last executing test programs:

6.394017494s ago: executing program 2 (id=3215):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)

6.288955978s ago: executing program 2 (id=3217):
r0 = socket$kcm(0x10, 0x2, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x5, 0x4, 0x4, 0x5}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000700850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x4) (async)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_type(r6, &(0x7f0000000080), 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8b2b, &(0x7f0000000040)={'wlan1\x00', @random="0100"})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xb, [@enum={0x1, 0x3, 0x0, 0x6, 0x4, [{0x7, 0xc1}, {0x7, 0x7f}, {0x9, 0x1000}]}]}, {0x0, [0x61, 0x61, 0x61, 0x0, 0x0, 0x0, 0x61, 0x2e, 0x0]}}, &(0x7f0000000480)=""/29, 0x47, 0x1d, 0x1, 0x73}, 0x28) (async)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

4.748298335s ago: executing program 0 (id=3218):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000340)={'syzkaller0\x00', 0x1})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00'})
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0xed, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x3, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r4)
socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x3406c096)
write$cgroup_type(r4, &(0x7f0000000080), 0x11ffffce1)
sendmsg$inet(r4, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x20000000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b03d25a806c8c6f94f90624fc601000127a0a000600093582c137153e37080c188001ac0f000300", 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0xfdef}], 0x1}, 0x0)
recvmsg(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000080)=""/248, 0xf8}], 0x1, 0x0, 0x18}, 0x10100)
sendmsg$kcm(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000240)="e1", 0x1}], 0x1}, 0x4000004)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000440)={0x0, r0}, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffffff}, 0x0, 0x7, 0xffffffffffffffff, 0xa)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r8 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb0100180000000000000058000000580000000a0000000900000000000093020000000d0000000000011103000000010000000900000000000007000000000100000000000012040000000b001b000200000501800000feffffff000000005908000002000000020000000600000000005f00300000615f00"], &(0x7f0000000380)=""/175, 0x7a, 0xaf, 0x0, 0x80, 0x10000, @value=r8}, 0x28)

3.173779163s ago: executing program 1 (id=3220):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuacct.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f00000006c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8948, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000005300000095dbd0ff7fa57b0000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$SIOCSIFHWADDR(r0, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @random="0100"})

3.173106113s ago: executing program 2 (id=3221):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000001940)=""/215, 0xd7}], 0x3}, 0x20)

3.172687963s ago: executing program 0 (id=3222):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.047321028s ago: executing program 0 (id=3223):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f00000008c0)="fc2053e8e91bef87c839a48cb6242276ec16439413d731b2a8521ccb01cb9f34136d80c299a543b60cbaec557dbacf45240dabc5e88de7827145ff14476349adbed2abf0d504cf4dce81e9c113f38d3d448aee2618b4289731e8407b0aadf934026b05673482975f8c2b5559c2e5cbb2cba9449027df32b484d4e34801cb7895e3006b79382a502d00093f217da39056321b9789228498e01d401640aa614c5329ff13cf6a86719ae6b77a4e859489582f47cdf5e25f0a4c8683eaaeac2c73b3d8165f08e2b408633b7bb4eed6233267690e90b677c93480b27dd5f22aed18e36c5e70b25689cf09b897c798457f53be78e13cfcfdd6ce16389005f4062343a1a4eb1fe82784e05ff03bbea2c8315cb5c8b8fe2740259411bdd5585860336e871d23bee8338b88874f076abfdd7235d5cfc2ab65ba8d6fbd0f3b9052398abb3571323efdb9b9acab25e7ce2aaeb246dac2a15c322724ada132716b7a330be8ee1a385105f869493dd5a236b4cf59bcfbf7c2b13aff70616912f437cf39bf9619d27548aa90370aa507e86a252f51b16f36863bca576d1d58bc7dc9c673440a22a4d34f148885c26eb9ba9062dd5e666c871eb3341ac95cc6c4ca67c09e185cbf7c1dd55cd24639db8e5eae708d3365c216e9ed8b195cb7f0d61419ab73ded56c1571ae1ee172ed372e14fe8036bc56496bced8a66e21aa830e4df0182517f3b390bba301d6625d7d254071843ffc12c6f7167351d9b8d485799d2d160cb054a36a4db6f40ddec3e5", &(0x7f00000002c0)=""/215}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd09"], 0x50)
socket$kcm(0x2, 0x3, 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000001100)={0x0, &(0x7f0000001180)=""/127, &(0x7f0000001200), &(0x7f0000000580), 0x6e, r0}, 0x38)

2.958221822s ago: executing program 1 (id=3224):
bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x17, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35"], 0xcfa4)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff3c, &(0x7f0000000000)="ff", 0x0, 0x3, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x4000}, 0x48)

2.807589179s ago: executing program 0 (id=3225):
r0 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000080))
socket$kcm(0x2, 0x2, 0x73)
r1 = gettid()
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, @perf_config_ext={0x1, 0x4}, 0xa0, 0x58, 0x0, 0x4, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x1fa, 0xffffca88, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r1, r2, 0x0, 0x0, 0x0}, 0x30)

2.797559599s ago: executing program 1 (id=3226):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x114301, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[], 0xffbf)

2.213675855s ago: executing program 3 (id=3227):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
r1 = socket$kcm(0x11, 0x2, 0x0)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r2, 0x107, 0x12, &(0x7f00000000c0)=r1, 0x8)
r3 = socket$kcm(0x11, 0x2, 0x0)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r4, 0x107, 0x12, &(0x7f00000000c0)=r3, 0x8)
r5 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r5, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8) (fail_nth: 1)

2.185810455s ago: executing program 0 (id=3228):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000004095"], &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24eab556bd0525816d6b67bf927e4a75ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6", 0x56}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0x40}, 0x114905, 0x4, 0x6, 0x1, 0x101, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/32], 0x0, 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x141400, 0x0) (async)
recvmsg$kcm(r2, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=""/72, 0x48}, 0x43) (async, rerun: 32)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e40)={0x0, 0x0, 0x56}, 0x28) (async, rerun: 32)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000011008188040f80ec59acbc0413a181002e00000001010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x2404c050) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000380)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10) (async, rerun: 32)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (rerun: 32)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x95, 0x5, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00') (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580))
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/time\x00') (async, rerun: 32)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 32)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYRES16=r5], 0x10) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8983, &(0x7f0000000080))

2.185255005s ago: executing program 2 (id=3229):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
r1 = socket$kcm(0x11, 0x2, 0x0)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r2, 0x107, 0x12, &(0x7f00000000c0)=r1, 0x8)
r3 = socket$kcm(0x11, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xe, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000008000000911198000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
socket$kcm(0x10, 0x0, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0xf, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x6, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000180200000000000ff0100008520000003000000180000000001000000000000050000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x3, 0x1a, &(0x7f0000000380)=""/26, 0x41000, 0x2, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000400)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x5, 0x1, 0xe61c, 0x1}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000540)=[{0x5, 0x4, 0xb, 0xa}, {0x3, 0x1, 0xc, 0x4}], 0x10, 0x9}, 0x94)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001900)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff803500004000638477fbac14142ce934a0a662079f4b4d2f87e56dca6aab055013f208001a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
setsockopt$sock_attach_bpf(r4, 0x107, 0x12, &(0x7f00000000c0)=r3, 0x8)
socket$kcm(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x2, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x4, 0x10}]}, 0x94)

1.801010572s ago: executing program 2 (id=3230):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xa443, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x4020, 0x40, 0x1, 0x2, 0x40000, 0x9cb8}, 0xffffffffffffffff, 0xffff7fffffffffff, 0xffffffffffffffff, 0x12)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x28, 0x5, 0x0)
close(r0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x3f, 0x1, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[], 0x0, 0x4a}, 0x28)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
mkdir(0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.800845842s ago: executing program 3 (id=3231):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.751501594s ago: executing program 3 (id=3232):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuacct.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f00000006c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8948, &(0x7f0000000000)='lo:\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x00 \'Y\x17]\x15c\xcaR\xdd\x98OGK\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb7s\xb0\x00\x00\x00\x00\xf5\a\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'5\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0R\xd3\x8a\xe1n\x97\xea\xf1\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB\x01\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\tb\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18\x00\b\x00\x00Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xbf\xe3?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\fr\xf1\xec\xd9CD\x80\xb4^\x8cw;\x87\xea\x8c\x8bJ\x9a\x0ej\x8f\x8e^\xe6\xa6\xaa\x910\fD\xabFU\xa0D;\xd6\xd1\xeer\x9d\x02\xd9\xf7d`\xbfv\x15.\xe4\x82|)K\x99\x98&?\xcd\xe5\xa8\xba~$;g\t\x02\x84+\x90\xab\x816$/\x92\"\xef\xf7\x18\xfaE\xfe\xf7\n\xb2\x7fC\xbb\xbdg#F\n\vu\xe2\xe9\b\xa2\xf1\x94Fb\x92\xc9\xddP\xf0m35+\xdd\xac3\x00\xdd\xfb\b\xc0\x95\xe8\xa5\xec\x9e\xbfA\x7f\xff\xb8\xe2\xe2HNy$\xd4\xc6\x9dd\t\xf6\xed\x10\x15%\r\x1aD\f>\xdcZ\xb9\xd7Z\x88\x9b\xdff[\x90\xfa\x9a{b\xf4Dq')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @random="0100"})

406.384473ms ago: executing program 1 (id=3233):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f00000008c0)="fc2053e8e91bef87c839a48cb6242276ec16439413d731b2a8521ccb01cb9f34136d80c299a543b60cbaec557dbacf45240dabc5e88de7827145ff14476349adbed2abf0d504cf4dce81e9c113f38d3d448aee2618b4289731e8407b0aadf934026b05673482975f8c2b5559c2e5cbb2cba9449027df32b484d4e34801cb7895e3006b79382a502d00093f217da39056321b9789228498e01d401640aa614c5329ff13cf6a86719ae6b77a4e859489582f47cdf5e25f0a4c8683eaaeac2c73b3d8165f08e2b408633b7bb4eed6233267690e90b677c93480b27dd5f22aed18e36c5e70b25689cf09b897c798457f53be78e13cfcfdd6ce16389005f4062343a1a4eb1fe82784e05ff03bbea2c8315cb5c8b8fe2740259411bdd5585860336e871d23bee8338b88874f076abfdd7235d5cfc2ab65ba8d6fbd0f3b9052398abb3571323efdb9b9acab25e7ce2aaeb246dac2a15c322724ada132716b7a330be8ee1a385105f869493dd5a236b4cf59bcfbf7c2b13aff70616912f437cf39bf9619d27548aa90370aa507e86a252f51b16f36863bca576d1d58bc7dc9c673440a22a4d34f148885c26eb9ba9062dd5e666c871eb3341ac95cc6c4ca67c09e185cbf7c1dd55cd24639db8e5eae708d3365c216e9ed8b195cb7f0d61419ab73ded56c1571ae1ee172ed372e14fe8036bc56496bced8a66e21aa830e4df0182517f3b390bba301d6625d7d254071843ffc12c6f7167351d9b8d485799d2d160cb054a36a4db6f40ddec3e5", &(0x7f00000002c0)=""/215}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd09"], 0x50)
socket$kcm(0x2, 0x3, 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000001100)={0x0, &(0x7f0000001180)=""/127, &(0x7f0000001200), &(0x7f0000000580), 0x6e, r0}, 0x38)

356.591075ms ago: executing program 3 (id=3234):
r0 = socket$kcm(0x22, 0x2, 0x21)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000400)=""/91, 0x5b}, {&(0x7f0000000ec0)=""/4052, 0xfd4}, {&(0x7f0000001fc0)=""/4073, 0xfe9}, {&(0x7f0000000600)=""/239, 0xef}, {&(0x7f0000000080)=""/34, 0x22}, {&(0x7f00000002c0)=""/178, 0xb2}, {&(0x7f0000001ec0)=""/255, 0xff}], 0x7}, 0xbf9d5a5a4c2f3718) (async)
sendmsg$inet(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0a8187bae53dca2b007ea23e163ec40028e82fccdc09da15fef6a608649e7531765f0ef82e3c0076a705259a3651f60a84c9f4d4938037e70e4509c5bb0c9246444351db86078475483687054c", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000) (async)
recvmsg$kcm(r1, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40000002) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d71, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
socket$kcm(0x11, 0x200000000000002, 0x300)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90f24fc60", 0x8c0}], 0x1}, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f91424fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0) (async)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000100)='syzkaller\x00'}, 0x94) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x2141, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8c, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (async)
bpf$MAP_CREATE(0x1800000000000000, &(0x7f0000004080)=ANY=[@ANYBLOB="0400000004000000040000000100000000080000", @ANYRES32, @ANYBLOB="00000000f1fffffffff1ffffffffffffff000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"], 0x48)
close(r6)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x801c581f, &(0x7f0000000040)=0xff57000000000600) (async)
sendmsg$kcm(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0)

225.105161ms ago: executing program 1 (id=3235):
bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x17, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35"], 0xcfa4)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff3c, &(0x7f0000000000)="ff", 0x0, 0x3, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x4000}, 0x48)

202.505991ms ago: executing program 0 (id=3236):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="5c00000013006bcc9e3be35c6e17b9310400876c1d0000007ea60864160af36514001ac00400020004004400eab556a705251e61aae5f66f8294ff0051f60a84c9f4d4938037e786a6d0001004000e4509c57f74ff24185499020000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x24008880)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001c40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735adb55c209f7c0f8880733dbd3f5a095cc6a2"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000050000008bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f61141c00000000004603f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055a2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="600000004e007f049e", 0x12}, {&(0x7f0000000180)="78cabf2dfb73fc0a7d0a0080f2dcb9fe06892544001100b8f9e6aaeb1ae2f6e8bcb5ee52dc06249798093c5102a1bca0b646a7ce904f6e6b788b3219c233e60ddc36024a99a63e729f9b06f96137c89d03234f008c5681", 0x57}], 0x2}, 0x0)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)

189.146212ms ago: executing program 1 (id=3237):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000004700)=""/4137, 0x1029}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000001940)=""/215, 0xd7}], 0x3}, 0x20)

94.441066ms ago: executing program 3 (id=3238):
r0 = gettid()
r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, @perf_config_ext={0x1, 0x4}, 0xa0, 0x58, 0x0, 0x4, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r0, r1, 0x0, 0x0, 0x0}, 0x30)

29.075999ms ago: executing program 2 (id=3239):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xa443, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x4020, 0x40, 0x1, 0x2, 0x40000, 0x9cb8}, 0xffffffffffffffff, 0xffff7fffffffffff, 0xffffffffffffffff, 0x12)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x28, 0x5, 0x0)
close(r0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x3f, 0x1, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[], 0x0, 0x4a}, 0x28)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
mkdir(0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0) (fail_nth: 1)

0s ago: executing program 3 (id=3240):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

932] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.2491'.
[  368.774186][T12736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.797899][T12736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.808634][T12736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.822194][T12736] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.837618][T12736] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.849647][T12736] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.884489][T12736] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.894558][T12736] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.904268][T12736] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.915000][T12736] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  369.067319][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  369.097491][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  369.138438][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  369.147015][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  369.582712][ T5104] Bluetooth: hci0: command tx timeout
[  370.109833][ T5803] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  370.120365][ T5803] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  370.133949][ T5803] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  370.184062][ T5803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  370.272534][ T5803] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  370.282157][ T5803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  370.296973][T12973] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.2499'.
[  370.555305][ T2986] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.829928][ T2986] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.916437][T12984] C: renamed from team_slave_0 (while UP)
[  370.947088][T12984] netlink: 'syz.1.2501': attribute type 1 has an invalid length.
[  370.975480][T12984] netlink: 116 bytes leftover after parsing attributes in process `syz.1.2501'.
[  371.102860][ T2986] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.265670][ T2986] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.284056][T12999] FAULT_INJECTION: forcing a failure.
[  371.284056][T12999] name failslab, interval 1, probability 0, space 0, times 0
[  371.297067][T12999] CPU: 0 PID: 12999 Comm: syz.3.2505 Not tainted syzkaller #0
[  371.304591][T12999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  371.314680][T12999] Call Trace:
[  371.317979][T12999]  <TASK>
[  371.320932][T12999]  dump_stack_lvl+0x16c/0x230
[  371.325646][T12999]  ? show_regs_print_info+0x20/0x20
[  371.330884][T12999]  ? load_image+0x3b0/0x3b0
[  371.335418][T12999]  ? __might_sleep+0xe0/0xe0
[  371.340039][T12999]  ? __lock_acquire+0x7c80/0x7c80
[  371.345099][T12999]  should_fail_ex+0x39d/0x4d0
[  371.349812][T12999]  should_failslab+0x9/0x20
[  371.354342][T12999]  slab_pre_alloc_hook+0x59/0x310
[  371.359396][T12999]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  371.365161][T12999]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  371.370909][T12999]  __kmem_cache_alloc_node+0x53/0x260
[  371.376317][T12999]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  371.382069][T12999]  __kmalloc+0xa4/0x240
[  371.386265][T12999]  tomoyo_realpath_from_path+0xe3/0x5d0
[  371.391864][T12999]  tomoyo_path_number_perm+0x1ea/0x590
[  371.397351][T12999]  ? tomoyo_path_number_perm+0x1ba/0x590
[  371.403024][T12999]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  371.408516][T12999]  ? hrtimer_interrupt+0x597/0x9c0
[  371.413658][T12999]  ? ktime_get+0x7f/0x280
[  371.418045][T12999]  ? __fget_files+0x28/0x4d0
[  371.422685][T12999]  security_file_ioctl+0x70/0xa0
[  371.427672][T12999]  __se_sys_ioctl+0x48/0x170
[  371.432317][T12999]  do_syscall_64+0x55/0xb0
[  371.436779][T12999]  ? clear_bhb_loop+0x40/0x90
[  371.441478][T12999]  ? clear_bhb_loop+0x40/0x90
[  371.446182][T12999]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  371.452103][T12999] RIP: 0033:0x7fddd338f749
[  371.456547][T12999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.476175][T12999] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  371.484606][T12999] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  371.492585][T12999] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000026
[  371.500569][T12999] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  371.508547][T12999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.516524][T12999] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  371.524528][T12999]  </TASK>
[  371.544395][T12999] ERROR: Out of memory at tomoyo_realpath_from_path.
[  371.839591][T13017] netlink: 'syz.1.2508': attribute type 21 has an invalid length.
[  372.009769][T12969] chnl_net:caif_netlink_parms(): no params data found
[  372.382637][ T5803] Bluetooth: hci1: command tx timeout
[  372.553810][T12969] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.561064][T12969] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.570554][T12969] bridge_slave_0: entered allmulticast mode
[  372.578412][T12969] bridge_slave_0: entered promiscuous mode
[  372.595438][T12969] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.604976][T12969] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.622196][T12969] bridge_slave_1: entered allmulticast mode
[  372.629283][T12969] bridge_slave_1: entered promiscuous mode
[  372.779241][T13049] netlink: 'syz.0.2516': attribute type 1 has an invalid length.
[  372.865329][T12969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.945170][T12969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  373.116236][T12969] team0: Port device team_slave_0 added
[  373.220294][T12969] team0: Port device team_slave_1 added
[  373.297794][T12969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  373.317139][T12969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.388226][T12969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  373.481157][T12969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  373.533088][T12969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.590200][T12969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  373.726638][T13078] netlink: 'syz.0.2522': attribute type 10 has an invalid length.
[  373.737397][T13078] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2522'.
[  373.761294][T13078] dummy0: entered promiscuous mode
[  373.777159][T13078] dummy0: entered allmulticast mode
[  373.790156][T13078] bond0: (slave dummy0): Releasing backup interface
[  373.813976][T13078] net_ratelimit: 150 callbacks suppressed
[  373.813990][T13078] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  373.962719][T13090] FAULT_INJECTION: forcing a failure.
[  373.962719][T13090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.998894][T13090] CPU: 0 PID: 13090 Comm: syz.0.2528 Not tainted syzkaller #0
[  374.006417][T13090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  374.016507][T13090] Call Trace:
[  374.019839][T13090]  <TASK>
[  374.022817][T13090]  dump_stack_lvl+0x16c/0x230
[  374.027552][T13090]  ? show_regs_print_info+0x20/0x20
[  374.032789][T13090]  ? load_image+0x3b0/0x3b0
[  374.037312][T13090]  ? __might_fault+0xaa/0x120
[  374.042007][T13090]  ? __lock_acquire+0x7c80/0x7c80
[  374.047064][T13090]  should_fail_ex+0x39d/0x4d0
[  374.051770][T13090]  _copy_from_user+0x2f/0xe0
[  374.056374][T13090]  __sys_bpf+0x1e9/0x800
[  374.060632][T13090]  ? bpf_link_show_fdinfo+0x350/0x350
[  374.066025][T13090]  ? lock_chain_count+0x20/0x20
[  374.070892][T13090]  __x64_sys_bpf+0x7c/0x90
[  374.075322][T13090]  do_syscall_64+0x55/0xb0
[  374.079750][T13090]  ? clear_bhb_loop+0x40/0x90
[  374.084432][T13090]  ? clear_bhb_loop+0x40/0x90
[  374.089120][T13090]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.095029][T13090] RIP: 0033:0x7f793918f749
[  374.099466][T13090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.119081][T13090] RSP: 002b:00007f7939f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  374.127505][T13090] RAX: ffffffffffffffda RBX: 00007f79393e5fa0 RCX: 00007f793918f749
[  374.135482][T13090] RDX: 0000000000000028 RSI: 0000200000000000 RDI: 0000000000000012
[  374.143457][T13090] RBP: 00007f7939f40090 R08: 0000000000000000 R09: 0000000000000000
[  374.151428][T13090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.159400][T13090] R13: 00007f79393e6038 R14: 00007f79393e5fa0 R15: 00007fffdf61e388
[  374.167389][T13090]  </TASK>
[  374.279670][T12969] hsr_slave_0: entered promiscuous mode
[  374.287016][T12969] hsr_slave_1: entered promiscuous mode
[  374.296950][T12969] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  374.305352][T12969] Cannot create hsr debugfs directory
[  374.327960][T13096] netlink: 'syz.0.2531': attribute type 10 has an invalid length.
[  374.360819][T13096] batman_adv: batadv0: Adding interface: team0
[  374.372758][T13101] FAULT_INJECTION: forcing a failure.
[  374.372758][T13101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.380627][T13096] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.390653][T13101] CPU: 1 PID: 13101 Comm: syz.3.2533 Not tainted syzkaller #0
[  374.418194][T13096] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  374.418785][T13101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  374.418798][T13101] Call Trace:
[  374.441912][T13101]  <TASK>
[  374.444860][T13101]  dump_stack_lvl+0x16c/0x230
[  374.449574][T13101]  ? show_regs_print_info+0x20/0x20
[  374.454806][T13101]  ? load_image+0x3b0/0x3b0
[  374.459332][T13101]  ? __might_fault+0xaa/0x120
[  374.464031][T13101]  ? __lock_acquire+0x7c80/0x7c80
[  374.469087][T13101]  should_fail_ex+0x39d/0x4d0
[  374.473809][T13101]  _copy_from_user+0x2f/0xe0
[  374.478431][T13101]  __sys_bpf+0x1e9/0x800
[  374.482710][T13101]  ? bpf_link_show_fdinfo+0x350/0x350
[  374.488114][T13101]  ? lock_chain_count+0x20/0x20
[  374.492999][T13101]  __x64_sys_bpf+0x7c/0x90
[  374.497445][T13101]  do_syscall_64+0x55/0xb0
[  374.501905][T13101]  ? clear_bhb_loop+0x40/0x90
[  374.502643][ T5803] Bluetooth: hci1: command tx timeout
[  374.506589][T13101]  ? clear_bhb_loop+0x40/0x90
[  374.516652][T13101]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.522570][T13101] RIP: 0033:0x7fddd338f749
[  374.527008][T13101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.546638][T13101] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  374.555076][T13101] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  374.563066][T13101] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000012
[  374.571067][T13101] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  374.579113][T13101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.587139][T13101] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  374.595149][T13101]  </TASK>
[  374.611729][ T2986] hsr_slave_0: left promiscuous mode
[  374.627920][ T2986] hsr_slave_1: left promiscuous mode
[  374.636009][ T2986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  374.656801][ T2986] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.681101][ T2986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  374.696712][ T2986] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.735847][ T2986] veth1_macvtap: left promiscuous mode
[  374.742597][ T2986] veth0_macvtap: left promiscuous mode
[  374.759176][ T2986] veth1_vlan: left promiscuous mode
[  374.776012][ T2986] veth0_vlan: left promiscuous mode
[  375.325327][ T2986] team0 (unregistering): Port device team_slave_1 removed
[  375.359071][ T2986] team0 (unregistering): Port device team_slave_0 removed
[  375.395911][ T2986] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.432811][ T2986] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.785236][ T2986] bond0 (unregistering): Released all slaves
[  376.037498][T13129] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  376.199578][T13129] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.2538'.
[  376.203317][T13136] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  376.225846][T13129] netlink: zone id is out of range
[  376.231212][T13129] netlink: zone id is out of range
[  376.272049][T13129] netlink: zone id is out of range
[  376.305501][T13129] netlink: zone id is out of range
[  376.332681][T13129] netlink: zone id is out of range
[  376.342187][T13129] netlink: zone id is out of range
[  376.348902][T13129] netlink: zone id is out of range
[  376.365460][T13136] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.2541'.
[  376.554339][ T5803] Bluetooth: hci1: command tx timeout
[  376.922401][T13158] FAULT_INJECTION: forcing a failure.
[  376.922401][T13158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.946055][T13158] CPU: 0 PID: 13158 Comm: syz.1.2545 Not tainted syzkaller #0
[  376.953565][T13158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  376.963641][T13158] Call Trace:
[  376.966938][T13158]  <TASK>
[  376.969891][T13158]  dump_stack_lvl+0x16c/0x230
[  376.974602][T13158]  ? show_regs_print_info+0x20/0x20
[  376.979827][T13158]  ? load_image+0x3b0/0x3b0
[  376.984360][T13158]  ? __might_fault+0xaa/0x120
[  376.989065][T13158]  ? __lock_acquire+0x7c80/0x7c80
[  376.992514][T12969] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  376.994104][T13158]  should_fail_ex+0x39d/0x4d0
[  377.005480][T13158]  _copy_from_user+0x2f/0xe0
[  377.010092][T13158]  ___sys_sendmsg+0x159/0x290
[  377.014809][T13158]  ? __sys_sendmsg+0x270/0x270
[  377.019620][T13158]  ? __lock_acquire+0x7c80/0x7c80
[  377.024687][T13158]  __se_sys_sendmsg+0x1a5/0x270
[  377.029579][T13158]  ? __x64_sys_sendmsg+0x80/0x80
[  377.034560][T13158]  ? lockdep_hardirqs_on+0x98/0x150
[  377.039788][T13158]  do_syscall_64+0x55/0xb0
[  377.044232][T13158]  ? clear_bhb_loop+0x40/0x90
[  377.048922][T13158]  ? clear_bhb_loop+0x40/0x90
[  377.053607][T13158]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.059506][T13158] RIP: 0033:0x7f3719f8f749
[  377.063926][T13158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.083535][T13158] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.091973][T13158] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  377.099961][T13158] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  377.107944][T13158] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  377.115920][T13158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.123894][T13158] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  377.131890][T13158]  </TASK>
[  377.148003][T12969] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  377.166058][T12969] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  377.180729][T12969] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  377.377420][T12969] 8021q: adding VLAN 0 to HW filter on device bond0
[  377.414845][T12969] 8021q: adding VLAN 0 to HW filter on device team0
[  377.435984][ T2986] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.443181][ T2986] bridge0: port 1(bridge_slave_0) entered forwarding state
[  377.506036][ T2986] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.513872][ T2986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  377.584027][T12969] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  377.614311][T13179] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.2550'.
[  377.641438][T12969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  377.765513][T13187] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.2552'.
[  378.160183][T13211] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2556'.
[  378.340169][T12969] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.465741][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.472923][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  378.581529][T12969] veth0_vlan: entered promiscuous mode
[  378.622690][ T5803] Bluetooth: hci1: command tx timeout
[  378.634980][T12969] veth1_vlan: entered promiscuous mode
[  378.706963][T12969] veth0_macvtap: entered promiscuous mode
[  378.735031][T12969] veth1_macvtap: entered promiscuous mode
[  378.771880][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.796210][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.825928][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.836703][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.846804][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.857423][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.871570][T12969] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.907281][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.920270][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.931424][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.944118][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.956369][T12969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.967049][T12969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.980813][T12969] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.989550][T13232] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2562'.
[  379.025151][T12969] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.041813][T12969] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.060979][T12969] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.082292][T12969] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.096645][T13232] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2562'.
[  379.248563][ T2992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.278103][ T2992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.362443][ T2986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.381863][ T2986] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.618519][T13260] FAULT_INJECTION: forcing a failure.
[  379.618519][T13260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.678734][T13260] CPU: 0 PID: 13260 Comm: syz.3.2568 Not tainted syzkaller #0
[  379.686276][T13260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  379.696360][T13260] Call Trace:
[  379.699666][T13260]  <TASK>
[  379.702621][T13260]  dump_stack_lvl+0x16c/0x230
[  379.707385][T13260]  ? show_regs_print_info+0x20/0x20
[  379.712629][T13260]  ? load_image+0x3b0/0x3b0
