last executing test programs: 8.45591945s ago: executing program 0 (id=4391): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e25, 0x0, @dev={0xfe, 0x80, '\x00', 0x80}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x94) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4612, 0xffffffffffffffff}, 0x114105, 0x6, 0xc6, 0x1, 0x0, 0x40000, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x1, 0x0, 0x0) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)) ioctl$SIOCSIFHWADDR(r2, 0x8b14, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0x1, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3) socket$kcm(0x10, 0x3, 0x10) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x90d8, 0x4, 0x43a1bd76, 0x5, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8924, &(0x7f0000000080)) recvmsg$kcm(r0, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x40016001) 8.124387201s ago: executing program 0 (id=4394): perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x7e15b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x84, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000640)}, 0x4000040) r3 = socket$kcm(0x10, 0x3, 0x0) write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="1312000012"], 0xfe33) recvmsg$kcm(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42) recvmsg$kcm(r3, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="bf0700000000000063117c000000000007000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) close(r2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="7f0000006a007ffa9e", 0x9}, {&(0x7f00000001c0)="64cabf2dfb58fc021d6b689866f05d4800050088a8ffff0200258f2e4409b8f9e6aaeb88beab23fc2c6726e89b13e2f6e8bc95ee52dcd7298d390938510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400712cfff68aac572a830923ed3c3fac90beecd4521a447ffe975606ab42a207", 0x76}], 0x2}, 0x0) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x2, 0x100000000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001}) 7.097761623s ago: executing program 0 (id=4400): bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e1209000400dc050000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040", 0xa2}], 0x1}, 0x60044084) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='memory.events\x00', 0x0, 0x0) sendmsg(r1, &(0x7f0000000c40)={&(0x7f0000000880)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @remote}, 0x2, 0x2}}, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000900)="5d10cd6c58b0392b068157d4ee77056e37ddf3910a54fb3793a141e2e366a1fdde7531da1cdc04dc7d32c2c635ff0468d04b9a51920885fb1e00a2dd0554314081ef7997d07120c9467c325d9770592abd6dd4560932dbc9c38788691c4148a9d5400ef6ef62938fa16f217a78f5f6ce0cd322d80ec178b940f51a49406ea14288c6a3dd63eb1b9dc7651bd2dae93a7339a89d6422d482669283ffc413ea6cd1f8180124bb93cf012a9c", 0xaa}, {&(0x7f00000009c0)="fb6f17a27b840d0c4b195af726c2bd2208f9aad39cd896a12fa3346c6d7bfb848a7c614f26cd6ead3315936705d6113ac6b0b58294618047acae1beeba9497954927b95191b1d2f0c12d4df7759c2a11dd792473fb9a07748fdd2595f360c3389f6b9f5f13df1f669cce301cc0992d8a7523555fb6a7ccf7a7d26c8a9bb54f3f336082b5976e550cb0884fdce9a6cc8dd8522710e2602d91a8da2040e3cf82232f02254b0700d4790748ecb36360d084a085f9022459e9a0dd0a5ab864b1a1b03d836606921692", 0xc7}, {&(0x7f0000000ac0)="a8cda9c9b9", 0x5}, {&(0x7f0000000b00)="581240a47c0591065f9a4f67fe84d3108e4614a8599076ee40cec791d8e598b6eea4ec1bbec2206a5a79c7b69d08737914b1f4a4db1bff23de6c6ac3bc789a5c538195dd53b07d25bc5effdb5cfb7d2bd407047a29af5df57c755299b988b8fc238234b722b713", 0x67}, {&(0x7f0000000b80)="bd94bc62b2e6956f2c821c1bc794339627d891f4db7fdc4d80f8e57436fec162006b95d9a708eda552", 0x29}], 0x5}, 0x4008000) 6.90611428s ago: executing program 0 (id=4403): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x2d, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@map_val={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0xa4}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @ringbuf_query, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x1, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x0, 0x8, 0x8001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000680)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f00000006c0)=[{0x2, 0x1, 0x10, 0x8}, {0x3, 0x4, 0x9, 0x3}, {0x5, 0x2, 0x8, 0x4}, {0x0, 0x1, 0x9, 0xb}, {0x2, 0x2, 0xb, 0x2}, {0x3, 0x3, 0x0, 0xe}, {0x4, 0x4, 0x10, 0xc}], 0x10, 0x7}, 0x94) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r1}, 0x4) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.kill\x00', 0x0, 0x0) openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000001000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500008366000800"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) r4 = socket$kcm(0x2, 0x2, 0x73) sendmsg$inet(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @local}, 0x10, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000880)="90e6", 0x2}], 0x2}, 0x900000000000000) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0x7ff}, 0x104101, 0x4, 0x0, 0x7, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x6, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x200}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6) socket$kcm(0x21, 0x2, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8b26, &(0x7f0000000280)={'wlan1\x00'}) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x18) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff94, 0xfffffffffffffff8}, 0x126a0, 0x1000, 0x0, 0x0, 0x736, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000600)="87fc5d85da21530562070095c108", 0x0, 0x8011, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={r0, 0x0, 0x8e, 0x57, &(0x7f0000000800)="2ac52c8e4b32ca3ff5c6170a5f7b94ee2d6fdf01bc6d6c53524b718492906ea0b365405501735b0c0c376c7fac9b633c734a2a7416e9dc7c04717da6517faf40b215bcbe7d8e99e19c3261a38f95a92e009bde0d5f9fad656dea3450110c2f76b9534489a7b362b35fc45f82320ebde5bd11939d86846d9dbdeddf116a7fa1774fe218d6203fb9feb116ebffa150", &(0x7f00000008c0)=""/87, 0x4, 0x0, 0x72, 0x25, &(0x7f0000000940)="ec22d176fb5e8da61d43739a11ea16d4f2b4db37996aceba2271c82d68d8e458aa333f94265d716f26fd6a15e90e5f1d6455b8420feb7d48e45422e08495d4a2ab7f3332078caf591ad1c266c70b56eac7079c0fcab137af3d0c06b323f0d4f47d9d6a90a63da8fcf5a6eab35de6a4e2ae67", &(0x7f00000009c0)="8853acdca866e43997754d51924f3421cb6fade75f61c060bcdab9c531351eb0beddd6df63", 0x2, 0x0, 0x4}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) r9 = socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000080), &(0x7f00000001c0)=r9}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0xc, &(0x7f00000001c0)=@framed={{}, [@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) 6.106504325s ago: executing program 0 (id=4407): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$kcm(0x11, 0x2, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 28) 5.95171786s ago: executing program 0 (id=4408): perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x7e15b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x84, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000640)}, 0x4000040) r3 = socket$kcm(0x10, 0x3, 0x0) write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091"], 0xfe33) recvmsg$kcm(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42) recvmsg$kcm(r3, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="bf0700000000000063117c000000000007000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) close(r2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="7f0000006a007ffa9e", 0x9}, {&(0x7f00000001c0)="64cabf2dfb58fc021d6b689866f05d4800050088a8ffff0200258f2e4409b8f9e6aaeb88beab23fc2c6726e89b13e2f6e8bc95ee52dcd7298d390938510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400712cfff68aac572a830923ed3c3fac90beecd4521a447ffe975606ab42a207", 0x76}], 0x2}, 0x0) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x2, 0x100000000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001}) 5.33791474s ago: executing program 3 (id=4412): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e25, 0x0, @dev={0xfe, 0x80, '\x00', 0x80}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x94) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4612, 0xffffffffffffffff}, 0x114105, 0x6, 0xc6, 0x1, 0x0, 0x40000, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x1, 0x0, 0x0) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)) ioctl$SIOCSIFHWADDR(r2, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3) socket$kcm(0x10, 0x3, 0x10) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x90d8, 0x4, 0x43a1bd76, 0x5, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8924, &(0x7f0000000080)) recvmsg$kcm(r0, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x40016001) 4.747446429s ago: executing program 3 (id=4416): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="1808000030000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7060000000000008500000005000000bc0900000000000035090100000000009500000000000000b702000000000000db9af8ff50000000b5090000000000007b9af8ff00000000be8a00000000000007080000f8ffffffbf9400000000000007040000f0ffffffc70200000800000018260000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f1ff76000000bf9800000000000056080000000000008500000007000000b70000000020000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4.131290078s ago: executing program 3 (id=4419): perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x7e15b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x84, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000640)}, 0x4000040) r3 = socket$kcm(0x10, 0x3, 0x0) write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="13120000120091"], 0xfe33) recvmsg$kcm(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42) recvmsg$kcm(r3, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="bf0700000000000063117c000000000007000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) close(r2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="7f0000006a007ffa9e", 0x9}, {&(0x7f00000001c0)="64cabf2dfb58fc021d6b689866f05d4800050088a8ffff0200258f2e4409b8f9e6aaeb88beab23fc2c6726e89b13e2f6e8bc95ee52dcd7298d390938510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400712cfff68aac572a830923ed3c3fac90beecd4521a447ffe975606ab42a207", 0x76}], 0x2}, 0x0) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x2, 0x100000000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001}) 3.839411987s ago: executing program 3 (id=4421): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)="3504000041000511d25a35400c00020001ffe72037153e370c04018006041000450000002a560000e7ff0040", 0x2c}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb1b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c891cc4556efd6a6d0f8d57f2267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319120000853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4c237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584c854b4bc6096293fbc8707312f424996361ef9261ef3ba7cd2ddffb0e3c81e6", 0x3b0}, {&(0x7f0000000040)="9d493c13b6b02affcc19cb904ec2bd74085b0bd225277e5a44d681809b6d764ecab211ef0c90ba361a4378457b19705b18406f35071130b4e06c4a3b1a6e9a9d7cf1453aeb21e4c30a85207027af69f536ec61a4a59614b3f5", 0x59}], 0x3}, 0x10049014) socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000100040000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2c00, 0x0) recvmsg(r1, &(0x7f0000001100)={&(0x7f0000000240)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x80, &(0x7f0000000fc0)=[{&(0x7f00000002c0)=""/29, 0x1d}, {&(0x7f0000000300)}, {&(0x7f00000009c0)=""/185, 0xb9}, {0x0}, {&(0x7f0000000b80)=""/174, 0xae}, {&(0x7f0000000c40)=""/191, 0xbf}, {&(0x7f0000000d00)=""/146, 0x92}, {&(0x7f0000000dc0)=""/126, 0x7e}, {&(0x7f0000000e40)=""/142, 0x8e}, {&(0x7f0000000f00)=""/143, 0x8f}], 0xa, &(0x7f0000001080)=""/125, 0x7d}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r3, 0x27, 0xe, 0x0, &(0x7f0000000440)="f8ad48f8fefdffdcc8dd7f5b88a8", 0x0, 0xed, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x1) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x1ff, 0x200}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x7ff, 0x72}, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94) socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r4 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x10, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0xa6820000}, 0x0) 3.315563624s ago: executing program 1 (id=4424): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x2d, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@map_val={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0xa4}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @ringbuf_query, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x1, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x0, 0x8, 0x8001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000680)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f00000006c0)=[{0x2, 0x1, 0x10, 0x8}, {0x3, 0x4, 0x9, 0x3}, {0x5, 0x2, 0x8, 0x4}, {0x0, 0x1, 0x9, 0xb}, {0x2, 0x2, 0xb, 0x2}, {0x3, 0x3, 0x0, 0xe}, {0x4, 0x4, 0x10, 0xc}], 0x10, 0x7}, 0x94) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r1}, 0x4) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.kill\x00', 0x0, 0x0) openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000001000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500008366000800"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) r4 = socket$kcm(0x2, 0x2, 0x73) sendmsg$inet(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @local}, 0x10, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000880)="90e6", 0x2}], 0x2}, 0x900000000000000) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0x7ff}, 0x104101, 0x4, 0x0, 0x7, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x6, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x200}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6) socket$kcm(0x21, 0x2, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8b26, &(0x7f0000000280)={'wlan1\x00'}) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x18) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000500)='\t!~&\x00\xaeH\xfc\xf7\xf7\xd4\x1c\x94\xcb\r^\xd6<\xda9\xdc\xac(\x8cj\x13hk\xfc\xa8\v#)\xddk\x93\x12\xbfh\x95\xb9\xb7-:\xebr\xf2%\xaf\x8fH\x89MO\xf7\xbe\x1b\xd7\xd7S\b\x00\x00\x00\x00\x00\x00') bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000600)="87fc5d85da21530562070095c108", 0x0, 0x8011, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={r0, 0x0, 0x8e, 0x57, &(0x7f0000000800)="2ac52c8e4b32ca3ff5c6170a5f7b94ee2d6fdf01bc6d6c53524b718492906ea0b365405501735b0c0c376c7fac9b633c734a2a7416e9dc7c04717da6517faf40b215bcbe7d8e99e19c3261a38f95a92e009bde0d5f9fad656dea3450110c2f76b9534489a7b362b35fc45f82320ebde5bd11939d86846d9dbdeddf116a7fa1774fe218d6203fb9feb116ebffa150", &(0x7f00000008c0)=""/87, 0x4, 0x0, 0x72, 0x25, &(0x7f0000000940)="ec22d176fb5e8da61d43739a11ea16d4f2b4db37996aceba2271c82d68d8e458aa333f94265d716f26fd6a15e90e5f1d6455b8420feb7d48e45422e08495d4a2ab7f3332078caf591ad1c266c70b56eac7079c0fcab137af3d0c06b323f0d4f47d9d6a90a63da8fcf5a6eab35de6a4e2ae67", &(0x7f00000009c0)="8853acdca866e43997754d51924f3421cb6fade75f61c060bcdab9c531351eb0beddd6df63", 0x2, 0x0, 0x4}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) r9 = socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000080), &(0x7f00000001c0)=r9}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0xc, &(0x7f00000001c0)=@framed={{}, [@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) 2.660406205s ago: executing program 1 (id=4426): socket$kcm(0x11, 0x3, 0x0) r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x0, 0x3ff78000}, 0x0, 0x32, 0x43a1bd76, 0x5, 0x9, 0x4, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = perf_event_open(&(0x7f00000007c0)={0x1, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x8, 0x1}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000040)='\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x4, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffff001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4072f00", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f00000000c0), 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4, 0xffffffffffffffff}, 0x4) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0) close(r6) write$cgroup_devices(r6, &(0x7f00000005c0)=ANY=[], 0xfffffeff) perf_event_open$cgroup(&(0x7f00000001c0)={0x0, 0x80, 0x7, 0x6, 0x85, 0x5, 0x0, 0xfffffffffffffe00, 0x28000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x89c2e55674c5ab37, @perf_config_ext={0x6, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xe101, 0x5, 0x6, 0xc, 0x5, 0x0, 0x7, 0x0, 0x9}, r6, 0x5, r2, 0x8) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000200000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="7638300c000000000000e900feff", 0x0, 0x2f000000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.659637475s ago: executing program 2 (id=4427): r0 = socket$kcm(0x2, 0x5, 0x84) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_bp={0x0, 0x8}, 0x116d8, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = syz_clone(0x10028480, &(0x7f0000000440)="32e1fcc6712d5e99571195cb8427f5735956eb225e8e1c73ae0e2a6714161dd85946fb6957e1f3661cf7bc6b8a676f81f3301adf220443148d949cb42cfc44c8abd1bb1e31eaf2879fda643d7083b97f3808554f9be4afc33427ddc192d2c9b0e7126d776807cb1d9bbedd41476d74f4eba77d24d2c92972da6d0216d1b02664fc1572d2a3450c578f3e90c1cb03abbfcdf655f4be2933f2cc1b963d4c29a40595a3fc31acaab5a7e5d0f037c7a511c4565d472b3f2f0f8cf357a1c13badb14fc15cca02a3704bb703bf777df224dd9eede5a991605597c42e345e85c4bb32e860354335f3", 0xe5, &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000006c0)="07bad54836f37242c7c7936cfed42a163c2cd706fcb8492d390a46f5dcb5e67bbcdde5004602cb680b7846a7e55b719d3f50c9f20b3d5a560138b947c8096481c8375f7c1328a6b2b64f658dac48524c4912358d9aaa5e458bb0a22cc836ad0d0b42342b7f0d4c35aa36231c87bffb8f3e89a5399d78fea4b373c429f900835b97d8cfa14efa1552ba710630673780922ac2600f99e553c158a09e58e6cacef76ba4955d7750f98d5109ae59c01c65fe0de3d02c8cc54c1ffa968d4f7eae34dc9ccf2dc5b61d22fee9184d27f6cf2cc58a8c7ca0") syz_open_procfs$namespace(r3, &(0x7f00000007c0)='ns/pid\x00') ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r7}, 0x38) close(r5) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x0, 0x7ffffffc}, {0x1000000a, 0x4, 0x2}], 0x10, 0x4}, 0x94) close(0x3) socket$kcm(0xa, 0x5, 0x0) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0x6, 0x10000}, 0x80, 0x0}, 0xd0a0) setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r8, 0x1c) r9 = perf_event_open$cgroup(&(0x7f0000000200)={0x5, 0x80, 0xe0, 0x5, 0xfc, 0x7, 0x0, 0x8301, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x8000, 0x3}, 0x908, 0xffff, 0x298, 0x6, 0x2, 0x700, 0xf0, 0x0, 0x733, 0x0, 0x4}, r8, 0xc, r8, 0xe) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x1, 0x9, 0xa, 0x8, 0x0, 0x1, 0x8, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7ff, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x8, 0x1f88, 0x5, 0x5, 0x2e, 0x5, 0x8, 0x0, 0x3, 0x0, 0x8}, 0xffffffffffffffff, 0x0, r9, 0x8) 1.302933128s ago: executing program 3 (id=4428): perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x7e15b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x84, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000640)}, 0x4000040) r3 = socket$kcm(0x10, 0x3, 0x0) write$cgroup_subtree(r3, &(0x7f0000001ec0)=ANY=[@ANYBLOB="131200001200"], 0xfe33) recvmsg$kcm(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x42) recvmsg$kcm(r3, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="bf0700000000000063117c000000000007000000020000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) close(r2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="7f0000006a007ffa9e", 0x9}, {&(0x7f00000001c0)="64cabf2dfb58fc021d6b689866f05d4800050088a8ffff0200258f2e4409b8f9e6aaeb88beab23fc2c6726e89b13e2f6e8bc95ee52dcd7298d390938510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400712cfff68aac572a830923ed3c3fac90beecd4521a447ffe975606ab42a207", 0x76}], 0x2}, 0x0) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000001c0)={0x4, 0x80, 0xf9, 0x3, 0x0, 0x0, 0x0, 0x62af, 0x62f02, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x800, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x110, 0xfffffffffffffff0, 0x4b2, 0x2, 0x100000000, 0x5, 0x88cc, 0x0, 0x0, 0x0, 0x8000000000000001}) 1.049297187s ago: executing program 1 (id=4429): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = gettid() r5 = perf_event_open$cgroup(&(0x7f00000008c0)={0x3, 0x80, 0x7, 0x3, 0x2c, 0x9, 0x0, 0x8, 0x40000, 0xf, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x755b4f5, 0x1, @perf_config_ext={0xaf, 0xf1db}, 0x8, 0x9, 0xa4, 0x6, 0x8, 0x2, 0x3, 0x0, 0x108, 0x0, 0xa2ad}, 0xffffffffffffffff, 0x9, r2, 0x0) r6 = perf_event_open(&(0x7f0000000840)={0x2, 0x80, 0x6, 0x8, 0xa, 0x10, 0x0, 