Interrupt>
[ 1050.642679][    C1]     lock(&trie->lock);
[ 1050.642691][    C1] 
[ 1050.642691][    C1]  *** DEADLOCK ***
[ 1050.642691][    C1] 
[ 1050.642696][    C1] no locks held by syz.0.5699/23250.
[ 1050.642704][    C1] 
[ 1050.642704][    C1] stack backtrace:
[ 1050.642710][    C1] CPU: 1 PID: 23250 Comm: syz.0.5699 Not tainted syzkaller #0
[ 1050.642729][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1050.642741][    C1] Call Trace:
[ 1050.642748][    C1]  <#DB>
[ 1050.642755][    C1]  dump_stack_lvl+0x18c/0x250
[ 1050.642797][    C1]  ? show_regs_print_info+0x20/0x20
[ 1050.642833][    C1]  ? print_usage_bug+0x475/0x690
[ 1050.642857][    C1]  ? verify_lock_unused+0x18/0x140
[ 1050.642882][    C1]  lock_acquire+0x2c2/0x420
[ 1050.642906][    C1]  ? trie_delete_elem+0x96/0x6a0
[ 1050.642935][    C1]  ? read_lock_is_recursive+0x20/0x20
[ 1050.642959][    C1]  ? get_user_pages_fast_only+0xa0/0xa0
[ 1050.642988][    C1]  ? put_callchain_entry+0xb0/0xb0
[ 1050.643012][    C1]  _raw_spin_lock_irqsave+0xb4/0x100
[ 1050.643037][    C1]  ? trie_delete_elem+0x96/0x6a0
[ 1050.643065][    C1]  ? _raw_spin_lock+0x40/0x40
[ 1050.643089][    C1]  ? perf_prepare_sample+0x156d/0x1df0
[ 1050.643113][    C1]  trie_delete_elem+0x96/0x6a0
[ 1050.643142][    C1]  ? __cant_sleep+0x220/0x220
[ 1050.643166][    C1]  ? perf_trace_lock+0x198/0x3b0
[ 1050.643189][    C1]  bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1050.643210][    C1]  bpf_overflow_handler+0x1fc/0x510
[ 1050.643243][    C1]  ? bpf_overflow_handler+0xde/0x510
[ 1050.643271][    C1]  ? tp_perf_event_destroy+0x20/0x20
[ 1050.643299][    C1]  ? lock_release+0xb5/0x8c0
[ 1050.643325][    C1]  ? __perf_event_account_interrupt+0x187/0x280
[ 1050.643350][    C1]  __perf_event_overflow+0x447/0x630
[ 1050.643378][    C1]  perf_swevent_event+0x319/0x570
[ 1050.643403][    C1]  ? perf_tp_event+0x1520/0x1520
[ 1050.643423][    C1]  ? perf_trace_lock_acquire+0x104/0x410
[ 1050.643461][    C1]  perf_bp_event+0x319/0x430
[ 1050.643484][    C1]  ? look_up_lock_class+0x75/0x140
[ 1050.643509][    C1]  ? perf_event_free_bpf_prog+0x120/0x120
[ 1050.643531][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1050.643576][    C1]  ? lock_acquire+0x2c2/0x420
[ 1050.643602][    C1]  hw_breakpoint_exceptions_notify+0x23e/0x670
[ 1050.643631][    C1]  notifier_call_chain+0x197/0x380
[ 1050.643659][    C1]  ? atomic_notifier_call_chain+0x26/0x180
[ 1050.643685][    C1]  atomic_notifier_call_chain+0xda/0x180
[ 1050.643712][    C1]  notify_die+0x145/0x1a0
[ 1050.643739][    C1]  ? srcu_init_notifier_head+0x90/0x90
[ 1050.643775][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1050.643804][    C1]  notify_debug+0x2e/0x50
[ 1050.643823][    C1]  exc_debug+0xde/0x140
[ 1050.643845][    C1]  asm_exc_debug+0x1e/0x40
[ 1050.643869][    C1] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1050.643892][    C1] Code: 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 29 f8 48 01
[ 1050.643910][    C1] RSP: 0018:ffffc90004d17b48 EFLAGS: 00050202
[ 1050.643927][    C1] RAX: ffffffff842a1f01 RBX: 0000000000000dc0 RCX: 0000000000000dbf
[ 1050.643941][    C1] RDX: 0000000000000001 RSI: 0000200000000301 RDI: ffff88802f08a101
[ 1050.643956][    C1] RBP: 0000000000000100 R08: ffff88802f08aebf R09: 1ffff11005e115d7
[ 1050.643969][    C1] R10: dffffc0000000000 R11: ffffed1005e115d8 R12: 00002000000010c0
[ 1050.643984][    C1] R13: 0000000000000dc0 R14: ffff88802f08a100 R15: 0000200000000300
[ 1050.644003][    C1]  ? rcuref_put_slowpath+0x141/0x150
[ 1050.644035][    C1]  </#DB>
[ 1050.644041][    C1]  <TASK>
[ 1050.644048][    C1]  _copy_from_user+0x8b/0xe0
[ 1050.644074][    C1]  bpf_test_init+0xde/0x140
[ 1050.644103][    C1]  bpf_prog_test_run_xdp+0x4d1/0x10e0
[ 1050.644133][    C1]  ? dev_put+0x80/0x80
[ 1050.644161][    C1]  ? dev_put+0x80/0x80
[ 1050.644183][    C1]  bpf_prog_test_run+0x321/0x390
[ 1050.644208][    C1]  __sys_bpf+0x49d/0x890
[ 1050.644228][    C1]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1050.644257][    C1]  ? lock_chain_count+0x20/0x20
[ 1050.644284][    C1]  __x64_sys_bpf+0x7c/0x90
[ 1050.644303][    C1]  do_syscall_64+0x55/0xa0
[ 1050.644320][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1050.644344][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1050.644370][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1050.644395][    C1] RIP: 0033:0x7f248bf9ce59
[ 1050.644411][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1050.644429][    C1] RSP: 002b:00007f248cf23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1050.644449][    C1] RAX: ffffffffffffffda RBX: 00007f248c215fa0 RCX: 00007f248bf9ce59
[ 1050.644464][    C1] RDX: 0000000000000050 RSI: 00002000000001c0 RDI: 000000000000000a
[ 1050.644476][    C1] RBP: 00007f248c032d6f R08: 0000000000000000 R09: 0000000000000000
[ 1050.644487][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1050.644498][    C1] R13: 00007f248c216038 R14: 00007f248c215fa0 R15: 00007fff265218b8
[ 1050.644522][    C1]  </TASK>
[ 1050.971272][T23252] netlink: 'syz.3.5700': attribute type 10 has an invalid length.
[ 1051.348655][T23252] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5700'.
[ 1054.617862][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.624299][ T1290] ieee802154 phy1 wpan1: encryption failed: -22