last executing test programs:

6.357360647s ago: executing program 0 (id=8364):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
socket$kcm(0xa, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100e0007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
syz_clone(0x41064400, 0x0, 0x0, 0x0, 0x0, 0x0)

5.13085994s ago: executing program 3 (id=8373):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2}, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext, 0x10c002, 0x89}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000680)=@generic={&(0x7f0000000640)='./file0\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b000000050000000500000009"], 0x48)
r2 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x2004fc10)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x8020)
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x1}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x1e, 0x4, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={0x1, <r6=>0xffffffffffffffff}, 0x4)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000400)={&(0x7f0000000100)="feaba5908782", &(0x7f00000001c0)=""/186, &(0x7f0000000280)="09fa2094cb5febb493c421ceaa600a6fc4dc8f15128f27a17ba96e173df5", 0x0, 0xfffffff7, r6, 0x4}, 0x38)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x82, &(0x7f00000008c0), 0x43)
socket$kcm(0x2, 0xa, 0x2)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x0, 0x1}, 0x201, 0x0, 0xc2ba, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r7 = socket$kcm(0x2, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000140)={&(0x7f0000000880)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1417bb008000000000010038000000000000000000000007000000070e43aa5889c23ef593ae6bcd1844187c8073b5c9e00000000600000003000000080000000900001400000000000000000000000100000005000000000000001400000000000000000000000700000001000000000000001400000000000000000000000100000003000000000000001c000000000000000000000008"], 0xc0}, 0x240008c4)

4.929304746s ago: executing program 0 (id=8374):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0xfffffffe, 0x2, 0x93, 0x10014, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext={0xcf, 0xd}, 0x21, 0x0, 0x0, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x6, 0xd, &(0x7f0000000040), 0x3)
sendmsg$inet(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000180)="9e29c175f2d0bac72f29c8a648626000de42eb34654f697171d7a7bb5b5334fa197770893b1f9d7ebf3fa5a04a208e6200cdcf02756976f446a92d4494cb03466a57defaab9ec56198178957367d8602cf8f0485fece40f24295bc31cdad61849952a5e9946d9015528c9656c6744d8eb289f37903b0ce63d561ab02fa87d9", &(0x7f0000000280)=""/223}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x5452, &(0x7f0000000100))
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001080)="5c00000027006b04400000006e6cfe000a887ea6ea656700004e000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586ccda718ad4b4460bc24eab556000000008b1094e6bcfc1c6a51f60a64c9f4d49380ce2e7d0a88", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

4.79569181s ago: executing program 2 (id=8376):
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x108282, 0xac5d, 0x8000000, 0x0, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
perf_event_open(&(0x7f00000003c0)={0x4, 0x80, 0x4, 0x8, 0x2c, 0x5, 0x0, 0x1, 0x200, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={0x0, 0x9}, 0xc0, 0x9, 0x9, 0x9, 0x0, 0x0, 0xfff, 0x0, 0x7ff, 0x0, 0x9}, 0x0, 0x40003, 0xffffffffffffffff, 0xb)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x400})
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x513, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x202, 0x0, 0xffffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001600)={@fallback, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000340)=ANY=[], 0xa)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80044, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0}, 0x0, 0x5}, 0xffffffffffffffff, 0xfffffeffffffffff, 0xffffffffffffffff, 0x3)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006067c09e8fe55a10a0015400800142603600e120800160000001001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x6000}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x10040)
recvmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000003940)}, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f0, &(0x7f0000000080))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40808)

4.362450471s ago: executing program 0 (id=8380):
mkdir(0x0, 0xbe9bac6d2d0f4e0b)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0xa, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{0x0}], 0x1}, 0x40810)
r1 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0xa, 0x6, 0x0)
socket$kcm(0x28, 0x5, 0x0)
r2 = getpid()
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xe70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)}, 0x10100)
r3 = socket$kcm(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x2, 0x6, 0x0)
sendmsg$inet(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000004100000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000180)="8900", 0x2}, {&(0x7f0000000640)="25b2b3cbea4056eb9d315d760d7e9dfcd937a6", 0x13}], 0x2, 0x0, 0x0, 0x900}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200), 0x4)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb3, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r7, 0x0, 0x0}, 0x10)
sendmsg$kcm(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