0xd2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000580), 0x4}, 0x1040, 0x7ff, 0xfffff800, 0x4, 0x0, 0x3, 0xe852, 0x0, 0x8001}, r4, 0xc, r5, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r7) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) r9 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000), 0x5a, 0x0, 0x0, 0x7400}, 0x0) perf_event_open(0x0, 0x0, 0x0, r6, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000000940)={'vlan1\x00', @local}) socketpair(0x1, 0x1, 0x0, 0x0) r10 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_tracing={0x1a, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="18120000", @ANYRES32=r7, @ANYRESHEX=r10], &(0x7f00000001c0)='syzkaller\x00', 0xffff0000, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x1c, r7, 0x8, &(0x7f0000000380)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x2, 0x5, 0x101}, 0x10, 0x14ae4, r0, 0x5, &(0x7f0000000540)=[r7, r10, r7, r10], &(0x7f0000000700)=[{0x1, 0x2, 0xf, 0x1}, {0x0, 0x3, 0x6, 0x3}, {0x2, 0x2, 0xd, 0xc}, {0x1, 0x3, 0xa, 0x1}, {0x2, 0x4, 0x3, 0x7}], 0x10, 0x2}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=0x0], 0x48) close(r3) 1.048256167s ago: executing program 2 (id=4430): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f00000001c0), 0x4) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0, 0x0, 0x0, 0x700}, 0x30004091) 899.875071ms ago: executing program 2 (id=4431): r0 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xd, r0, 0x0) r1 = socket$kcm(0x2, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000009c0)={&(0x7f00000010c0)=ANY=[@ANYBLOB], 0x0, 0x97, 0x0, 0x0, 0x5, 0x10000}, 0x28) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r1, 0x84, 0x64, &(0x7f0000000000)=r4, 0x10) sendmsg$inet(r1, 0x0, 0x80d1) 684.912259ms ago: executing program 2 (id=4432): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e25, 0x0, @dev={0xfe, 0x80, '\x00', 0x80}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x94) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4612, 0xffffffffffffffff}, 0x114105, 0x6, 0xc6, 0x1, 0x0, 0x40000, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0xa) socketpair$unix(0x1, 0x1, 0x0, 0x0) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)) ioctl$SIOCSIFHWADDR(r2, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3) socket$kcm(0x10, 0x3, 0x10) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x90d8, 0x4, 0x43a1bd76, 0x5, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8924, &(0x7f0000000080)) recvmsg$kcm(r0, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x40016001) 436.674176ms ago: executing program 2 (id=4433): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x2d, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@map_val={0x18, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0xa4}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @ringbuf_query, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x1, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000640)={0x0, 0x8, 0x8001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000680)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f00000006c0)=[{0x2, 0x1, 0x10, 0x8}, {0x3, 0x4, 0x9, 0x3}, {0x5, 0x2, 0x8, 0x4}, {0x0, 0x1, 0x9, 0xb}, {0x2, 0x2, 0xb, 0x2}, {0x3, 0x3, 0x0, 0xe}, {0x4, 0x4, 0x10, 0xc}], 0x10, 0x7}, 0x94) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r1}, 0x4) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.kill\x00', 0x0, 0x0) openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000001000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500008366000800"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) r4 = socket$kcm(0x2, 0x2, 0x73) sendmsg$inet(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @local}, 0x10, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000880)="90e6", 0x2}], 0x2}, 0x900000000000000) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x48) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0x7ff}, 0x104101, 0x4, 0x0, 0x7, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x6, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x200}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6) socket$kcm(0x21, 0x2, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8b26, &(0x7f0000000280)={'wlan1\x00'}) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x18) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000500)='\t!~&\x00\xaeH\xfc\xf7\xf7\xd4\x1c\x94\xcb\r^\xd6<\xda9\xdc\xac(\x8cj\x13hk\xfc\xa8\v#)\xddk\x93\x12\xbfh\x95\xb9\xb7-:\xebr\xf2%\xaf\x8fH\x89MO\xf7\xbe\x1b\xd7\xd7S\b\x00\x00\x00\x00\x00\x00') bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000600)="87fc5d85da21530562070095c108", 0x0, 0x8011, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={r0, 0x0, 0x8e, 0x57, &(0x7f0000000800)="2ac52c8e4b32ca3ff5c6170a5f7b94ee2d6fdf01bc6d6c53524b718492906ea0b365405501735b0c0c376c7fac9b633c734a2a7416e9dc7c04717da6517faf40b215bcbe7d8e99e19c3261a38f95a92e009bde0d5f9fad656dea3450110c2f76b9534489a7b362b35fc45f82320ebde5bd11939d86846d9dbdeddf116a7fa1774fe218d6203fb9feb116ebffa150", &(0x7f00000008c0)=""/87, 0x4, 0x0, 0x72, 0x25, &(0x7f0000000940)="ec22d176fb5e8da61d43739a11ea16d4f2b4db37996aceba2271c82d68d8e458aa333f94265d716f26fd6a15e90e5f1d6455b8420feb7d48e45422e08495d4a2ab7f3332078caf591ad1c266c70b56eac7079c0fcab137af3d0c06b323f0d4f47d9d6a90a63da8fcf5a6eab35de6a4e2ae67", &(0x7f00000009c0)="8853acdca866e43997754d51924f3421cb6fade75f61c060bcdab9c531351eb0beddd6df63", 0x2, 0x0, 0x4}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) r9 = socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000080), &(0x7f00000001c0)=r9}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0xc, &(0x7f00000001c0)=@framed={{}, [@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) 375.517068ms ago: executing program 1 (id=4434): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1a, 0x4, 0x0, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x809a}, 0x48) sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe50}, {0x0}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x1}], 0x5}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="18080000e9ff0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b70300002bb91a0085000000a0000000bc0900000000000045080100002000009500000000000000b7020000000000007b9af8ff00000000b5090000000000007baaf0ff00000000bf2700000000000007080000fffdffffbfa400000000000007040000f0ffffffc40200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608efff76000000bf9800000000000056090000000000008500000000a00000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 364.617109ms ago: executing program 3 (id=4435): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)="3504000041000511d25a35400c00020001ffe72037153e370c04018006041000450000002a560000e7ff0040", 0x2c}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb1b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c891cc4556efd6a6d0f8d57f2267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319120000853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4c237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584c854b4bc6096293fbc8707312f424996361ef9261ef3ba7cd2ddffb0e3c81e6", 0x3b0}, {&(0x7f0000000040)="9d493c13b6b02affcc19cb904ec2bd74085b0bd225277e5a44d681809b6d764ecab211ef0c90ba361a4378457b19705b18406f35071130b4e06c4a3b1a6e9a9d7cf1453aeb21e4c30a85207027af69f536ec61a4a59614b3f5", 0x59}], 0x3}, 0x10049014) socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000100040000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2c00, 0x0) recvmsg(r1, &(0x7f0000001100)={&(0x7f0000000240)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x80, &(0x7f0000000fc0)=[{&(0x7f00000002c0)=""/29, 0x1d}, {&(0x7f0000000300)}, {&(0x7f00000009c0)=""/185, 0xb9}, {0x0}, {&(0x7f0000000b80)=""/174, 0xae}, {&(0x7f0000000c40)=""/191, 0xbf}, {&(0x7f0000000d00)=""/146, 0x92}, {&(0x7f0000000dc0)=""/126, 0x7e}, {&(0x7f0000000e40)=""/142, 0x8e}, {&(0x7f0000000f00)=""/143, 0x8f}], 0xa, &(0x7f0000001080)=""/125, 0x7d}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r3, 0x27, 0xe, 0x0, &(0x7f0000000440)="f8ad48f8fefdffdcc8dd7f5b88a8", 0x0, 0xed, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x1) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x1ff, 0x200}, 0x8000, 0xcdd, 0x43a1bd76, 0x4, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x7ff, 0x72}, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94) socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r4 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x10, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0xa6820000}, 0x0) 188.593154ms ago: executing program 1 (id=4436): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000002800ffd8bca30000000000002403000007feffff720af0ff0000020071a400fe000000001f030000000000002e0a0200000000002604fdffffff000e61143800000000001d430000000000007a0a00fe0000001f6114180000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081504507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5e7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927e2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28e6ce4d9791c73c2d37999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fcf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48) 15.43309ms ago: executing program 1 (id=4437): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x26, 0xc, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x382a, 0xffffffffffff0001}, 0x8000, 0x3, 0x43a1bd76, 0x7, 0x9, 0x658, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x2, 0xa, 0x2) r1 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xfe123, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x3, @perf_config_ext={0xd, 0x7}, 0x0, 0x0, 0x0, 0x2, 0x7, 0x3, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x41, &(0x7f0000000100)=r5, 0x8) setsockopt$sock_attach_bpf(r4, 0x1, 0x41, &(0x7f0000000100)=r3, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x3) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r6) perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x66137, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x2, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r7, 0x6, 0x6, &(0x7f0000000740)=r7, 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x401, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x88e}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0xf, &(0x7f0000000940)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x40}, 0x94) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000080000000000000000000000850000002a000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r11, 0x609, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) 0s ago: executing program 2 (id=4438): r0 = socket$kcm(0x2, 0x5, 0x84) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_bp={0x0, 0x8}, 0x116d8, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = syz_clone(0x10028480, &(0x7f0000000440)="32e1fcc6712d5e99571195cb8427f5735956eb225e8e1c73ae0e2a6714161dd85946fb6957e1f3661cf7bc6b8a676f81f3301adf220443148d949cb42cfc44c8abd1bb1e31eaf2879fda643d7083b97f3808554f9be4afc33427ddc192d2c9b0e7126d776807cb1d9bbedd41476d74f4eba77d24d2c92972da6d0216d1b02664fc1572d2a3450c578f3e90c1cb03abbfcdf655f4be2933f2cc1b963d4c29a40595a3fc31acaab5a7e5d0f037c7a511c4565d472b3f2f0f8cf357a1c13badb14fc15cca02a3704bb703bf777df224dd9eede5a991605597c42e345e85c4bb32e860354335f3", 0xe5, &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000006c0)="07bad54836f37242c7c7936cfed42a163c2cd706fcb8492d390a46f5dcb5e67bbcdde5004602cb680b7846a7e55b719d3f50c9f20b3d5a560138b947c8096481c8375f7c1328a6b2b64f658dac48524c4912358d9aaa5e458bb0a22cc836ad0d0b42342b7f0d4c35aa36231c87bffb8f3e89a5399d78fea4b373c429f900835b97d8cfa14efa1552ba710630673780922ac2600f99e553c158a09e58e6cacef76ba4955d7750f98d5109ae59c01c65fe0de3d02c8cc54c1ffa968d4f7eae34dc9ccf2dc5b61d22fee9184d27f6cf2cc58a8c7ca0") syz_open_procfs$namespace(r3, &(0x7f00000007c0)='ns/pid\x00') ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0xc220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r7}, 0x38) close(r5) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x0, 0x7ffffffc}, {0x1000000a, 0x4, 0x2}], 0x10, 0x4}, 0x94) close(0x3) socket$kcm(0xa, 0x5, 0x0) recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0x6, 0x10000}, 0x80, 0x0}, 0xd0a0) setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r8, 0x1c) r9 = perf_event_open$cgroup(&(0x7f0000000200)={0x5, 0x80, 0xe0, 0x5, 0xfc, 0x7, 0x0, 0x8301, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x8000, 0x3}, 0x908, 0xffff, 0x298, 0x6, 0x2, 0x700, 0xf0, 0x0, 0x733, 0x0, 0x4}, r8, 0xc, r8, 0xe) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x1, 0x9, 0xa, 0x8, 0x0, 0x1, 0x8, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7ff, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x8, 0x1f88, 0x5, 0x5, 0x2e, 0x5, 0x8, 0x0, 0x3, 0x0, 0x8}, 0xffffffffffffffff, 0x0, r9, 0x8) kernel console output (not intermixed with test programs): `syz.2.3631'. [ 506.509832][T16193] netlink: 'syz.2.3636': attribute type 10 has an invalid length. [ 506.544875][T16193] bond0: (slave dummy0): Releasing backup interface [ 506.562505][T16193] team0: Port device dummy0 added [ 506.573853][T16193] netlink: 'syz.2.3636': attribute type 10 has an invalid length. [ 506.666188][T16193] team0: Port device dummy0 removed [ 506.733401][T16193] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 506.892004][T16205] netlink: 'syz.2.3640': attribute type 9 has an invalid length. [ 506.911735][T16205] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3640'. [ 506.998445][T16207] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3641'. [ 507.042530][T16198] netlink: 'syz.3.3638': attribute type 10 has an invalid length. [ 507.051752][T16198] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3638'. [ 507.065782][T16198] hsr0: entered promiscuous mode [ 507.073871][T16198] bridge0: port 4(hsr0) entered blocking state [ 507.091641][T16198] bridge0: port 4(hsr0) entered disabled state [ 507.106417][T16198] hsr0: entered allmulticast mode [ 507.112121][T16198] hsr_slave_0: entered allmulticast mode [ 507.118549][T16198] hsr_slave_1: entered allmulticast mode [ 507.163990][T16198] bridge0: port 4(hsr0) entered blocking state [ 507.174021][T16198] bridge0: port 4(hsr0) entered forwarding state [ 507.203393][T16208] netlink: 'syz.2.3640': attribute type 9 has an invalid length. [ 507.204510][T16207] netlink: 'syz.0.3641': attribute type 5 has an invalid length. [ 507.211452][T16208] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3640'. [ 507.518989][T16222] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 507.537708][T16222] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 508.865710][T16246] __nla_validate_parse: 2 callbacks suppressed [ 508.865730][T16246] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3653'. [ 509.016055][T16246] netlink: 'syz.3.3653': attribute type 5 has an invalid length. [ 509.039112][T16250] FAULT_INJECTION: forcing a failure. [ 509.039112][T16250] name failslab, interval 1, probability 0, space 0, times 0 [ 509.065394][T16250] CPU: 1 PID: 16250 Comm: syz.0.3654 Not tainted syzkaller #0 [ 509.072948][T16250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 509.083043][T16250] Call Trace: [ 509.086341][T16250] [ 509.089285][T16250] dump_stack_lvl+0x18c/0x250 [ 509.093997][T16250] ? show_regs_print_info+0x20/0x20 [ 509.099231][T16250] ? load_image+0x420/0x420 [ 509.103766][T16250] ? __might_sleep+0xe0/0xe0 [ 509.108378][T16250] ? __lock_acquire+0x7d40/0x7d40 [ 509.113430][T16250] should_fail_ex+0x39d/0x4d0 [ 509.118145][T16250] should_failslab+0x9/0x20 [ 509.122667][T16250] slab_pre_alloc_hook+0x59/0x310 [ 509.127714][T16250] ? sk_prot_alloc+0xe7/0x210 [ 509.132410][T16250] ? sk_prot_alloc+0xe7/0x210 [ 509.137138][T16250] __kmem_cache_alloc_node+0x53/0x250 [ 509.142539][T16250] ? sk_prot_alloc+0xe7/0x210 [ 509.147237][T16250] __kmalloc+0xa4/0x230 [ 509.151425][T16250] sk_prot_alloc+0xe7/0x210 [ 509.155947][T16250] ? sk_alloc+0x24/0x360 [ 509.160223][T16250] sk_alloc+0x3a/0x360 [ 509.164307][T16250] ? bpf_ctx_init+0x163/0x1a0 [ 509.168998][T16250] ? bpf_prog_test_run_skb+0x279/0x18c0 [ 509.174566][T16250] bpf_prog_test_run_skb+0x3d1/0x18c0 [ 509.179979][T16250] ? __fget_files+0x28/0x4b0 [ 509.184595][T16250] ? __fget_files+0x43d/0x4b0 [ 509.189321][T16250] ? cpu_online+0x60/0x60 [ 509.193676][T16250] bpf_prog_test_run+0x321/0x390 [ 509.198641][T16250] __sys_bpf+0x49d/0x890 [ 509.202904][T16250] ? bpf_link_show_fdinfo+0x390/0x390 [ 509.208324][T16250] ? lock_chain_count+0x20/0x20 [ 509.213213][T16250] __x64_sys_bpf+0x7c/0x90 [ 509.217648][T16250] do_syscall_64+0x55/0xb0 [ 509.222079][T16250] ? clear_bhb_loop+0x40/0x90 [ 509.226765][T16250] ? clear_bhb_loop+0x40/0x90 [ 509.231457][T16250] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 509.237373][T16250] RIP: 0033:0x7fcf9499ce59 [ 509.241809][T16250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 509.261432][T16250] RSP: 002b:00007fcf95875028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 509.269870][T16250] RAX: ffffffffffffffda RBX: 00007fcf94c15fa0 RCX: 00007fcf9499ce59 [ 509.277871][T16250] RDX: 0000000000000050 RSI: 0000200000000900 RDI: 000000000000000a [ 509.285870][T16250] RBP: 00007fcf95875090 R08: 0000000000000000 R09: 0000000000000000 [ 509.293858][T16250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 509.301849][T16250] R13: 00007fcf94c16038 R14: 00007fcf94c15fa0 R15: 00007ffc96492048 [ 509.309870][T16250] [ 509.819126][T16259] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3657'. [ 510.221827][T16262] validate_nla: 1 callbacks suppressed [ 510.221848][T16262] netlink: 'syz.3.3657': attribute type 9 has an invalid length. [ 510.248430][T16262] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3657'. [ 511.361360][T16278] netlink: 'syz.3.3663': attribute type 9 has an invalid length. [ 511.376559][T16278] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3663'. [ 511.507864][T16280] netlink: 'syz.3.3663': attribute type 9 has an invalid length. [ 511.557368][T16280] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3663'. [ 511.794735][T16281] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3663'. [ 512.385505][T16288] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3665'. [ 512.455495][T16288] netlink: 'syz.1.3665': attribute type 5 has an invalid length. [ 512.521623][T16290] netlink: 'syz.3.3666': attribute type 9 has an invalid length. [ 512.555225][T16290] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3666'. [ 512.707612][T16283] netlink: 'syz.0.3664': attribute type 10 has an invalid length. [ 512.720480][T16291] netlink: 'syz.3.3666': attribute type 9 has an invalid length. [ 512.755750][T16283] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3664'. [ 512.776595][T16291] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3666'. [ 512.795603][T16283] hsr0: entered promiscuous mode [ 512.816539][T16283] bridge0: port 3(hsr0) entered blocking state [ 512.854684][T16283] bridge0: port 3(hsr0) entered disabled state [ 512.879372][T16283] hsr0: entered allmulticast mode [ 512.905725][T16283] hsr_slave_0: entered allmulticast mode [ 512.912011][T16283] hsr_slave_1: entered allmulticast mode [ 512.998388][T16283] bridge0: port 3(hsr0) entered blocking state [ 513.005412][T16283] bridge0: port 3(hsr0) entered forwarding state [ 514.592551][T16317] FAULT_INJECTION: forcing a failure. [ 514.592551][T16317] name failslab, interval 1, probability 0, space 0, times 0 [ 514.641464][T16317] CPU: 0 PID: 16317 Comm: syz.3.3674 Not tainted syzkaller #0 [ 514.649025][T16317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 514.659135][T16317] Call Trace: [ 514.662458][T16317] [ 514.665433][T16317] dump_stack_lvl+0x18c/0x250 [ 514.670158][T16317] ? sctp_sendmsg+0x15d2/0x2910 [ 514.675054][T16317] ? ___sys_sendmsg+0x2a6/0x360 [ 514.679958][T16317] ? show_regs_print_info+0x20/0x20 [ 514.685204][T16317] ? load_image+0x420/0x420 [ 514.689812][T16317] should_fail_ex+0x39d/0x4d0 [ 514.694564][T16317] should_failslab+0x9/0x20 [ 514.699103][T16317] slab_pre_alloc_hook+0x59/0x310 [ 514.704183][T16317] ? sctp_add_bind_addr+0x8c/0x360 [ 514.709361][T16317] __kmem_cache_alloc_node+0x53/0x250 [ 514.714805][T16317] ? sctp_add_bind_addr+0x8c/0x360 [ 514.719979][T16317] kmalloc_trace+0x2a/0xe0 [ 514.724458][T16317] sctp_add_bind_addr+0x8c/0x360 [ 514.729470][T16317] sctp_copy_local_addr_list+0x315/0x4f0 [ 514.735176][T16317] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 514.740962][T16317] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 514.747103][T16317] ? sctp_v4_is_any+0x35/0x60 [ 514.751826][T16317] ? sctp_copy_one_addr+0x8c/0x350 [ 514.757012][T16317] sctp_bind_addr_copy+0xb3/0x3c0 [ 