[  379.717161][T13260]  ? __might_fault+0xaa/0x120
[  379.721868][T13260]  ? __lock_acquire+0x7c80/0x7c80
[  379.726927][T13260]  should_fail_ex+0x39d/0x4d0
[  379.731646][T13260]  _copy_from_user+0x2f/0xe0
[  379.736290][T13260]  ___sys_sendmsg+0x159/0x290
[  379.741004][T13260]  ? __sys_sendmsg+0x270/0x270
[  379.745826][T13260]  ? __lock_acquire+0x7c80/0x7c80
[  379.750893][T13260]  __se_sys_sendmsg+0x1a5/0x270
[  379.755785][T13260]  ? __x64_sys_sendmsg+0x80/0x80
[  379.760767][T13260]  ? lockdep_hardirqs_on+0x98/0x150
[  379.765989][T13260]  do_syscall_64+0x55/0xb0
[  379.770430][T13260]  ? clear_bhb_loop+0x40/0x90
[  379.775129][T13260]  ? clear_bhb_loop+0x40/0x90
[  379.779812][T13260]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  379.785709][T13260] RIP: 0033:0x7fddd338f749
[  379.790128][T13260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.809746][T13260] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  379.818175][T13260] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  379.826178][T13260] RDX: 0000000024008880 RSI: 0000200000000040 RDI: 0000000000000003
[  379.834151][T13260] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  379.842124][T13260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.850097][T13260] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  379.858086][T13260]  </TASK>
[  379.882007][T13263] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2494'.
[  379.891150][T13263] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2494'.
[  379.960749][T13255] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2494'.
[  380.006687][T13266] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2494'.
[  380.231347][T13269] net_ratelimit: 203 callbacks suppressed
[  380.231366][T13269] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  380.607938][ T5104] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  380.624545][T13282] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2572'.
[  380.634026][ T5104] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  380.646015][ T5104] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  380.654762][T13282] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2572'.
[  380.671160][T13276] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2572'.
[  380.680747][ T5104] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  380.693085][T13282] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2572'.
[  380.702614][ T5104] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  380.710034][ T5104] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  380.876197][T13290] FAULT_INJECTION: forcing a failure.
[  380.876197][T13290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.918685][T13290] CPU: 0 PID: 13290 Comm: syz.3.2575 Not tainted syzkaller #0
[  380.926211][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  380.936298][T13290] Call Trace:
[  380.939585][T13290]  <TASK>
[  380.942519][T13290]  dump_stack_lvl+0x16c/0x230
[  380.947206][T13290]  ? show_regs_print_info+0x20/0x20
[  380.952451][T13290]  ? load_image+0x3b0/0x3b0
[  380.956960][T13290]  ? __might_fault+0xaa/0x120
[  380.961635][T13290]  ? __lock_acquire+0x7c80/0x7c80
[  380.966668][T13290]  should_fail_ex+0x39d/0x4d0
[  380.971366][T13290]  _copy_from_user+0x2f/0xe0
[  380.976002][T13290]  ___sys_sendmsg+0x159/0x290
[  380.980691][T13290]  ? __sys_sendmsg+0x270/0x270
[  380.985475][T13290]  ? __lock_acquire+0x7c80/0x7c80
[  380.990513][T13290]  __se_sys_sendmsg+0x1a5/0x270
[  380.995371][T13290]  ? __x64_sys_sendmsg+0x80/0x80
[  381.000351][T13290]  ? lockdep_hardirqs_on+0x98/0x150
[  381.005551][T13290]  do_syscall_64+0x55/0xb0
[  381.009969][T13290]  ? clear_bhb_loop+0x40/0x90
[  381.014669][T13290]  ? clear_bhb_loop+0x40/0x90
[  381.019346][T13290]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  381.025248][T13290] RIP: 0033:0x7fddd338f749
[  381.029682][T13290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.049295][T13290] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.057713][T13290] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  381.065705][T13290] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  381.073672][T13290] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  381.081665][T13290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.089637][T13290] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  381.097617][T13290]  </TASK>
[  381.265691][ T2992] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.288609][T13297] netlink: 'syz.1.2577': attribute type 10 has an invalid length.
[  381.308114][T13297] bridge0: port 3(ipvlan1) entered blocking state
[  381.328413][T13297] bridge0: port 3(ipvlan1) entered disabled state
[  381.336479][T13297] ipvlan1: entered allmulticast mode
[  381.346167][T13297] veth0_vlan: entered allmulticast mode
[  381.360463][T13297] ipvlan1: left allmulticast mode
[  381.369120][T13297] veth0_vlan: left allmulticast mode
[  381.376686][T13297] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  381.420033][ T2992] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.443772][T13303] ªªªªªª: renamed from vlan0 (while UP)
[  381.457516][T13305] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  381.517847][ T2992] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.585203][ T2992] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.796797][T13278] chnl_net:caif_netlink_parms(): no params data found
[  381.918100][T13319] netlink: 'syz.1.2585': attribute type 10 has an invalid length.
[  381.948432][T13319] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  382.246057][T13278] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.291441][T13278] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.327886][T13278] bridge_slave_0: entered allmulticast mode
[  382.434975][T13278] bridge_slave_0: entered promiscuous mode
[  382.525498][T13328] FAULT_INJECTION: forcing a failure.
[  382.525498][T13328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.592121][T13328] CPU: 0 PID: 13328 Comm: syz.3.2588 Not tainted syzkaller #0
[  382.599671][T13328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.609746][T13328] Call Trace:
[  382.613039][T13328]  <TASK>
[  382.615985][T13328]  dump_stack_lvl+0x16c/0x230
[  382.620694][T13328]  ? show_regs_print_info+0x20/0x20
[  382.625927][T13328]  ? load_image+0x3b0/0x3b0
[  382.630451][T13328]  ? __might_fault+0xaa/0x120
[  382.635146][T13328]  ? __lock_acquire+0x7c80/0x7c80
[  382.640192][T13328]  should_fail_ex+0x39d/0x4d0
[  382.644902][T13328]  _copy_from_user+0x2f/0xe0
[  382.649520][T13328]  __sys_bpf+0x1e9/0x800
[  382.653873][T13328]  ? bpf_link_show_fdinfo+0x350/0x350
[  382.659284][T13328]  ? lock_chain_count+0x20/0x20
[  382.664165][T13328]  __x64_sys_bpf+0x7c/0x90
[  382.668601][T13328]  do_syscall_64+0x55/0xb0
[  382.673040][T13328]  ? clear_bhb_loop+0x40/0x90
[  382.677737][T13328]  ? clear_bhb_loop+0x40/0x90
[  382.682431][T13328]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  382.688342][T13328] RIP: 0033:0x7fddd338f749
[  382.692792][T13328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.712421][T13328] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  382.720858][T13328] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  382.728853][T13328] RDX: 0000000000000094 RSI: 0000200000000ac0 RDI: 0000000000000005
[  382.736856][T13328] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  382.744848][T13328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.752860][T13328] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  382.760886][T13328]  </TASK>
[  382.792950][ T5104] Bluetooth: hci3: command tx timeout
[  383.095278][T13278] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.103645][T13278] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.110873][T13278] bridge_slave_1: entered allmulticast mode
[  383.118038][T13335] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  383.118596][T13278] bridge_slave_1: entered promiscuous mode
[  383.167989][T13333] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  383.231237][T13278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.256077][T13278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.399174][T13345] FAULT_INJECTION: forcing a failure.
[  383.399174][T13345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.435480][T13345] CPU: 1 PID: 13345 Comm: syz.3.2594 Not tainted syzkaller #0
[  383.443077][T13345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  383.450640][T13278] team0: Port device team_slave_0 added
[  383.453133][T13345] Call Trace:
[  383.453143][T13345]  <TASK>
[  383.453151][T13345]  dump_stack_lvl+0x16c/0x230
[  383.453187][T13345]  ? show_regs_print_info+0x20/0x20
[  383.474971][T13345]  ? load_image+0x3b0/0x3b0
[  383.479510][T13345]  ? __might_fault+0xaa/0x120
[  383.484191][T13345]  ? __lock_acquire+0x7c80/0x7c80
[  383.489236][T13345]  should_fail_ex+0x39d/0x4d0
[  383.493937][T13345]  _copy_from_user+0x2f/0xe0
[  383.498543][T13345]  ___sys_sendmsg+0x159/0x290
[  383.503232][T13345]  ? __sys_sendmsg+0x270/0x270
[  383.508022][T13345]  ? __lock_acquire+0x7c80/0x7c80
[  383.513068][T13345]  __se_sys_sendmsg+0x1a5/0x270
[  383.517927][T13345]  ? __x64_sys_sendmsg+0x80/0x80
[  383.522886][T13345]  ? lockdep_hardirqs_on+0x98/0x150
[  383.528088][T13345]  do_syscall_64+0x55/0xb0
[  383.532519][T13345]  ? clear_bhb_loop+0x40/0x90
[  383.537195][T13345]  ? clear_bhb_loop+0x40/0x90
[  383.541891][T13345]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  383.547796][T13345] RIP: 0033:0x7fddd338f749
[  383.552214][T13345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.571818][T13345] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  383.580237][T13345] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  383.588215][T13345] RDX: 0000000004040801 RSI: 0000200000000000 RDI: 0000000000000003
[  383.596189][T13345] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  383.604164][T13345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.612137][T13345] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  383.620124][T13345]  </TASK>
[  383.705094][T13278] team0: Port device team_slave_1 added
[  383.816541][T13346] netlink: 'syz.2.2593': attribute type 10 has an invalid length.
[  383.855760][T13346] bridge0: port 3(ipvlan1) entered blocking state
[  383.874815][T13346] bridge0: port 3(ipvlan1) entered disabled state
[  383.887796][T13346] ipvlan1: entered allmulticast mode
[  383.896204][T13346] veth0_vlan: entered allmulticast mode
[  383.920351][T13359] netlink: 'syz.3.2598': attribute type 10 has an invalid length.
[  383.929965][T13346] ipvlan1: left allmulticast mode
[  383.936050][T13346] veth0_vlan: left allmulticast mode
[  383.951805][T13359] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  383.955748][T13346] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  384.003342][T13355] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  384.088719][T13357] ªªªªªª: renamed from vlan0 (while UP)
[  384.097735][T13278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  384.117806][T13278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.149869][T13278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.268982][T13369] __nla_validate_parse: 6 callbacks suppressed
[  384.268998][T13369] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2599'.
[  384.289484][T13278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.321867][T13278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.382596][T13278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.648417][T13381] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  384.669441][T13278] hsr_slave_0: entered promiscuous mode
[  384.678532][T13278] hsr_slave_1: entered promiscuous mode
[  384.862577][ T5104] Bluetooth: hci3: command tx timeout
[  385.018223][ T2992] hsr_slave_0: left promiscuous mode
[  385.036590][ T2992] hsr_slave_1: left promiscuous mode
[  385.054167][ T2992] batman_adv: batadv0: Removing interface: team0
[  385.067462][T13393] netlink: 'syz.2.2609': attribute type 10 has an invalid length.
[  385.078996][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.091116][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.098714][T13393] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2609'.
[  385.126678][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.155508][T13393] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  385.178218][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.246802][ T2992] veth1_macvtap: left promiscuous mode
[  385.266172][ T2992] veth0_macvtap: left promiscuous mode
[  385.284681][ T2992] veth1_vlan: left promiscuous mode
[  385.303074][ T2992] veth0_vlan: left promiscuous mode
[  385.468925][T13408] netlink: 'syz.2.2610': attribute type 3 has an invalid length.
[  385.493404][T13408] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2610'.
[  385.977662][ T2992] team0 (unregistering): Port device team_slave_1 removed
[  386.020355][ T2992] team0 (unregistering): Port device team_slave_0 removed
[  386.058638][ T2992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.098544][ T2992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.451492][ T2992] bond0 (unregistering): Released all slaves
[  386.482439][T13395] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  386.530454][T13397] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  386.559963][T13414] FAULT_INJECTION: forcing a failure.
[  386.559963][T13414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.577899][T13414] CPU: 1 PID: 13414 Comm: syz.1.2611 Not tainted syzkaller #0
[  386.585402][T13414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  386.595475][T13414] Call Trace:
[  386.598766][T13414]  <TASK>
[  386.601722][T13414]  dump_stack_lvl+0x16c/0x230
[  386.606438][T13414]  ? show_regs_print_info+0x20/0x20
[  386.611674][T13414]  ? load_image+0x3b0/0x3b0
[  386.616205][T13414]  ? __might_fault+0xaa/0x120
[  386.620909][T13414]  ? __lock_acquire+0x7c80/0x7c80
[  386.625961][T13414]  should_fail_ex+0x39d/0x4d0
[  386.630679][T13414]  _copy_from_user+0x2f/0xe0
[  386.635306][T13414]  ___sys_recvmsg+0x12f/0x510
[  386.640008][T13414]  ? __sys_recvmsg+0x270/0x270
[  386.644815][T13414]  ? ksys_write+0x1c1/0x250
[  386.649356][T13414]  ? __fget_files+0x44a/0x4d0
[  386.654069][T13414]  __x64_sys_recvmsg+0x1f2/0x2c0
[  386.659032][T13414]  ? ___sys_recvmsg+0x510/0x510
[  386.663919][T13414]  ? lockdep_hardirqs_on+0x98/0x150
[  386.669148][T13414]  do_syscall_64+0x55/0xb0
[  386.673588][T13414]  ? clear_bhb_loop+0x40/0x90
[  386.678292][T13414]  ? clear_bhb_loop+0x40/0x90
[  386.683003][T13414]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  386.688926][T13414] RIP: 0033:0x7f3719f8f749
[  386.693360][T13414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.712992][T13414] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  386.721462][T13414] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  386.729474][T13414] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  386.737488][T13414] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  386.745493][T13414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.753541][T13414] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  386.761550][T13414]  </TASK>
[  386.952866][ T5104] Bluetooth: hci3: command tx timeout
[  387.126611][T13428] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2617'.
[  387.160824][T13435] FAULT_INJECTION: forcing a failure.
[  387.160824][T13435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.182706][T13435] CPU: 1 PID: 13435 Comm: syz.2.2619 Not tainted syzkaller #0
[  387.190217][T13435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  387.200304][T13435] Call Trace:
[  387.203604][T13435]  <TASK>
[  387.206566][T13435]  dump_stack_lvl+0x16c/0x230
[  387.211279][T13435]  ? show_regs_print_info+0x20/0x20
[  387.216527][T13435]  ? load_image+0x3b0/0x3b0
[  387.221058][T13435]  ? __might_fault+0xaa/0x120
[  387.225762][T13435]  ? __lock_acquire+0x7c80/0x7c80
[  387.230815][T13435]  should_fail_ex+0x39d/0x4d0
[  387.235536][T13435]  _copy_from_user+0x2f/0xe0
[  387.240156][T13435]  ___sys_recvmsg+0x12f/0x510
[  387.244866][T13435]  ? __sys_recvmsg+0x270/0x270
[  387.249669][T13435]  ? ksys_write+0x1c1/0x250
[  387.254258][T13435]  ? __fget_files+0x44a/0x4d0
[  387.258981][T13435]  __x64_sys_recvmsg+0x1f2/0x2c0
[  387.263935][T13435]  ? ___sys_recvmsg+0x510/0x510
[  387.268801][T13435]  ? lockdep_hardirqs_on+0x98/0x150
[  387.274003][T13435]  do_syscall_64+0x55/0xb0
[  387.278425][T13435]  ? clear_bhb_loop+0x40/0x90
[  387.283137][T13435]  ? clear_bhb_loop+0x40/0x90
[  387.287821][T13435]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  387.293718][T13435] RIP: 0033:0x7fbafc58f749
[  387.298165][T13435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.317773][T13435] RSP: 002b:00007fbafd353038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  387.326194][T13435] RAX: ffffffffffffffda RBX: 00007fbafc7e6090 RCX: 00007fbafc58f749
[  387.334171][T13435] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  387.342146][T13435] RBP: 00007fbafd353090 R08: 0000000000000000 R09: 0000000000000000
[  387.350123][T13435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.358130][T13435] R13: 00007fbafc7e6128 R14: 00007fbafc7e6090 R15: 00007ffcc5346828
[  387.366115][T13435]  </TASK>
[  387.603575][T13278] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  387.620890][T13278] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  387.638714][T13278] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  387.650735][T13278] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  387.761447][T13278] 8021q: adding VLAN 0 to HW filter on device bond0
[  387.791449][T13278] 8021q: adding VLAN 0 to HW filter on device team0
[  387.805589][ T2992] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.812784][ T2992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.829882][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.837102][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  388.148891][T13278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  388.227626][T13278] veth0_vlan: entered promiscuous mode