4.275769014s ago: executing program 4 (id=8381):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x0, 0x808e}, 0x40000100)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000300), 0x8}, 0x0, 0x0, 0x0, 0x9, 0x4}, 0x0, 0xfff0000000000000, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x5452, &(0x7f0000000000)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86\xae\xa5\xea?\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00'/432)
write$cgroup_devices(r1, &(0x7f00000005c0)=ANY=[], 0xfffffeff)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000200)="68cabf2dfb58fc0a01008888ffff0200258f", 0x12}], 0x2}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r3 = socket$kcm(0xa, 0x5, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x8916, &(0x7f0000000000)={r4})
recvmsg$unix(r0, &(0x7f0000001440)={0x0, 0x0, 0x0}, 0x0)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x2000009, 0x20, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, @perf_config_ext, 0x100080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
socket$kcm(0x10, 0x2, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={0x0, 0x0, 0x18}, 0x18)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
r6 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r6, 0x0, 0x23, 0x0, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r5, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)

4.04027705s ago: executing program 3 (id=8383):
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x8, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad94ed406f21caf5adcf920569c00cc1199684600e446009fea019af247c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5a024e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c7160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d074ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f58fab987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45b418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51423b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0631c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b2206000000000000000aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000004000000f9f9b4ce7e871f507084c8c88e0652dedf69c34fc7c1bb170a7e88cbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf539"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080307000000e8fea4a1180015000600142603600e120800110000810401040016000a0029", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000440)="4791c70a5ae532", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}, 0x50)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x208, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40, 0xc2ba, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001240)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad94ed406f21caf5adcf920569c00cc1199684fa75814709fea019af247c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c7160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f58fab987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45b418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51423b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0631c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af00000000000000000021a688b2d7007fcc4b59f719afb0b3b7e0aee306ca70fe42bf4984a68f40e1fc043a03a17e4744359b87dc27c82d51cbeb64e52a28daeb6a78d6fe06181ecc840000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd"], 0xffbf)

3.831504706s ago: executing program 1 (id=8384):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a80258c6394f90424fc60100005000a000200053582c137153e37040001", 0x27}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="93430000520033d487277b9b108b4ab502"], 0xfe33)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000d30000000800000002"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
close(0x3) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x5, 0x7, 0x1, 0x0, 0xffffffffffffffff, 0x200000}, 0x50) (rerun: 32)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@enum, @struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x3000000, [{0x0, 0x1, 0x20000000}]}]}}, 0x0, 0x3e}, 0x28)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r4}, 0xc) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2, <r5=>0xffffffffffffffff}, &(0x7f0000001d80), &(0x7f0000001d40)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r5, &(0x7f0000000500), 0x0}, 0x20) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={&(0x7f0000000140)="055c074144b8ab0a42c926c3410aa365b860f3971e4da1d277f1025c0af80edfe1687d075e75737287011a2dc8c865e583c82704edcd6ab267f37877d002a6b9a277d45fd35bcf375cc3bfffb7f00c3a7bd1d743f32c662fd6ad56d8e67d743e51361ca708e6d228159f30406b97cc1ee7e7046cd856fcd7c99e6df6e352aa0c8aab8e563cd535f93f0f0666b6ac961d7420403f00da0259b4059643913b328d58cd1b583a844dd2e1949eb4a3531566ba2cde12afb5278e63b6f356d30b37", &(0x7f0000000200)=""/155, &(0x7f00000002c0)="f5c32c19ae895135d065adb70ad7e6fb9e34405f10d9686619df25937c26a76f33f9d7ceb80327a215f3bdf91300416b81b32a8b30e0cac497e20bb39b59f3fce90ba039f20a6d2daed1b5966d512bdc06f92315f5fa8547c7d118e646b67fbde595f60d6e2a779e28e6c1e190a7ce9a6acdc080814a75cb1492fe75df677bb1", &(0x7f0000000340)="80f8629e4ee84a4e21b41dade9c99df739658ed1e63c9b8e9ecf419c", 0x7, r5, 0x4}, 0x38)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_subtree(r6, &(0x7f0000000100), 0x2, 0x0)