514.762095][T16317] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 514.768496][T16317] sctp_connect_new_asoc+0x2f9/0x6a0 [ 514.773854][T16317] ? __sctp_connect+0xd80/0xd80 [ 514.778757][T16317] ? __local_bh_enable_ip+0x13a/0x1c0 [ 514.784186][T16317] ? _local_bh_enable+0xa0/0xa0 [ 514.789090][T16317] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 514.794949][T16317] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 514.800815][T16317] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 514.806407][T16317] ? security_sctp_bind_connect+0x89/0xb0 [ 514.812183][T16317] sctp_sendmsg+0x15d2/0x2910 [ 514.816957][T16317] ? sctp_getsockopt+0xb60/0xb60 [ 514.821954][T16317] ? aa_sk_perm+0x83c/0x970 [ 514.826535][T16317] ? aa_af_perm+0x330/0x330 [ 514.831080][T16317] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 514.837565][T16317] ? sock_rps_record_flow+0x19/0x3f0 [ 514.842917][T16317] ? inet_sendmsg+0x7c/0x2f0 [ 514.847558][T16317] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 514.852899][T16317] ? security_socket_sendmsg+0x80/0xa0 [ 514.858420][T16317] ? inet_send_prepare+0x260/0x260 [ 514.863595][T16317] ____sys_sendmsg+0x5ba/0x960 [ 514.868419][T16317] ? __lock_acquire+0x7d40/0x7d40 [ 514.873522][T16317] ? __asan_memset+0x22/0x40 [ 514.878170][T16317] ? __sys_sendmsg_sock+0x30/0x30 [ 514.883253][T16317] ? __import_iovec+0x5f2/0x850 [ 514.888194][T16317] ? import_iovec+0x73/0xa0 [ 514.892773][T16317] ___sys_sendmsg+0x2a6/0x360 [ 514.897532][T16317] ? __sys_sendmsg+0x2a0/0x2a0 [ 514.902443][T16317] ? __lock_acquire+0x7d40/0x7d40 [ 514.907616][T16317] __se_sys_sendmsg+0x1c2/0x2b0 [ 514.912541][T16317] ? __x64_sys_sendmsg+0x80/0x80 [ 514.917594][T16317] ? lockdep_hardirqs_on+0x98/0x150 [ 514.922872][T16317] do_syscall_64+0x55/0xb0 [ 514.927349][T16317] ? clear_bhb_loop+0x40/0x90 [ 514.932075][T16317] ? clear_bhb_loop+0x40/0x90 [ 514.936813][T16317] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 514.942772][T16317] RIP: 0033:0x7f7b9b39ce59 [ 514.947247][T16317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 514.966915][T16317] RSP: 002b:00007f7b9c1c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 514.975405][T16317] RAX: ffffffffffffffda RBX: 00007f7b9b616180 RCX: 00007f7b9b39ce59 [ 514.983435][T16317] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 514.991466][T16317] RBP: 00007f7b9c1c2090 R08: 0000000000000000 R09: 0000000000000000 [ 514.999493][T16317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 515.007527][T16317] R13: 00007f7b9b616218 R14: 00007f7b9b616180 R15: 00007ffe61f429c8 [ 515.015606][T16317] [ 515.479736][T16323] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.3676'. [ 515.711223][T16323] netlink: 'syz.2.3676': attribute type 5 has an invalid length. [ 516.060301][T16332] netlink: 'syz.1.3677': attribute type 9 has an invalid length. [ 516.091511][T16332] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3677'. [ 516.285352][T16334] netlink: 'syz.1.3677': attribute type 9 has an invalid length. [ 516.293181][T16334] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3677'. [ 516.524116][T16338] FAULT_INJECTION: forcing a failure. [ 516.524116][T16338] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 516.575105][T16338] CPU: 1 PID: 16338 Comm: syz.3.3680 Not tainted syzkaller #0 [ 516.582665][T16338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 516.592775][T16338] Call Trace: [ 516.596102][T16338] [ 516.599081][T16338] dump_stack_lvl+0x18c/0x250 [ 516.603827][T16338] ? show_regs_print_info+0x20/0x20 [ 516.609084][T16338] ? load_image+0x420/0x420 [ 516.613654][T16338] ? __might_fault+0xaa/0x120 [ 516.618386][T16338] ? __lock_acquire+0x7d40/0x7d40 [ 516.623479][T16338] should_fail_ex+0x39d/0x4d0 [ 516.628241][T16338] _copy_to_user+0x2f/0xa0 [ 516.632741][T16338] bpf_test_finish+0x25a/0x650 [ 516.637602][T16338] ? convert_skb_to___skb+0x420/0x420 [ 516.643044][T16338] ? read_tsc+0x9/0x20 [ 516.647208][T16338] bpf_prog_test_run_flow_dissector+0x4c9/0x640 [ 516.653557][T16338] ? xdp_convert_buff_to_md+0x200/0x200 [ 516.659189][T16338] ? __fget_files+0x28/0x4b0 [ 516.663841][T16338] ? __fget_files+0x28/0x4b0 [ 516.668541][T16338] ? xdp_convert_buff_to_md+0x200/0x200 [ 516.674143][T16338] bpf_prog_test_run+0x321/0x390 [ 516.679149][T16338] __sys_bpf+0x49d/0x890 [ 516.683476][T16338] ? bpf_link_show_fdinfo+0x390/0x390 [ 516.688960][T16338] ? lock_chain_count+0x20/0x20 [ 516.693902][T16338] __x64_sys_bpf+0x7c/0x90 [ 516.698395][T16338] do_syscall_64+0x55/0xb0 [ 516.702866][T16338] ? clear_bhb_loop+0x40/0x90 [ 516.707593][T16338] ? clear_bhb_loop+0x40/0x90 [ 516.712327][T16338] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 516.718276][T16338] RIP: 0033:0x7f7b9b39ce59 [ 516.722740][T16338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 516.742400][T16338] RSP: 002b:00007f7b9c204028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 516.750882][T16338] RAX: ffffffffffffffda RBX: 00007f7b9b615fa0 RCX: 00007f7b9b39ce59 [ 516.758908][T16338] RDX: 0000000000000050 RSI: 0000200000000540 RDI: 000000000000000a [ 516.766933][T16338] RBP: 00007f7b9c204090 R08: 0000000000000000 R09: 0000000000000000 [ 516.774958][T16338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 516.782986][T16338] R13: 00007f7b9b616038 R14: 00007f7b9b615fa0 R15: 00007ffe61f429c8 [ 516.791066][T16338] [ 516.906590][T16335] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.3677'. [ 518.381091][T16353] netlink: 'syz.2.3679': attribute type 10 has an invalid length. [ 518.473228][T16353] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3679'. [ 518.495890][T16353] hsr0: entered promiscuous mode [ 518.501389][T16353] bridge0: port 2(hsr0) entered blocking state [ 518.516187][T16353] bridge0: port 2(hsr0) entered disabled state [ 518.522716][T16353] hsr0: entered allmulticast mode [ 518.578289][T16353] hsr_slave_0: entered allmulticast mode [ 518.617108][T16353] hsr_slave_1: entered allmulticast mode [ 518.710338][T16353] bridge0: port 2(hsr0) entered blocking state [ 518.716875][T16353] bridge0: port 2(hsr0) entered forwarding state [ 518.952290][T16365] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3687'. [ 519.045587][T16365] netlink: 'syz.1.3687': attribute type 5 has an invalid length. [ 519.468153][T16372] netlink: 'syz.1.3689': attribute type 10 has an invalid length. [ 519.587174][T16372] bond0: (slave dummy0): Releasing backup interface [ 519.613018][T16376] netlink: 'syz.2.3688': attribute type 2 has an invalid length. [ 519.628147][T16372] team0: Port device dummy0 added [ 519.638094][T16374] netlink: 'syz.1.3689': attribute type 10 has an invalid length. [ 519.662936][T16376] netlink: 1045 bytes leftover after parsing attributes in process `syz.2.3688'. [ 519.746754][T16374] team0: Port device dummy0 removed [ 519.760722][T16374] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 521.000808][T16377] netlink: 'syz.0.3690': attribute type 10 has an invalid length. [ 521.465653][T16392] netlink: 'syz.2.3694': attribute type 9 has an invalid length. [ 521.517052][T16392] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3694'. [ 521.809328][T16400] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3698'. [ 521.812966][T16393] netlink: 'syz.2.3694': attribute type 9 has an invalid length. [ 521.880753][T16400] netlink: 'syz.1.3698': attribute type 5 has an invalid length. [ 521.919434][T16393] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3694'. [ 522.167436][T16404] netlink: 184 bytes leftover after parsing attributes in process `syz.3.3697'. [ 522.211094][T16401] netlink: 'syz.0.3696': attribute type 39 has an invalid length. [ 522.654424][T16394] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.3694'. [ 529.319760][T16424] netlink: 'syz.0.3706': attribute type 25 has an invalid length. [ 529.405363][T16424] netlink: 'syz.0.3706': attribute type 29 has an invalid length. [ 529.423630][T16432] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3708'. [ 529.443126][T16436] FAULT_INJECTION: forcing a failure. [ 529.443126][T16436] name failslab, interval 1, probability 0, space 0, times 0 [ 529.458606][T16436] CPU: 0 PID: 16436 Comm: syz.1.3709 Not tainted syzkaller #0 [ 529.466107][T16436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 529.476173][T16436] Call Trace: [ 529.479458][T16436] [ 529.482392][T16436] dump_stack_lvl+0x18c/0x250 [ 529.487081][T16436] ? show_regs_print_info+0x20/0x20 [ 529.492280][T16436] ? load_image+0x420/0x420 [ 529.496787][T16436] ? __might_sleep+0xe0/0xe0 [ 529.501378][T16436] ? __lock_acquire+0x7d40/0x7d40 [ 529.506407][T16436] should_fail_ex+0x39d/0x4d0 [ 529.511090][T16436] should_failslab+0x9/0x20 [ 529.515599][T16436] slab_pre_alloc_hook+0x59/0x310 [ 529.520634][T16436] ? apparmor_sk_alloc_security+0x77/0x100 [ 529.526448][T16436] __kmem_cache_alloc_node+0x53/0x250 [ 529.531835][T16436] ? apparmor_sk_alloc_security+0x77/0x100 [ 529.537644][T16436] kmalloc_trace+0x2a/0xe0 [ 529.542100][T16436] apparmor_sk_alloc_security+0x77/0x100 [ 529.547737][T16436] security_sk_alloc+0x6e/0xa0 [ 529.552508][T16436] sk_prot_alloc+0x101/0x210 [ 529.557123][T16436] ? sk_alloc+0x24/0x360 [ 529.561394][T16436] sk_alloc+0x3a/0x360 [ 529.565487][T16436] ? bpf_ctx_init+0x163/0x1a0 [ 529.570169][T16436] ? bpf_prog_test_run_skb+0x279/0x18c0 [ 529.575719][T16436] bpf_prog_test_run_skb+0x3d1/0x18c0 [ 529.581098][T16436] ? __fget_files+0x28/0x4b0 [ 529.585690][T16436] ? __fget_files+0x43d/0x4b0 [ 529.590376][T16436] ? cpu_online+0x60/0x60 [ 529.594704][T16436] bpf_prog_test_run+0x321/0x390 [ 529.599675][T16436] __sys_bpf+0x49d/0x890 [ 529.603918][T16436] ? bpf_link_show_fdinfo+0x390/0x390 [ 529.609302][T16436] ? lock_chain_count+0x20/0x20 [ 529.614164][T16436] __x64_sys_bpf+0x7c/0x90 [ 529.618585][T16436] do_syscall_64+0x55/0xb0 [ 529.623003][T16436] ? clear_bhb_loop+0x40/0x90 [ 529.627678][T16436] ? clear_bhb_loop+0x40/0x90 [ 529.632353][T16436] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 529.638249][T16436] RIP: 0033:0x7f4b4339ce59 [ 529.642664][T16436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.662270][T16436] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 529.670701][T16436] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 529.678688][T16436] RDX: 0000000000000050 RSI: 0000200000000900 RDI: 000000000000000a [ 529.686676][T16436] RBP: 00007f4b441a5090 R08: 0000000000000000 R09: 0000000000000000 [ 529.694657][T16436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 529.702631][T16436] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 529.710640][T16436] [ 529.772287][T16428] netlink: 'syz.3.3708': attribute type 5 has an invalid length. [ 529.840457][T16439] netlink: 'syz.2.3711': attribute type 9 has an invalid length. [ 529.859267][T16439] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3711'. [ 529.919603][T16441] netlink: 'syz.1.3712': attribute type 9 has an invalid length. [ 529.927660][T16441] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3712'. [ 529.973982][T16442] netlink: 'syz.2.3711': attribute type 9 has an invalid length. [ 529.983260][T16442] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3711'. [ 530.071555][T16449] netlink: 'syz.3.3715': attribute type 13 has an invalid length. [ 530.078558][T16445] netlink: 'syz.1.3712': attribute type 9 has an invalid length. [ 530.087337][T16449] netlink: 160 bytes leftover after parsing attributes in process `syz.3.3715'. [ 530.089103][T16445] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3712'. [ 530.109435][T16441] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.3712'. [ 530.145620][T16449] erspan0: refused to change device tx_queue_len [ 530.184822][T16449] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 530.385835][T16455] netlink: 184 bytes leftover after parsing attributes in process `syz.0.3717'. [ 530.475326][T16459] netlink: 127924 bytes leftover after parsing attributes in process `syz.2.3716'. [ 530.518039][T16459] netlink: 16384 bytes leftover after parsing attributes in process `syz.2.3716'. [ 530.704221][T16456] netlink: 'syz.2.3716': attribute type 10 has an invalid length. [ 530.804383][T16456] veth0_macvtap: left promiscuous mode [ 532.535031][T16465] netlink: 'syz.1.3720': attribute type 10 has an invalid length. [ 533.262115][T16512] FAULT_INJECTION: forcing a failure. [ 533.262115][T16512] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 533.287607][T16512] CPU: 0 PID: 16512 Comm: syz.0.3733 Not tainted syzkaller #0 [ 533.295158][T16512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 533.305264][T16512] Call Trace: [ 533.308582][T16512] [ 533.311545][T16512] dump_stack_lvl+0x18c/0x250 [ 533.316353][T16512] ? show_regs_print_info+0x20/0x20 [ 533.321581][T16512] ? load_image+0x420/0x420 [ 533.326108][T16512] ? __might_fault+0xaa/0x120 [ 533.330804][T16512] ? __lock_acquire+0x7d40/0x7d40 [ 533.335843][T16512] ? tomoyo_path_number_perm+0x5b4/0x620 [ 533.341504][T16512] should_fail_ex+0x39d/0x4d0 [ 533.346246][T16512] _copy_from_user+0x2f/0xe0 [ 533.350862][T16512] wext_handle_ioctl+0xc8/0x1d0 [ 533.355863][T16512] ? call_commit_handler+0xf0/0xf0 [ 533.361033][T16512] sock_ioctl+0x15d/0x7e0 [ 533.365392][T16512] ? sock_poll+0x3e0/0x3e0 [ 533.369854][T16512] ? bpf_lsm_file_ioctl+0x9/0x10 [ 533.374807][T16512] ? security_file_ioctl+0x80/0xa0 [ 533.379938][T16512] ? sock_poll+0x3e0/0x3e0 [ 533.384377][T16512] __se_sys_ioctl+0xfd/0x170 [ 533.388995][T16512] do_syscall_64+0x55/0xb0 [ 533.393429][T16512] ? clear_bhb_loop+0x40/0x90 [ 533.398122][T16512] ? clear_bhb_loop+0x40/0x90 [ 533.402815][T16512] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 533.408728][T16512] RIP: 0033:0x7fcf9499ce59 [ 533.413165][T16512] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 533.432795][T16512] RSP: 002b:00007fcf95875028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 533.441234][T16512] RAX: ffffffffffffffda RBX: 00007fcf94c15fa0 RCX: 00007fcf9499ce59 [ 533.449222][T16512] RDX: 0000200000000000 RSI: 0000000000008b14 RDI: 000000000000000b [ 533.457209][T16512] RBP: 00007fcf95875090 R08: 0000000000000000 R09: 0000000000000000 [ 533.465216][T16512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 533.473215][T16512] R13: 00007fcf94c16038 R14: 00007fcf94c15fa0 R15: 00007ffc96492048 [ 533.481246][T16512] [ 534.443540][T16515] debugfs: Directory '!!ô' with parent 'ieee80211' already present! [ 534.689430][T16534] validate_nla: 6 callbacks suppressed [ 534.689450][T16534] netlink: 'syz.3.3741': attribute type 9 has an invalid length. [ 534.724844][T16534] __nla_validate_parse: 7 callbacks suppressed [ 534.724863][T16534] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3741'. [ 534.805870][T16539] netlink: 'syz.3.3741': attribute type 9 has an invalid length. [ 534.813709][T16539] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3741'. [ 535.008245][T16534] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3741'. [ 535.153426][T16544] FAULT_INJECTION: forcing a failure. [ 535.153426][T16544] name failslab, interval 1, probability 0, space 0, times 0 [ 535.167610][T16544] CPU: 1 PID: 16544 Comm: syz.1.3744 Not tainted syzkaller #0 [ 535.175115][T16544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 535.185183][T16544] Call Trace: [ 535.188463][T16544] [ 535.191391][T16544] dump_stack_lvl+0x18c/0x250 [ 535.196084][T16544] ? show_regs_print_info+0x20/0x20 [ 535.201286][T16544] ? load_image+0x420/0x420 [ 535.205786][T16544] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 535.211782][T16544] ? __asan_memset+0x22/0x40 [ 535.216375][T16544] should_fail_ex+0x39d/0x4d0 [ 535.221068][T16544] should_failslab+0x9/0x20 [ 535.225576][T16544] slab_pre_alloc_hook+0x59/0x310 [ 535.230613][T16544] kmem_cache_alloc+0x5a/0x2d0 [ 535.235380][T16544] ? slab_build_skb+0x2b/0x3f0 [ 535.240151][T16544] slab_build_skb+0x2b/0x3f0 [ 535.244745][T16544] bpf_prog_test_run_skb+0x3ef/0x18c0 [ 535.250132][T16544] ? __fget_files+0x28/0x4b0 [ 535.254724][T16544] ? __fget_files+0x43d/0x4b0 [ 535.259410][T16544] ? cpu_online+0x60/0x60 [ 535.263742][T16544] bpf_prog_test_run+0x321/0x390 [ 535.268691][T16544] __sys_bpf+0x49d/0x890 [ 535.272939][T16544] ? bpf_link_show_fdinfo+0x390/0x390 [ 535.278321][T16544] ? lock_chain_count+0x20/0x20 [ 535.283183][T16544] __x64_sys_bpf+0x7c/0x90 [ 535.287610][T16544] do_syscall_64+0x55/0xb0 [ 535.292033][T16544] ? clear_bhb_loop+0x40/0x90 [ 535.296717][T16544] ? clear_bhb_loop+0x40/0x90 [ 535.301390][T16544] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 535.307291][T16544] RIP: 0033:0x7f4b4339ce59 [ 535.311708][T16544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 535.331316][T16544] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 535.339737][T16544] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 535.347708][T16544] RDX: 0000000000000050 RSI: 0000200000000900 RDI: 000000000000000a [ 535.355681][T16544] RBP: 00007f4b441a5090 R08: 0000000000000000 R09: 0000000000000000 [ 535.363656][T16544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 535.371653][T16544] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 535.379655][T16544] [ 535.419845][T16546] netlink: 'syz.3.3745': attribute type 5 has an invalid length. [ 535.436512][T16546] netlink: 'syz.3.3745': attribute type 9 has an invalid length. [ 535.444428][T16546] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3745'. [ 535.542472][T16547] netlink: 'syz.3.3745': attribute type 9 has an invalid length. [ 535.580495][T16547] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3745'. [ 535.833542][T16565] netlink: 'syz.3.3753': attribute type 9 has an invalid length. [ 535.848244][T16565] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3753'. [ 535.896818][T16564] netlink: 'syz.0.3752': attribute type 9 has an invalid length. [ 535.919473][T16564] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3752'. [ 536.003338][T16565] netlink: 'syz.3.3753': attribute type 9 has an invalid length. [ 536.012500][T16565] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3753'. [ 536.148973][T16568] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3753'. [ 536.248132][T16574] netlink: 'syz.0.3754': attribute type 29 has an invalid length. [ 536.297199][T16574] netlink: 'syz.0.3754': attribute type 29 has an invalid length. [ 537.063713][T16581] raw_sendmsg: syz.0.3757 forgot to set AF_INET. Fix it! [ 537.140803][T16585] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3759'. [ 537.169753][T16585] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 537.179765][T16585] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 539.599685][T16643] bond0: (slave dummy0): Releasing backup interface [ 539.621517][T16643] team0: Port device dummy0 added [ 539.669833][T16647] team0: Port device dummy0 removed [ 539.697026][T16647] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 540.218262][T16671] validate_nla: 4 callbacks suppressed [ 540.218282][T16671] netlink: 'syz.2.3794': attribute type 17 has an invalid length. [ 540.232728][T16671] __nla_validate_parse: 1 callbacks suppressed [ 540.232744][T16671] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3794'. [ 540.253558][T16671] A link change request failed with some changes committed already. Interface 26±ÿÿÿÿa–ïD may have been left with an inconsistent configuration, please check. [ 541.063858][T16689] netlink: 'syz.2.3799': attribute type 9 has an invalid length. [ 541.096568][T16689] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3799'. [ 541.176606][T16692] netlink: 'syz.2.3799': attribute type 9 has an invalid length. [ 541.203812][T16692] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3799'. [ 542.517626][T16689] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.3799'. [ 542.653598][T16704] netlink: 'syz.0.3805': attribute type 9 has an invalid length. [ 542.676027][T16704] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3805'. [ 543.121674][T16715] FAULT_INJECTION: forcing a failure. [ 543.121674][T16715] name failslab, interval 1, probability 0, space 0, times 0 [ 543.224225][T16715] CPU: 0 PID: 16715 Comm: syz.0.3808 Not tainted syzkaller #0 [ 543.231785][T16715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 543.241896][T16715] Call Trace: [ 543.245229][T16715] [ 543.248216][T16715] dump_stack_lvl+0x18c/0x250 [ 543.252987][T16715] ? show_regs_print_info+0x20/0x20 [ 543.258246][T16715] ? load_image+0x420/0x420 [ 543.262821][T16715] ? __might_sleep+0xe0/0xe0 [ 543.267477][T16715] ? __lock_acquire+0x7d40/0x7d40 [ 543.272578][T16715] should_fail_ex+0x39d/0x4d0 [ 543.277338][T16715] should_failslab+0x9/0x20 [ 543.281898][T16715] slab_pre_alloc_hook+0x59/0x310 [ 543.286993][T16715] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 543.292775][T16715] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 543.298554][T16715] __kmem_cache_alloc_node+0x53/0x250 [ 543.304013][T16715] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 543.309791][T16715] __kmalloc+0xa4/0x230 [ 543.314018][T16715] tomoyo_realpath_from_path+0xe3/0x5d0 [ 543.319665][T16715] tomoyo_path_number_perm+0x248/0x620 [ 543.325194][T16715] ? tomoyo_path_number_perm+0x217/0x620 [ 543.330888][T16715] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 543.336418][T16715] ? ksys_write+0x1c4/0x260 [ 543.341091][T16715] ? __fget_files+0x28/0x4b0 [ 543.345762][T16715] ? __fget_files+0x28/0x4b0 [ 543.350472][T16715] security_file_ioctl+0x70/0xa0 [ 543.355479][T16715] __se_sys_ioctl+0x48/0x170 [ 543.360142][T16715] do_syscall_64+0x55/0xb0 [ 543.364620][T16715] ? clear_bhb_loop+0x40/0x90 [ 543.369351][T16715] ? clear_bhb_loop+0x40/0x90 [ 543.374116][T16715] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 543.380079][T16715] RIP: 0033:0x7fcf9499ce59 [ 543.384548][T16715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 543.404216][T16715] RSP: 002b:00007fcf95875028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.412701][T16715] RAX: ffffffffffffffda RBX: 00007fcf94c15fa0 RCX: 00007fcf9499ce59 [ 543.420732][T16715] RDX: 0000200000000000 RSI: 0000000000008b14 RDI: 0000000000000003 [ 543.428763][T16715] RBP: 00007fcf95875090 R08: 0000000000000000 R09: 0000000000000000 [ 543.436791][T16715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 543.444820][T16715] R13: 00007fcf94c16038 R14: 00007fcf94c15fa0 R15: 00007ffc96492048 [ 543.452898][T16715] [ 543.483863][T16715] ERROR: Out of memory at tomoyo_realpath_from_path. [ 543.969819][T16733] netlink: 'syz.3.3815': attribute type 9 has an invalid length. [ 543.978025][T16733] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3815'. [ 544.037195][T16731] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3813'. [ 544.104973][T16736] netlink: 'syz.3.3815': attribute type 9 has an invalid length. [ 544.129847][T16736] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3815'. [ 544.155754][T16734] netlink: 'syz.1.3813': attribute type 5 has an invalid length. [ 544.167823][T16737] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3815'. [ 544.252255][T16740] netlink: 'syz.0.3816': attribute type 10 has an invalid length. [ 544.297709][T16740] bond0: (slave dummy0): Releasing backup interface [ 544.329991][T16740] team0: Port device dummy0 added [ 544.364467][T16741] netlink: 'syz.0.3816': attribute type 10 has an invalid length. [ 544.433538][T16741] team0: Port device dummy0 removed [ 544.462476][T16741] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 545.761987][T16772] netlink: 'syz.3.3827': attribute type 4 has an invalid length. [ 545.779246][T16772] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3827'. [ 545.790026][T16772] .