[  388.246783][T13278] veth1_vlan: entered promiscuous mode
[  388.299893][T13278] veth0_macvtap: entered promiscuous mode
[  388.316279][T13278] veth1_macvtap: entered promiscuous mode
[  388.348612][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.360808][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.371092][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.389588][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.399523][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.411381][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.430668][T13278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  388.449776][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.460525][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.472711][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.483458][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.493646][T13278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.504805][T13278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.517401][T13278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  388.533150][T13278] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  388.543951][T13278] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  388.553650][T13278] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  388.563596][T13278] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  388.634584][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.654779][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.693588][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.728440][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.939414][T13494] FAULT_INJECTION: forcing a failure.
[  388.939414][T13494] name failslab, interval 1, probability 0, space 0, times 0
[  388.991913][T13494] CPU: 1 PID: 13494 Comm: syz.1.2628 Not tainted syzkaller #0
[  388.999505][T13494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  389.009681][T13494] Call Trace:
[  389.013040][T13494]  <TASK>
[  389.016083][T13494]  dump_stack_lvl+0x16c/0x230
[  389.020917][T13494]  ? show_regs_print_info+0x20/0x20
[  389.026275][T13494]  ? load_image+0x3b0/0x3b0
[  389.030920][T13494]  ? __might_sleep+0xe0/0xe0
[  389.035615][T13494]  ? __lock_acquire+0x7c80/0x7c80
[  389.040780][T13494]  should_fail_ex+0x39d/0x4d0
[  389.045607][T13494]  should_failslab+0x9/0x20
[  389.050196][T13494]  slab_pre_alloc_hook+0x59/0x310
[  389.055356][T13494]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  389.061183][T13494]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  389.067001][T13494]  __kmem_cache_alloc_node+0x53/0x260
[  389.072522][T13494]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  389.078343][T13494]  __kmalloc+0xa4/0x240
[  389.082635][T13494]  tomoyo_realpath_from_path+0xe3/0x5d0
[  389.088431][T13494]  tomoyo_path_number_perm+0x1ea/0x590
[  389.093992][T13494]  ? tomoyo_path_number_perm+0x1ba/0x590
[  389.099741][T13494]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  389.105341][T13494]  ? ksys_write+0x1c1/0x250
[  389.110259][T13494]  ? __fget_files+0x28/0x4d0
[  389.115065][T13494]  security_file_ioctl+0x70/0xa0
[  389.120158][T13494]  __se_sys_ioctl+0x48/0x170
[  389.124879][T13494]  do_syscall_64+0x55/0xb0
[  389.129380][T13494]  ? clear_bhb_loop+0x40/0x90
[  389.134138][T13494]  ? clear_bhb_loop+0x40/0x90
[  389.138924][T13494]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  389.144898][T13494] RIP: 0033:0x7f3719f8f749
[  389.149410][T13494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.169112][T13494] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.177639][T13494] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  389.185692][T13494] RDX: 0000200000000040 RSI: 000000004030582a RDI: 0000000000000004
[  389.193774][T13494] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  389.201855][T13494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.209918][T13494] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  389.218127][T13494]  </TASK>
[  389.274224][T13494] ERROR: Out of memory at tomoyo_realpath_from_path.
[  389.351879][ T5104] Bluetooth: hci3: command tx timeout
[  389.396111][T13503] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  390.746025][T13527] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  390.884283][T13530] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  391.046515][T13533] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  392.006260][T13562] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2641'.
[  392.306025][T13569] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  392.854285][T13580] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  394.602494][T13608] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  394.723132][T13615] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  395.004961][T13613] netlink: 'syz.3.2652': attribute type 3 has an invalid length.
[  395.295713][T13630] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2658'.
[  395.776339][T13640] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  396.085316][T13642] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  396.948306][T13653] FAULT_INJECTION: forcing a failure.
[  396.948306][T13653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.994066][T13653] CPU: 1 PID: 13653 Comm: syz.2.2669 Not tainted syzkaller #0
[  397.001720][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  397.011831][T13653] Call Trace:
[  397.015160][T13653]  <TASK>
[  397.018170][T13653]  dump_stack_lvl+0x16c/0x230
[  397.022935][T13653]  ? show_regs_print_info+0x20/0x20
[  397.028206][T13653]  ? load_image+0x3b0/0x3b0
[  397.032795][T13653]  ? __lock_acquire+0x7c80/0x7c80
[  397.037887][T13653]  ? snprintf+0xdb/0x120
[  397.042205][T13653]  should_fail_ex+0x39d/0x4d0
[  397.046968][T13653]  _copy_to_user+0x2f/0xa0
[  397.051452][T13653]  simple_read_from_buffer+0xe7/0x150
[  397.056921][T13653]  proc_fail_nth_read+0x1e3/0x250
[  397.062034][T13653]  ? proc_fault_inject_write+0x340/0x340
[  397.067756][T13653]  ? fsnotify_perm+0x271/0x5e0
[  397.072594][T13653]  ? proc_fault_inject_write+0x340/0x340
[  397.078290][T13653]  vfs_read+0x27e/0x920
[  397.082536][T13653]  ? kernel_read+0x1e0/0x1e0
[  397.087203][T13653]  ? __fget_files+0x28/0x4d0
[  397.091867][T13653]  ? __fget_files+0x44a/0x4d0
[  397.096644][T13653]  ? __fdget_pos+0x2a3/0x330
[  397.101287][T13653]  ? ksys_read+0x75/0x250
[  397.105693][T13653]  ksys_read+0x147/0x250
[  397.110016][T13653]  ? vfs_write+0x940/0x940
[  397.114516][T13653]  ? lockdep_hardirqs_on+0x98/0x150
[  397.119794][T13653]  do_syscall_64+0x55/0xb0
[  397.124270][T13653]  ? clear_bhb_loop+0x40/0x90
[  397.129000][T13653]  ? clear_bhb_loop+0x40/0x90
[  397.133760][T13653]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.139719][T13653] RIP: 0033:0x7fbafc58e15c
[  397.144208][T13653] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  397.163876][T13653] RSP: 002b:00007fbafd374030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  397.172365][T13653] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58e15c
[  397.180390][T13653] RDX: 000000000000000f RSI: 00007fbafd3740a0 RDI: 0000000000000007
[  397.188439][T13653] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  397.196471][T13653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.204496][T13653] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  397.212590][T13653]  </TASK>
[  397.616175][T13655] netlink: 'syz.1.2668': attribute type 3 has an invalid length.
[  398.339533][T13670] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2675'.
[  398.485632][T13672] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  399.083487][T13684] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  399.376174][T13688] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2683'.
[  399.757753][T13699] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  400.089802][T13713] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  400.111389][T13715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2695'.
[  400.251014][T13719] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2695'.
[  400.650939][T13725] netlink: 'syz.1.2697': attribute type 29 has an invalid length.
[  400.676481][T13725] netlink: 'syz.1.2697': attribute type 29 has an invalid length.
[  400.696844][T13725] netlink: 'syz.1.2697': attribute type 2 has an invalid length.
[  400.707473][T13725] netlink: 184 bytes leftover after parsing attributes in process `syz.1.2697'.
[  400.741981][T13725] netlink: 'syz.1.2697': attribute type 29 has an invalid length.
[  401.264302][T13742] FAULT_INJECTION: forcing a failure.
[  401.264302][T13742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.308312][T13742] CPU: 1 PID: 13742 Comm: syz.0.2704 Not tainted syzkaller #0
[  401.315938][T13742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  401.326036][T13742] Call Trace:
[  401.329352][T13742]  <TASK>
[  401.332325][T13742]  dump_stack_lvl+0x16c/0x230
[  401.337062][T13742]  ? show_regs_print_info+0x20/0x20
[  401.342313][T13742]  ? load_image+0x3b0/0x3b0
[  401.346894][T13742]  ? __lock_acquire+0x7c80/0x7c80
[  401.351984][T13742]  ? snprintf+0xdb/0x120
[  401.356298][T13742]  should_fail_ex+0x39d/0x4d0
[  401.361043][T13742]  _copy_to_user+0x2f/0xa0
[  401.365527][T13742]  simple_read_from_buffer+0xe7/0x150
[  401.370992][T13742]  proc_fail_nth_read+0x1e3/0x250
[  401.376053][T13742]  ? proc_fault_inject_write+0x340/0x340
[  401.381732][T13742]  ? fsnotify_perm+0x271/0x5e0
[  401.386531][T13742]  ? proc_fault_inject_write+0x340/0x340
[  401.392185][T13742]  vfs_read+0x27e/0x920
[  401.396381][T13742]  ? kernel_read+0x1e0/0x1e0
[  401.401000][T13742]  ? __fget_files+0x28/0x4d0
[  401.405624][T13742]  ? __fget_files+0x44a/0x4d0
[  401.410399][T13742]  ? __fdget_pos+0x2a3/0x330
[  401.415061][T13742]  ? ksys_read+0x75/0x250
[  401.419432][T13742]  ksys_read+0x147/0x250
[  401.423719][T13742]  ? vfs_write+0x940/0x940
[  401.428181][T13742]  ? lockdep_hardirqs_on+0x98/0x150
[  401.433453][T13742]  do_syscall_64+0x55/0xb0
[  401.437929][T13742]  ? clear_bhb_loop+0x40/0x90
[  401.442645][T13742]  ? clear_bhb_loop+0x40/0x90
[  401.447371][T13742]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  401.453306][T13742] RIP: 0033:0x7f4ff498e15c
[  401.457752][T13742] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  401.477389][T13742] RSP: 002b:00007f4ff580e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  401.485840][T13742] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498e15c
[  401.493836][T13742] RDX: 000000000000000f RSI: 00007f4ff580e0a0 RDI: 0000000000000007
[  401.501834][T13742] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  401.509880][T13742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.517881][T13742] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  401.525919][T13742]  </TASK>
[  401.683415][T13744] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  404.180690][T13764] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2713'.
[  404.189900][T13766] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2713'.
[  404.323571][T13770] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  404.348371][T13774] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  404.773611][T13793] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  404.916816][T13798] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  405.009960][T13800] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2726'.
[  405.105242][T13805] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  405.146501][T13803] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2726'.
[  405.869423][T13814] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  406.157049][T13824] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  406.350752][T13835] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2739'.
[  406.426298][T13840] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2741'.
[  406.613221][T13843] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2741'.
[  406.781006][T13845] FAULT_INJECTION: forcing a failure.
[  406.781006][T13845] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.206982][T13845] CPU: 1 PID: 13845 Comm: syz.3.2740 Not tainted syzkaller #0
[  407.214562][T13845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  407.224655][T13845] Call Trace:
[  407.227949][T13845]  <TASK>
[  407.230895][T13845]  dump_stack_lvl+0x16c/0x230
[  407.235602][T13845]  ? show_regs_print_info+0x20/0x20
[  407.240852][T13845]  ? load_image+0x3b0/0x3b0
[  407.245440][T13845]  ? __might_fault+0xaa/0x120
[  407.250143][T13845]  ? __lock_acquire+0x7c80/0x7c80
[  407.255197][T13845]  should_fail_ex+0x39d/0x4d0
[  407.259957][T13845]  _copy_from_user+0x2f/0xe0
[  407.264572][T13845]  ___sys_sendmsg+0x159/0x290
[  407.269291][T13845]  ? __sys_sendmsg+0x270/0x270
[  407.274101][T13845]  ? __lock_acquire+0x7c80/0x7c80
[  407.279172][T13845]  __se_sys_sendmsg+0x1a5/0x270
[  407.284065][T13845]  ? __x64_sys_sendmsg+0x80/0x80
[  407.289062][T13845]  ? lockdep_hardirqs_on+0x98/0x150
[  407.294285][T13845]  do_syscall_64+0x55/0xb0
[  407.298725][T13845]  ? clear_bhb_loop+0x40/0x90
[  407.303428][T13845]  ? clear_bhb_loop+0x40/0x90
[  407.308137][T13845]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  407.314053][T13845] RIP: 0033:0x7fddd338f749
[  407.318487][T13845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.338113][T13845] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.346556][T13845] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  407.354543][T13845] RDX: 00000000200080c0 RSI: 0000200000000380 RDI: 0000000000000003
[  407.362532][T13845] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  407.370534][T13845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.378527][T13845] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  407.386543][T13845]  </TASK>
[  407.731999][T13841] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2739'.
[  408.371245][T13858] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  408.488811][T13867] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  408.512068][T13864] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  408.648709][T13873] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2753'.
[  408.772487][T13875] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2753'.
[  409.742933][T13897] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2759'.
[  409.753072][T13896] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  409.864946][T13901] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2759'.
[  410.881162][T13917] FAULT_INJECTION: forcing a failure.
[  410.881162][T13917] name failslab, interval 1, probability 0, space 0, times 0
[  410.894273][T13917] CPU: 0 PID: 13917 Comm: syz.1.2768 Not tainted syzkaller #0
[  410.901775][T13917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  410.911863][T13917] Call Trace:
[  410.915148][T13917]  <TASK>
[  410.918079][T13917]  dump_stack_lvl+0x16c/0x230
[  410.922769][T13917]  ? show_regs_print_info+0x20/0x20
[  410.927975][T13917]  ? load_image+0x3b0/0x3b0
[  410.932492][T13917]  ? __might_sleep+0xe0/0xe0
[  410.937103][T13917]  ? __lock_acquire+0x7c80/0x7c80
[  410.942144][T13917]  should_fail_ex+0x39d/0x4d0
[  410.946843][T13917]  should_failslab+0x9/0x20
[  410.951357][T13917]  slab_pre_alloc_hook+0x59/0x310
[  410.956401][T13917]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  410.962145][T13917]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  410.967877][T13917]  __kmem_cache_alloc_node+0x53/0x260
[  410.973265][T13917]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  410.979028][T13917]  __kmalloc+0xa4/0x240
[  410.983206][T13917]  tomoyo_realpath_from_path+0xe3/0x5d0
[  410.988788][T13917]  tomoyo_path_number_perm+0x1ea/0x590
[  410.994314][T13917]  ? tomoyo_path_number_perm+0x1ba/0x590
[  410.999979][T13917]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  411.005463][T13917]  ? ksys_write+0x1c1/0x250
[  411.010011][T13917]  ? __fget_files+0x28/0x4d0
[  411.014620][T13917]  security_file_ioctl+0x70/0xa0
[  411.019566][T13917]  __se_sys_ioctl+0x48/0x170
[  411.024165][T13917]  do_syscall_64+0x55/0xb0
[  411.028588][T13917]  ? clear_bhb_loop+0x40/0x90
[  411.033270][T13917]  ? clear_bhb_loop+0x40/0x90
[  411.037959][T13917]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  411.043866][T13917] RIP: 0033:0x7f3719f8f749
[  411.048294][T13917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.067933][T13917] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  411.076354][T13917] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  411.084329][T13917] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[  411.092344][T13917] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  411.100315][T13917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.108291][T13917] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  411.116279][T13917]  </TASK>
[  411.130669][T13917] ERROR: Out of memory at tomoyo_realpath_from_path.
[  412.453139][T13920] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2769'.
[  412.627778][T13923] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2769'.
[  412.856659][T13929] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  413.294629][T13936] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  413.486833][T13941] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2777'.
[  413.519735][T13943] FAULT_INJECTION: forcing a failure.
[  413.519735][T13943] name failslab, interval 1, probability 0, space 0, times 0
[  413.554358][T13943] CPU: 0 PID: 13943 Comm: syz.0.2778 Not tainted syzkaller #0
[  413.562002][T13943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  413.572104][T13943] Call Trace:
[  413.575406][T13943]  <TASK>
[  413.578357][T13943]  dump_stack_lvl+0x16c/0x230
[  413.583073][T13943]  ? show_regs_print_info+0x20/0x20
[  413.588308][T13943]  ? load_image+0x3b0/0x3b0