3.660815281s ago: executing program 2 (id=8385):
bpf$MAP_DELETE_BATCH(0x1b, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000001, 0x0, @perf_config_ext, 0x5601, 0x0, 0xffff, 0x1, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0x800000004136}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8001, 0x3}, 0x0, 0x0, 0xfffffffc, 0x0, 0xb6eb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000f9ffffffffffffff9500000000000000f2dcc6d0e5bfb6ecc27477a80d1fcf4b137d054bd61743b079bac97f2141d9f3fc65776a653c4ec621d3c20287f5605901decf24849b329a36c04e4b9ed84e68605ca797889c2552b819a920c3ea749c4760aa70f09c9c56b6a43f7c5b6d22e5b85ad8359b1ca3ce6562fb42785fa4a7fee635efcaa4ba6fab659971224383e4bf1cf7f3e03373a9750690557a2efd747ce8afce6d4cd5"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

3.112814645s ago: executing program 0 (id=8386):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0x10c002, 0xac5d, 0x0, 0x0, 0x0, 0x0, 0xfffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)="d80000001d0081044e81f782db4400000000000002000000000000a1180015000600142603600e1208000f0000000401a80016002000014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad90200e006dcdf63951f215ce3bb9ad809d5", 0xb5}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x13, 0x0, 0x0, 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
socket$kcm(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x10, &(0x7f00000001c0), 0x4)
sendmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f00000008c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x4060019}, 0x20000841)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(0x4)
recvmsg(0xffffffffffffffff, &(0x7f0000002440)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="934300005a"], 0xfe33)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETLINK(r4, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r4)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f00000003c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000001c057af80ad697ea05e40f64be8d3d745711b74f890769a9ce39112a6cd2085d3f847cc3a99f31ef12eb2d4301671d99ed491f966276a172cbf8fcbb27e248171647df73e8094ed5da1d743ed6f6f63ace269227084676c37072f7b24e5dec21b10e99450c14d7f06f8f47a70e16d4a50a40a872b52798217c65189bee75f34ad4638a13e741edfadf4b2837deee44f4b088f139927928333b58c364cdee7a2f45e58c00d65f3dc7530d338acaa7144fe942ab544b2c1148fa01741c219b4d7fb70a6e53fbbf8f9bb25a07bf2566e67b1af3e8a456d7533f06690272622c47c980af71b11d525643da3420a9b7abf97e5b22f547a66be64f5e17060f7717a7fa47409192a255e3b543fd2ef0c757e718837955609dfea133acdae83934d2c5b49dfc9e41fed07d2e3dec239f1c85cb978fc92392f99052251dea1ce97784a7e996e87bb4b0016bfca3aa5921991b47401654122ba9c51c4663e25eb130548a57a9e48738bd0f0be3cf57a7d8fa384c856a587180004dbe8a1e4ae6a961b1cab5a2a3af0a5804ab5a37691fe0d85138f74cdebc8dcf2ef2a490a329be5f5243d850a48e81d86dffa09f9122bbd8898c1fc4127709ad666f8fa6acb220587bdd2e71471b9b87cf5028a6f7aa7abc46c12e81045d2b14e9a8b2fc49f47c69357434eda140c148fdef525255d8ca78672556f289b22ba26352b6"], 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000540)='GPL\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.047912177s ago: executing program 1 (id=8387):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa3ff900000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d6200100000000000000ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a0932f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c43ff010000000000000128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee99367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57d31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)