`: renamed from bond0 (while UP) [ 545.883890][T16777] hsr0: left allmulticast mode [ 545.899541][T16777] hsr_slave_0: left allmulticast mode [ 545.918279][T16777] hsr_slave_1: left allmulticast mode [ 545.924032][T16777] bridge0: port 4(hsr0) entered disabled state [ 545.968466][T16777] bridge0: port 3(team0) entered disabled state [ 546.001992][T16777] bridge_slave_1: left allmulticast mode [ 546.007995][T16777] bridge_slave_1: left promiscuous mode [ 546.016040][T16777] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.027512][T16777] bridge_slave_0: left allmulticast mode [ 546.033183][T16777] bridge_slave_0: left promiscuous mode [ 546.039989][T16777] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.449905][T16793] netlink: 'syz.1.3833': attribute type 9 has an invalid length. [ 546.458002][T16793] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3833'. [ 546.508408][T16794] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3832'. [ 546.533421][T16795] netlink: 'syz.1.3833': attribute type 9 has an invalid length. [ 546.550243][T16795] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3833'. [ 546.642790][T16793] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.3833'. [ 546.725417][T16789] netlink: 'syz.3.3832': attribute type 5 has an invalid length. [ 546.910675][T16799] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3836'. [ 546.945183][T16807] netlink: 'syz.3.3838': attribute type 9 has an invalid length. [ 546.959135][T16807] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3838'. [ 547.023996][T16799] netlink: 'syz.0.3836': attribute type 5 has an invalid length. [ 547.084957][T16808] netlink: 'syz.3.3838': attribute type 9 has an invalid length. [ 547.113359][T16808] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3838'. [ 547.137215][T16809] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3838'. [ 548.206593][T16826] netlink: 16098 bytes leftover after parsing attributes in process `syz.1.3845'. [ 548.561259][T16841] netlink: 'syz.3.3848': attribute type 5 has an invalid length. [ 548.604352][T16839] netlink: 'syz.1.3856': attribute type 5 has an invalid length. [ 548.722725][T16846] netlink: 'syz.1.3850': attribute type 9 has an invalid length. [ 550.134057][T16872] delete_channel: no stack [ 550.313628][T16888] FAULT_INJECTION: forcing a failure. [ 550.313628][T16888] name failslab, interval 1, probability 0, space 0, times 0 [ 550.329457][T16888] CPU: 1 PID: 16888 Comm: syz.1.3871 Not tainted syzkaller #0 [ 550.336970][T16888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 550.347064][T16888] Call Trace: [ 550.350365][T16888] [ 550.353313][T16888] dump_stack_lvl+0x18c/0x250 [ 550.358022][T16888] ? sctp_sendmsg+0x15d2/0x2910 [ 550.362901][T16888] ? ___sys_sendmsg+0x2a6/0x360 [ 550.367773][T16888] ? show_regs_print_info+0x20/0x20 [ 550.372986][T16888] ? load_image+0x420/0x420 [ 550.377514][T16888] should_fail_ex+0x39d/0x4d0 [ 550.382208][T16888] should_failslab+0x9/0x20 [ 550.386715][T16888] slab_pre_alloc_hook+0x59/0x310 [ 550.391745][T16888] ? sctp_add_bind_addr+0x8c/0x360 [ 550.396858][T16888] __kmem_cache_alloc_node+0x53/0x250 [ 550.402237][T16888] ? sctp_add_bind_addr+0x8c/0x360 [ 550.407350][T16888] kmalloc_trace+0x2a/0xe0 [ 550.411772][T16888] sctp_add_bind_addr+0x8c/0x360 [ 550.416718][T16888] sctp_copy_local_addr_list+0x315/0x4f0 [ 550.422357][T16888] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 550.428084][T16888] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 550.434156][T16888] ? sctp_v4_is_any+0x35/0x60 [ 550.438832][T16888] ? sctp_copy_one_addr+0x8c/0x350 [ 550.443951][T16888] sctp_bind_addr_copy+0xb3/0x3c0 [ 550.448978][T16888] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 550.455317][T16888] sctp_connect_new_asoc+0x2f9/0x6a0 [ 550.460645][T16888] ? __sctp_connect+0xd80/0xd80 [ 550.465498][T16888] ? __local_bh_enable_ip+0x13a/0x1c0 [ 550.470868][T16888] ? _local_bh_enable+0xa0/0xa0 [ 550.475716][T16888] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 550.481551][T16888] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 550.487381][T16888] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 550.492942][T16888] ? security_sctp_bind_connect+0x89/0xb0 [ 550.498675][T16888] sctp_sendmsg+0x15d2/0x2910 [ 550.503372][T16888] ? sctp_getsockopt+0xb60/0xb60 [ 550.508314][T16888] ? aa_sk_perm+0x83c/0x970 [ 550.512824][T16888] ? aa_af_perm+0x330/0x330 [ 550.517337][T16888] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 550.523760][T16888] ? sock_rps_record_flow+0x19/0x3f0 [ 550.529051][T16888] ? inet_sendmsg+0x7c/0x2f0 [ 550.533639][T16888] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 550.538922][T16888] ? security_socket_sendmsg+0x80/0xa0 [ 550.544376][T16888] ? inet_send_prepare+0x260/0x260 [ 550.549500][T16888] ____sys_sendmsg+0x5ba/0x960 [ 550.554265][T16888] ? __lock_acquire+0x7d40/0x7d40 [ 550.559297][T16888] ? __asan_memset+0x22/0x40 [ 550.563890][T16888] ? __sys_sendmsg_sock+0x30/0x30 [ 550.568916][T16888] ? __import_iovec+0x5f2/0x850 [ 550.573769][T16888] ? import_iovec+0x73/0xa0 [ 550.578272][T16888] ___sys_sendmsg+0x2a6/0x360 [ 550.582977][T16888] ? get_pid_task+0x20/0x1e0 [ 550.587579][T16888] ? __sys_sendmsg+0x2a0/0x2a0 [ 550.592361][T16888] ? __lock_acquire+0x7d40/0x7d40 [ 550.597404][T16888] __se_sys_sendmsg+0x1c2/0x2b0 [ 550.602257][T16888] ? __x64_sys_sendmsg+0x80/0x80 [ 550.607209][T16888] ? lockdep_hardirqs_on+0x98/0x150 [ 550.612412][T16888] do_syscall_64+0x55/0xb0 [ 550.616837][T16888] ? clear_bhb_loop+0x40/0x90 [ 550.621519][T16888] ? clear_bhb_loop+0x40/0x90 [ 550.626193][T16888] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 550.632091][T16888] RIP: 0033:0x7f4b4339ce59 [ 550.636508][T16888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 550.656114][T16888] RSP: 002b:00007f4b415f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 550.664530][T16888] RAX: ffffffffffffffda RBX: 00007f4b43616180 RCX: 00007f4b4339ce59 [ 550.672501][T16888] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 550.680466][T16888] RBP: 00007f4b415f6090 R08: 0000000000000000 R09: 0000000000000000 [ 550.688435][T16888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 550.696404][T16888] R13: 00007f4b43616218 R14: 00007f4b43616180 R15: 00007ffe920bdcb8 [ 550.704389][T16888] [ 551.098654][T16903] validate_nla: 3 callbacks suppressed [ 551.098672][T16903] netlink: 'syz.1.3869': attribute type 9 has an invalid length. [ 551.114064][T16903] __nla_validate_parse: 8 callbacks suppressed [ 551.114080][T16903] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3869'. [ 551.171931][T16909] netlink: 'syz.1.3869': attribute type 9 has an invalid length. [ 551.181349][T16909] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3869'. [ 551.309880][T16913] FAULT_INJECTION: forcing a failure. [ 551.309880][T16913] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 551.323704][T16913] CPU: 1 PID: 16913 Comm: syz.1.3874 Not tainted syzkaller #0 [ 551.331235][T16913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 551.341329][T16913] Call Trace: [ 551.344638][T16913] [ 551.347604][T16913] dump_stack_lvl+0x18c/0x250 [ 551.352334][T16913] ? show_regs_print_info+0x20/0x20 [ 551.357578][T16913] ? load_image+0x420/0x420 [ 551.362124][T16913] ? __might_fault+0xaa/0x120 [ 551.366841][T16913] ? __lock_acquire+0x7d40/0x7d40 [ 551.371903][T16913] ? tomoyo_path_number_perm+0x5b4/0x620 [ 551.377594][T16913] should_fail_ex+0x39d/0x4d0 [ 551.382333][T16913] _copy_from_user+0x2f/0xe0 [ 551.386971][T16913] wext_handle_ioctl+0xc8/0x1d0 [ 551.391874][T16913] ? call_commit_handler+0xf0/0xf0 [ 551.397074][T16913] sock_ioctl+0x15d/0x7e0 [ 551.401453][T16913] ? sock_poll+0x3e0/0x3e0 [ 551.405945][T16913] ? bpf_lsm_file_ioctl+0x9/0x10 [ 551.410917][T16913] ? security_file_ioctl+0x80/0xa0 [ 551.416067][T16913] ? sock_poll+0x3e0/0x3e0 [ 551.420527][T16913] __se_sys_ioctl+0xfd/0x170 [ 551.425171][T16913] do_syscall_64+0x55/0xb0 [ 551.429648][T16913] ? clear_bhb_loop+0x40/0x90 [ 551.434358][T16913] ? clear_bhb_loop+0x40/0x90 [ 551.439078][T16913] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 551.445016][T16913] RIP: 0033:0x7f4b4339ce59 [ 551.449473][T16913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 551.469126][T16913] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 551.477606][T16913] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 551.485612][T16913] RDX: 0000200000000000 RSI: 0000000000008b14 RDI: 0000000000000003 [ 551.493623][T16913] RBP: 00007f4b441a5090 R08: 0000000000000000 R09: 0000000000000000 [ 551.501627][T16913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 551.509649][T16913] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 551.517705][T16913] [ 551.746981][T16920] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.3875'. [ 551.889310][T16916] netlink: 'syz.2.3875': attribute type 5 has an invalid length. [ 552.651930][T16947] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.3886'. [ 552.680164][T16950] netlink: 'syz.1.3888': attribute type 9 has an invalid length. [ 552.688295][T16950] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3888'. [ 552.754233][T16945] netlink: 'syz.2.3886': attribute type 5 has an invalid length. [ 552.791485][T16953] netlink: 3890 bytes leftover after parsing attributes in process `syz.0.3889'. [ 552.807377][T16951] netlink: 'syz.1.3888': attribute type 9 has an invalid length. [ 552.815481][T16951] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3888'. [ 552.828213][T16954] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.3888'. [ 552.993146][T16961] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3893'. [ 553.374293][T16977] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3899'. [ 553.388345][T16979] netlink: 'syz.3.3900': attribute type 4 has an invalid length. [ 553.432557][T16976] netlink: 'syz.0.3898': attribute type 7 has an invalid length. [ 553.462311][T16977] netlink: 'syz.1.3899': attribute type 5 has an invalid length. [ 553.591194][T16983] netlink: 'syz.3.3901': attribute type 9 has an invalid length. [ 553.820352][T16990] FAULT_INJECTION: forcing a failure. [ 553.820352][T16990] name failslab, interval 1, probability 0, space 0, times 0 [ 553.841450][T16990] CPU: 0 PID: 16990 Comm: syz.1.3902 Not tainted syzkaller #0 [ 553.848993][T16990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 553.859081][T16990] Call Trace: [ 553.862384][T16990] [ 553.865339][T16990] dump_stack_lvl+0x18c/0x250 [ 553.870058][T16990] ? sctp_sendmsg+0x15d2/0x2910 [ 553.874941][T16990] ? ___sys_sendmsg+0x2a6/0x360 [ 553.879791][T16990] ? show_regs_print_info+0x20/0x20 [ 553.884986][T16990] ? load_image+0x420/0x420 [ 553.889488][T16990] should_fail_ex+0x39d/0x4d0 [ 553.894170][T16990] should_failslab+0x9/0x20 [ 553.898674][T16990] slab_pre_alloc_hook+0x59/0x310 [ 553.903699][T16990] ? sctp_add_bind_addr+0x8c/0x360 [ 553.908810][T16990] __kmem_cache_alloc_node+0x53/0x250 [ 553.914183][T16990] ? sctp_add_bind_addr+0x8c/0x360 [ 553.919292][T16990] kmalloc_trace+0x2a/0xe0 [ 553.923702][T16990] sctp_add_bind_addr+0x8c/0x360 [ 553.928635][T16990] sctp_copy_local_addr_list+0x315/0x4f0 [ 553.934263][T16990] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 553.939979][T16990] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 553.946048][T16990] ? sctp_v4_is_any+0x35/0x60 [ 553.950717][T16990] ? sctp_copy_one_addr+0x8c/0x350 [ 553.955826][T16990] sctp_bind_addr_copy+0xb3/0x3c0 [ 553.960847][T16990] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 553.967179][T16990] sctp_connect_new_asoc+0x2f9/0x6a0 [ 553.972464][T16990] ? __sctp_connect+0xd80/0xd80 [ 553.977329][T16990] ? __local_bh_enable_ip+0x13a/0x1c0 [ 553.982693][T16990] ? _local_bh_enable+0xa0/0xa0 [ 553.987538][T16990] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 553.993340][T16990] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 553.999142][T16990] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 554.004698][T16990] ? security_sctp_bind_connect+0x89/0xb0 [ 554.010437][T16990] sctp_sendmsg+0x15d2/0x2910 [ 554.015128][T16990] ? sctp_getsockopt+0xb60/0xb60 [ 554.020060][T16990] ? aa_sk_perm+0x83c/0x970 [ 554.024564][T16990] ? aa_af_perm+0x330/0x330 [ 554.029071][T16990] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 554.035487][T16990] ? sock_rps_record_flow+0x19/0x3f0 [ 554.040780][T16990] ? inet_sendmsg+0x7c/0x2f0 [ 554.045365][T16990] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 554.050640][T16990] ? security_socket_sendmsg+0x80/0xa0 [ 554.056093][T16990] ? inet_send_prepare+0x260/0x260 [ 554.061198][T16990] ____sys_sendmsg+0x5ba/0x960 [ 554.065956][T16990] ? __lock_acquire+0x7d40/0x7d40 [ 554.070976][T16990] ? __asan_memset+0x22/0x40 [ 554.075556][T16990] ? __sys_sendmsg_sock+0x30/0x30 [ 554.080564][T16990] ? __import_iovec+0x5f2/0x850 [ 554.085405][T16990] ? import_iovec+0x73/0xa0 [ 554.089902][T16990] ___sys_sendmsg+0x2a6/0x360 [ 554.094578][T16990] ? __sys_sendmsg+0x2a0/0x2a0 [ 554.099373][T16990] ? trace_call_bpf+0xc3/0x6c0 [ 554.104164][T16990] __se_sys_sendmsg+0x1c2/0x2b0 [ 554.109013][T16990] ? __x64_sys_sendmsg+0x80/0x80 [ 554.113952][T16990] ? lockdep_hardirqs_on+0x98/0x150 [ 554.119147][T16990] do_syscall_64+0x55/0xb0 [ 554.123554][T16990] ? clear_bhb_loop+0x40/0x90 [ 554.128218][T16990] ? clear_bhb_loop+0x40/0x90 [ 554.132881][T16990] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 554.138765][T16990] RIP: 0033:0x7f4b4339ce59 [ 554.143167][T16990] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.162763][T16990] RSP: 002b:00007f4b415f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 554.171189][T16990] RAX: ffffffffffffffda RBX: 00007f4b43616180 RCX: 00007f4b4339ce59 [ 554.179150][T16990] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 554.187114][T16990] RBP: 00007f4b415f6090 R08: 0000000000000000 R09: 0000000000000000 [ 554.195071][T16990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 554.203028][T16990] R13: 00007f4b43616218 R14: 00007f4b43616180 R15: 00007ffe920bdcb8 [ 554.210998][T16990] [ 554.358691][T16995] FAULT_INJECTION: forcing a failure. [ 554.358691][T16995] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 554.373760][T16995] CPU: 1 PID: 16995 Comm: syz.3.3913 Not tainted syzkaller #0 [ 554.381267][T16995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 554.391339][T16995] Call Trace: [ 554.394632][T16995] [ 554.397570][T16995] dump_stack_lvl+0x18c/0x250 [ 554.402273][T16995] ? show_regs_print_info+0x20/0x20 [ 554.407493][T16995] ? load_image+0x420/0x420 [ 554.412020][T16995] ? __lock_acquire+0x7d40/0x7d40 [ 554.417068][T16995] ? snprintf+0xe9/0x140 [ 554.421338][T16995] should_fail_ex+0x39d/0x4d0 [ 554.426053][T16995] _copy_to_user+0x2f/0xa0 [ 554.430490][T16995] simple_read_from_buffer+0xe7/0x150 [ 554.435889][T16995] proc_fail_nth_read+0x1e8/0x260 [ 554.440935][T16995] ? proc_fault_inject_write+0x360/0x360 [ 554.446585][T16995] ? fsnotify_perm+0x271/0x5e0 [ 554.451368][T16995] ? proc_fault_inject_write+0x360/0x360 [ 554.457019][T16995] vfs_read+0x28b/0x970 [ 554.461193][T16995] ? kernel_read+0x1e0/0x1e0 [ 554.465800][T16995] ? __fget_files+0x28/0x4b0 [ 554.470408][T16995] ? __fget_files+0x28/0x4b0 [ 554.475022][T16995] ? __fget_files+0x43d/0x4b0 [ 554.479729][T16995] ? __fdget_pos+0x2a3/0x330 [ 554.484336][T16995] ? ksys_read+0x75/0x260 [ 554.488694][T16995] ksys_read+0x150/0x260 [ 554.492964][T16995] ? vfs_write+0x990/0x990 [ 554.497406][T16995] ? lockdep_hardirqs_on+0x98/0x150 [ 554.502632][T16995] do_syscall_64+0x55/0xb0 [ 554.507070][T16995] ? clear_bhb_loop+0x40/0x90 [ 554.511765][T16995] ? clear_bhb_loop+0x40/0x90 [ 554.516472][T16995] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 554.522393][T16995] RIP: 0033:0x7f7b9b35d68e [ 554.526828][T16995] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 554.546467][T16995] RSP: 002b:00007f7b9c203fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 554.554904][T16995] RAX: ffffffffffffffda RBX: 00007f7b9c2046c0 RCX: 00007f7b9b35d68e [ 554.562892][T16995] RDX: 000000000000000f RSI: 00007f7b9c2040a0 RDI: 0000000000000005 [ 554.570882][T16995] RBP: 00007f7b9c204090 R08: 0000000000000000 R09: 0000000000000000 [ 554.578875][T16995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 554.586863][T16995] R13: 00007f7b9b616038 R14: 00007f7b9b615fa0 R15: 00007ffe61f429c8 [ 554.594880][T16995] [ 554.793568][T17007] .