[  413.592839][T13943]  ? __might_sleep+0xe0/0xe0
[  413.597458][T13943]  ? __lock_acquire+0x7c80/0x7c80
[  413.602503][T13943]  should_fail_ex+0x39d/0x4d0
[  413.607210][T13943]  should_failslab+0x9/0x20
[  413.611744][T13943]  slab_pre_alloc_hook+0x59/0x310
[  413.616802][T13943]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  413.622569][T13943]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  413.628321][T13943]  __kmem_cache_alloc_node+0x53/0x260
[  413.633745][T13943]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  413.639497][T13943]  __kmalloc+0xa4/0x240
[  413.643685][T13943]  tomoyo_realpath_from_path+0xe3/0x5d0
[  413.649279][T13943]  tomoyo_path_number_perm+0x1ea/0x590
[  413.654767][T13943]  ? tomoyo_path_number_perm+0x1ba/0x590
[  413.660431][T13943]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  413.665921][T13943]  ? ksys_write+0x1c1/0x250
[  413.670480][T13943]  ? __fget_files+0x28/0x4d0
[  413.675106][T13943]  security_file_ioctl+0x70/0xa0
[  413.680072][T13943]  __se_sys_ioctl+0x48/0x170
[  413.684689][T13943]  do_syscall_64+0x55/0xb0
[  413.689132][T13943]  ? clear_bhb_loop+0x40/0x90
[  413.693830][T13943]  ? clear_bhb_loop+0x40/0x90
[  413.698539][T13943]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  413.704457][T13943] RIP: 0033:0x7f4ff498f749
[  413.708899][T13943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.728527][T13943] RSP: 002b:00007f4ff580e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  413.736976][T13943] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498f749
[  413.744968][T13943] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000004
[  413.752965][T13943] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  413.760955][T13943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.768944][T13943] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  413.776952][T13943]  </TASK>
[  413.800545][T13944] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2777'.
[  413.826660][T13943] ERROR: Out of memory at tomoyo_realpath_from_path.
[  414.536741][T13960] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2783'.
[  414.639421][T13966] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2783'.
[  414.801940][T13971] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2787'.
[  414.930598][T13972] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2787'.
[  415.313016][T13977] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  416.284880][T14004] FAULT_INJECTION: forcing a failure.
[  416.284880][T14004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.298503][T14004] CPU: 0 PID: 14004 Comm: syz.1.2799 Not tainted syzkaller #0
[  416.306017][T14004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  416.316093][T14004] Call Trace:
[  416.319394][T14004]  <TASK>
[  416.322347][T14004]  dump_stack_lvl+0x16c/0x230
[  416.327063][T14004]  ? show_regs_print_info+0x20/0x20
[  416.332292][T14004]  ? load_image+0x3b0/0x3b0
[  416.336820][T14004]  ? __might_fault+0xaa/0x120
[  416.341523][T14004]  ? __lock_acquire+0x7c80/0x7c80
[  416.346580][T14004]  should_fail_ex+0x39d/0x4d0
[  416.351304][T14004]  _copy_from_user+0x2f/0xe0
[  416.355923][T14004]  ___sys_sendmsg+0x159/0x290
[  416.360635][T14004]  ? __sys_sendmsg+0x270/0x270
[  416.365462][T14004]  ? __lock_acquire+0x7c80/0x7c80
[  416.370532][T14004]  __se_sys_sendmsg+0x1a5/0x270
[  416.375422][T14004]  ? __x64_sys_sendmsg+0x80/0x80
[  416.380440][T14004]  ? lockdep_hardirqs_on+0x98/0x150
[  416.385668][T14004]  do_syscall_64+0x55/0xb0
[  416.390121][T14004]  ? clear_bhb_loop+0x40/0x90
[  416.394831][T14004]  ? clear_bhb_loop+0x40/0x90
[  416.399539][T14004]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  416.405459][T14004] RIP: 0033:0x7f3719f8f749
[  416.409892][T14004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.429511][T14004] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  416.437937][T14004] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  416.445914][T14004] RDX: 0000000004000800 RSI: 0000200000000000 RDI: 0000000000000003
[  416.453897][T14004] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  416.461880][T14004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.469865][T14004] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  416.477857][T14004]  </TASK>
[  416.497151][T14009] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  416.572720][T14011] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2803'.
[  416.747128][T14019] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2803'.
[  417.361442][T14031] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.2809'.
[  417.622212][T14036] Driver unsupported XDP return value 0 on prog  (id 1102) dev N/A, expect packet loss!
[  417.777221][T14047] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  417.795781][T14045] FAULT_INJECTION: forcing a failure.
[  417.795781][T14045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.815398][T14045] CPU: 1 PID: 14045 Comm: syz.1.2816 Not tainted syzkaller #0
[  417.822896][T14045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  417.832970][T14045] Call Trace:
[  417.836269][T14045]  <TASK>
[  417.839222][T14045]  dump_stack_lvl+0x16c/0x230
[  417.843936][T14045]  ? show_regs_print_info+0x20/0x20
[  417.849217][T14045]  ? load_image+0x3b0/0x3b0
[  417.853751][T14045]  ? __might_fault+0xaa/0x120
[  417.858451][T14045]  ? __lock_acquire+0x7c80/0x7c80
[  417.863500][T14045]  should_fail_ex+0x39d/0x4d0
[  417.868193][T14045]  _copy_from_user+0x2f/0xe0
[  417.872797][T14045]  __sys_bpf+0x1e9/0x800
[  417.877061][T14045]  ? bpf_link_show_fdinfo+0x350/0x350
[  417.882466][T14045]  ? lock_chain_count+0x20/0x20
[  417.887329][T14045]  __x64_sys_bpf+0x7c/0x90
[  417.891755][T14045]  do_syscall_64+0x55/0xb0
[  417.896182][T14045]  ? clear_bhb_loop+0x40/0x90
[  417.900875][T14045]  ? clear_bhb_loop+0x40/0x90
[  417.905562][T14045]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  417.911460][T14045] RIP: 0033:0x7f3719f8f749
[  417.915877][T14045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.935486][T14045] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  417.943901][T14045] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  417.951874][T14045] RDX: 0000000000000050 RSI: 0000200000000b80 RDI: 000000000000000a
[  417.959848][T14045] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  417.967822][T14045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.975821][T14045] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  417.983806][T14045]  </TASK>
[  418.614285][T14060] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  418.644144][T14062] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2822'.
[  418.857788][T14066] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2822'.
[  419.572256][T14073] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  419.642355][T14075] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  419.853365][T14085] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  419.900572][T14091] FAULT_INJECTION: forcing a failure.
[  419.900572][T14091] name failslab, interval 1, probability 0, space 0, times 0
[  419.917112][T14091] CPU: 0 PID: 14091 Comm: syz.1.2834 Not tainted syzkaller #0
[  419.924621][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  419.934711][T14091] Call Trace:
[  419.938054][T14091]  <TASK>
[  419.941016][T14091]  dump_stack_lvl+0x16c/0x230
[  419.945746][T14091]  ? show_regs_print_info+0x20/0x20
[  419.950981][T14091]  ? load_image+0x3b0/0x3b0
[  419.955523][T14091]  ? __might_sleep+0xe0/0xe0
[  419.960159][T14091]  ? __lock_acquire+0x7c80/0x7c80
[  419.965252][T14091]  should_fail_ex+0x39d/0x4d0
[  419.969986][T14091]  should_failslab+0x9/0x20
[  419.974529][T14091]  slab_pre_alloc_hook+0x59/0x310
[  419.979600][T14091]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  419.985381][T14091]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  419.991138][T14091]  __kmem_cache_alloc_node+0x53/0x260
[  419.996572][T14091]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  420.002335][T14091]  __kmalloc+0xa4/0x240
[  420.006538][T14091]  tomoyo_realpath_from_path+0xe3/0x5d0
[  420.012154][T14091]  tomoyo_path_number_perm+0x1ea/0x590
[  420.017691][T14091]  ? tomoyo_path_number_perm+0x1ba/0x590
[  420.023365][T14091]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  420.028850][T14091]  ? ksys_write+0x1c1/0x250
[  420.033444][T14091]  ? __fget_files+0x28/0x4d0
[  420.038064][T14091]  security_file_ioctl+0x70/0xa0
[  420.043033][T14091]  __se_sys_ioctl+0x48/0x170
[  420.047646][T14091]  do_syscall_64+0x55/0xb0
[  420.052082][T14091]  ? clear_bhb_loop+0x40/0x90
[  420.056766][T14091]  ? clear_bhb_loop+0x40/0x90
[  420.061458][T14091]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  420.067372][T14091] RIP: 0033:0x7f3719f8f749
[  420.071803][T14091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.091465][T14091] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  420.099891][T14091] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  420.107873][T14091] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000000b
[  420.115852][T14091] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  420.123835][T14091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.131816][T14091] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  420.139819][T14091]  </TASK>
[  420.156932][T14091] ERROR: Out of memory at tomoyo_realpath_from_path.
[  420.291131][T14099] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2837'.
[  420.464303][T14100] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2837'.
[  421.399519][T14115] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  421.750860][T14122] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  422.078989][T14130] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  422.104640][T14132] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2850'.
[  422.263275][T14136] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2850'.
[  422.952954][T14149] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  423.787034][T14156] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  424.043118][T14165] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  424.242953][T14177] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  424.357928][T14181] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2870'.
[  424.464422][T14186] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2872'.
[  424.627727][T14185] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2870'.
[  424.955793][T14189] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2872'.
[  426.618483][T14208] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  426.641396][T14210] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  427.003041][T14218] FAULT_INJECTION: forcing a failure.
[  427.003041][T14218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.028526][T14221] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2883'.
[  427.038206][T14218] CPU: 0 PID: 14218 Comm: syz.0.2884 Not tainted syzkaller #0
[  427.045716][T14218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  427.055794][T14218] Call Trace:
[  427.059096][T14218]  <TASK>
[  427.062049][T14218]  dump_stack_lvl+0x16c/0x230
[  427.066770][T14218]  ? show_regs_print_info+0x20/0x20
[  427.072007][T14218]  ? load_image+0x3b0/0x3b0
[  427.076546][T14218]  ? __might_fault+0xaa/0x120
[  427.081262][T14218]  ? __lock_acquire+0x7c80/0x7c80
[  427.086324][T14218]  should_fail_ex+0x39d/0x4d0
[  427.091105][T14218]  _copy_from_user+0x2f/0xe0
[  427.095729][T14218]  __sys_bpf+0x1e9/0x800
[  427.100038][T14218]  ? bpf_link_show_fdinfo+0x350/0x350
[  427.105452][T14218]  ? lock_chain_count+0x20/0x20
[  427.110412][T14218]  __x64_sys_bpf+0x7c/0x90
[  427.114871][T14218]  do_syscall_64+0x55/0xb0
[  427.119316][T14218]  ? clear_bhb_loop+0x40/0x90
[  427.124020][T14218]  ? clear_bhb_loop+0x40/0x90
[  427.128731][T14218]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  427.134658][T14218] RIP: 0033:0x7f4ff498f749
[  427.139108][T14218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.158745][T14218] RSP: 002b:00007f4ff580e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  427.167192][T14218] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498f749
[  427.175189][T14218] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  427.183210][T14218] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  427.191205][T14218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.199205][T14218] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  427.207226][T14218]  </TASK>
[  427.241937][T14221] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2883'.
[  427.647854][T14224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  429.599765][T14241] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  429.622000][T14246] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2892'.
[  429.631130][T14248] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2892'.
[  429.888529][T14263] FAULT_INJECTION: forcing a failure.
[  429.888529][T14263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.906505][T14267] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2897'.
[  429.921383][T14263] CPU: 0 PID: 14263 Comm: syz.0.2899 Not tainted syzkaller #0
[  429.928973][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  429.939058][T14263] Call Trace:
[  429.942361][T14263]  <TASK>
[  429.945313][T14263]  dump_stack_lvl+0x16c/0x230
[  429.950026][T14263]  ? show_regs_print_info+0x20/0x20
[  429.955258][T14263]  ? load_image+0x3b0/0x3b0
[  429.959800][T14263]  ? __might_fault+0xaa/0x120
[  429.964514][T14263]  ? __lock_acquire+0x7c80/0x7c80
[  429.969574][T14263]  should_fail_ex+0x39d/0x4d0
[  429.974292][T14263]  _copy_from_user+0x2f/0xe0
[  429.978918][T14263]  __sys_bpf+0x1e9/0x800
[  429.983190][T14263]  ? bpf_link_show_fdinfo+0x350/0x350
[  429.988606][T14263]  ? lock_chain_count+0x20/0x20
[  429.993485][T14263]  __x64_sys_bpf+0x7c/0x90
[  429.997916][T14263]  do_syscall_64+0x55/0xb0
[  430.002347][T14263]  ? clear_bhb_loop+0x40/0x90
[  430.007037][T14263]  ? clear_bhb_loop+0x40/0x90
[  430.011732][T14263]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  430.017644][T14263] RIP: 0033:0x7f4ff498f749
[  430.022069][T14263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.041687][T14263] RSP: 002b:00007f4ff580e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  430.050175][T14263] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498f749
[  430.058156][T14263] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  430.066138][T14263] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  430.074114][T14263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.082095][T14263] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  430.090083][T14263]  </TASK>
[  430.200622][T14269] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2897'.
[  430.693875][T14278] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  431.249243][T14305] FAULT_INJECTION: forcing a failure.
[  431.249243][T14305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.262886][T14305] CPU: 1 PID: 14305 Comm: syz.1.2912 Not tainted syzkaller #0
[  431.270402][T14305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  431.280476][T14305] Call Trace:
[  431.283766][T14305]  <TASK>
[  431.286733][T14305]  dump_stack_lvl+0x16c/0x230
[  431.291420][T14305]  ? show_regs_print_info+0x20/0x20
[  431.296625][T14305]  ? load_image+0x3b0/0x3b0
[  431.301156][T14305]  ? __might_fault+0xaa/0x120
[  431.305837][T14305]  ? __lock_acquire+0x7c80/0x7c80
[  431.310902][T14305]  should_fail_ex+0x39d/0x4d0
[  431.315600][T14305]  _copy_from_user+0x2f/0xe0
[  431.320195][T14305]  ___sys_sendmsg+0x159/0x290
[  431.324888][T14305]  ? __sys_sendmsg+0x270/0x270
[  431.329670][T14305]  ? __lock_acquire+0x7c80/0x7c80
[  431.334715][T14305]  __se_sys_sendmsg+0x1a5/0x270
[  431.339591][T14305]  ? __x64_sys_sendmsg+0x80/0x80
[  431.344629][T14305]  ? lockdep_hardirqs_on+0x98/0x150
[  431.349834][T14305]  do_syscall_64+0x55/0xb0
[  431.354260][T14305]  ? clear_bhb_loop+0x40/0x90
[  431.358941][T14305]  ? clear_bhb_loop+0x40/0x90
[  431.363626][T14305]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  431.369535][T14305] RIP: 0033:0x7f3719f8f749
[  431.373960][T14305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.393576][T14305] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  431.402000][T14305] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  431.409976][T14305] RDX: 0000000000040000 RSI: 0000200000001640 RDI: 0000000000000003
[  431.417954][T14305] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  431.425933][T14305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.433918][T14305] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  431.441924][T14305]  </TASK>
[  433.134899][T14308] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2913'.
[  433.163243][T14311] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2913'.
[  433.291353][T14317] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  433.825506][T14344] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2925'.
[  434.169185][T14345] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2925'.
[  434.192529][T14352] netlink: 'syz.1.2927': attribute type 10 has an invalid length.
[  434.200861][T14352] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2927'.
[  434.304820][T14349] netlink: 'syz.1.2927': attribute type 10 has an invalid length.
[  434.330925][T14349] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2927'.
[  435.939703][T14362] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  436.322252][T14383] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2941'.
[  436.465255][T14386] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2941'.
[  436.554801][T14392] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  436.750684][T14394] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  436.994574][T14399] netlink: 'syz.1.2946': attribute type 1 has an invalid length.
[  437.002514][T14399] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.2946'.