3.047675557s ago: executing program 2 (id=8388):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0xfffffffe, 0x2, 0x93, 0x10014, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext={0xcf, 0xd}, 0x21, 0x0, 0x0, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x6, 0xd, &(0x7f0000000040), 0x3)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000180)="9e29c175f2d0bac72f29c8a648626000de42eb34654f697171d7a7bb5b5334fa197770893b1f9d7ebf3fa5a04a208e6200cdcf02756976f446a92d4494cb03466a57defaab9ec56198178957367d8602cf8f0485fece40f24295bc31cdad61849952a5e9946d9015528c9656c6744d8eb289f37903b0ce63d561ab02fa87d9", &(0x7f0000000280)=""/223}, 0xb)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000040)=@generic={0x0, r3}, 0x18)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
r5 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x5452, &(0x7f0000000100))
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$inet(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001080)="5c00000027006b04400000006e6cfe000a887ea6ea656700004e000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586ccda718ad4b4460bc24eab556000000008b1094e6bcfc1c6a51f60a64c9f4d49380ce2e7d0a88", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x6, &(0x7f0000000040), 0x3)
setsockopt$sock_attach_bpf(r7, 0x29, 0x36, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETDEBUG(r4, 0x400454c9, &(0x7f00000000c0)=0x3)
close(r5)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r4, 0x400454c9, 0x1)

2.94019157s ago: executing program 4 (id=8389):
r0 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000100), 0x120)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000001}, 0x0, 0x0, 0xc2ba}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r2, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x2400c031)
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
sendmsg$tipc(r2, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f00000001c0), 0x4)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x0, @empty, 0x0, 0x1}, 0x80, 0x0}, 0x240440d1)

2.902980511s ago: executing program 3 (id=8390):
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, @perf_config_ext={0x101, 0x6}, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000a000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000200000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.843761922s ago: executing program 1 (id=8391):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0xfffffffe, 0x2, 0x93, 0x10014, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext={0xcf, 0xd}, 0x21, 0x0, 0x0, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x6, 0xd, &(0x7f0000000040), 0x3)
sendmsg$inet(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000180)="9e29c175f2d0bac72f29c8a648626000de42eb34654f697171d7a7bb5b5334fa197770893b1f9d7ebf3fa5a04a208e6200cdcf02756976f446a92d4494cb03466a57defaab9ec56198178957367d8602cf8f0485fece40f24295bc31cdad61849952a5e9946d9015528c9656c6744d8eb289f37903b0ce63d561ab02fa87d9", &(0x7f0000000280)=""/223}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x5452, &(0x7f0000000100))
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001080)="5c00000027006b04400000006e6cfe000a887ea6ea656700004e000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586ccda718ad4b4460bc24eab556000000008b1094e6bcfc1c6a51f60a64c9f4d49380ce2e7d0a88", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.582772419s ago: executing program 3 (id=8392):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0}, 0x21, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x8, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b0b, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f00000001c0), &(0x7f0000000380)='%+9llu \x00'}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x9a, 0x0, 0x0, 0x0, 0x0, 0x2440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440), 0x4}, 0x10c002, 0xac5d, 0x0, 0x0, 0x2, 0x0, 0xfff9, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9c, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={&(0x7f00000006c0), 0x6}, 0x10c002, 0xac5d, 0x10000200}, 0x0, 0x5, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}, 0x104007, 0xac5d, 0x0, 0x0, 0x0, 0xf226}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, 0x0)
syz_clone(0xa000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)