`: renamed from bond0 (while UP) [ 554.856638][T17010] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô' [ 554.865369][T17010] CPU: 0 PID: 17010 Comm: syz.1.3907 Not tainted syzkaller #0 [ 554.872877][T17010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 554.882963][T17010] Call Trace: [ 554.886272][T17010] [ 554.889246][T17010] dump_stack_lvl+0x18c/0x250 [ 554.893999][T17010] ? show_regs_print_info+0x20/0x20 [ 554.899254][T17010] ? load_image+0x420/0x420 [ 554.903824][T17010] sysfs_warn_dup+0x8e/0xa0 [ 554.908382][T17010] sysfs_do_create_link_sd+0xc0/0x110 [ 554.913818][T17010] device_add_class_symlinks+0x1cf/0x240 [ 554.919582][T17010] device_add+0x507/0xc50 [ 554.923979][T17010] wiphy_register+0x1dad/0x2ae0 [ 554.929040][T17010] ? cfg80211_event_work+0x40/0x40 [ 554.934198][T17010] ? minstrel_ht_alloc+0x88a/0x990 [ 554.939469][T17010] ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0 [ 554.945689][T17010] ieee80211_register_hw+0x3464/0x4250 [ 554.951246][T17010] ? ieee80211_tasklet_handler+0x20/0x20 [ 554.956930][T17010] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 554.962977][T17010] ? __debug_object_init+0xec/0x450 [ 554.968242][T17010] ? __asan_memset+0x22/0x40 [ 554.972884][T17010] ? __hrtimer_init+0x186/0x270 [ 554.977797][T17010] mac80211_hwsim_new_radio+0x2a00/0x4d10 [ 554.983644][T17010] ? mac80211_hwsim_free+0x220/0x220 [ 554.988948][T17010] ? rcu_is_watching+0x15/0xb0 [ 554.993731][T17010] ? kstrndup+0xbd/0x140 [ 554.998002][T17010] hwsim_new_radio_nl+0xdc9/0x1a90 [ 555.003166][T17010] ? __nla_validate+0x50/0x50 [ 555.007900][T17010] ? hwsim_tx_info_frame_received_nl+0xd60/0xd60 [ 555.014283][T17010] ? __nla_parse+0x40/0x50 [ 555.018721][T17010] ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290 [ 555.025083][T17010] genl_family_rcv_msg_doit+0x211/0x310 [ 555.030643][T17010] ? end_current_label_crit_section+0x170/0x170 [ 555.036902][T17010] ? genl_family_rcv_msg_dumpit+0x310/0x310 [ 555.042824][T17010] ? bpf_lsm_capable+0x9/0x10 [ 555.047518][T17010] ? security_capable+0x89/0xb0 [ 555.052390][T17010] genl_rcv_msg+0x619/0x7a0 [ 555.056925][T17010] ? genl_bind+0x360/0x360 [ 555.061350][T17010] ? hwsim_tx_info_frame_received_nl+0xd60/0xd60 [ 555.067690][T17010] ? perf_trace_lock+0x304/0x3b0 [ 555.072661][T17010] netlink_rcv_skb+0x241/0x4d0 [ 555.077446][T17010] ? genl_bind+0x360/0x360 [ 555.081881][T17010] ? netlink_ack+0x1180/0x1180 [ 555.086685][T17010] ? __lock_acquire+0x7d40/0x7d40 [ 555.091739][T17010] ? down_read+0x1ac/0x2e0 [ 555.096176][T17010] genl_rcv+0x28/0x40 [ 555.100173][T17010] netlink_unicast+0x751/0x8d0 [ 555.104967][T17010] netlink_sendmsg+0x8d0/0xbf0 [ 555.109752][T17010] ? perf_trace_lock+0x304/0x3b0 [ 555.114714][T17010] ? netlink_getsockopt+0x590/0x590 [ 555.119928][T17010] ? aa_sock_msg_perm+0x94/0x150 [ 555.124884][T17010] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 555.130184][T17010] ? security_socket_sendmsg+0x80/0xa0 [ 555.135652][T17010] ? netlink_getsockopt+0x590/0x590 [ 555.140892][T17010] ____sys_sendmsg+0x5ba/0x960 [ 555.145685][T17010] ? __asan_memset+0x22/0x40 [ 555.150287][T17010] ? __sys_sendmsg_sock+0x30/0x30 [ 555.155320][T17010] ? __import_iovec+0x5f2/0x850 [ 555.160194][T17010] ? import_iovec+0x73/0xa0 [ 555.164710][T17010] ___sys_sendmsg+0x2a6/0x360 [ 555.169410][T17010] ? __sys_sendmsg+0x2a0/0x2a0 [ 555.174259][T17010] __se_sys_sendmsg+0x1c2/0x2b0 [ 555.179126][T17010] ? __x64_sys_sendmsg+0x80/0x80 [ 555.184101][T17010] ? lockdep_hardirqs_on+0x98/0x150 [ 555.189321][T17010] do_syscall_64+0x55/0xb0 [ 555.193750][T17010] ? clear_bhb_loop+0x40/0x90 [ 555.198433][T17010] ? clear_bhb_loop+0x40/0x90 [ 555.203120][T17010] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 555.209030][T17010] RIP: 0033:0x7f4b4339ce59 [ 555.213459][T17010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 555.233083][T17010] RSP: 002b:00007f4b44184028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 555.241515][T17010] RAX: ffffffffffffffda RBX: 00007f4b43616090 RCX: 00007f4b4339ce59 [ 555.249497][T17010] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b [ 555.257478][T17010] RBP: 00007f4b43432e6f R08: 0000000000000000 R09: 0000000000000000 [ 555.265456][T17010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.273431][T17010] R13: 00007f4b43616128 R14: 00007f4b43616090 R15: 00007ffe920bdcb8 [ 555.281441][T17010] [ 555.987877][T17042] .`: renamed from bond0 (while UP) [ 556.136598][T17046] __nla_validate_parse: 13 callbacks suppressed [ 556.136617][T17046] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.3924'. [ 556.177450][T17046] validate_nla: 6 callbacks suppressed [ 556.177467][T17046] netlink: 'syz.2.3924': attribute type 5 has an invalid length. [ 556.567585][T17065] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3930'. [ 556.895834][T17071] netlink: 'syz.1.3934': attribute type 4 has an invalid length. [ 556.910654][T17071] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3934'. [ 556.938609][T17074] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.3935'. [ 556.957867][T17074] netlink: 'syz.2.3935': attribute type 5 has an invalid length. [ 557.616291][T17094] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3944'. [ 557.907802][T17101] netlink: 'syz.1.3946': attribute type 4 has an invalid length. [ 557.915824][T17101] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3946'. [ 558.012808][T17103] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3947'. [ 558.110715][T17103] netlink: 'syz.3.3947': attribute type 5 has an invalid length. [ 558.135833][T17111] FAULT_INJECTION: forcing a failure. [ 558.135833][T17111] name failslab, interval 1, probability 0, space 0, times 0 [ 558.155533][T17111] CPU: 0 PID: 17111 Comm: syz.2.3948 Not tainted syzkaller #0 [ 558.163055][T17111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 558.173139][T17111] Call Trace: [ 558.176448][T17111] [ 558.179399][T17111] dump_stack_lvl+0x18c/0x250 [ 558.184101][T17111] ? sctp_sendmsg+0x15d2/0x2910 [ 558.188997][T17111] ? ___sys_sendmsg+0x2a6/0x360 [ 558.193877][T17111] ? show_regs_print_info+0x20/0x20 [ 558.199103][T17111] ? load_image+0x420/0x420 [ 558.203639][T17111] should_fail_ex+0x39d/0x4d0 [ 558.208365][T17111] should_failslab+0x9/0x20 [ 558.212904][T17111] slab_pre_alloc_hook+0x59/0x310 [ 558.217963][T17111] ? sctp_add_bind_addr+0x8c/0x360 [ 558.223104][T17111] __kmem_cache_alloc_node+0x53/0x250 [ 558.228509][T17111] ? sctp_add_bind_addr+0x8c/0x360 [ 558.233654][T17111] kmalloc_trace+0x2a/0xe0 [ 558.238116][T17111] sctp_add_bind_addr+0x8c/0x360 [ 558.243106][T17111] sctp_copy_local_addr_list+0x315/0x4f0 [ 558.248790][T17111] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 558.254542][T17111] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 558.260637][T17111] ? sctp_v4_is_any+0x35/0x60 [ 558.265346][T17111] ? sctp_copy_one_addr+0x8c/0x350 [ 558.270489][T17111] sctp_bind_addr_copy+0xb3/0x3c0 [ 558.275537][T17111] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 558.281893][T17111] sctp_connect_new_asoc+0x2f9/0x6a0 [ 558.287209][T17111] ? __sctp_connect+0xd80/0xd80 [ 558.292083][T17111] ? __local_bh_enable_ip+0x13a/0x1c0 [ 558.297473][T17111] ? _local_bh_enable+0xa0/0xa0 [ 558.302338][T17111] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 558.308168][T17111] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 558.314004][T17111] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 558.319572][T17111] ? security_sctp_bind_connect+0x89/0xb0 [ 558.325320][T17111] sctp_sendmsg+0x15d2/0x2910 [ 558.330042][T17111] ? sctp_getsockopt+0xb60/0xb60 [ 558.335007][T17111] ? aa_sk_perm+0x83c/0x970 [ 558.339545][T17111] ? aa_af_perm+0x330/0x330 [ 558.344068][T17111] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 558.350508][T17111] ? sock_rps_record_flow+0x19/0x3f0 [ 558.355831][T17111] ? inet_sendmsg+0x7c/0x2f0 [ 558.360443][T17111] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 558.365754][T17111] ? security_socket_sendmsg+0x80/0xa0 [ 558.371241][T17111] ? inet_send_prepare+0x260/0x260 [ 558.376387][T17111] ____sys_sendmsg+0x5ba/0x960 [ 558.381178][T17111] ? __lock_acquire+0x7d40/0x7d40 [ 558.386231][T17111] ? __asan_memset+0x22/0x40 [ 558.390847][T17111] ? __sys_sendmsg_sock+0x30/0x30 [ 558.395896][T17111] ? __import_iovec+0x5f2/0x850 [ 558.400777][T17111] ? import_iovec+0x73/0xa0 [ 558.405307][T17111] ___sys_sendmsg+0x2a6/0x360 [ 558.410011][T17111] ? get_pid_task+0x20/0x1e0 [ 558.414633][T17111] ? __sys_sendmsg+0x2a0/0x2a0 [ 558.419449][T17111] ? __lock_acquire+0x7d40/0x7d40 [ 558.424519][T17111] __se_sys_sendmsg+0x1c2/0x2b0 [ 558.429408][T17111] ? __x64_sys_sendmsg+0x80/0x80 [ 558.434386][T17111] ? lockdep_hardirqs_on+0x98/0x150 [ 558.439619][T17111] do_syscall_64+0x55/0xb0 [ 558.444066][T17111] ? clear_bhb_loop+0x40/0x90 [ 558.448758][T17111] ? clear_bhb_loop+0x40/0x90 [ 558.453452][T17111] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 558.459364][T17111] RIP: 0033:0x7ff80e59ce59 [ 558.463798][T17111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 558.483435][T17111] RSP: 002b:00007ff80f504028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 558.491888][T17111] RAX: ffffffffffffffda RBX: 00007ff80e816180 RCX: 00007ff80e59ce59 [ 558.499886][T17111] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 558.507883][T17111] RBP: 00007ff80f504090 R08: 0000000000000000 R09: 0000000000000000 [ 558.515874][T17111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 558.523869][T17111] R13: 00007ff80e816218 R14: 00007ff80e816180 R15: 00007ffd61af71b8 [ 558.531891][T17111] [ 558.613024][T17113] netlink: 'syz.3.3950': attribute type 9 has an invalid length. [ 558.620977][T17113] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3950'. [ 558.685092][T17114] netlink: 'syz.3.3950': attribute type 9 has an invalid length. [ 558.692892][T17114] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3950'. [ 558.712197][T17113] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3950'. [ 559.425602][T17141] netlink: 'syz.1.3961': attribute type 9 has an invalid length. [ 559.480947][T17142] netlink: 'syz.1.3961': attribute type 9 has an invalid length. [ 559.591739][T17144] FAULT_INJECTION: forcing a failure. [ 559.591739][T17144] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 559.605549][T17144] CPU: 1 PID: 17144 Comm: syz.1.3962 Not tainted syzkaller #0 [ 559.613022][T17144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 559.623092][T17144] Call Trace: [ 559.626380][T17144] [ 559.629319][T17144] dump_stack_lvl+0x18c/0x250 [ 559.634006][T17144] ? show_regs_print_info+0x20/0x20 [ 559.639207][T17144] ? load_image+0x420/0x420 [ 559.643710][T17144] ? __might_fault+0xaa/0x120 [ 559.648391][T17144] ? __lock_acquire+0x7d40/0x7d40 [ 559.653425][T17144] should_fail_ex+0x39d/0x4d0 [ 559.658117][T17144] _copy_from_user+0x2f/0xe0 [ 559.662709][T17144] __sys_bpf+0x23e/0x890 [ 559.666952][T17144] ? bpf_link_show_fdinfo+0x390/0x390 [ 559.672340][T17144] ? lock_chain_count+0x20/0x20 [ 559.677197][T17144] __x64_sys_bpf+0x7c/0x90 [ 559.681612][T17144] do_syscall_64+0x55/0xb0 [ 559.686025][T17144] ? clear_bhb_loop+0x40/0x90 [ 559.690702][T17144] ? clear_bhb_loop+0x40/0x90 [ 559.695394][T17144] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 559.701317][T17144] RIP: 0033:0x7f4b4339ce59 [ 559.705741][T17144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 559.725365][T17144] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 559.733786][T17144] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 559.741758][T17144] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a [ 559.749729][T17144] RBP: 00007f4b441a5090 R08: 0000000000000000 R09: 0000000000000000 [ 559.757703][T17144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 559.765673][T17144] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 559.773664][T17144] [ 560.177975][T17163] netlink: 'syz.2.3970': attribute type 9 has an invalid length. [ 561.417525][T17203] __nla_validate_parse: 7 callbacks suppressed [ 561.417539][T17203] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3982'. [ 561.571743][T17205] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.3983'. [ 561.648426][T17205] validate_nla: 1 callbacks suppressed [ 561.648486][T17205] netlink: 'syz.1.3983': attribute type 5 has an invalid length. [ 561.895520][T17212] netlink: 'syz.2.3985': attribute type 9 has an invalid length. [ 561.914673][T17212] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3985'. [ 562.023778][T17215] netlink: 'syz.2.3985': attribute type 9 has an invalid length. [ 562.032131][T17215] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3985'. [ 562.067898][T17218] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.3985'. [ 562.484192][T17229] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3992'. [ 562.859742][T17236] wg2: entered promiscuous mode [ 562.869395][T17236] wg2: entered allmulticast mode [ 562.902633][T17241] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.3996'. [ 562.950732][T17241] netlink: 'syz.3.3996': attribute type 5 has an invalid length. [ 563.102338][T17249] netlink: 'syz.3.3999': attribute type 9 has an invalid length. [ 563.110404][T17249] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3999'. [ 563.162108][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.169784][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.240436][T17252] netlink: 'syz.3.3999': attribute type 9 has an invalid length. [ 563.260926][T17252] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3999'. [ 563.271501][T17255] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.3999'. [ 563.281865][T17254] netlink: 'syz.1.4000': attribute type 9 has an invalid length. [ 563.342910][T17256] netlink: 'syz.1.4000': attribute type 9 has an invalid length. [ 563.582703][T17260] netlink: 'syz.0.4002': attribute type 5 has an invalid length. [ 563.666803][T17265] netlink: del zone limit has 8 unknown bytes [ 564.105512][T17277] netlink: 'syz.0.4010': attribute type 5 has an invalid length. [ 564.247375][T17291] FAULT_INJECTION: forcing a failure. [ 564.247375][T17291] name failslab, interval 1, probability 0, space 0, times 0 [ 564.277724][T17291] CPU: 0 PID: 17291 Comm: syz.3.4014 Not tainted syzkaller #0 [ 564.285271][T17291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 564.295363][T17291] Call Trace: [ 564.298677][T17291] [ 564.301641][T17291] dump_stack_lvl+0x18c/0x250 [ 564.306354][T17291] ? sctp_sendmsg+0x15d2/0x2910 [ 564.311222][T17291] ? ___sys_sendmsg+0x2a6/0x360 [ 564.316083][T17291] ? show_regs_print_info+0x20/0x20 [ 564.321296][T17291] ? load_image+0x420/0x420 [ 564.325816][T17291] should_fail_ex+0x39d/0x4d0 [ 564.330511][T17291] should_failslab+0x9/0x20 [ 564.335031][T17291] slab_pre_alloc_hook+0x59/0x310 [ 564.340067][T17291] ? sctp_add_bind_addr+0x8c/0x360 [ 564.345186][T17291] __kmem_cache_alloc_node+0x53/0x250 [ 564.350566][T17291] ? sctp_add_bind_addr+0x8c/0x360 [ 564.355686][T17291] kmalloc_trace+0x2a/0xe0 [ 564.360116][T17291] sctp_add_bind_addr+0x8c/0x360 [ 564.365066][T17291] sctp_copy_local_addr_list+0x315/0x4f0 [ 564.370743][T17291] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 564.376469][T17291] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 564.382548][T17291] ? sctp_v4_is_any+0x35/0x60 [ 564.387235][T17291] ? sctp_copy_one_addr+0x8c/0x350 [ 564.392356][T17291] sctp_bind_addr_copy+0xb3/0x3c0 [ 564.397392][T17291] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 564.403731][T17291] sctp_connect_new_asoc+0x2f9/0x6a0 [ 564.409032][T17291] ? __sctp_connect+0xd80/0xd80 [ 564.413886][T17291] ? __local_bh_enable_ip+0x13a/0x1c0 [ 564.419264][T17291] ? _local_bh_enable+0xa0/0xa0 [ 564.424110][T17291] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 564.429924][T17291] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 564.435740][T17291] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 564.441296][T17291] ? security_sctp_bind_connect+0x89/0xb0 [ 564.447025][T17291] sctp_sendmsg+0x15d2/0x2910 [ 564.451769][T17291] ? sctp_getsockopt+0xb60/0xb60 [ 564.456718][T17291] ? aa_sk_perm+0x83c/0x970 [ 564.461227][T17291] ? aa_af_perm+0x330/0x330 [ 564.465726][T17291] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 564.472150][T17291] ? sock_rps_record_flow+0x19/0x3f0 [ 564.477445][T17291] ? inet_sendmsg+0x7c/0x2f0 [ 564.482060][T17291] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 564.487370][T17291] ? security_socket_sendmsg+0x80/0xa0 [ 564.492851][T17291] ? inet_send_prepare+0x260/0x260 [ 564.498005][T17291] ____sys_sendmsg+0x5ba/0x960 [ 564.502793][T17291] ? __lock_acquire+0x7d40/0x7d40 [ 564.507830][T17291] ? __asan_memset+0x22/0x40 [ 564.512425][T17291] ? __sys_sendmsg_sock+0x30/0x30 [ 564.517461][T17291] ? __import_iovec+0x5f2/0x850 [ 564.522315][T17291] ? import_iovec+0x73/0xa0 [ 564.526818][T17291] ___sys_sendmsg+0x2a6/0x360 [ 564.531495][T17291] ? get_pid_task+0x20/0x1e0 [ 564.536093][T17291] ? __sys_sendmsg+0x2a0/0x2a0 [ 564.540871][T17291] ? __lock_acquire+0x7d40/0x7d40 [ 564.545917][T17291] __se_sys_sendmsg+0x1c2/0x2b0 [ 564.550780][T17291] ? __x64_sys_sendmsg+0x80/0x80 [ 564.555739][T17291] ? lockdep_hardirqs_on+0x98/0x150 [ 564.561009][T17291] do_syscall_64+0x55/0xb0 [ 564.565562][T17291] ? clear_bhb_loop+0x40/0x90 [ 564.570246][T17291] ? clear_bhb_loop+0x40/0x90 [ 564.574927][T17291] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 564.580823][T17291] RIP: 0033:0x7f7b9b39ce59 [ 564.585236][T17291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 564.604844][T17291] RSP: 002b:00007f7b9c1c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 564.613264][T17291] RAX: ffffffffffffffda RBX: 00007f7b9b616180 RCX: 00007f7b9b39ce59 [ 564.621236][T17291] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 564.629207][T17291] RBP: 00007f7b9c1c2090 R08: 0000000000000000 R09: 0000000000000000 [ 564.637173][T17291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 564.645140][T17291] R13: 00007f7b9b616218 R14: 00007f7b9b616180 R15: 00007ffe61f429c8 [ 564.653126][T17291] [ 569.397320][T17402] __nla_validate_parse: 13 callbacks suppressed [ 569.397373][T17402] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.4054'. [ 569.488300][T17402] validate_nla: 7 callbacks suppressed [ 569.488552][T17402] netlink: 'syz.2.4054': attribute type 5 has an invalid length. [ 569.877744][T17424] FAULT_INJECTION: forcing a failure. [ 569.877744][T17424] name failslab, interval 1, probability 0, space 0, times 0 [ 569.890843][T17424] CPU: 1 PID: 17424 Comm: syz.0.4062 Not tainted syzkaller #0 [ 569.898317][T17424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 569.908371][T17424] Call Trace: [ 569.911649][T17424] [ 569.914574][T17424] dump_stack_lvl+0x18c/0x250 [ 569.919288][T17424] ? show_regs_print_info+0x20/0x20 [ 569.924510][T17424] ? load_image+0x420/0x420 [ 569.929032][T17424] should_fail_ex+0x39d/0x4d0 [ 569.933719][T17424] should_failslab+0x9/0x20 [ 569.938226][T17424] slab_pre_alloc_hook+0x59/0x310 [ 569.943257][T17424] kmem_cache_alloc+0x5a/0x2d0 [ 569.948025][T17424] ? sctp_get_port_local+0x6d4/0x1620 [ 569.953410][T17424] sctp_get_port_local+0x6d4/0x1620 [ 569.958623][T17424] ? sctp_do_bind+0x990/0x990 [ 569.963305][T17424] ? sctp_bind_addr_match+0x30/0x2a0 [ 569.968598][T17424] sctp_do_bind+0x555/0x990 [ 569.973115][T17424] sctp_connect_new_asoc+0x26a/0x6a0 [ 569.978403][T17424] ? __sctp_connect+0xd80/0xd80 [ 569.983262][T17424] ? mark_lock+0x94/0x320 [ 569.987592][T17424] ? sctp_endpoint_lookup_assoc+0xd1/0x260 [ 569.993404][T17424] __sctp_connect+0x5b7/0xd80 [ 569.998098][T17424] ? sctp_send_asconf+0x170/0x170 [ 570.003123][T17424] ? __local_bh_enable_ip+0x13a/0x1c0 [ 570.008495][T17424] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 570.014044][T17424] ? security_sctp_bind_connect+0x89/0xb0 [ 570.019769][T17424] sctp_setsockopt_connectx+0x104/0x1a0 [ 570.025321][T17424] sctp_setsockopt+0x6d8/0x11e0 [ 570.030180][T17424] ? sock_common_recvmsg+0x190/0x190 [ 570.035469][T17424] do_sock_setsockopt+0x175/0x1a0 [ 570.040499][T17424] ? __fdget+0x180/0x210 [ 570.044753][T17424] __x64_sys_setsockopt+0x182/0x200 [ 570.049963][T17424] do_syscall_64+0x55/0xb0 [ 570.054383][T17424] ? clear_bhb_loop+0x40/0x90 [ 570.059062][T17424] ? clear_bhb_loop+0x40/0x90 [ 570.063738][T17424] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 570.069637][T17424] RIP: 0033:0x7fcf9499ce59 [ 570.074058][T17424] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.093695][T17424] RSP: 002b:00007fcf95875028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 570.102114][T17424] RAX: ffffffffffffffda RBX: 00007fcf94c15fa0 RCX: 00007fcf9499ce59 [ 570.110083][T17424] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000006 [ 570.118051][T17424] RBP: 00007fcf95875090 R08: 0000000000000010 R09: 0000000000000000 [ 570.126026][T17424] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 570.134000][T17424] R13: 00007fcf94c16038 R14: 00007fcf94c15fa0 R15: 00007ffc96492048 [ 570.141988][T17424] [ 570.147036][T17425] FAULT_INJECTION: forcing a failure. [ 570.147036][T17425] name failslab, interval 1, probability 0, space 0, times 0 [ 570.163035][T17425] CPU: 1 PID: 17425 Comm: syz.3.4061 Not tainted syzkaller #0 [ 570.170547][T17425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 570.180630][T17425] Call Trace: [ 570.183936][T17425] [ 570.186900][T17425] dump_stack_lvl+0x18c/0x250 [ 570.191614][T17425] ? sctp_sendmsg+0x15d2/0x2910 [ 570.196500][T17425] ? ___sys_sendmsg+0x2a6/0x360 [ 570.201378][T17425] ? show_regs_print_info+0x20/0x20 [ 570.206579][T17425] ? load_image+0x420/0x420 [ 570.211086][T17425] should_fail_ex+0x39d/0x4d0 [ 570.215787][T17425] should_failslab+0x9/0x20 [ 570.220312][T17425] slab_pre_alloc_hook+0x59/0x310 [ 570.225369][T17425] ? sctp_add_bind_addr+0x8c/0x360 [ 570.230510][T17425] __kmem_cache_alloc_node+0x53/0x250 [ 570.235913][T17425] ? sctp_add_bind_addr+0x8c/0x360 [ 570.241057][T17425] kmalloc_trace+0x2a/0xe0 [ 570.245503][T17425] sctp_add_bind_addr+0x8c/0x360 [ 570.250473][T17425] sctp_copy_local_addr_list+0x315/0x4f0 [ 570.256141][T17425] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 570.261896][T17425] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 570.268010][T17425] ? sctp_v4_is_any+0x35/0x60 [ 570.272716][T17425] ? sctp_copy_one_addr+0x8c/0x350 [ 