[  437.499472][T14415] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  437.581789][T14419] FAULT_INJECTION: forcing a failure.
[  437.581789][T14419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.604102][T14419] CPU: 0 PID: 14419 Comm: syz.3.2956 Not tainted syzkaller #0
[  437.611689][T14419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  437.621780][T14419] Call Trace:
[  437.625075][T14419]  <TASK>
[  437.628021][T14419]  dump_stack_lvl+0x16c/0x230
[  437.632732][T14419]  ? show_regs_print_info+0x20/0x20
[  437.637959][T14419]  ? load_image+0x3b0/0x3b0
[  437.642512][T14419]  ? __might_fault+0xaa/0x120
[  437.647211][T14419]  ? __lock_acquire+0x7c80/0x7c80
[  437.652267][T14419]  should_fail_ex+0x39d/0x4d0
[  437.656982][T14419]  _copy_from_user+0x2f/0xe0
[  437.661605][T14419]  ___sys_sendmsg+0x159/0x290
[  437.666326][T14419]  ? __sys_sendmsg+0x270/0x270
[  437.671138][T14419]  ? __lock_acquire+0x7c80/0x7c80
[  437.676205][T14419]  __se_sys_sendmsg+0x1a5/0x270
[  437.681086][T14419]  ? __x64_sys_sendmsg+0x80/0x80
[  437.686068][T14419]  ? lockdep_hardirqs_on+0x98/0x150
[  437.691290][T14419]  do_syscall_64+0x55/0xb0
[  437.695744][T14419]  ? clear_bhb_loop+0x40/0x90
[  437.700457][T14419]  ? clear_bhb_loop+0x40/0x90
[  437.705172][T14419]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  437.711070][T14419] RIP: 0033:0x7fddd338f749
[  437.715485][T14419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.735094][T14419] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  437.743513][T14419] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  437.751487][T14419] RDX: 0000000000040000 RSI: 0000200000000780 RDI: 0000000000000003
[  437.759458][T14419] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  437.767429][T14419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.775404][T14419] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  437.783389][T14419]  </TASK>
[  437.813634][T14423] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  437.847327][T14427] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2960'.
[  439.017805][T14429] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2960'.
[  439.639156][ T5803] Bluetooth: hci1: Malformed LE Event: 0x0b
[  439.645520][T14451] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  439.864780][T14466] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2974'.
[  440.046622][T14473] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2978'.
[  440.122635][T14474] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2978'.
[  440.136283][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  440.143498][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  440.345374][T14475] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2974'.
[  441.308905][T14487] FAULT_INJECTION: forcing a failure.
[  441.308905][T14487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  441.335852][T14487] CPU: 0 PID: 14487 Comm: syz.2.2981 Not tainted syzkaller #0
[  441.343407][T14487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  441.353483][T14487] Call Trace:
[  441.356777][T14487]  <TASK>
[  441.359720][T14487]  dump_stack_lvl+0x16c/0x230
[  441.364431][T14487]  ? show_regs_print_info+0x20/0x20
[  441.369672][T14487]  ? load_image+0x3b0/0x3b0
[  441.374198][T14487]  ? __might_fault+0xaa/0x120
[  441.378894][T14487]  ? __lock_acquire+0x7c80/0x7c80
[  441.383954][T14487]  should_fail_ex+0x39d/0x4d0
[  441.388667][T14487]  _copy_from_user+0x2f/0xe0
[  441.393283][T14487]  __sys_bpf+0x1e9/0x800
[  441.397556][T14487]  ? bpf_link_show_fdinfo+0x350/0x350
[  441.402973][T14487]  ? lock_chain_count+0x20/0x20
[  441.407861][T14487]  __x64_sys_bpf+0x7c/0x90
[  441.412304][T14487]  do_syscall_64+0x55/0xb0
[  441.416755][T14487]  ? clear_bhb_loop+0x40/0x90
[  441.421455][T14487]  ? clear_bhb_loop+0x40/0x90
[  441.426166][T14487]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  441.432078][T14487] RIP: 0033:0x7fbafc58f749
[  441.436510][T14487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.456180][T14487] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  441.464619][T14487] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  441.472610][T14487] RDX: 000000000000000c RSI: 0000200000000000 RDI: 000000000000000a
[  441.480600][T14487] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  441.488585][T14487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  441.496580][T14487] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  441.504589][T14487]  </TASK>
[  441.786825][T14503] netlink: 11562 bytes leftover after parsing attributes in process `syz.3.2989'.
[  441.874227][T14507] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2991'.
[  441.989355][T14512] FAULT_INJECTION: forcing a failure.
[  441.989355][T14512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.012929][T14511] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2991'.
[  442.039029][T14512] CPU: 0 PID: 14512 Comm: syz.2.2993 Not tainted syzkaller #0
[  442.046540][T14512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  442.056620][T14512] Call Trace:
[  442.059944][T14512]  <TASK>
[  442.062893][T14512]  dump_stack_lvl+0x16c/0x230
[  442.067600][T14512]  ? show_regs_print_info+0x20/0x20
[  442.072850][T14512]  ? load_image+0x3b0/0x3b0
[  442.077405][T14512]  ? __might_fault+0xaa/0x120
[  442.082112][T14512]  ? __lock_acquire+0x7c80/0x7c80
[  442.087229][T14512]  should_fail_ex+0x39d/0x4d0
[  442.091948][T14512]  _copy_from_user+0x2f/0xe0
[  442.096563][T14512]  ___sys_sendmsg+0x159/0x290
[  442.101276][T14512]  ? __sys_sendmsg+0x270/0x270
[  442.106099][T14512]  ? __lock_acquire+0x7c80/0x7c80
[  442.111171][T14512]  __se_sys_sendmsg+0x1a5/0x270
[  442.116054][T14512]  ? __x64_sys_sendmsg+0x80/0x80
[  442.121041][T14512]  ? lockdep_hardirqs_on+0x98/0x150
[  442.126270][T14512]  do_syscall_64+0x55/0xb0
[  442.130712][T14512]  ? clear_bhb_loop+0x40/0x90
[  442.135418][T14512]  ? clear_bhb_loop+0x40/0x90
[  442.140121][T14512]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  442.146049][T14512] RIP: 0033:0x7fbafc58f749
[  442.150484][T14512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.170112][T14512] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  442.178546][T14512] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  442.186538][T14512] RDX: 0000000020000000 RSI: 0000200000000780 RDI: 0000000000000003
[  442.194525][T14512] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  442.202511][T14512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  442.210504][T14512] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  442.218511][T14512]  </TASK>
[  443.113439][T14537] FAULT_INJECTION: forcing a failure.
[  443.113439][T14537] name failslab, interval 1, probability 0, space 0, times 0
[  443.130235][T14537] CPU: 1 PID: 14537 Comm: syz.3.3004 Not tainted syzkaller #0
[  443.137762][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  443.147835][T14537] Call Trace:
[  443.151175][T14537]  <TASK>
[  443.154138][T14537]  dump_stack_lvl+0x16c/0x230
[  443.158853][T14537]  ? show_regs_print_info+0x20/0x20
[  443.164087][T14537]  ? load_image+0x3b0/0x3b0
[  443.168619][T14537]  ? __might_sleep+0xe0/0xe0
[  443.173237][T14537]  ? __lock_acquire+0x7c80/0x7c80
[  443.178294][T14537]  should_fail_ex+0x39d/0x4d0
[  443.183018][T14537]  should_failslab+0x9/0x20
[  443.187545][T14537]  slab_pre_alloc_hook+0x59/0x310
[  443.192600][T14537]  ? bpf_trace_run2+0x26f/0x3c0
[  443.197503][T14537]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  443.203257][T14537]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  443.209052][T14537]  __kmem_cache_alloc_node+0x53/0x260
[  443.214462][T14537]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  443.220212][T14537]  __kmalloc+0xa4/0x240
[  443.224399][T14537]  tomoyo_realpath_from_path+0xe3/0x5d0
[  443.229995][T14537]  tomoyo_path_number_perm+0x1ea/0x590
[  443.235488][T14537]  ? tomoyo_path_number_perm+0x1ba/0x590
[  443.241153][T14537]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  443.246656][T14537]  ? ksys_write+0x1c1/0x250
[  443.251225][T14537]  ? __fget_files+0x28/0x4d0
[  443.255844][T14537]  security_file_ioctl+0x70/0xa0
[  443.260789][T14537]  __se_sys_ioctl+0x48/0x170
[  443.265379][T14537]  do_syscall_64+0x55/0xb0
[  443.269812][T14537]  ? clear_bhb_loop+0x40/0x90
[  443.274506][T14537]  ? clear_bhb_loop+0x40/0x90
[  443.279183][T14537]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  443.285075][T14537] RIP: 0033:0x7fddd338f749
[  443.289486][T14537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.309090][T14537] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  443.317503][T14537] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  443.325471][T14537] RDX: 0000200000000100 RSI: 000000000000890b RDI: 0000000000000003
[  443.333441][T14537] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  443.341416][T14537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.349413][T14537] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  443.357414][T14537]  </TASK>
[  443.365693][T14537] ERROR: Out of memory at tomoyo_realpath_from_path.
[  443.684654][T14561] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3015'.
[  443.785084][T14563] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3015'.
[  444.269672][T14577] FAULT_INJECTION: forcing a failure.
[  444.269672][T14577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  444.319500][T14577] CPU: 0 PID: 14577 Comm: syz.3.3020 Not tainted syzkaller #0
[  444.327026][T14577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  444.337098][T14577] Call Trace:
[  444.340392][T14577]  <TASK>
[  444.343373][T14577]  dump_stack_lvl+0x16c/0x230
[  444.348080][T14577]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  444.354256][T14577]  ? show_regs_print_info+0x20/0x20
[  444.359521][T14577]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  444.365778][T14577]  should_fail_ex+0x39d/0x4d0
[  444.370486][T14577]  _copy_from_user+0x2f/0xe0
[  444.375113][T14577]  __sys_bpf+0x1e9/0x800
[  444.379397][T14577]  ? bpf_link_show_fdinfo+0x350/0x350
[  444.384802][T14577]  ? lock_chain_count+0x20/0x20
[  444.389679][T14577]  __x64_sys_bpf+0x7c/0x90
[  444.394149][T14577]  do_syscall_64+0x55/0xb0
[  444.398591][T14577]  ? clear_bhb_loop+0x40/0x90
[  444.403285][T14577]  ? clear_bhb_loop+0x40/0x90
[  444.408025][T14577]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  444.413947][T14577] RIP: 0033:0x7fddd338f749
[  444.418377][T14577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.438005][T14577] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  444.446441][T14577] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  444.454432][T14577] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  444.462415][T14577] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  444.470404][T14577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.478410][T14577] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  444.486419][T14577]  </TASK>
[  445.076994][T14601] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3032'.
[  445.134674][T14605] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3034'.
[  445.228937][T14607] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3034'.
[  445.369636][T14609] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3033'.
[  445.392226][T14606] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3032'.
[  445.517804][T14612] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3033'.
[  446.570564][T14636] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3045'.
[  446.736585][T14645] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3045'.
[  447.679471][T14660] FAULT_INJECTION: forcing a failure.
[  447.679471][T14660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  447.740475][T14660] CPU: 0 PID: 14660 Comm: syz.2.3054 Not tainted syzkaller #0
[  447.748003][T14660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  447.758076][T14660] Call Trace:
[  447.761386][T14660]  <TASK>
[  447.764338][T14660]  dump_stack_lvl+0x16c/0x230
[  447.769027][T14660]  ? show_regs_print_info+0x20/0x20
[  447.774242][T14660]  ? load_image+0x3b0/0x3b0
[  447.778759][T14660]  ? __might_fault+0xaa/0x120
[  447.783439][T14660]  ? __lock_acquire+0x7c80/0x7c80
[  447.788474][T14660]  should_fail_ex+0x39d/0x4d0
[  447.793167][T14660]  _copy_from_user+0x2f/0xe0
[  447.797779][T14660]  __sys_bpf+0x1e9/0x800
[  447.802030][T14660]  ? bpf_link_show_fdinfo+0x350/0x350
[  447.807417][T14660]  ? lock_chain_count+0x20/0x20
[  447.812278][T14660]  __x64_sys_bpf+0x7c/0x90
[  447.816719][T14660]  do_syscall_64+0x55/0xb0
[  447.821160][T14660]  ? clear_bhb_loop+0x40/0x90
[  447.825858][T14660]  ? clear_bhb_loop+0x40/0x90
[  447.830538][T14660]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.836431][T14660] RIP: 0033:0x7fbafc58f749
[  447.840870][T14660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.860486][T14660] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  447.868914][T14660] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  447.876883][T14660] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  447.884853][T14660] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  447.892922][T14660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  447.900902][T14660] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  447.908897][T14660]  </TASK>
[  448.360019][T14681] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3064'.
[  448.470203][T14686] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3064'.
[  450.251203][T14718] __nla_validate_parse: 3 callbacks suppressed
[  450.251220][T14718] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3077'.
[  451.262206][T14723] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3080'.
[  452.204789][T14738] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3087'.
[  452.344828][T14746] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3090'.
[  452.500931][T14738] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3087'.
[  452.708575][T14748] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3090'.
[  452.901970][T14751] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3091'.
[  453.104921][T14751] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3091'.
[  454.062734][T14777] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3101'.
[  454.093891][T14781] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3103'.
[  457.870925][T14821] __nla_validate_parse: 2 callbacks suppressed
[  457.870942][T14821] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3116'.
[  457.878880][T14822] FAULT_INJECTION: forcing a failure.
[  457.878880][T14822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  457.899701][T14822] CPU: 1 PID: 14822 Comm: syz.3.3117 Not tainted syzkaller #0
[  457.907188][T14822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  457.917271][T14822] Call Trace:
[  457.920593][T14822]  <TASK>
[  457.923545][T14822]  dump_stack_lvl+0x16c/0x230
[  457.928257][T14822]  ? show_regs_print_info+0x20/0x20
[  457.933479][T14822]  ? load_image+0x3b0/0x3b0
[  457.938032][T14822]  ? __might_fault+0xaa/0x120
[  457.942717][T14822]  ? __lock_acquire+0x7c80/0x7c80
[  457.947837][T14822]  should_fail_ex+0x39d/0x4d0
[  457.952535][T14822]  _copy_from_user+0x2f/0xe0
[  457.957227][T14822]  __sys_bpf+0x1e9/0x800
[  457.961485][T14822]  ? bpf_link_show_fdinfo+0x350/0x350
[  457.966871][T14822]  ? lock_chain_count+0x20/0x20
[  457.971817][T14822]  __x64_sys_bpf+0x7c/0x90
[  457.976237][T14822]  do_syscall_64+0x55/0xb0
[  457.980664][T14822]  ? clear_bhb_loop+0x40/0x90
[  457.985340][T14822]  ? clear_bhb_loop+0x40/0x90
[  457.990020][T14822]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  457.995927][T14822] RIP: 0033:0x7fddd338f749
[  458.000342][T14822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.019971][T14822] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  458.028392][T14822] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  458.036374][T14822] RDX: 0000000000000020 RSI: 0000200000000480 RDI: 0000000000000001
[  458.044377][T14822] RBP: 00007fddd41b5090 R08: 0000000000000000 R09: 0000000000000000
[  458.052371][T14822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.060345][T14822] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  458.068348][T14822]  </TASK>
[  458.291162][T14832] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3120'.
[  458.310114][T14828] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3116'.
[  458.574329][T14837] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3120'.
[  459.517344][T14847] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3125'.
[  462.498078][T14847] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3125'.
[  464.663191][T14876] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3134'.
[  464.672909][T14878] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3134'.
[  464.768115][T14881] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3135'.
[  464.819330][T14883] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3136'.
[  464.848958][T14887] netlink: 'syz.1.3145': attribute type 6 has an invalid length.
[  464.882299][T14887] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3145'.
[  464.974723][T14892] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3136'.
[  465.031579][T14887] netlink: 'syz.1.3145': attribute type 46 has an invalid length.
[  465.154862][T14887] netlink: 'syz.1.3145': attribute type 46 has an invalid length.
[  465.566538][T14905] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3142'.
[  466.344658][T14914] FAULT_INJECTION: forcing a failure.
[  466.344658][T14914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.416164][T14914] CPU: 1 PID: 14914 Comm: syz.0.3146 Not tainted syzkaller #0
[  466.423707][T14914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  466.433803][T14914] Call Trace:
[  466.437712][T14914]  <TASK>
[  466.440674][T14914]  dump_stack_lvl+0x16c/0x230
[  466.445497][T14914]  ? show_regs_print_info+0x20/0x20