2.57030427s ago: executing program 0 (id=8393):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0xc2ba}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
socket$kcm(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x200)
socket$kcm(0xa, 0x5, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x5, 0x1ff}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x56d, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
socket$kcm(0x2, 0x922000000001, 0x106)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0xa, 0x6, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000800000000000061"], 0x0, 0x28}, 0x28)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0xd, 0x5}, 0x8000, 0x10000, 0x43a1bd76, 0x7, 0x6, 0x400006, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.5587632s ago: executing program 4 (id=8394):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000100)={r0, r0}, 0xc)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x10}, 0x10c002, 0xac5d, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffff, 0x81}, 0x100c, 0x7, 0xffff, 0x7, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a000000000000611180000080ff001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r4}, 0x0, &(0x7f0000000080)=r3}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r1, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000640)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0), 0x0, 0x78, &(0x7f0000000700)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x69, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x20, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xe22}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000500)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x11, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[r1, r0, r2], 0x0, 0x10, 0x9}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000000f195"], 0x0}, 0x94)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r8, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x2, 0x3, 0x5, &(0x7f0000000240))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x1, &(0x7f00000001c0)=@raw=[@generic={0x22, 0x2, 0x0, 0x800, 0xffffffff}], &(0x7f0000000200)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x1, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000b40)=[0xffffffffffffffff], &(0x7f0000000b80)=[{0x2, 0x4, 0x6}, {0x5, 0x4, 0x2, 0x3}, {0x2, 0x5, 0x10, 0x4}, {0x2, 0x4, 0x0, 0x1}, {0x2, 0x2, 0xf, 0x9}, {0x5, 0x4}, {0x1, 0x2, 0x7, 0xc}], 0x10, 0x5b}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x18000000000002a0, 0x5ee, 0xfd60, &(0x7f0000000580)="b9ff03076804d773000000000100", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)

2.434063174s ago: executing program 2 (id=8395):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006067c09e8fe55a10a0015400800142603600e1208001600fff01001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x6000}, 0x0)

2.19928922s ago: executing program 1 (id=8396):
mkdir(0x0, 0xbe9bac6d2d0f4e0b)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0xa, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{0x0}], 0x1}, 0x40810)
r1 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0xa, 0x6, 0x0)
socket$kcm(0x28, 0x5, 0x0)
r2 = getpid()
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xe70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)}, 0x10100)
r3 = socket$kcm(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x2, 0x6, 0x0)
sendmsg$inet(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000004100000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000180)="8900", 0x2}, {&(0x7f0000000640)="25b2b3cbea4056eb9d315d760d7e9dfcd937a6", 0x13}], 0x2, 0x0, 0x0, 0x900}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200), 0x4)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb3, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r7, 0x0, 0x0}, 0x10)
sendmsg$kcm(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

1.951835737s ago: executing program 2 (id=8397):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x35}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

1.798918131s ago: executing program 3 (id=8398):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff96, &(0x7f0000000300)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x4084)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d80000001600811e4e81f782db44b9040a1d0802a6cdda08040000a1180002461a1a39738c1e541208010f0100814401a80016ea1f", 0x35}], 0x1, 0x0, 0x0, 0x7400}, 0x4050)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)}, 0x20004800)
r0 = getpid()
perf_event_open(0x0, r0, 0x3, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r2 = socket$kcm(0xa, 0x5, 0x0)
socketpair(0x1, 0x5, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x200})
perf_event_open(&(0x7f0000000400)={0x5, 0x80, 0x0, 0x40, 0x0, 0x2, 0x0, 0x2, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, @perf_config_ext={0xa, 0x7fffffffffffffff}, 0x8040, 0x100000001, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2fd}, 0x0, 0x2, r1, 0xa)
r3 = socket$kcm(0x2, 0x200000000000006, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x5452, &(0x7f00000006c0))
setsockopt$sock_attach_bpf(r3, 0x1, 0x7, &(0x7f0000000040), 0x4)
setsockopt$sock_attach_bpf(r2, 0x0, 0x29, 0x0, 0x5012)
r4 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x18848}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0xfdef)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000380)='\xe8\b\x89\xb6\x11[\xc2\x0f\x8e\x81c\t')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r6)
r7 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r7, &(0x7f0000000340)={&(0x7f00000000c0)=@in6={0xa, 0x4e22, 0x0, @dev, 0x7}, 0x80, 0x0}, 0x200ce0c0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x44094)