570.277865][T17425] sctp_bind_addr_copy+0xb3/0x3c0 [ 570.282921][T17425] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 570.289303][T17425] sctp_connect_new_asoc+0x2f9/0x6a0 [ 570.294632][T17425] ? __sctp_connect+0xd80/0xd80 [ 570.299513][T17425] ? __local_bh_enable_ip+0x13a/0x1c0 [ 570.304921][T17425] ? _local_bh_enable+0xa0/0xa0 [ 570.309813][T17425] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 570.315663][T17425] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 570.321515][T17425] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 570.327100][T17425] ? security_sctp_bind_connect+0x89/0xb0 [ 570.332846][T17425] sctp_sendmsg+0x15d2/0x2910 [ 570.337563][T17425] ? sctp_getsockopt+0xb60/0xb60 [ 570.342518][T17425] ? aa_sk_perm+0x83c/0x970 [ 570.347040][T17425] ? aa_af_perm+0x330/0x330 [ 570.351543][T17425] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 570.357965][T17425] ? sock_rps_record_flow+0x19/0x3f0 [ 570.363257][T17425] ? inet_sendmsg+0x7c/0x2f0 [ 570.367849][T17425] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 570.373136][T17425] ? security_socket_sendmsg+0x80/0xa0 [ 570.378593][T17425] ? inet_send_prepare+0x260/0x260 [ 570.383711][T17425] ____sys_sendmsg+0x5ba/0x960 [ 570.388476][T17425] ? __lock_acquire+0x7d40/0x7d40 [ 570.393508][T17425] ? __asan_memset+0x22/0x40 [ 570.398101][T17425] ? __sys_sendmsg_sock+0x30/0x30 [ 570.403128][T17425] ? __import_iovec+0x5f2/0x850 [ 570.407991][T17425] ? import_iovec+0x73/0xa0 [ 570.412496][T17425] ___sys_sendmsg+0x2a6/0x360 [ 570.417174][T17425] ? get_pid_task+0x20/0x1e0 [ 570.421774][T17425] ? __sys_sendmsg+0x2a0/0x2a0 [ 570.426554][T17425] ? __lock_acquire+0x7d40/0x7d40 [ 570.431598][T17425] __se_sys_sendmsg+0x1c2/0x2b0 [ 570.436450][T17425] ? __x64_sys_sendmsg+0x80/0x80 [ 570.441400][T17425] ? lockdep_hardirqs_on+0x98/0x150 [ 570.446613][T17425] do_syscall_64+0x55/0xb0 [ 570.451031][T17425] ? clear_bhb_loop+0x40/0x90 [ 570.455703][T17425] ? clear_bhb_loop+0x40/0x90 [ 570.460379][T17425] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 570.466280][T17425] RIP: 0033:0x7f7b9b39ce59 [ 570.470700][T17425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.490313][T17425] RSP: 002b:00007f7b9c1c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 570.498765][T17425] RAX: ffffffffffffffda RBX: 00007f7b9b616180 RCX: 00007f7b9b39ce59 [ 570.506740][T17425] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 570.514725][T17425] RBP: 00007f7b9c1c2090 R08: 0000000000000000 R09: 0000000000000000 [ 570.522711][T17425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 570.530688][T17425] R13: 00007f7b9b616218 R14: 00007f7b9b616180 R15: 00007ffe61f429c8 [ 570.538686][T17425] [ 570.666133][T17432] netlink: 184 bytes leftover after parsing attributes in process `syz.0.4073'. [ 570.894507][T17437] syzkaller0: entered promiscuous mode [ 570.922243][T17437] syzkaller0: entered allmulticast mode [ 571.129643][T17446] netlink: 'syz.0.4070': attribute type 3 has an invalid length. [ 571.148116][T17446] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4070'. [ 571.202748][T17446] netlink: 63503 bytes leftover after parsing attributes in process `syz.0.4070'. [ 572.216887][T17474] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4079'. [ 572.323152][T17474] netlink: 'syz.3.4079': attribute type 5 has an invalid length. [ 572.639134][T17486] netlink: 'syz.3.4084': attribute type 2 has an invalid length. [ 572.674773][T17486] netlink: 'syz.3.4084': attribute type 1 has an invalid length. [ 572.691228][T17486] netlink: 198036 bytes leftover after parsing attributes in process `syz.3.4084'. [ 572.708259][T17490] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4084'. [ 572.897010][T17497] netlink: 'syz.3.4088': attribute type 10 has an invalid length. [ 572.955712][T17497] .`: (slave dummy0): Releasing backup interface [ 572.970385][T17497] dummy0: entered promiscuous mode [ 572.992058][T17497] dummy0: entered allmulticast mode [ 573.021035][T17497] team0: Port device dummy0 added [ 573.041383][T17500] netlink: 'syz.3.4088': attribute type 10 has an invalid length. [ 573.050564][T17500] dummy0: left promiscuous mode [ 573.057551][T17500] dummy0: left allmulticast mode [ 573.073395][T17500] team0: Port device dummy0 removed [ 573.327303][T17517] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4101'. [ 573.370327][T17519] netlink: 'syz.2.4094': attribute type 9 has an invalid length. [ 573.378897][T17519] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4094'. [ 573.598234][T17524] netlink: 'syz.2.4094': attribute type 9 has an invalid length. [ 573.642723][T17524] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4094'. [ 575.254042][T17570] netlink: 'syz.0.4114': attribute type 10 has an invalid length. [ 575.266475][T17570] team0: Device hsr_slave_0 failed to register rx_handler [ 575.465746][ T5782] Bluetooth: hci2: command 0x0406 tx timeout [ 575.724808][T17594] FAULT_INJECTION: forcing a failure. [ 575.724808][T17594] name failslab, interval 1, probability 0, space 0, times 0 [ 575.737696][T17594] CPU: 1 PID: 17594 Comm: syz.1.4122 Not tainted syzkaller #0 [ 575.745189][T17594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 575.755282][T17594] Call Trace: [ 575.758583][T17594] [ 575.761530][T17594] dump_stack_lvl+0x18c/0x250 [ 575.766239][T17594] ? sctp_sendmsg+0x15d2/0x2910 [ 575.771122][T17594] ? ___sys_sendmsg+0x2a6/0x360 [ 575.776010][T17594] ? show_regs_print_info+0x20/0x20 [ 575.781242][T17594] ? load_image+0x420/0x420 [ 575.785788][T17594] should_fail_ex+0x39d/0x4d0 [ 575.790516][T17594] should_failslab+0x9/0x20 [ 575.795058][T17594] slab_pre_alloc_hook+0x59/0x310 [ 575.800131][T17594] ? sctp_add_bind_addr+0x8c/0x360 [ 575.805280][T17594] __kmem_cache_alloc_node+0x53/0x250 [ 575.805620][T17592] syzkaller0: entered promiscuous mode [ 575.810684][T17594] ? sctp_add_bind_addr+0x8c/0x360 [ 575.810712][T17594] kmalloc_trace+0x2a/0xe0 [ 575.810737][T17594] sctp_add_bind_addr+0x8c/0x360 [ 575.810762][T17594] sctp_copy_local_addr_list+0x315/0x4f0 [ 575.810793][T17594] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 575.810815][T17594] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 575.810846][T17594] ? sctp_v4_is_any+0x35/0x60 [ 575.810866][T17594] ? sctp_copy_one_addr+0x8c/0x350 [ 575.810891][T17594] sctp_bind_addr_copy+0xb3/0x3c0 [ 575.810913][T17594] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 575.810941][T17594] sctp_connect_new_asoc+0x2f9/0x6a0 [ 575.810967][T17594] ? __sctp_connect+0xd80/0xd80 [ 575.810987][T17594] ? __local_bh_enable_ip+0x13a/0x1c0 [ 575.811006][T17594] ? _local_bh_enable+0xa0/0xa0 [ 575.811023][T17594] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 575.811044][T17594] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 575.811068][T17594] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 575.811089][T17594] ? security_sctp_bind_connect+0x89/0xb0 [ 575.811116][T17594] sctp_sendmsg+0x15d2/0x2910 [ 575.811150][T17594] ? sctp_getsockopt+0xb60/0xb60 [ 575.811173][T17594] ? aa_sk_perm+0x83c/0x970 [ 575.811200][T17594] ? aa_af_perm+0x330/0x330 [ 575.811214][T17594] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 575.811237][T17594] ? sock_rps_record_flow+0x19/0x3f0 [ 575.811264][T17594] ? inet_sendmsg+0x7c/0x2f0 [ 575.811285][T17594] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 575.811305][T17594] ? security_socket_sendmsg+0x80/0xa0 [ 575.811324][T17594] ? inet_send_prepare+0x260/0x260 [ 575.811350][T17594] ____sys_sendmsg+0x5ba/0x960 [ 575.811371][T17594] ? __lock_acquire+0x7d40/0x7d40 [ 575.811396][T17594] ? __asan_memset+0x22/0x40 [ 575.811419][T17594] ? __sys_sendmsg_sock+0x30/0x30 [ 575.811437][T17594] ? __import_iovec+0x5f2/0x850 [ 575.811470][T17594] ? import_iovec+0x73/0xa0 [ 575.811493][T17594] ___sys_sendmsg+0x2a6/0x360 [ 575.811513][T17594] ? get_pid_task+0x20/0x1e0 [ 575.811540][T17594] ? __sys_sendmsg+0x2a0/0x2a0 [ 575.811581][T17594] ? __lock_acquire+0x7d40/0x7d40 [ 575.811627][T17594] __se_sys_sendmsg+0x1c2/0x2b0 [ 575.817435][T17592] syzkaller0: entered allmulticast mode [ 575.822199][T17594] ? __x64_sys_sendmsg+0x80/0x80 [ 575.822246][T17594] ? lockdep_hardirqs_on+0x98/0x150 [ 575.822273][T17594] do_syscall_64+0x55/0xb0 [ 575.822291][T17594] ? clear_bhb_loop+0x40/0x90 [ 575.822306][T17594] ? clear_bhb_loop+0x40/0x90 [ 575.822324][T17594] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 575.822350][T17594] RIP: 0033:0x7f4b4339ce59 [ 575.822368][T17594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 576.075609][T17594] RSP: 002b:00007f4b415f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 576.084022][T17594] RAX: ffffffffffffffda RBX: 00007f4b43616180 RCX: 00007f4b4339ce59 [ 576.091990][T17594] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 576.099974][T17594] RBP: 00007f4b415f6090 R08: 0000000000000000 R09: 0000000000000000 [ 576.107941][T17594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 576.115909][T17594] R13: 00007f4b43616218 R14: 00007f4b43616180 R15: 00007ffe920bdcb8 [ 576.123888][T17594] [ 577.731922][T17631] FAULT_INJECTION: forcing a failure. [ 577.731922][T17631] name failslab, interval 1, probability 0, space 0, times 0 [ 577.761341][T17631] CPU: 0 PID: 17631 Comm: syz.1.4139 Not tainted syzkaller #0 [ 577.768863][T17631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 577.778918][T17631] Call Trace: [ 577.782196][T17631] [ 577.785120][T17631] dump_stack_lvl+0x18c/0x250 [ 577.789806][T17631] ? show_regs_print_info+0x20/0x20 [ 577.794998][T17631] ? load_image+0x420/0x420 [ 577.799495][T17631] ? __might_sleep+0xe0/0xe0 [ 577.804093][T17631] ? __lock_acquire+0x7d40/0x7d40 [ 577.809157][T17631] should_fail_ex+0x39d/0x4d0 [ 577.813842][T17631] should_failslab+0x9/0x20 [ 577.818343][T17631] slab_pre_alloc_hook+0x59/0x310 [ 577.823367][T17631] ? sk_prot_alloc+0xe7/0x210 [ 577.828046][T17631] ? sk_prot_alloc+0xe7/0x210 [ 577.832721][T17631] __kmem_cache_alloc_node+0x53/0x250 [ 577.838092][T17631] ? sk_prot_alloc+0xe7/0x210 [ 577.842762][T17631] __kmalloc+0xa4/0x230 [ 577.846914][T17631] sk_prot_alloc+0xe7/0x210 [ 577.851411][T17631] ? sk_alloc+0x24/0x360 [ 577.855650][T17631] sk_alloc+0x3a/0x360 [ 577.859716][T17631] ? bpf_ctx_init+0x163/0x1a0 [ 577.864397][T17631] ? bpf_prog_test_run_skb+0x279/0x18c0 [ 577.869945][T17631] bpf_prog_test_run_skb+0x3d1/0x18c0 [ 577.875316][T17631] ? lockdep_hardirqs_on+0x98/0x150 [ 577.880517][T17631] ? cpu_online+0x60/0x60 [ 577.884857][T17631] bpf_prog_test_run+0x321/0x390 [ 577.889815][T17631] __sys_bpf+0x49d/0x890 [ 577.894073][T17631] ? bpf_link_show_fdinfo+0x390/0x390 [ 577.899448][T17631] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 577.905610][T17631] __x64_sys_bpf+0x7c/0x90 [ 577.910022][T17631] do_syscall_64+0x55/0xb0 [ 577.914429][T17631] ? clear_bhb_loop+0x40/0x90 [ 577.919115][T17631] ? clear_bhb_loop+0x40/0x90 [ 577.923777][T17631] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 577.929667][T17631] RIP: 0033:0x7f4b4339ce59 [ 577.934074][T17631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 577.953676][T17631] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 577.962089][T17631] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 577.970077][T17631] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a [ 577.978050][T17631] RBP: 00007f4b441a5090 R08: 0000000000000000 R09: 0000000000000000 [ 577.986016][T17631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.993981][T17631] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 578.001957][T17631] [ 579.265971][T17643] netlink: 'syz.1.4143': attribute type 10 has an invalid length. [ 579.290581][T17643] .`: (slave dummy0): Releasing backup interface [ 579.303221][T17643] team0: Port device dummy0 added [ 579.318748][T17646] netlink: 'syz.1.4143': attribute type 10 has an invalid length. [ 579.348181][T17646] team0: Port device dummy0 removed [ 579.605820][T17662] netlink: 'syz.1.4149': attribute type 29 has an invalid length. [ 579.632783][T17662] netlink: 'syz.1.4149': attribute type 29 has an invalid length. [ 579.661819][T17665] netlink: 'syz.1.4149': attribute type 29 has an invalid length. [ 579.672756][T17663] netlink: 'syz.3.4150': attribute type 3 has an invalid length. [ 579.696235][T17662] netlink: 'syz.1.4149': attribute type 29 has an invalid length. [ 579.704743][T17663] __nla_validate_parse: 1 callbacks suppressed [ 579.704758][T17663] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.4150'. [ 579.736893][T17662] netlink: 'syz.1.4149': attribute type 29 has an invalid length. [ 579.863558][T17669] netlink: 'syz.0.4151': attribute type 9 has an invalid length. [ 579.872560][T17669] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4151'. [ 580.055496][T17670] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4151'. [ 580.777605][T17699] validate_nla: 2 callbacks suppressed [ 580.777625][T17699] netlink: 'syz.2.4161': attribute type 21 has an invalid length. [ 580.793539][T17699] netlink: 'syz.2.4161': attribute type 1 has an invalid length. [ 580.804728][T17699] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4161'. [ 580.871636][T17703] mac80211_hwsim hwsim119 wlan1: entered promiscuous mode [ 580.890908][T17703] mac80211_hwsim hwsim119 wlan1: entered allmulticast mode [ 581.168130][T17716] FAULT_INJECTION: forcing a failure. [ 581.168130][T17716] name failslab, interval 1, probability 0, space 0, times 0 [ 581.181021][T17716] CPU: 1 PID: 17716 Comm: syz.1.4168 Not tainted syzkaller #0 [ 581.188523][T17716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 581.198610][T17716] Call Trace: [ 581.201915][T17716] [ 581.204844][T17716] dump_stack_lvl+0x18c/0x250 [ 581.209529][T17716] ? show_regs_print_info+0x20/0x20 [ 581.214737][T17716] ? load_image+0x420/0x420 [ 581.219246][T17716] ? __might_sleep+0xe0/0xe0 [ 581.223838][T17716] ? __lock_acquire+0x7d40/0x7d40 [ 581.228871][T17716] ? rcu_is_watching+0x15/0xb0 [ 581.233660][T17716] should_fail_ex+0x39d/0x4d0 [ 581.238367][T17716] should_failslab+0x9/0x20 [ 581.242900][T17716] slab_pre_alloc_hook+0x59/0x310 [ 581.247965][T17716] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 581.253899][T17716] __kmem_cache_alloc_node+0x53/0x250 [ 581.259313][T17716] ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 581.265235][T17716] kmalloc_trace+0x2a/0xe0 [ 581.269661][T17716] sctp_auth_asoc_copy_shkeys+0x14e/0x5a0 [ 581.275396][T17716] sctp_association_new+0x15d3/0x25c0 [ 581.280790][T17716] sctp_connect_new_asoc+0x2de/0x6a0 [ 581.286083][T17716] ? __sctp_connect+0xd80/0xd80 [ 581.290939][T17716] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 581.296752][T17716] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 581.302560][T17716] ? sctp_endpoint_lookup_assoc+0x22f/0x260 [ 581.308465][T17716] __sctp_connect+0x5b7/0xd80 [ 581.313149][T17716] ? sctp_send_asconf+0x170/0x170 [ 581.318176][T17716] ? __local_bh_enable_ip+0x13a/0x1c0 [ 581.323547][T17716] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 581.329109][T17716] ? security_sctp_bind_connect+0x89/0xb0 [ 581.334843][T17716] sctp_setsockopt_connectx+0x104/0x1a0 [ 581.340411][T17716] sctp_setsockopt+0x6d8/0x11e0 [ 581.345276][T17716] ? sock_common_recvmsg+0x190/0x190 [ 581.350569][T17716] do_sock_setsockopt+0x175/0x1a0 [ 581.355602][T17716] ? __fdget+0x180/0x210 [ 581.359859][T17716] __x64_sys_setsockopt+0x182/0x200 [ 581.365092][T17716] do_syscall_64+0x55/0xb0 [ 581.369559][T17716] ? clear_bhb_loop+0x40/0x90 [ 581.374266][T17716] ? clear_bhb_loop+0x40/0x90 [ 581.378944][T17716] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 581.384845][T17716] RIP: 0033:0x7f4b4339ce59 [ 581.389272][T17716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 581.408892][T17716] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 581.417318][T17716] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 581.425290][T17716] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000006 [ 581.433263][T17716] RBP: 00007f4b441a5090 R08: 0000000000000010 R09: 0000000000000000 [ 581.441243][T17716] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.449260][T17716] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 581.457300][T17716] [ 582.027192][T17740] FAULT_INJECTION: forcing a failure. [ 582.027192][T17740] name failslab, interval 1, probability 0, space 0, times 0 [ 582.041303][T17740] CPU: 1 PID: 17740 Comm: syz.3.4175 Not tainted syzkaller #0 [ 582.048818][T17740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 582.058888][T17740] Call Trace: [ 582.062177][T17740] [ 582.065111][T17740] dump_stack_lvl+0x18c/0x250 [ 582.069796][T17740] ? sctp_sendmsg+0x15d2/0x2910 [ 582.074655][T17740] ? ___sys_sendmsg+0x2a6/0x360 [ 582.079512][T17740] ? show_regs_print_info+0x20/0x20 [ 582.084714][T17740] ? load_image+0x420/0x420 [ 582.089235][T17740] should_fail_ex+0x39d/0x4d0 [ 582.093929][T17740] should_failslab+0x9/0x20 [ 582.098442][T17740] slab_pre_alloc_hook+0x59/0x310 [ 582.103478][T17740] ? sctp_add_bind_addr+0x8c/0x360 [ 582.108599][T17740] __kmem_cache_alloc_node+0x53/0x250 [ 582.113992][T17740] ? sctp_add_bind_addr+0x8c/0x360 [ 582.119112][T17740] kmalloc_trace+0x2a/0xe0 [ 582.123569][T17740] sctp_add_bind_addr+0x8c/0x360 [ 582.128523][T17740] sctp_copy_local_addr_list+0x315/0x4f0 [ 582.134175][T17740] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 582.139903][T17740] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 582.146008][T17740] ? sctp_v4_is_any+0x35/0x60 [ 582.150709][T17740] ? sctp_copy_one_addr+0x8c/0x350 [ 582.155835][T17740] sctp_bind_addr_copy+0xb3/0x3c0 [ 582.160874][T17740] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 582.167214][T17740] sctp_connect_new_asoc+0x2f9/0x6a0 [ 582.172542][T17740] ? __sctp_connect+0xd80/0xd80 [ 582.177424][T17740] ? __local_bh_enable_ip+0x13a/0x1c0 [ 582.182800][T17740] ? _local_bh_enable+0xa0/0xa0 [ 582.187660][T17740] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 582.193474][T17740] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 582.199286][T17740] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 582.204845][T17740] ? security_sctp_bind_connect+0x89/0xb0 [ 582.210579][T17740] sctp_sendmsg+0x15d2/0x2910 [ 582.215279][T17740] ? sctp_getsockopt+0xb60/0xb60 [ 582.220224][T17740] ? aa_sk_perm+0x83c/0x970 [ 582.224739][T17740] ? aa_af_perm+0x330/0x330 [ 582.229237][T17740] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 582.235664][T17740] ? sock_rps_record_flow+0x19/0x3f0 [ 582.240954][T17740] ? inet_sendmsg+0x7c/0x2f0 [ 582.245542][T17740] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 582.250851][T17740] ? security_socket_sendmsg+0x80/0xa0 [ 582.256330][T17740] ? inet_send_prepare+0x260/0x260 [ 582.261465][T17740] ____sys_sendmsg+0x5ba/0x960 [ 582.266235][T17740] ? __lock_acquire+0x7d40/0x7d40 [ 582.271268][T17740] ? __asan_memset+0x22/0x40 [ 582.275870][T17740] ? __sys_sendmsg_sock+0x30/0x30 [ 582.280899][T17740] ? __import_iovec+0x5f2/0x850 [ 582.285768][T17740] ? import_iovec+0x73/0xa0 [ 582.290284][T17740] ___sys_sendmsg+0x2a6/0x360 [ 582.294986][T17740] ? __sys_sendmsg+0x2a0/0x2a0 [ 582.299771][T17740] ? trace_call_bpf+0xc3/0x6c0 [ 582.304565][T17740] __se_sys_sendmsg+0x1c2/0x2b0 [ 582.309430][T17740] ? __x64_sys_sendmsg+0x80/0x80 [ 582.314423][T17740] ? lockdep_hardirqs_on+0x98/0x150 [ 582.319642][T17740] do_syscall_64+0x55/0xb0 [ 582.324063][T17740] ? clear_bhb_loop+0x40/0x90 [ 582.328739][T17740] ? clear_bhb_loop+0x40/0x90 [ 582.333418][T17740] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 582.339317][T17740] RIP: 0033:0x7f7b9b39ce59 [ 582.343754][T17740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 582.363389][T17740] RSP: 002b:00007f7b9c1c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 582.371814][T17740] RAX: ffffffffffffffda RBX: 00007f7b9b616180 RCX: 00007f7b9b39ce59 [ 582.379785][T17740] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 582.387753][T17740] RBP: 00007f7b9c1c2090 R08: 0000000000000000 R09: 0000000000000000 [ 582.395728][T17740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 582.403718][T17740] R13: 00007f7b9b616218 R14: 00007f7b9b616180 R15: 00007ffe61f429c8 [ 582.411704][T17740] [ 582.562145][T17747] mac80211_hwsim hwsim102 wlan0: entered promiscuous mode [ 582.570014][T17747] mac80211_hwsim hwsim102 wlan0: entered allmulticast mode [ 582.678099][T17750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4181'. [ 583.377580][T17771] FAULT_INJECTION: forcing a failure. [ 583.377580][T17771] name failslab, interval 1, probability 0, space 0, times 0 [ 583.412953][T17771] CPU: 1 PID: 17771 Comm: syz.2.4188 Not tainted syzkaller #0 [ 583.420491][T17771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 583.430577][T17771] Call Trace: [ 583.433888][T17771] [ 583.436838][T17771] dump_stack_lvl+0x18c/0x250 [ 583.441557][T17771] ? show_regs_print_info+0x20/0x20 [ 583.446797][T17771] ? load_image+0x420/0x420 [ 583.451338][T17771] ? __might_sleep+0xe0/0xe0 [ 583.455960][T17771] ? __lock_acquire+0x7d40/0x7d40 [ 583.461024][T17771] should_fail_ex+0x39d/0x4d0 [ 583.465749][T17771] should_failslab+0x9/0x20 [ 583.470286][T17771] slab_pre_alloc_hook+0x59/0x310 [ 583.475348][T17771] ? apparmor_sk_alloc_security+0x77/0x100 [ 583.481198][T17771] __kmem_cache_alloc_node+0x53/0x250 [ 583.486636][T17771] ? apparmor_sk_alloc_security+0x77/0x100 [ 583.492479][T17771] kmalloc_trace+0x2a/0xe0 [ 583.496944][T17771] apparmor_sk_alloc_security+0x77/0x100 [ 583.502621][T17771] security_sk_alloc+0x6e/0xa0 [ 583.507432][T17771] sk_prot_alloc+0x101/0x210 [ 583.512072][T17771] ? sk_alloc+0x24/0x360 [ 583.516355][T17771] sk_alloc+0x3a/0x360 [ 583.520485][T17771] ? bpf_ctx_init+0x163/0x1a0 [ 583.525196][T17771] ? bpf_prog_test_run_skb+0x279/0x18c0 [ 583.530798][T17771] bpf_prog_test_run_skb+0x3d1/0x18c0 [ 583.536208][T17771] ? __fget_files+0x28/0x4b0 [ 583.540825][T17771] ? __fget_files+0x43d/0x4b0 [ 583.545537][T17771] ? cpu_online+0x60/0x60 [ 583.549898][T17771] bpf_prog_test_run+0x321/0x390 [ 583.554859][T17771] __sys_bpf+0x49d/0x890 [ 583.559135][T17771] ? bpf_link_show_fdinfo+0x390/0x390 [ 583.564542][T17771] ? lock_chain_count+0x20/0x20 [ 583.569419][T17771] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 583.575437][T17771] __x64_sys_bpf+0x7c/0x90 [ 583.579886][T17771] do_syscall_64+0x55/0xb0 [ 583.584324][T17771] ? clear_bhb_loop+0x40/0x90 [ 583.589022][T17771] ? clear_bhb_loop+0x40/0x90 [ 583.593725][T17771] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 583.599648][T17771] RIP: 0033:0x7ff80e59ce59 [ 583.604083][T17771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.623723][T17771] RSP: 002b:00007ff80f546028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 583.632173][T17771] RAX: ffffffffffffffda RBX: 00007ff80e815fa0 RCX: 00007ff80e59ce59 [ 583.640188][T17771] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a [ 583.648190][T17771] RBP: 00007ff80f546090 R08: 0000000000000000 R09: 0000000000000000 [ 583.656185][T17771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 583.664186][T17771] R13: 00007ff80e816038 R14: 00007ff80e815fa0 R15: 00007ffd61af71b8 [ 583.672223][T17771] [ 584.070968][T17784] netlink: 'syz.2.4193': attribute type 5 has an invalid length. [ 584.140237][T17786] netlink: 'syz.1.4194': attribute type 9 has an invalid length. [ 584.148305][T17786] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4194'. [ 584.291181][T17788] netlink: 'syz.1.4194': attribute type 9 has an invalid length. [ 584.308735][T17788] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4194'. [ 584.408754][T17793] netlink: 'syz.0.4196': attribute type 4 has an invalid length. [ 584.416991][T17793] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4196'. [ 584.427946][T17793] .