[  466.450747][T14914]  ? load_image+0x3b0/0x3b0
[  466.455294][T14914]  ? __might_fault+0xaa/0x120
[  466.460013][T14914]  ? __lock_acquire+0x7c80/0x7c80
[  466.465097][T14914]  should_fail_ex+0x39d/0x4d0
[  466.469823][T14914]  _copy_from_user+0x2f/0xe0
[  466.474452][T14914]  __sys_bpf+0x1e9/0x800
[  466.478738][T14914]  ? bpf_link_show_fdinfo+0x350/0x350
[  466.484175][T14914]  ? lock_chain_count+0x20/0x20
[  466.489079][T14914]  __x64_sys_bpf+0x7c/0x90
[  466.493531][T14914]  do_syscall_64+0x55/0xb0
[  466.497993][T14914]  ? clear_bhb_loop+0x40/0x90
[  466.502729][T14914]  ? clear_bhb_loop+0x40/0x90
[  466.507469][T14914]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  466.513403][T14914] RIP: 0033:0x7f4ff498f749
[  466.517851][T14914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.537498][T14914] RSP: 002b:00007f4ff580e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  466.545960][T14914] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498f749
[  466.553966][T14914] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[  466.561986][T14914] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  466.569988][T14914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  466.577995][T14914] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  466.586020][T14914]  </TASK>
[  468.160526][T14908] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3142'.
[  468.272588][T14929] syzkaller0: entered promiscuous mode
[  468.279389][T14929] syzkaller0: entered allmulticast mode
[  468.449295][T14945] netlink: 'syz.1.3158': attribute type 1 has an invalid length.
[  468.467945][T14946] FAULT_INJECTION: forcing a failure.
[  468.467945][T14946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  468.482458][T14945] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.3158'.
[  468.510691][T14946] CPU: 1 PID: 14946 Comm: syz.2.3156 Not tainted syzkaller #0
[  468.518205][T14946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  468.528294][T14946] Call Trace:
[  468.531597][T14946]  <TASK>
[  468.534560][T14946]  dump_stack_lvl+0x16c/0x230
[  468.539274][T14946]  ? show_regs_print_info+0x20/0x20
[  468.544502][T14946]  ? load_image+0x3b0/0x3b0
[  468.549035][T14946]  ? __lock_acquire+0x7c80/0x7c80
[  468.554085][T14946]  ? snprintf+0xdb/0x120
[  468.558355][T14946]  should_fail_ex+0x39d/0x4d0
[  468.563066][T14946]  _copy_to_user+0x2f/0xa0
[  468.567598][T14946]  simple_read_from_buffer+0xe7/0x150
[  468.572997][T14946]  proc_fail_nth_read+0x1e3/0x250
[  468.578033][T14946]  ? proc_fault_inject_write+0x340/0x340
[  468.583683][T14946]  ? fsnotify_perm+0x271/0x5e0
[  468.588481][T14946]  ? proc_fault_inject_write+0x340/0x340
[  468.594119][T14946]  vfs_read+0x27e/0x920
[  468.598312][T14946]  ? kernel_read+0x1e0/0x1e0
[  468.602944][T14946]  ? __fget_files+0x28/0x4d0
[  468.607541][T14946]  ? __fget_files+0x44a/0x4d0
[  468.612235][T14946]  ? __fdget_pos+0x2a3/0x330
[  468.616829][T14946]  ? ksys_read+0x75/0x250
[  468.621165][T14946]  ksys_read+0x147/0x250
[  468.625419][T14946]  ? vfs_write+0x940/0x940
[  468.629842][T14946]  ? lockdep_hardirqs_on+0x98/0x150
[  468.635072][T14946]  do_syscall_64+0x55/0xb0
[  468.639494][T14946]  ? clear_bhb_loop+0x40/0x90
[  468.644171][T14946]  ? clear_bhb_loop+0x40/0x90
[  468.648868][T14946]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  468.654762][T14946] RIP: 0033:0x7fbafc58e15c
[  468.659208][T14946] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  468.678866][T14946] RSP: 002b:00007fbafa7f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  468.687283][T14946] RAX: ffffffffffffffda RBX: 00007fbafc7e6180 RCX: 00007fbafc58e15c
[  468.695257][T14946] RDX: 000000000000000f RSI: 00007fbafa7f60a0 RDI: 0000000000000006
[  468.703226][T14946] RBP: 00007fbafa7f6090 R08: 0000000000000000 R09: 0000000000000000
[  468.711199][T14946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  468.719188][T14946] R13: 00007fbafc7e6218 R14: 00007fbafc7e6180 R15: 00007ffcc5346828
[  468.727177][T14946]  </TASK>
[  469.230043][T14958] FAULT_INJECTION: forcing a failure.
[  469.230043][T14958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.243459][T14958] CPU: 1 PID: 14958 Comm: syz.0.3162 Not tainted syzkaller #0
[  469.250956][T14958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  469.261041][T14958] Call Trace:
[  469.264352][T14958]  <TASK>
[  469.267331][T14958]  dump_stack_lvl+0x16c/0x230
[  469.272030][T14958]  ? show_regs_print_info+0x20/0x20
[  469.277244][T14958]  ? load_image+0x3b0/0x3b0
[  469.281760][T14958]  ? __might_fault+0xaa/0x120
[  469.286459][T14958]  ? __lock_acquire+0x7c80/0x7c80
[  469.291523][T14958]  should_fail_ex+0x39d/0x4d0
[  469.296225][T14958]  _copy_from_user+0x2f/0xe0
[  469.300832][T14958]  ___sys_sendmsg+0x159/0x290
[  469.305547][T14958]  ? __sys_sendmsg+0x270/0x270
[  469.310343][T14958]  ? __lock_acquire+0x7c80/0x7c80
[  469.315398][T14958]  __se_sys_sendmsg+0x1a5/0x270
[  469.320268][T14958]  ? __x64_sys_sendmsg+0x80/0x80
[  469.325227][T14958]  ? lockdep_hardirqs_on+0x98/0x150
[  469.330443][T14958]  do_syscall_64+0x55/0xb0
[  469.334865][T14958]  ? clear_bhb_loop+0x40/0x90
[  469.339551][T14958]  ? clear_bhb_loop+0x40/0x90
[  469.344246][T14958]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  469.350140][T14958] RIP: 0033:0x7f4ff498f749
[  469.354560][T14958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.374169][T14958] RSP: 002b:00007f4ff580e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  469.382593][T14958] RAX: ffffffffffffffda RBX: 00007f4ff4be5fa0 RCX: 00007f4ff498f749
[  469.390575][T14958] RDX: 0000000000000880 RSI: 0000200000001740 RDI: 0000000000000003
[  469.398550][T14958] RBP: 00007f4ff580e090 R08: 0000000000000000 R09: 0000000000000000
[  469.406527][T14958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.414505][T14958] R13: 00007f4ff4be6038 R14: 00007f4ff4be5fa0 R15: 00007ffdaae37ef8
[  469.422490][T14958]  </TASK>
[  470.406759][T14943] syzkaller0: entered promiscuous mode
[  470.412341][T14943] syzkaller0: entered allmulticast mode
[  472.226327][T14960] mac80211_hwsim hwsim17 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  472.441191][T14981] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3165'.
[  472.525997][T14987] FAULT_INJECTION: forcing a failure.
[  472.525997][T14987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.543157][T14987] CPU: 1 PID: 14987 Comm: syz.2.3172 Not tainted syzkaller #0
[  472.550654][T14987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  472.560731][T14987] Call Trace:
[  472.564043][T14987]  <TASK>
[  472.567006][T14987]  dump_stack_lvl+0x16c/0x230
[  472.571715][T14987]  ? show_regs_print_info+0x20/0x20
[  472.576944][T14987]  ? load_image+0x3b0/0x3b0
[  472.581483][T14987]  ? __might_fault+0xaa/0x120
[  472.586193][T14987]  ? __lock_acquire+0x7c80/0x7c80
[  472.591244][T14987]  should_fail_ex+0x39d/0x4d0
[  472.595952][T14987]  _copy_from_user+0x2f/0xe0
[  472.600564][T14987]  ___sys_sendmsg+0x159/0x290
[  472.605271][T14987]  ? __sys_sendmsg+0x270/0x270
[  472.610086][T14987]  ? __lock_acquire+0x7c80/0x7c80
[  472.615142][T14987]  __se_sys_sendmsg+0x1a5/0x270
[  472.620038][T14987]  ? __x64_sys_sendmsg+0x80/0x80
[  472.624997][T14987]  ? lockdep_hardirqs_on+0x98/0x150
[  472.630201][T14987]  do_syscall_64+0x55/0xb0
[  472.634637][T14987]  ? clear_bhb_loop+0x40/0x90
[  472.639321][T14987]  ? clear_bhb_loop+0x40/0x90
[  472.644023][T14987]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  472.649920][T14987] RIP: 0033:0x7fbafc58f749
[  472.654343][T14987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.673948][T14987] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  472.682370][T14987] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  472.690345][T14987] RDX: 000000000000fffe RSI: 0000200000000b40 RDI: 0000000000000003
[  472.698318][T14987] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  472.706298][T14987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  472.714270][T14987] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  472.722257][T14987]  </TASK>
[  472.802858][T14988] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3165'.
[  473.285268][T14998] mac80211_hwsim hwsim11 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  474.781926][ T1140] wlan1: Trigger new scan to find an IBSS to join
[  475.550582][T15032] FAULT_INJECTION: forcing a failure.
[  475.550582][T15032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  475.564367][T15032] CPU: 0 PID: 15032 Comm: syz.1.3188 Not tainted syzkaller #0
[  475.571865][T15032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  475.581931][T15032] Call Trace:
[  475.585207][T15032]  <TASK>
[  475.588133][T15032]  dump_stack_lvl+0x16c/0x230
[  475.592815][T15032]  ? show_regs_print_info+0x20/0x20
[  475.598018][T15032]  ? load_image+0x3b0/0x3b0
[  475.602534][T15032]  ? __might_fault+0xaa/0x120
[  475.607237][T15032]  ? __lock_acquire+0x7c80/0x7c80
[  475.612275][T15032]  should_fail_ex+0x39d/0x4d0
[  475.616969][T15032]  _copy_from_user+0x2f/0xe0
[  475.621567][T15032]  ___sys_sendmsg+0x159/0x290
[  475.626270][T15032]  ? __sys_sendmsg+0x270/0x270
[  475.631069][T15032]  ? __lock_acquire+0x7c80/0x7c80
[  475.636118][T15032]  __se_sys_sendmsg+0x1a5/0x270
[  475.640976][T15032]  ? __x64_sys_sendmsg+0x80/0x80
[  475.645927][T15032]  ? lockdep_hardirqs_on+0x98/0x150
[  475.651154][T15032]  do_syscall_64+0x55/0xb0
[  475.655573][T15032]  ? clear_bhb_loop+0x40/0x90
[  475.660248][T15032]  ? clear_bhb_loop+0x40/0x90
[  475.664923][T15032]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  475.670819][T15032] RIP: 0033:0x7f3719f8f749
[  475.675242][T15032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.694877][T15032] RSP: 002b:00007f371adca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  475.703290][T15032] RAX: ffffffffffffffda RBX: 00007f371a1e5fa0 RCX: 00007f3719f8f749
[  475.711258][T15032] RDX: 0000000000000000 RSI: 0000200000001640 RDI: 0000000000000003
[  475.719227][T15032] RBP: 00007f371adca090 R08: 0000000000000000 R09: 0000000000000000
[  475.727200][T15032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  475.735170][T15032] R13: 00007f371a1e6038 R14: 00007f371a1e5fa0 R15: 00007ffd74e26658
[  475.743163][T15032]  </TASK>
[  475.747488][ T2992] wlan1: Trigger new scan to find an IBSS to join
[  477.649971][T15057] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3198'.
[  477.693231][T15059] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3199'.
[  477.830649][ T5104] Bluetooth: hci4: command 0x0406 tx timeout
[  478.793941][   T11] wlan1: Trigger new scan to find an IBSS to join
[  479.398590][T15099] FAULT_INJECTION: forcing a failure.
[  479.398590][T15099] name failslab, interval 1, probability 0, space 0, times 0
[  479.411606][T15099] CPU: 1 PID: 15099 Comm: syz.1.3214 Not tainted syzkaller #0
[  479.419124][T15099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  479.429225][T15099] Call Trace:
[  479.432529][T15099]  <TASK>
[  479.435488][T15099]  dump_stack_lvl+0x16c/0x230
[  479.440205][T15099]  ? show_regs_print_info+0x20/0x20
[  479.445446][T15099]  ? load_image+0x3b0/0x3b0
[  479.449985][T15099]  ? __might_sleep+0xe0/0xe0
[  479.454612][T15099]  ? __lock_acquire+0x7c80/0x7c80
[  479.459680][T15099]  should_fail_ex+0x39d/0x4d0
[  479.464404][T15099]  should_failslab+0x9/0x20
[  479.468930][T15099]  slab_pre_alloc_hook+0x59/0x310
[  479.473996][T15099]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  479.479726][T15099]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  479.485452][T15099]  __kmem_cache_alloc_node+0x53/0x260
[  479.490835][T15099]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  479.496574][T15099]  __kmalloc+0xa4/0x240
[  479.500745][T15099]  tomoyo_realpath_from_path+0xe3/0x5d0
[  479.506319][T15099]  tomoyo_path_number_perm+0x1ea/0x590
[  479.511790][T15099]  ? tomoyo_path_number_perm+0x1ba/0x590
[  479.517442][T15099]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  479.522923][T15099]  ? ksys_write+0x1c1/0x250
[  479.527463][T15099]  ? __fget_files+0x28/0x4d0
[  479.532070][T15099]  security_file_ioctl+0x70/0xa0
[  479.537023][T15099]  __se_sys_ioctl+0x48/0x170
[  479.541631][T15099]  do_syscall_64+0x55/0xb0
[  479.546065][T15099]  ? clear_bhb_loop+0x40/0x90
[  479.550751][T15099]  ? clear_bhb_loop+0x40/0x90
[  479.555438][T15099]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  479.561334][T15099] RIP: 0033:0x7f3719f8f749
[  479.565753][T15099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.585364][T15099] RSP: 002b:00007f371ada9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  479.593809][T15099] RAX: ffffffffffffffda RBX: 00007f371a1e6090 RCX: 00007f3719f8f749
[  479.601786][T15099] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000005
[  479.609757][T15099] RBP: 00007f371ada9090 R08: 0000000000000000 R09: 0000000000000000
[  479.617737][T15099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.625718][T15099] R13: 00007f371a1e6128 R14: 00007f371a1e6090 R15: 00007ffd74e26658
[  479.633735][T15099]  </TASK>
[  479.648340][T15099] ERROR: Out of memory at tomoyo_realpath_from_path.
[  479.744588][   T11] wlan1: Trigger new scan to find an IBSS to join
[  480.695372][  T159] wlan1: Creating new IBSS network, BSSID 36:5b:17:75:8b:ab
[  481.744208][ T1140] wlan1: Creating new IBSS network, BSSID aa:8e:fb:e1:26:12
[  482.348581][T15103] netlink: 'syz.2.3217': attribute type 10 has an invalid length.
[  482.356978][T15103] netlink: 55 bytes leftover after parsing attributes in process `syz.2.3217'.
[  482.441809][T15112] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3219'.
[  483.563585][T15132] FAULT_INJECTION: forcing a failure.
[  483.563585][T15132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.599571][T15132] CPU: 0 PID: 15132 Comm: syz.3.3227 Not tainted syzkaller #0
[  483.607105][T15132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  483.617180][T15132] Call Trace:
[  483.620467][T15132]  <TASK>
[  483.623402][T15132]  dump_stack_lvl+0x16c/0x230
[  483.628094][T15132]  ? show_regs_print_info+0x20/0x20
[  483.633299][T15132]  ? load_image+0x3b0/0x3b0
[  483.637807][T15132]  ? __lock_acquire+0x7c80/0x7c80
[  483.642841][T15132]  should_fail_ex+0x39d/0x4d0
[  483.647534][T15132]  _copy_from_user+0x2f/0xe0
[  483.652141][T15132]  copy_from_sockptr+0x69/0x80
[  483.656919][T15132]  packet_setsockopt+0xabf/0x12a0
[  483.661955][T15132]  ? packet_ioctl+0x340/0x340
[  483.666646][T15132]  ? aa_sk_perm+0x7fc/0x930
[  483.671157][T15132]  ? aa_af_perm+0x2b0/0x2b0
[  483.675696][T15132]  ? __fget_files+0x28/0x4d0
[  483.680300][T15132]  ? aa_sock_opt_perm+0x74/0x100
[  483.685240][T15132]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  483.690789][T15132]  ? security_socket_setsockopt+0x7e/0xa0
[  483.696511][T15132]  ? packet_ioctl+0x340/0x340
[  483.701198][T15132]  do_sock_setsockopt+0x175/0x1a0
[  483.706229][T15132]  ? __fdget+0x180/0x210
[  483.710477][T15132]  __x64_sys_setsockopt+0x184/0x200
[  483.715684][T15132]  do_syscall_64+0x55/0xb0
[  483.720107][T15132]  ? clear_bhb_loop+0x40/0x90
[  483.724783][T15132]  ? clear_bhb_loop+0x40/0x90
[  483.729460][T15132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  483.735353][T15132] RIP: 0033:0x7fddd338f749
[  483.739772][T15132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.759385][T15132] RSP: 002b:00007fddd41b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  483.767800][T15132] RAX: ffffffffffffffda RBX: 00007fddd35e5fa0 RCX: 00007fddd338f749
[  483.775779][T15132] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000007
[  483.783748][T15132] RBP: 00007fddd41b5090 R08: 0000000000000008 R09: 0000000000000000
[  483.791717][T15132] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  483.799688][T15132] R13: 00007fddd35e6038 R14: 00007fddd35e5fa0 R15: 00007ffc877a5268
[  483.807669][T15132]  </TASK>
[  485.227811][T15136] netlink: 'syz.0.3228': attribute type 10 has an invalid length.
[  485.282558][T15136] hsr_slave_0 (unregistering): left promiscuous mode
[  485.321703][T15142] netlink: 'syz.2.3230': attribute type 10 has an invalid length.
[  485.363741][T15142] 8021q: adding VLAN 0 to HW filter on device batadv0
[  485.389443][T15142] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  485.398675][T15146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  485.406449][T15146] batman_adv: batadv0: Removing interface: batadv_slave_0
[  485.420161][T15146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  485.431851][T15146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  485.444047][T15151] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3234'.
[  485.478504][T15146] bond0: (slave batadv0): Releasing backup interface
[  485.496814][T15151] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3234'.
[  485.538099][T15151] delete_channel: no stack
[  485.558241][T15157] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3236'.
[  485.727390][T15164] netlink: 'syz.2.3239': attribute type 10 has an invalid length.
[  485.766290][T15164] FAULT_INJECTION: forcing a failure.
[  485.766290][T15164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.767348][T15164] 
[  485.767353][T15164] ======================================================
[  485.767359][T15164] WARNING: possible circular locking dependency detected
[  485.767375][T15164] syzkaller #0 Not tainted
[  485.767383][T15164] ------------------------------------------------------
[  485.767389][T15164] syz.2.3239/15164 is trying to acquire lock:
[  485.767396][T15164] ffffffff8cd24160 (console_owner){-...}-{0:0}, at: console_flush_all+0x10f/0xd00
[  485.767440][T15164] 
[  485.767440][T15164] but task is already holding lock:
[  485.767445][T15164] ffff8880b8f3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  485.767486][T15164] 
[  485.767486][T15164] which lock already depends on the new lock.
[  485.767486][T15164] 
[  485.767491][T15164] 
[  485.767491][T15164] the existing dependency chain (in reverse order) is:
[  485.767495][T15164] 