1.778271941s ago: executing program 4 (id=8399):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000004000000bca30000000000002403002040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61121800000000001d430000000000007a0a00fe00581c1f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

1.599787146s ago: executing program 2 (id=8400):
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x8, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad94ed406f21caf5adcf920569c00cc1199684600e446009fea019af247c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5a024e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c7160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d074ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f58fab987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45b418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51423b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0631c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b2206000000000000000aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000004000000f9f9b4ce7e871f507084c8c88e0652dedf69c34fc7c1bb170a7e88cbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf539"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080307000000e8fea4a1180015000600142603600e120800110000810401040016000a0029", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r0, 0x0, 0x7, 0x0, &(0x7f0000000440)="4791c70a5ae532", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}, 0x50)
r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x208, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40, 0xc2ba, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001240)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad94ed406f21caf5adcf920569c00cc1199684fa75814709fea019af247c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c7160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f58fab987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45b418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51423b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0631c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af00000000000000000021a688b2d7007fcc4b59f719afb0b3b7e0aee306ca70fe42bf4984a68f40e1fc043a03a17e4744359b87dc27c82d51cbeb64e52a28daeb6a78d6fe06181ecc840000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd"], 0xffbf)

1.599566446s ago: executing program 0 (id=8401):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1005}, 0x10c002, 0xac5d, 0x0, 0x0, 0x0, 0x0, 0xfffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4840)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000", @ANYRES32, @ANYBLOB="00000000000000f4ff00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0d00000006000000040000000100000000000000", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000800000000000000000000000000000004e541255db3357ea78ac496645fdccb2ef69cc340e0e5ea9db55f00fadd4c90900e45122eda6d6b3a479eebaa45daed9441d33afc725f455f913238abd772029dbc0201954bc35cf7e0af0603b0b4e88d27cadcc5f4fbdaa3537546f"], 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x96, r4}, 0x38)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
socketpair(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_freezer_state(r7, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r8, &(0x7f0000000040)='FROZEN\x00', 0x7)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = openat$cgroup_procs(r7, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$cgroup_pid(r10, &(0x7f0000000300)=r9, 0x12)
write$cgroup_freezer_state(r8, &(0x7f0000000080)='THAWED\x00', 0x7)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x420})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f2, &(0x7f0000000080))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

1.565656247s ago: executing program 4 (id=8402):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={0x0, 0x0, 0x4010, r0}, 0x18)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000400)={r1, &(0x7f0000000200)="46a0d6a205b427ae1ca3f9bf9e8760f796c383293186f6a76ec8fbd0cd3d8f47a4e6ccc6b71667e8f362f1d63081a37198f940d17b072187ffa350daf1a840b8568cc6a11684938a6615570d3b52c0c11ab87af415b635c993dea51c40066be574f0c193e909ecfc83f0", &(0x7f0000000300)=""/232}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x23, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89ed, 0x0)
socket$kcm(0xf, 0x3, 0x2)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000280)=@generic={&(0x7f0000000100)='./file0\x00'}, 0x18)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008001900030002000600090000800000005883c64d251e638294ff0051f60a84c9f4d4938037e7000000000000000000d1c566a000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x98010)