`: renamed from bond0 (while UP) [ 584.512504][T17789] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.4194'. [ 584.810649][T17804] netlink: 'syz.3.4199': attribute type 9 has an invalid length. [ 584.835064][T17804] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.4199'. [ 584.874519][T17804] netlink: 'syz.3.4199': attribute type 10 has an invalid length. [ 584.918873][T17804] .`: (slave netdevsim0): Enslaving as an active interface with an up link [ 585.403942][T17819] netlink: 'syz.1.4205': attribute type 10 has an invalid length. [ 585.613206][T17819] team0: Device wg1 is of different type [ 585.644424][T17832] netlink: 'syz.0.4208': attribute type 9 has an invalid length. [ 585.653317][T17832] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4208'. [ 585.786763][T17833] netlink: 'syz.0.4208': attribute type 9 has an invalid length. [ 585.801388][T17833] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4208'. [ 585.919828][T17839] netlink: 'syz.3.4209': attribute type 5 has an invalid length. [ 585.988931][T17834] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.4208'. [ 586.527796][T17853] netlink: 'syz.2.4216': attribute type 10 has an invalid length. [ 586.550317][T17853] .`: (slave dummy0): Releasing backup interface [ 586.562816][T17853] team0: Port device dummy0 added [ 586.573704][T17853] netlink: 'syz.2.4216': attribute type 10 has an invalid length. [ 586.609640][T17853] team0: Port device dummy0 removed [ 586.804528][T17865] netlink: 'syz.3.4221': attribute type 9 has an invalid length. [ 586.834728][T17865] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4221'. [ 586.924118][T17870] netlink: 'syz.3.4221': attribute type 9 has an invalid length. [ 586.950401][T17870] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4221'. [ 587.175038][T17872] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.4221'. [ 587.928721][T17896] netlink: 16098 bytes leftover after parsing attributes in process `syz.0.4234'. [ 587.956564][T17901] netlink: 'syz.3.4229': attribute type 5 has an invalid length. [ 588.204117][T17906] netlink: 'syz.2.4235': attribute type 9 has an invalid length. [ 588.212138][T17906] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4235'. [ 588.264979][T17907] netlink: 'syz.2.4235': attribute type 9 has an invalid length. [ 588.274286][T17907] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4235'. [ 589.336001][T17932] netlink: 'syz.1.4244': attribute type 9 has an invalid length. [ 590.341203][T17965] __nla_validate_parse: 8 callbacks suppressed [ 590.341223][T17965] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.4255'. [ 590.645164][T17971] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4259'. [ 590.726560][T17972] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4259'. [ 590.907883][T17971] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.4259'. [ 591.453554][T17996] validate_nla: 8 callbacks suppressed [ 591.453570][T17996] netlink: 'syz.0.4266': attribute type 5 has an invalid length. [ 592.316109][T18013] netlink: 'syz.1.4274': attribute type 9 has an invalid length. [ 592.334154][T18013] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4274'. [ 592.470416][T18017] netlink: 'syz.1.4274': attribute type 9 has an invalid length. [ 592.515023][T18017] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4274'. [ 592.669872][T18018] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.4274'. [ 592.730118][T18031] netlink: 'syz.2.4282': attribute type 39 has an invalid length. [ 593.070985][T18038] netlink: 'syz.3.4283': attribute type 5 has an invalid length. [ 593.889314][T18059] netlink: 'syz.3.4292': attribute type 9 has an invalid length. [ 593.914713][T18059] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4292'. [ 594.040975][T18060] netlink: 'syz.3.4292': attribute type 9 has an invalid length. [ 594.074469][T18060] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4292'. [ 594.208716][T18066] FAULT_INJECTION: forcing a failure. [ 594.208716][T18066] name failslab, interval 1, probability 0, space 0, times 0 [ 594.221556][T18066] CPU: 0 PID: 18066 Comm: syz.2.4294 Not tainted syzkaller #0 [ 594.229043][T18066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 594.239106][T18066] Call Trace: [ 594.242390][T18066] [ 594.245331][T18066] dump_stack_lvl+0x18c/0x250 [ 594.250023][T18066] ? show_regs_print_info+0x20/0x20 [ 594.255224][T18066] ? load_image+0x420/0x420 [ 594.259822][T18066] ? __might_sleep+0xe0/0xe0 [ 594.264428][T18066] ? __lock_acquire+0x7d40/0x7d40 [ 594.269467][T18066] ? __asan_memset+0x22/0x40 [ 594.274073][T18066] should_fail_ex+0x39d/0x4d0 [ 594.278767][T18066] should_failslab+0x9/0x20 [ 594.283278][T18066] slab_pre_alloc_hook+0x59/0x310 [ 594.288310][T18066] ? sctp_add_bind_addr+0x8c/0x360 [ 594.293430][T18066] __kmem_cache_alloc_node+0x53/0x250 [ 594.298828][T18066] ? sctp_add_bind_addr+0x8c/0x360 [ 594.303949][T18066] kmalloc_trace+0x2a/0xe0 [ 594.308379][T18066] sctp_add_bind_addr+0x8c/0x360 [ 594.313331][T18066] sctp_bind_addr_copy+0xb3/0x3c0 [ 594.318402][T18066] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 594.324785][T18066] sctp_connect_new_asoc+0x2f9/0x6a0 [ 594.330114][T18066] ? __sctp_connect+0xd80/0xd80 [ 594.334971][T18066] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 594.340779][T18066] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 594.346602][T18066] ? sctp_endpoint_lookup_assoc+0x22f/0x260 [ 594.352505][T18066] __sctp_connect+0x5b7/0xd80 [ 594.357199][T18066] ? sctp_send_asconf+0x170/0x170 [ 594.362235][T18066] ? __local_bh_enable_ip+0x13a/0x1c0 [ 594.367610][T18066] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 594.373167][T18066] ? security_sctp_bind_connect+0x89/0xb0 [ 594.378934][T18066] sctp_setsockopt_connectx+0x104/0x1a0 [ 594.384502][T18066] sctp_setsockopt+0x6d8/0x11e0 [ 594.389368][T18066] ? sock_common_recvmsg+0x190/0x190 [ 594.394666][T18066] do_sock_setsockopt+0x175/0x1a0 [ 594.399703][T18066] ? __fdget+0x180/0x210 [ 594.403961][T18066] __x64_sys_setsockopt+0x182/0x200 [ 594.409181][T18066] do_syscall_64+0x55/0xb0 [ 594.413612][T18066] ? clear_bhb_loop+0x40/0x90 [ 594.418289][T18066] ? clear_bhb_loop+0x40/0x90 [ 594.422968][T18066] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.428876][T18066] RIP: 0033:0x7ff80e59ce59 [ 594.433338][T18066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 594.452970][T18066] RSP: 002b:00007ff80f546028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 594.461405][T18066] RAX: ffffffffffffffda RBX: 00007ff80e815fa0 RCX: 00007ff80e59ce59 [ 594.469379][T18066] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000006 [ 594.477354][T18066] RBP: 00007ff80f546090 R08: 0000000000000010 R09: 0000000000000000 [ 594.485331][T18066] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 594.493305][T18066] R13: 00007ff80e816038 R14: 00007ff80e815fa0 R15: 00007ffd61af71b8 [ 594.501306][T18066] [ 595.227445][T18063] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.4292'. [ 595.766769][T18083] netlink: 'syz.3.4300': attribute type 5 has an invalid length. [ 596.028710][T18097] netlink: 'syz.0.4307': attribute type 9 has an invalid length. [ 596.045560][T18097] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4307'. [ 596.115487][T18102] netlink: 'syz.0.4307': attribute type 9 has an invalid length. [ 596.123266][T18102] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.4307'. [ 596.359440][T18097] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.4307'. [ 596.940401][T18120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4315'. [ 596.976934][T18120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4315'. [ 597.014987][T18120] netlink: 33 bytes leftover after parsing attributes in process `syz.2.4315'. [ 597.024427][T18120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4315'. [ 597.034713][T18120] netlink: 33 bytes leftover after parsing attributes in process `syz.2.4315'. [ 597.509144][T18133] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4320'. [ 597.529994][T18133] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4320'. [ 597.599177][T18133] netlink: 'syz.3.4320': attribute type 5 has an invalid length. [ 597.801148][T18141] netlink: 'syz.2.4323': attribute type 9 has an invalid length. [ 597.869586][T18142] netlink: 'syz.2.4323': attribute type 9 has an invalid length. [ 598.431567][T18163] FAULT_INJECTION: forcing a failure. [ 598.431567][T18163] name failslab, interval 1, probability 0, space 0, times 0 [ 598.445630][T18163] CPU: 1 PID: 18163 Comm: syz.2.4329 Not tainted syzkaller #0 [ 598.453153][T18163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 598.463255][T18163] Call Trace: [ 598.466564][T18163] [ 598.469533][T18163] dump_stack_lvl+0x18c/0x250 [ 598.474252][T18163] ? sctp_sendmsg+0x15d2/0x2910 [ 598.479150][T18163] ? ___sys_sendmsg+0x2a6/0x360 [ 598.484052][T18163] ? show_regs_print_info+0x20/0x20 [ 598.489343][T18163] ? load_image+0x420/0x420 [ 598.493902][T18163] should_fail_ex+0x39d/0x4d0 [ 598.498635][T18163] should_failslab+0x9/0x20 [ 598.503208][T18163] slab_pre_alloc_hook+0x59/0x310 [ 598.508288][T18163] ? sctp_add_bind_addr+0x8c/0x360 [ 598.513452][T18163] __kmem_cache_alloc_node+0x53/0x250 [ 598.518879][T18163] ? sctp_add_bind_addr+0x8c/0x360 [ 598.524038][T18163] kmalloc_trace+0x2a/0xe0 [ 598.528510][T18163] sctp_add_bind_addr+0x8c/0x360 [ 598.533501][T18163] sctp_copy_local_addr_list+0x315/0x4f0 [ 598.539184][T18163] ? sctp_copy_local_addr_list+0xa5/0x4f0 [ 598.544945][T18163] ? sctp_do_8_2_transport_strike+0x8a0/0x8a0 [ 598.551088][T18163] ? sctp_v4_is_any+0x35/0x60 [ 598.555812][T18163] ? sctp_copy_one_addr+0x8c/0x350 [ 598.560975][T18163] sctp_bind_addr_copy+0xb3/0x3c0 [ 598.566046][T18163] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 598.572427][T18163] sctp_connect_new_asoc+0x2f9/0x6a0 [ 598.577762][T18163] ? __sctp_connect+0xd80/0xd80 [ 598.582658][T18163] ? __local_bh_enable_ip+0x13a/0x1c0 [ 598.588073][T18163] ? _local_bh_enable+0xa0/0xa0 [ 598.592972][T18163] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 598.598830][T18163] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 598.604679][T18163] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 598.610267][T18163] ? security_sctp_bind_connect+0x89/0xb0 [ 598.616033][T18163] sctp_sendmsg+0x15d2/0x2910 [ 598.620766][T18163] ? sctp_getsockopt+0xb60/0xb60 [ 598.625742][T18163] ? aa_sk_perm+0x83c/0x970 [ 598.630293][T18163] ? aa_af_perm+0x330/0x330 [ 598.634825][T18163] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 598.641289][T18163] ? sock_rps_record_flow+0x19/0x3f0 [ 598.646629][T18163] ? inet_sendmsg+0x7c/0x2f0 [ 598.651261][T18163] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 598.656588][T18163] ? security_socket_sendmsg+0x80/0xa0 [ 598.662087][T18163] ? inet_send_prepare+0x260/0x260 [ 598.667253][T18163] ____sys_sendmsg+0x5ba/0x960 [ 598.672178][T18163] ? __lock_acquire+0x7d40/0x7d40 [ 598.677257][T18163] ? __asan_memset+0x22/0x40 [ 598.681886][T18163] ? __sys_sendmsg_sock+0x30/0x30 [ 598.686954][T18163] ? __import_iovec+0x5f2/0x850 [ 598.691847][T18163] ? import_iovec+0x73/0xa0 [ 598.696388][T18163] ___sys_sendmsg+0x2a6/0x360 [ 598.701097][T18163] ? get_pid_task+0x20/0x1e0 [ 598.705732][T18163] ? __sys_sendmsg+0x2a0/0x2a0 [ 598.710563][T18163] ? __lock_acquire+0x7d40/0x7d40 [ 598.715650][T18163] __se_sys_sendmsg+0x1c2/0x2b0 [ 598.720537][T18163] ? __x64_sys_sendmsg+0x80/0x80 [ 598.725525][T18163] ? lockdep_hardirqs_on+0x98/0x150 [ 598.730763][T18163] do_syscall_64+0x55/0xb0 [ 598.735216][T18163] ? clear_bhb_loop+0x40/0x90 [ 598.739931][T18163] ? clear_bhb_loop+0x40/0x90 [ 598.744639][T18163] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 598.750571][T18163] RIP: 0033:0x7ff80e59ce59 [ 598.755020][T18163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 598.774653][T18163] RSP: 002b:00007ff80f504028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 598.783080][T18163] RAX: ffffffffffffffda RBX: 00007ff80e816180 RCX: 00007ff80e59ce59 [ 598.791057][T18163] RDX: 0000000000000080 RSI: 0000200000000500 RDI: 0000000000000003 [ 598.799033][T18163] RBP: 00007ff80f504090 R08: 0000000000000000 R09: 0000000000000000 [ 598.807013][T18163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 598.814990][T18163] R13: 00007ff80e816218 R14: 00007ff80e816180 R15: 00007ffd61af71b8 [ 598.822990][T18163] [ 601.418210][T18168] __nla_validate_parse: 7 callbacks suppressed [ 601.418230][T18168] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.4332'. [ 601.442723][T18172] netlink: 'syz.3.4332': attribute type 5 has an invalid length. [ 601.469068][T18176] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.4334'. [ 601.681221][T18188] netlink: 'syz.2.4338': attribute type 9 has an invalid length. [ 601.689304][T18188] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4338'. [ 601.753845][T18192] netlink: 'syz.2.4338': attribute type 9 has an invalid length. [ 601.791534][T18192] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4338'. [ 602.059653][T18188] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.4338'. [ 602.269579][T18206] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.4344'. [ 602.287855][T18206] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.4344'. [ 602.316722][T18206] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.4344'. [ 602.357444][T18206] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.4344'. [ 602.453553][T18206] netlink: 'syz.2.4344': attribute type 5 has an invalid length. [ 602.470109][T18210] mac80211_hwsim hwsim176 wlan1: entered promiscuous mode [ 602.493838][T18210] mac80211_hwsim hwsim176 wlan1: entered allmulticast mode [ 603.182423][T18227] netlink: 'syz.2.4353': attribute type 9 has an invalid length. [ 603.207003][T18227] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4353'. [ 603.334508][T18228] netlink: 'syz.2.4353': attribute type 9 has an invalid length. [ 603.796539][T18250] netlink: 'syz.1.4358': attribute type 5 has an invalid length. [ 603.823154][T18249] FAULT_INJECTION: forcing a failure. [ 603.823154][T18249] name failslab, interval 1, probability 0, space 0, times 0 [ 603.853044][T18249] CPU: 1 PID: 18249 Comm: syz.0.4361 Not tainted syzkaller #0 [ 603.860583][T18249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 603.870684][T18249] Call Trace: [ 603.873992][T18249] [ 603.876943][T18249] dump_stack_lvl+0x18c/0x250 [ 603.881653][T18249] ? show_regs_print_info+0x20/0x20 [ 603.886880][T18249] ? load_image+0x420/0x420 [ 603.891414][T18249] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 603.897431][T18249] ? __asan_memset+0x22/0x40 [ 603.902057][T18249] should_fail_ex+0x39d/0x4d0 [ 603.906773][T18249] should_failslab+0x9/0x20 [ 603.911289][T18249] slab_pre_alloc_hook+0x59/0x310 [ 603.916320][T18249] kmem_cache_alloc+0x5a/0x2d0 [ 603.921086][T18249] ? slab_build_skb+0x2b/0x3f0 [ 603.925853][T18249] slab_build_skb+0x2b/0x3f0 [ 603.930446][T18249] bpf_prog_test_run_skb+0x3ef/0x18c0 [ 603.935829][T18249] ? __fget_files+0x28/0x4b0 [ 603.940422][T18249] ? __fget_files+0x43d/0x4b0 [ 603.945132][T18249] ? cpu_online+0x60/0x60 [ 603.949467][T18249] bpf_prog_test_run+0x321/0x390 [ 603.954405][T18249] __sys_bpf+0x49d/0x890 [ 603.958647][T18249] ? bpf_link_show_fdinfo+0x390/0x390 [ 603.964024][T18249] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 603.970196][T18249] __x64_sys_bpf+0x7c/0x90 [ 603.974614][T18249] do_syscall_64+0x55/0xb0 [ 603.979030][T18249] ? clear_bhb_loop+0x40/0x90 [ 603.983700][T18249] ? clear_bhb_loop+0x40/0x90 [ 603.988375][T18249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 603.994274][T18249] RIP: 0033:0x7fcf9499ce59 [ 603.998689][T18249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.018298][T18249] RSP: 002b:00007fcf95875028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 604.026720][T18249] RAX: ffffffffffffffda RBX: 00007fcf94c15fa0 RCX: 00007fcf9499ce59 [ 604.034691][T18249] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a [ 604.042657][T18249] RBP: 00007fcf95875090 R08: 0000000000000000 R09: 0000000000000000 [ 604.050628][T18249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.058627][T18249] R13: 00007fcf94c16038 R14: 00007fcf94c15fa0 R15: 00007ffc96492048 [ 604.066609][T18249] [ 605.026586][T18269] netlink: 'syz.3.4369': attribute type 9 has an invalid length. [ 605.117273][T18270] netlink: 'syz.3.4369': attribute type 9 has an invalid length. [ 605.489515][T18287] netlink: 'syz.1.4377': attribute type 10 has an invalid length. [ 605.530260][T18292] netlink: 'syz.3.4376': attribute type 5 has an invalid length. [ 605.976886][T18301] netlink: 'syz.2.4382': attribute type 10 has an invalid length. [ 605.994127][T18301] team0: Port device dummy0 added [ 606.009052][T18301] netlink: 'syz.2.4382': attribute type 10 has an invalid length. [ 606.040812][T18301] team0: Port device dummy0 removed [ 606.177459][T18305] netlink: 'syz.2.4384': attribute type 9 has an invalid length. [ 606.526841][T18312] __nla_validate_parse: 11 callbacks suppressed [ 606.526863][T18312] netlink: 17267 bytes leftover after parsing attributes in process `syz.3.4386'. [ 606.759354][T18320] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4389'. [ 607.167049][T18331] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4393'. [ 607.538683][T18336] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4395'. [ 607.675134][T18337] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4395'. [ 607.854883][T18338] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.4395'. [ 608.290671][T18351] validate_nla: 6 callbacks suppressed [ 608.290691][T18351] netlink: 'syz.2.4401': attribute type 9 has an invalid length. [ 608.334690][T18351] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4401'. [ 608.537652][T18355] netlink: 'syz.2.4401': attribute type 9 has an invalid length. [ 608.601450][T18355] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4401'. [ 609.428214][T18373] netlink: 'syz.1.4406': attribute type 9 has an invalid length. [ 609.436601][T18373] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4406'. [ 609.505189][T18371] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.4408'. [ 609.553924][T18371] netlink: 'syz.0.4408': attribute type 5 has an invalid length. [ 609.605674][T18374] netlink: 'syz.1.4406': attribute type 9 has an invalid length. [ 610.859285][ T5782] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 610.869279][ T5782] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 610.877905][ T5782] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 610.887069][ T5782] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 610.922841][ T5782] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 610.938693][ T5782] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 610.967289][T13310] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.148177][T13310] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.302297][T13310] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.380428][T18402] netlink: 'syz.3.4419': attribute type 5 has an invalid length. [ 611.565649][T13310] .