[  485.767495][T15164] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  485.767515][T15164]        _raw_spin_lock_nested+0x32/0x50
[  485.767534][T15164]        raw_spin_rq_lock_nested+0x2a/0x140
[  485.767555][T15164]        task_fork_fair+0x62/0x1f0
[  485.767573][T15164]        sched_cgroup_fork+0x333/0x3c0
[  485.767596][T15164]        copy_process+0x21e4/0x3d70
[  485.767610][T15164]        kernel_clone+0x21b/0x840
[  485.767624][T15164]        user_mode_thread+0xde/0x130
[  485.767639][T15164]        rest_init+0x27/0x300
[  485.767655][T15164]        arch_call_rest_init+0xe/0x10
[  485.767677][T15164]        start_kernel+0x459/0x4e0
[  485.767698][T15164]        x86_64_start_reservations+0x2a/0x30
[  485.767717][T15164]        copy_bootdata+0x0/0xe0
[  485.767736][T15164]        secondary_startup_64_no_verify+0x179/0x17b
[  485.767757][T15164] 
[  485.767757][T15164] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  485.767777][T15164]        _raw_spin_lock_irqsave+0xa8/0xf0
[  485.767800][T15164]        try_to_wake_up+0x60/0x1140
[  485.767822][T15164]        __wake_up_common+0x2a4/0x4e0
[  485.767838][T15164]        __wake_up+0x112/0x190
[  485.767851][T15164]        tty_port_default_wakeup+0xa2/0xf0
[  485.767867][T15164]        serial8250_tx_chars+0x6bd/0x8a0
[  485.767886][T15164]        serial8250_handle_irq+0x534/0x6e0
[  485.767905][T15164]        serial8250_default_handle_irq+0xb8/0x1a0
[  485.767925][T15164]        serial8250_interrupt+0x9f/0x1c0
[  485.767942][T15164]        __handle_irq_event_percpu+0x276/0x930
[  485.767964][T15164]        handle_irq_event+0x8b/0x1e0
[  485.767985][T15164]        handle_edge_irq+0x247/0xb30
[  485.767999][T15164]        __common_interrupt+0x13b/0x230
[  485.768016][T15164]        common_interrupt+0xb4/0xd0
[  485.768037][T15164]        asm_common_interrupt+0x26/0x40
[  485.768053][T15164]        pv_native_safe_halt+0x13/0x20
[  485.768066][T15164]        default_idle+0x13/0x20
[  485.768080][T15164]        default_idle_call+0x6c/0xa0
[  485.768095][T15164]        do_idle+0x1eb/0x510
[  485.768109][T15164]        cpu_startup_entry+0x43/0x60
[  485.768125][T15164]        rest_init+0x2e2/0x300
[  485.768140][T15164]        arch_call_rest_init+0xe/0x10
[  485.768161][T15164]        start_kernel+0x459/0x4e0
[  485.768181][T15164]        x86_64_start_reservations+0x2a/0x30
[  485.768203][T15164]        copy_bootdata+0x0/0xe0
[  485.768219][T15164]        secondary_startup_64_no_verify+0x179/0x17b
[  485.768240][T15164] 
[  485.768240][T15164] -> #2 (&tty->write_wait){-.-.}-{2:2}:
[  485.768260][T15164]        _raw_spin_lock_irqsave+0xa8/0xf0
[  485.768276][T15164]        __wake_up+0xf8/0x190
[  485.768290][T15164]        tty_port_default_wakeup+0xa2/0xf0
[  485.768305][T15164]        serial8250_tx_chars+0x6bd/0x8a0
[  485.768323][T15164]        serial8250_handle_irq+0x534/0x6e0
[  485.768342][T15164]        serial8250_default_handle_irq+0xb8/0x1a0
[  485.768363][T15164]        serial8250_interrupt+0x9f/0x1c0
[  485.768380][T15164]        __handle_irq_event_percpu+0x276/0x930
[  485.768402][T15164]        handle_irq_event+0x8b/0x1e0
[  485.768422][T15164]        handle_edge_irq+0x247/0xb30
[  485.768436][T15164]        __common_interrupt+0x13b/0x230
[  485.768452][T15164]        common_interrupt+0xb4/0xd0
[  485.768473][T15164]        asm_common_interrupt+0x26/0x40
[  485.768488][T15164]        _raw_spin_unlock_irqrestore+0xa9/0x110
[  485.768505][T15164]        uart_write+0x45b/0x5d0
[  485.768516][T15164]        n_tty_write+0xd27/0x11d0
[  485.768537][T15164]        file_tty_write+0x54b/0x980
[  485.768554][T15164]        vfs_write+0x43b/0x940
[  485.768572][T15164]        ksys_write+0x147/0x250
[  485.768590][T15164]        do_syscall_64+0x55/0xb0
[  485.768608][T15164]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.768625][T15164] 
[  485.768625][T15164] -> #1 (&port_lock_key){-.-.}-{2:2}:
[  485.768644][T15164]        _raw_spin_lock_irqsave+0xa8/0xf0
[  485.768661][T15164]        serial8250_console_write+0x16d/0x17a0
[  485.768681][T15164]        console_flush_all+0x6cd/0xd00
[  485.768698][T15164]        console_unlock+0xae/0x340
[  485.768714][T15164]        vprintk_emit+0x477/0x600
[  485.768730][T15164]        _printk+0xd0/0x110
[  485.768744][T15164]        register_console+0x91b/0xe60
[  485.768761][T15164]        univ8250_console_init+0x45/0x50
[  485.768789][T15164]        console_init+0x17b/0x5e0
[  485.768810][T15164]        start_kernel+0x2c0/0x4e0
[  485.768831][T15164]        x86_64_start_reservations+0x2a/0x30
[  485.768850][T15164]        copy_bootdata+0x0/0xe0
[  485.768868][T15164]        secondary_startup_64_no_verify+0x179/0x17b
[  485.768889][T15164] 
[  485.768889][T15164] -> #0 (console_owner){-...}-{0:0}:
[  485.768908][T15164]        __lock_acquire+0x2ddb/0x7c80
[  485.768924][T15164]        lock_acquire+0x197/0x410
[  485.768939][T15164]        console_flush_all+0x693/0xd00
[  485.768955][T15164]        console_unlock+0xae/0x340
[  485.768971][T15164]        vprintk_emit+0x477/0x600
[  485.768987][T15164]        _printk+0xd0/0x110
[  485.769001][T15164]        should_fail_ex+0x37e/0x4d0
[  485.769021][T15164]        strncpy_from_user+0x36/0x2e0
[  485.769034][T15164]        strncpy_from_user_nofault+0x71/0x140
[  485.769056][T15164]        bpf_probe_read_user_str+0x2a/0x70
[  485.769078][T15164]        bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  485.769093][T15164]        bpf_trace_run4+0x1f9/0x420
[  485.769107][T15164]        __bpf_trace_sched_switch+0x17b/0x1e0
[  485.769124][T15164]        __traceiter_sched_switch+0x93/0xc0
[  485.769138][T15164]        __schedule+0x2197/0x44d0
[  485.769159][T15164]        preempt_schedule_irq+0xb5/0x140
[  485.769180][T15164]        irqentry_exit+0x67/0x70
[  485.769193][T15164]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  485.769210][T15164]        lock_acquire+0x1f2/0x410
[  485.769224][T15164]        __fget_files+0x45/0x4d0
[  485.769241][T15164]        __fdget+0x173/0x210
[  485.769259][T15164]        __se_sys_sendmsg+0xa6/0x270
[  485.769283][T15164]        do_syscall_64+0x55/0xb0
[  485.769302][T15164]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.769317][T15164] 
[  485.769317][T15164] other info that might help us debug this:
[  485.769317][T15164] 
[  485.769322][T15164] Chain exists of:
[  485.769322][T15164]   console_owner --> &p->pi_lock --> &rq->__lock
[  485.769322][T15164] 
[  485.769344][T15164]  Possible unsafe locking scenario:
[  485.769344][T15164] 
[  485.769348][T15164]        CPU0                    CPU1
[  485.769351][T15164]        ----                    ----
[  485.769355][T15164]   lock(&rq->__lock);
[  485.769364][T15164]                                lock(&p->pi_lock);
[  485.769374][T15164]                                lock(&rq->__lock);
[  485.769384][T15164]   lock(console_owner);
[  485.769392][T15164] 
[  485.769392][T15164]  *** DEADLOCK ***
[  485.769392][T15164] 
[  485.769396][T15164] 5 locks held by syz.2.3239/15164:
[  485.769405][T15164]  #0: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: __fget_files+0x28/0x4d0
[  485.769445][T15164]  #1: ffff8880b8f3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  485.769487][T15164]  #2: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0xfd/0x420
[  485.769523][T15164]  #3: ffffffff8cd24240 (console_lock){+.+.}-{0:0}, at: _printk+0xd0/0x110
[  485.769559][T15164]  #4: ffffffff8cc0ba50 (console_srcu){....}-{0:0}, at: console_flush_all+0x10f/0xd00
[  485.769597][T15164] 
[  485.769597][T15164] stack backtrace:
[  485.769602][T15164] CPU: 1 PID: 15164 Comm: syz.2.3239 Not tainted syzkaller #0
[  485.769617][T15164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  485.769626][T15164] Call Trace:
[  485.769632][T15164]  <TASK>
[  485.769638][T15164]  dump_stack_lvl+0x16c/0x230
[  485.769661][T15164]  ? load_image+0x3b0/0x3b0
[  485.769679][T15164]  ? show_regs_print_info+0x20/0x20
[  485.769706][T15164]  ? print_circular_bug+0x12b/0x1a0
[  485.769728][T15164]  check_noncircular+0x2bd/0x3c0
[  485.769750][T15164]  ? print_deadlock_bug+0x5d0/0x5d0
[  485.769768][T15164]  ? lockdep_lock+0xe0/0x220
[  485.769796][T15164]  __lock_acquire+0x2ddb/0x7c80
[  485.769827][T15164]  ? verify_lock_unused+0x140/0x140
[  485.769857][T15164]  lock_acquire+0x197/0x410
[  485.769874][T15164]  ? console_flush_all+0x10f/0xd00
[  485.769897][T15164]  ? __lock_acquire+0x7c80/0x7c80
[  485.769913][T15164]  ? do_raw_spin_lock+0x121/0x2c0
[  485.769934][T15164]  ? read_lock_is_recursive+0x20/0x20
[  485.769951][T15164]  ? __rwlock_init+0x150/0x150
[  485.769973][T15164]  ? do_raw_spin_unlock+0x121/0x230
[  485.769995][T15164]  console_flush_all+0x693/0xd00
[  485.770013][T15164]  ? console_flush_all+0x10f/0xd00
[  485.770034][T15164]  ? console_flush_all+0x10f/0xd00
[  485.770059][T15164]  ? is_console_locked+0x20/0x20
[  485.770079][T15164]  ? mark_lock+0x94/0x320
[  485.770100][T15164]  console_unlock+0xae/0x340
[  485.770120][T15164]  ? other_cpu_in_panic+0xf0/0xf0
[  485.770140][T15164]  ? __lock_acquire+0x1260/0x7c80
[  485.770161][T15164]  vprintk_emit+0x477/0x600
[  485.770181][T15164]  ? printk_sprint+0x460/0x460
[  485.770200][T15164]  ? __lock_acquire+0x1334/0x7c80
[  485.770222][T15164]  _printk+0xd0/0x110
[  485.770242][T15164]  ? load_image+0x3b0/0x3b0
[  485.770260][T15164]  ? __lock_acquire+0x1334/0x7c80
[  485.770283][T15164]  should_fail_ex+0x37e/0x4d0
[  485.770307][T15164]  strncpy_from_user+0x36/0x2e0
[  485.770325][T15164]  strncpy_from_user_nofault+0x71/0x140
[  485.770349][T15164]  bpf_probe_read_user_str+0x2a/0x70
[  485.770376][T15164]  bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  485.770392][T15164]  bpf_trace_run4+0x1f9/0x420
[  485.770407][T15164]  ? bpf_trace_run4+0xfd/0x420
[  485.770422][T15164]  ? bpf_trace_run3+0x400/0x400
[  485.770441][T15164]  ? __bpf_trace_sched_switch+0x160/0x1e0
[  485.770464][T15164]  __bpf_trace_sched_switch+0x17b/0x1e0
[  485.770486][T15164]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  485.770507][T15164]  ? __lock_acquire+0x7bb1/0x7c80
[  485.770524][T15164]  ? local_clock+0x20/0x20
[  485.770545][T15164]  ? tracing_record_taskinfo_sched_switch+0x7d/0x360
[  485.770568][T15164]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  485.770589][T15164]  __traceiter_sched_switch+0x93/0xc0
[  485.770607][T15164]  __schedule+0x2197/0x44d0
[  485.770632][T15164]  ? trace_call_bpf+0x5ba/0x690
[  485.770659][T15164]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  485.770680][T15164]  ? asan.module_dtor+0x20/0x20
[  485.770702][T15164]  ? preempt_schedule_irq+0xaa/0x140
[  485.770727][T15164]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  485.770747][T15164]  ? perf_trace_preemptirq_template+0x281/0x340
[  485.770772][T15164]  ? preempt_schedule_irq+0xaa/0x140
[  485.770802][T15164]  preempt_schedule_irq+0xb5/0x140
[  485.770827][T15164]  ? preempt_schedule_notrace+0x110/0x110
[  485.770854][T15164]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  485.770878][T15164]  irqentry_exit+0x67/0x70
[  485.770892][T15164]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  485.770912][T15164] RIP: 0010:lock_acquire+0x1f2/0x410
[  485.770930][T15164] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
[  485.770944][T15164] RSP: 0018:ffffc9001290fc00 EFLAGS: 00000206
[  485.770957][T15164] RAX: 0000000000000001 RBX: 0000000000000000 RCX: dfa1a5129296fc00
[  485.770968][T15164] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc6f80
[  485.770978][T15164] RBP: ffffc9001290fd10 R08: dffffc0000000000 R09: 1ffffffff21b52a0
[  485.770990][T15164] R10: dffffc0000000000 R11: fffffbfff21b52a1 R12: 1ffff92002521f8c
[  485.771001][T15164] R13: ffffffff8cd2ff20 R14: 0000000000000246 R15: dffffc0000000000
[  485.771026][T15164]  ? read_lock_is_recursive+0x20/0x20
[  485.771046][T15164]  ? trace_call_bpf+0x5ba/0x690
[  485.771069][T15164]  ? __lock_acquire+0x7c80/0x7c80
[  485.771088][T15164]  ? __fget_files+0x28/0x4d0
[  485.771108][T15164]  __fget_files+0x45/0x4d0
[  485.771128][T15164]  ? __fget_files+0x28/0x4d0
[  485.771149][T15164]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  485.771176][T15164]  __fdget+0x173/0x210
[  485.771195][T15164]  ? __se_sys_sendmsg+0x91/0x270
[  485.771219][T15164]  __se_sys_sendmsg+0xa6/0x270
[  485.771244][T15164]  ? perf_trace_preemptirq_template+0x281/0x340
[  485.771269][T15164]  ? __x64_sys_sendmsg+0x80/0x80
[  485.771294][T15164]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  485.771313][T15164]  ? lock_chain_count+0x20/0x20
[  485.771334][T15164]  ? lockdep_hardirqs_on+0x98/0x150
[  485.771351][T15164]  do_syscall_64+0x55/0xb0
[  485.771371][T15164]  ? clear_bhb_loop+0x40/0x90
[  485.771389][T15164]  ? clear_bhb_loop+0x40/0x90
[  485.771407][T15164]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.771425][T15164] RIP: 0033:0x7fbafc58f749
[  485.771438][T15164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.771450][T15164] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.771466][T15164] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  485.771477][T15164] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000009
[  485.771487][T15164] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  485.771497][T15164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.771506][T15164] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  485.771525][T15164]  </TASK>
[  487.116290][T15164] CPU: 1 PID: 15164 Comm: syz.2.3239 Not tainted syzkaller #0
[  487.123736][T15164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  487.133814][T15164] Call Trace:
[  487.137081][T15164]  <TASK>
[  487.140004][T15164]  dump_stack_lvl+0x16c/0x230
[  487.144679][T15164]  ? show_regs_print_info+0x20/0x20
[  487.149878][T15164]  ? load_image+0x3b0/0x3b0
[  487.154370][T15164]  ? __lock_acquire+0x1334/0x7c80
[  487.159386][T15164]  should_fail_ex+0x39d/0x4d0
[  487.164054][T15164]  strncpy_from_user+0x36/0x2e0
[  487.168893][T15164]  strncpy_from_user_nofault+0x71/0x140
[  487.174430][T15164]  bpf_probe_read_user_str+0x2a/0x70
[  487.179714][T15164]  bpf_prog_bc7c5c6b9645592f+0x3d/0x3f
[  487.185170][T15164]  bpf_trace_run4+0x1f9/0x420
[  487.189843][T15164]  ? bpf_trace_run4+0xfd/0x420
[  487.194595][T15164]  ? bpf_trace_run3+0x400/0x400
[  487.199432][T15164]  ? __bpf_trace_sched_switch+0x160/0x1e0
[  487.205144][T15164]  __bpf_trace_sched_switch+0x17b/0x1e0
[  487.210682][T15164]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  487.217005][T15164]  ? __lock_acquire+0x7bb1/0x7c80
[  487.222015][T15164]  ? local_clock+0x20/0x20
[  487.226420][T15164]  ? tracing_record_taskinfo_sched_switch+0x7d/0x360
[  487.233087][T15164]  ? __bpf_trace_sched_wakeup_template+0xe0/0xe0
[  487.239402][T15164]  __traceiter_sched_switch+0x93/0xc0
[  487.244761][T15164]  __schedule+0x2197/0x44d0
[  487.249259][T15164]  ? trace_call_bpf+0x5ba/0x690
[  487.254134][T15164]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  487.259882][T15164]  ? asan.module_dtor+0x20/0x20
[  487.264734][T15164]  ? preempt_schedule_irq+0xaa/0x140
[  487.270009][T15164]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  487.275976][T15164]  ? perf_trace_preemptirq_template+0x281/0x340
[  487.282225][T15164]  ? preempt_schedule_irq+0xaa/0x140
[  487.287505][T15164]  preempt_schedule_irq+0xb5/0x140
[  487.292634][T15164]  ? preempt_schedule_notrace+0x110/0x110
[  487.298379][T15164]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  487.304175][T15164]  irqentry_exit+0x67/0x70
[  487.308588][T15164]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  487.314558][T15164] RIP: 0010:lock_acquire+0x1f2/0x410
[  487.319844][T15164] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
[  487.339434][T15164] RSP: 0018:ffffc9001290fc00 EFLAGS: 00000206
[  487.345487][T15164] RAX: 0000000000000001 RBX: 0000000000000000 RCX: dfa1a5129296fc00
[  487.353447][T15164] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc6f80
[  487.361404][T15164] RBP: ffffc9001290fd10 R08: dffffc0000000000 R09: 1ffffffff21b52a0
[  487.369380][T15164] R10: dffffc0000000000 R11: fffffbfff21b52a1 R12: 1ffff92002521f8c
[  487.377346][T15164] R13: ffffffff8cd2ff20 R14: 0000000000000246 R15: dffffc0000000000
[  487.385322][T15164]  ? read_lock_is_recursive+0x20/0x20
[  487.390692][T15164]  ? trace_call_bpf+0x5ba/0x690
[  487.395547][T15164]  ? __lock_acquire+0x7c80/0x7c80
[  487.400582][T15164]  ? __fget_files+0x28/0x4d0
[  487.405163][T15164]  __fget_files+0x45/0x4d0
[  487.409570][T15164]  ? __fget_files+0x28/0x4d0
[  487.414154][T15164]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  487.419781][T15164]  __fdget+0x173/0x210
[  487.423841][T15164]  ? __se_sys_sendmsg+0x91/0x270
[  487.428773][T15164]  __se_sys_sendmsg+0xa6/0x270
[  487.433532][T15164]  ? perf_trace_preemptirq_template+0x281/0x340
[  487.439764][T15164]  ? __x64_sys_sendmsg+0x80/0x80
[  487.444721][T15164]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  487.450709][T15164]  ? lock_chain_count+0x20/0x20
[  487.455548][T15164]  ? lockdep_hardirqs_on+0x98/0x150
[  487.460736][T15164]  do_syscall_64+0x55/0xb0
[  487.465146][T15164]  ? clear_bhb_loop+0x40/0x90
[  487.469812][T15164]  ? clear_bhb_loop+0x40/0x90
[  487.474476][T15164]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  487.480357][T15164] RIP: 0033:0x7fbafc58f749
[  487.484783][T15164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.504402][T15164] RSP: 002b:00007fbafd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  487.512801][T15164] RAX: ffffffffffffffda RBX: 00007fbafc7e5fa0 RCX: 00007fbafc58f749
[  487.520759][T15164] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000009
[  487.528717][T15164] RBP: 00007fbafd374090 R08: 0000000000000000 R09: 0000000000000000
[  487.536681][T15164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.544636][T15164] R13: 00007fbafc7e6038 R14: 00007fbafc7e5fa0 R15: 00007ffcc5346828
[  487.552602][T15164]  </TASK>
[  489.671815][ T5104] Bluetooth: hci0: command 0x0406 tx timeout
[  493.181710][ T5104] Bluetooth: hci1: command 0x0406 tx timeout