`: (slave netdevsim0): Releasing backup interface [ 611.581093][T13310] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.600526][T18407] netlink: 'syz.3.4421': attribute type 9 has an invalid length. [ 611.702989][T18407] __nla_validate_parse: 3 callbacks suppressed [ 611.703005][T18407] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4421'. [ 611.802243][T18393] chnl_net:caif_netlink_parms(): no params data found [ 612.137726][T18428] FAULT_INJECTION: forcing a failure. [ 612.137726][T18428] name failslab, interval 1, probability 0, space 0, times 0 [ 612.172616][T18428] CPU: 1 PID: 18428 Comm: syz.2.4425 Not tainted syzkaller #0 [ 612.180173][T18428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 612.190283][T18428] Call Trace: [ 612.193619][T18428] [ 612.196615][T18428] dump_stack_lvl+0x18c/0x250 [ 612.201355][T18428] ? show_regs_print_info+0x20/0x20 [ 612.206613][T18428] ? load_image+0x420/0x420 [ 612.211172][T18428] ? __might_sleep+0xe0/0xe0 [ 612.215818][T18428] ? __lock_acquire+0x7d40/0x7d40 [ 612.220907][T18428] should_fail_ex+0x39d/0x4d0 [ 612.225657][T18428] should_failslab+0x9/0x20 [ 612.230218][T18428] slab_pre_alloc_hook+0x59/0x310 [ 612.235315][T18428] ? sctp_transport_new+0x7e/0x630 [ 612.240500][T18428] __kmem_cache_alloc_node+0x53/0x250 [ 612.245951][T18428] ? sctp_transport_new+0x7e/0x630 [ 612.251139][T18428] kmalloc_trace+0x2a/0xe0 [ 612.255630][T18428] sctp_transport_new+0x7e/0x630 [ 612.260639][T18428] sctp_assoc_add_peer+0x259/0x1390 [ 612.265909][T18428] ? sctp_bind_addr_copy+0x37b/0x3c0 [ 612.271278][T18428] sctp_connect_new_asoc+0x323/0x6a0 [ 612.276636][T18428] ? __sctp_connect+0xd80/0xd80 [ 612.281555][T18428] ? trace_event_raw_event_lock+0x250/0x250 [ 612.287510][T18428] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 612.293385][T18428] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 612.299266][T18428] ? sctp_endpoint_lookup_assoc+0x22f/0x260 [ 612.305237][T18428] __sctp_connect+0x5b7/0xd80 [ 612.310017][T18428] ? sctp_send_asconf+0x170/0x170 [ 612.315117][T18428] ? __local_bh_enable_ip+0x13a/0x1c0 [ 612.320555][T18428] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 612.326158][T18428] ? security_sctp_bind_connect+0x89/0xb0 [ 612.331954][T18428] sctp_setsockopt_connectx+0x104/0x1a0 [ 612.337583][T18428] sctp_setsockopt+0x6d8/0x11e0 [ 612.342502][T18428] ? sock_common_recvmsg+0x190/0x190 [ 612.347855][T18428] do_sock_setsockopt+0x175/0x1a0 [ 612.352941][T18428] ? __fdget+0x180/0x210 [ 612.357257][T18428] __x64_sys_setsockopt+0x182/0x200 [ 612.360468][T18393] bridge0: port 1(bridge_slave_0) entered blocking state [ 612.362499][T18428] do_syscall_64+0x55/0xb0 [ 612.362529][T18428] ? clear_bhb_loop+0x40/0x90 [ 612.362550][T18428] ? clear_bhb_loop+0x40/0x90 [ 612.380447][T18393] bridge0: port 1(bridge_slave_0) entered disabled state [ 612.383377][T18428] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 612.383419][T18428] RIP: 0033:0x7ff80e59ce59 [ 612.400835][T18428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.402843][T18393] bridge_slave_0: entered allmulticast mode [ 612.420458][T18428] RSP: 002b:00007ff80f546028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 612.420493][T18428] RAX: ffffffffffffffda RBX: 00007ff80e815fa0 RCX: 00007ff80e59ce59 [ 612.420510][T18428] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000006 [ 612.420523][T18428] RBP: 00007ff80f546090 R08: 0000000000000010 R09: 0000000000000000 [ 612.420537][T18428] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 612.420552][T18428] R13: 00007ff80e816038 R14: 00007ff80e815fa0 R15: 00007ffd61af71b8 [ 612.420618][T18428] [ 612.482856][T18393] bridge_slave_0: entered promiscuous mode [ 612.534745][T18393] bridge0: port 2(bridge_slave_1) entered blocking state [ 612.541933][T18393] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.552161][T18393] bridge_slave_1: entered allmulticast mode [ 612.556658][T18410] netlink: 'syz.3.4421': attribute type 9 has an invalid length. [ 612.559561][T18393] bridge_slave_1: entered promiscuous mode [ 612.600376][T18410] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4421'. [ 612.826979][T18393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 612.984849][ T5782] Bluetooth: hci1: command tx timeout [ 613.868990][T18393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 613.910516][T18415] netlink: 1057 bytes leftover after parsing attributes in process `syz.3.4421'. [ 613.941079][T18433] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4426'. [ 614.069986][T18393] team0: Port device team_slave_0 added [ 614.125562][T18393] team0: Port device team_slave_1 added [ 614.133059][T18442] netlink: 'syz.3.4428': attribute type 5 has an invalid length. [ 614.329885][T18393] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 614.337492][T18393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 614.386769][T18393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 614.513628][T18393] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 614.533901][T18393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 614.605725][T18393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.798612][T18393] hsr_slave_0: entered promiscuous mode [ 614.824320][T18393] hsr_slave_1: entered promiscuous mode [ 614.864179][T18393] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 614.875890][T18393] Cannot create hsr debugfs directory [ 615.031089][T18472] netlink: 'syz.3.4435': attribute type 9 has an invalid length. [ 615.057801][T18472] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4435'. [ 615.076040][ T5782] Bluetooth: hci1: command tx timeout [ 615.214795][T18474] netlink: 'syz.3.4435': attribute type 9 has an invalid length. [ 615.261002][T18474] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.4435'. [ 615.319626][T18481] ================================================================== [ 615.327756][T18481] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6bf/0x900 [ 615.335619][T18481] Write of size 56 at addr ffff88802a59c810 by task syz.1.4437/18481 [ 615.343710][T18481] [ 615.346061][T18481] CPU: 0 PID: 18481 Comm: syz.1.4437 Not tainted syzkaller #0 [ 615.353539][T18481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 615.363640][T18481] Call Trace: [ 615.366928][T18481] [ 615.369883][T18481] dump_stack_lvl+0x18c/0x250 [ 615.374573][T18481] ? __lock_acquire+0x7d40/0x7d40 [ 615.379607][T18481] ? show_regs_print_info+0x20/0x20 [ 615.384813][T18481] ? load_image+0x420/0x420 [ 615.389315][T18481] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 615.394793][T18481] ? __virt_addr_valid+0x18c/0x540 [ 615.399915][T18481] ? __virt_addr_valid+0x469/0x540 [ 615.405030][T18481] print_report+0xa8/0x210 [ 615.409454][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 615.414571][T18481] kasan_report+0x117/0x150 [ 615.419091][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 615.424214][T18481] kasan_check_range+0x241/0x290 [ 615.429157][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 615.434277][T18481] __asan_memcpy+0x40/0x70 [ 615.438718][T18481] __bpf_get_stackid+0x6bf/0x900 [ 615.443675][T18481] bpf_get_stackid_pe+0x343/0x410 [ 615.448714][T18481] bpf_prog_a448e89f4c9ad9d1+0x30/0x4a [ 615.454173][T18481] bpf_overflow_handler+0x1fc/0x510 [ 615.459378][T18481] ? perf_prepare_header+0x1e0/0x1e0 [ 615.464670][T18481] ? bpf_overflow_handler+0xde/0x510 [ 615.469968][T18481] ? tp_perf_event_destroy+0x20/0x20 [ 615.475263][T18481] ? __perf_event_account_interrupt+0x187/0x280 [ 615.481505][T18481] __perf_event_overflow+0x447/0x630 [ 615.486797][T18481] perf_swevent_event+0x319/0x570 [ 615.491823][T18481] ? perf_tp_event+0x1520/0x1520 [ 615.496766][T18481] ___perf_sw_event+0x4a7/0x730 [ 615.501619][T18481] ? ___perf_sw_event+0x199/0x730 [ 615.506644][T18481] ? perf_swevent_put_recursion_context+0xb0/0xb0 [ 615.513060][T18481] ? __lock_acquire+0x1347/0x7d40 [ 615.518092][T18481] ? strncpy_from_user+0xff/0x2d0 [ 615.523126][T18481] ? verify_lock_unused+0x140/0x140 [ 615.528331][T18481] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 615.534320][T18481] ? lock_chain_count+0x20/0x20 [ 615.539171][T18481] __perf_sw_event+0x139/0x270 [ 615.543940][T18481] do_user_addr_fault+0x123e/0x12c0 [ 615.549154][T18481] ? rcu_is_watching+0x15/0xb0 [ 615.553929][T18481] exc_page_fault+0x64/0x100 [ 615.558543][T18481] asm_exc_page_fault+0x26/0x30 [ 615.563407][T18481] RIP: 0010:strncpy_from_user+0xff/0x2d0 [ 615.569049][T18481] Code: 4c 89 ee e8 73 10 2a fd 49 83 fd 07 0f 86 a1 00 00 00 4c 89 74 24 08 48 c7 44 24 10 f8 ff ff ff 45 31 e4 4c 89 3c 24 49 89 de <4f> 8b 3c 27 48 b8 ff fe fe fe fe fe fe fe 49 8d 1c 07 4c 89 fd 48 [ 615.588695][T18481] RSP: 0018:ffffc90003757b50 EFLAGS: 00050246 [ 615.594777][T18481] RAX: ffffffff845d1f5d RBX: ffffc90003757c70 RCX: ffff88802a091e00 [ 615.602759][T18481] RDX: 0000000000000002 RSI: 000000000000007f RDI: 0000000000000007 [ 615.610730][T18481] RBP: ffffc90003757d70 R08: ffff88802a091e00 R09: 0000000000000003 [ 615.618701][T18481] R10: 0000000000000002 R11: 0000000000000002 R12: 0000000000000000 [ 615.626674][T18481] R13: 000000000000007f R14: ffffc90003757c70 R15: 0000000000000000 [ 615.634666][T18481] ? strncpy_from_user+0xdd/0x2d0 [ 615.639707][T18481] bpf_prog_load+0xcea/0x1670 [ 615.644400][T18481] ? map_freeze+0x420/0x420 [ 615.648926][T18481] ? __might_fault+0xaa/0x120 [ 615.653612][T18481] ? __might_fault+0xc6/0x120 [ 615.658315][T18481] ? __might_fault+0xaa/0x120 [ 615.663028][T18481] ? bpf_lsm_bpf+0x9/0x10 [ 615.667365][T18481] ? security_bpf+0x7e/0xa0 [ 615.671879][T18481] __sys_bpf+0x5ba/0x890 [ 615.676130][T18481] ? bpf_link_show_fdinfo+0x390/0x390 [ 615.681507][T18481] ? lock_chain_count+0x20/0x20 [ 615.686369][T18481] __x64_sys_bpf+0x7c/0x90 [ 615.690790][T18481] do_syscall_64+0x55/0xb0 [ 615.695211][T18481] ? clear_bhb_loop+0x40/0x90 [ 615.699885][T18481] ? clear_bhb_loop+0x40/0x90 [ 615.704564][T18481] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 615.710480][T18481] RIP: 0033:0x7f4b4339ce59 [ 615.714911][T18481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.734530][T18481] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 615.742944][T18481] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 615.750922][T18481] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005 [ 615.758895][T18481] RBP: 00007f4b43432e6f R08: 0000000000000000 R09: 0000000000000000 [ 615.766865][T18481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.774834][T18481] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 615.782814][T18481] [ 615.785830][T18481] [ 615.788146][T18481] Allocated by task 18481: [ 615.792551][T18481] kasan_set_track+0x4e/0x70 [ 615.797147][T18481] __kasan_kmalloc+0x8f/0xa0 [ 615.801740][T18481] __kmalloc_node+0xb4/0x230 [ 615.806333][T18481] bpf_map_area_alloc+0x5e/0x110 [ 615.811270][T18481] prealloc_elems_and_freelist+0x86/0x1c0 [ 615.816991][T18481] stack_map_alloc+0x33a/0x4c0 [ 615.821754][T18481] map_create+0x877/0x12f0 [ 615.826169][T18481] __sys_bpf+0x651/0x890 [ 615.830405][T18481] __x64_sys_bpf+0x7c/0x90 [ 615.834821][T18481] do_syscall_64+0x55/0xb0 [ 615.839235][T18481] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 615.845132][T18481] [ 615.847449][T18481] The buggy address belongs to the object at ffff88802a59c800 [ 615.847449][T18481] which belongs to the cache kmalloc-cg-64 of size 64 [ 615.861589][T18481] The buggy address is located 16 bytes inside of [ 615.861589][T18481] allocated 40-byte region [ffff88802a59c800, ffff88802a59c828) [ 615.875557][T18481] [ 615.877875][T18481] The buggy address belongs to the physical page: [ 615.884293][T18481] page:ffffea0000a96700 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802a59cd00 pfn:0x2a59c [ 615.895750][T18481] memcg:ffff888023f7f001 [ 615.899982][T18481] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) [ 615.907524][T18481] page_type: 0xffffffff() [ 615.911849][T18481] raw: 00fff00000000800 ffff888017c4da00 ffffea0000b57100 dead000000000002 [ 615.920434][T18481] raw: ffff88802a59cd00 000000008020001f 00000001ffffffff ffff888023f7f001 [ 615.929003][T18481] page dumped because: kasan: bad access detected [ 615.935415][T18481] page_owner tracks the page as allocated [ 615.941118][T18481] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 5770, tgid 5770 (syz-executor), ts 278465430305, free_ts 278426540108 [ 615.959534][T18481] post_alloc_hook+0x1c1/0x200 [ 615.964307][T18481] get_page_from_freelist+0x1951/0x19e0 [ 615.969848][T18481] __alloc_pages+0x1f0/0x460 [ 615.974432][T18481] alloc_slab_page+0x5d/0x160 [ 615.979106][T18481] new_slab+0x87/0x2d0 [ 615.983187][T18481] ___slab_alloc+0xc5d/0x12f0 [ 615.987866][T18481] __kmem_cache_alloc_node+0x19e/0x250 [ 615.993332][T18481] kmalloc_trace+0x2a/0xe0 [ 615.997758][T18481] alloc_fdtable+0xca/0x2c0 [ 616.002259][T18481] dup_fd+0x786/0xa50 [ 616.006239][T18481] copy_files+0xc3/0x120 [ 616.010478][T18481] copy_process+0x15ab/0x3dc0 [ 616.015155][T18481] kernel_clone+0x24b/0x8a0 [ 616.019657][T18481] __x64_sys_clone+0x1b7/0x230 [ 616.024416][T18481] do_syscall_64+0x55/0xb0 [ 616.028831][T18481] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 616.034734][T18481] page last free stack trace: [ 616.039404][T18481] free_unref_page_prepare+0x7b2/0x8c0 [ 616.044864][T18481] free_unref_page_list+0xbe/0x860 [ 616.049976][T18481] release_pages+0x1f7a/0x2200 [ 616.054740][T18481] tlb_flush_mmu+0x379/0x510 [ 616.059335][T18481] tlb_finish_mmu+0xf9/0x220 [ 616.063927][T18481] exit_mmap+0x428/0xb90 [ 616.068173][T18481] __mmput+0x118/0x3c0 [ 616.072238][T18481] exit_mm+0x24a/0x350 [ 616.076315][T18481] do_exit+0x8dd/0x2460 [ 616.080473][T18481] do_group_exit+0x21b/0x2d0 [ 616.085069][T18481] get_signal+0x12fc/0x13f0 [ 616.089588][T18481] arch_do_signal_or_restart+0xc2/0x800 [ 616.095173][T18481] exit_to_user_mode_loop+0x70/0x110 [ 616.100463][T18481] exit_to_user_mode_prepare+0xee/0x180 [ 616.106279][T18481] syscall_exit_to_user_mode+0x1a/0x50 [ 616.111744][T18481] do_syscall_64+0x61/0xb0 [ 616.116166][T18481] [ 616.118490][T18481] Memory state around the buggy address: [ 616.124115][T18481] ffff88802a59c700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 616.132181][T18481] ffff88802a59c780: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 616.140241][T18481] >ffff88802a59c800: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 616.148293][T18481] ^ [ 616.153658][T18481] ffff88802a59c880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 616.161716][T18481] ffff88802a59c900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 616.169774][T18481] ================================================================== [ 616.177840][T18481] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 616.185048][T18481] CPU: 0 PID: 18481 Comm: syz.1.4437 Not tainted syzkaller #0 [ 616.192501][T18481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 616.202553][T18481] Call Trace: [ 616.205834][T18481] [ 616.208766][T18481] dump_stack_lvl+0x18c/0x250 [ 616.213457][T18481] ? show_regs_print_info+0x20/0x20 [ 616.218684][T18481] ? load_image+0x420/0x420 [ 616.223187][T18481] panic+0x2dc/0x730 [ 616.227085][T18481] ? __lock_acquire+0x7d40/0x7d40 [ 616.232112][T18481] ? bpf_jit_dump+0xd0/0xd0 [ 616.236621][T18481] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 616.242516][T18481] ? _raw_spin_unlock+0x40/0x40 [ 616.247377][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 616.252488][T18481] check_panic_on_warn+0x84/0xa0 [ 616.257431][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 616.262547][T18481] end_report+0x6f/0x130 [ 616.266798][T18481] kasan_report+0x128/0x150 [ 616.271302][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 616.276422][T18481] kasan_check_range+0x241/0x290 [ 616.281369][T18481] ? __bpf_get_stackid+0x6bf/0x900 [ 616.286487][T18481] __asan_memcpy+0x40/0x70 [ 616.290914][T18481] __bpf_get_stackid+0x6bf/0x900 [ 616.295860][T18481] bpf_get_stackid_pe+0x343/0x410 [ 616.300895][T18481] bpf_prog_a448e89f4c9ad9d1+0x30/0x4a [ 616.306360][T18481] bpf_overflow_handler+0x1fc/0x510 [ 616.311566][T18481] ? perf_prepare_header+0x1e0/0x1e0 [ 616.316849][T18481] ? bpf_overflow_handler+0xde/0x510 [ 616.322141][T18481] ? tp_perf_event_destroy+0x20/0x20 [ 616.327437][T18481] ? __perf_event_account_interrupt+0x187/0x280 [ 616.333685][T18481] __perf_event_overflow+0x447/0x630 [ 616.338979][T18481] perf_swevent_event+0x319/0x570 [ 616.344002][T18481] ? perf_tp_event+0x1520/0x1520 [ 616.348941][T18481] ___perf_sw_event+0x4a7/0x730 [ 616.353801][T18481] ? ___perf_sw_event+0x199/0x730 [ 616.358827][T18481] ? perf_swevent_put_recursion_context+0xb0/0xb0 [ 616.365239][T18481] ? __lock_acquire+0x1347/0x7d40 [ 616.370266][T18481] ? strncpy_from_user+0xff/0x2d0 [ 616.375297][T18481] ? verify_lock_unused+0x140/0x140 [ 616.380496][T18481] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 616.386484][T18481] ? lock_chain_count+0x20/0x20 [ 616.391336][T18481] __perf_sw_event+0x139/0x270 [ 616.396103][T18481] do_user_addr_fault+0x123e/0x12c0 [ 616.401305][T18481] ? rcu_is_watching+0x15/0xb0 [ 616.406073][T18481] exc_page_fault+0x64/0x100 [ 616.410670][T18481] asm_exc_page_fault+0x26/0x30 [ 616.415524][T18481] RIP: 0010:strncpy_from_user+0xff/0x2d0 [ 616.421157][T18481] Code: 4c 89 ee e8 73 10 2a fd 49 83 fd 07 0f 86 a1 00 00 00 4c 89 74 24 08 48 c7 44 24 10 f8 ff ff ff 45 31 e4 4c 89 3c 24 49 89 de <4f> 8b 3c 27 48 b8 ff fe fe fe fe fe fe fe 49 8d 1c 07 4c 89 fd 48 [ 616.440787][T18481] RSP: 0018:ffffc90003757b50 EFLAGS: 00050246 [ 616.446853][T18481] RAX: ffffffff845d1f5d RBX: ffffc90003757c70 RCX: ffff88802a091e00 [ 616.454824][T18481] RDX: 0000000000000002 RSI: 000000000000007f RDI: 0000000000000007 [ 616.462808][T18481] RBP: ffffc90003757d70 R08: ffff88802a091e00 R09: 0000000000000003 [ 616.470783][T18481] R10: 0000000000000002 R11: 0000000000000002 R12: 0000000000000000 [ 616.478844][T18481] R13: 000000000000007f R14: ffffc90003757c70 R15: 0000000000000000 [ 616.486824][T18481] ? strncpy_from_user+0xdd/0x2d0 [ 616.491872][T18481] bpf_prog_load+0xcea/0x1670 [ 616.496559][T18481] ? map_freeze+0x420/0x420 [ 616.501064][T18481] ? __might_fault+0xaa/0x120 [ 616.505739][T18481] ? __might_fault+0xc6/0x120 [ 616.510431][T18481] ? __might_fault+0xaa/0x120 [ 616.515119][T18481] ? bpf_lsm_bpf+0x9/0x10 [ 616.519454][T18481] ? security_bpf+0x7e/0xa0 [ 616.523984][T18481] __sys_bpf+0x5ba/0x890 [ 616.528239][T18481] ? bpf_link_show_fdinfo+0x390/0x390 [ 616.533626][T18481] ? lock_chain_count+0x20/0x20 [ 616.538486][T18481] __x64_sys_bpf+0x7c/0x90 [ 616.542899][T18481] do_syscall_64+0x55/0xb0 [ 616.547316][T18481] ? clear_bhb_loop+0x40/0x90 [ 616.551982][T18481] ? clear_bhb_loop+0x40/0x90 [ 616.556654][T18481] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 616.562551][T18481] RIP: 0033:0x7f4b4339ce59 [ 616.566966][T18481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 616.586578][T18481] RSP: 002b:00007f4b441a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 616.594997][T18481] RAX: ffffffffffffffda RBX: 00007f4b43615fa0 RCX: 00007f4b4339ce59 [ 616.602967][T18481] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005 [ 616.610935][T18481] RBP: 00007f4b43432e6f R08: 0000000000000000 R09: 0000000000000000 [ 616.618902][T18481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.626868][T18481] R13: 00007f4b43616038 R14: 00007f4b43615fa0 R15: 00007ffe920bdcb8 [ 616.634845][T18481] [ 616.638113][T18481] Kernel Offset: disabled [ 616.642425][T18481] Rebooting in 86400 seconds..