1.165123818s ago: executing program 3 (id=8403):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0x10c002, 0xac5d, 0x0, 0x0, 0x0, 0x0, 0xfffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)="d80000001d0081044e81f782db4400000000000002000000000000a1180015000600142603600e1208000f0000000401a80016002000014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad90200e006dcdf63951f215ce3bb9ad809d5", 0xb5}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x13, 0x0, 0x0, 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
socket$kcm(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x10, &(0x7f00000001c0), 0x4)
sendmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f00000008c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x4060019}, 0x20000841)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(0x4)
recvmsg(0xffffffffffffffff, &(0x7f0000002440)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="934300005a"], 0xfe33)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETLINK(r4, 0x400454cd, 0x336)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r4)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f00000003c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000001c057af80ad697ea05e40f64be8d3d745711b74f890769a9ce39112a6cd2085d3f847cc3a99f31ef12eb2d4301671d99ed491f966276a172cbf8fcbb27e248171647df73e8094ed5da1d743ed6f6f63ace269227084676c37072f7b24e5dec21b10e99450c14d7f06f8f47a70e16d4a50a40a872b52798217c65189bee75f34ad4638a13e741edfadf4b2837deee44f4b088f139927928333b58c364cdee7a2f45e58c00d65f3dc7530d338acaa7144fe942ab544b2c1148fa01741c219b4d7fb70a6e53fbbf8f9bb25a07bf2566e67b1af3e8a456d7533f06690272622c47c980af71b11d525643da3420a9b7abf97e5b22f547a66be64f5e17060f7717a7fa47409192a255e3b543fd2ef0c757e718837955609dfea133acdae83934d2c5b49dfc9e41fed07d2e3dec239f1c85cb978fc92392f99052251dea1ce97784a7e996e87bb4b0016bfca3aa5921991b47401654122ba9c51c4663e25eb130548a57a9e48738bd0f0be3cf57a7d8fa384c856a587180004dbe8a1e4ae6a961b1cab5a2a3af0a5804ab5a37691fe0d85138f74cdebc8dcf2ef2a490a329be5f5243d850a48e81d86dffa09f9122bbd8898c1fc4127709ad666f8fa6acb220587bdd2e71471b9b87cf5028a6f7aa7abc46c12e81045d2b14e9a8b2fc49f47c69357434eda140c148fdef525255d8ca78672556f289b22ba26352b6"], 0x48)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000540)='GPL\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

979.637503ms ago: executing program 1 (id=8404):
mkdir(0x0, 0xbe9bac6d2d0f4e0b)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0xa, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{0x0}], 0x1}, 0x40810)
r1 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0xa, 0x6, 0x0)
socket$kcm(0x28, 0x5, 0x0)
r2 = getpid()
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xe70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x39c}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)}, 0x10100)
r3 = socket$kcm(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x2, 0x6, 0x0)
sendmsg$inet(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000004100000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000180)="8900", 0x2}, {&(0x7f0000000640)="25b2b3cbea4056eb9d315d760d7e9dfcd937a6", 0x13}], 0x2, 0x0, 0x0, 0x900}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200), 0x4)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb3, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r7, 0x0, 0x0}, 0x10)
sendmsg$kcm(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

900.141345ms ago: executing program 4 (id=8405):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0xfffffffe, 0x2, 0x93, 0x10014, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext={0xcf, 0xd}, 0x21, 0x0, 0x0, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x6, 0xd, &(0x7f0000000040), 0x3)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000180)="9e29c175f2d0bac72f29c8a648626000de42eb34654f697171d7a7bb5b5334fa197770893b1f9d7ebf3fa5a04a208e6200cdcf02756976f446a92d4494cb03466a57defaab9ec56198178957367d8602cf8f0485fece40f24295bc31cdad61849952a5e9946d9015528c9656c6744d8eb289f37903b0ce63d561ab02fa87d9", &(0x7f0000000280)=""/223}, 0xb)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000040)=@generic={0x0, r3}, 0x18)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
r5 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x5452, &(0x7f0000000100))
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$inet(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001080)="5c00000027006b04400000006e6cfe000a887ea6ea656700004e000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586ccda718ad4b4460bc24eab556000000008b1094e6bcfc1c6a51f60a64c9f4d49380ce2e7d0a88", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x6, &(0x7f0000000040), 0x3)
setsockopt$sock_attach_bpf(r7, 0x29, 0x36, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETDEBUG(r4, 0x400454c9, &(0x7f00000000c0)=0x3)
close(r5)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r4, 0x400454c9, 0x1)

0s ago: executing program 1 (id=8406):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0xfffffffe, 0x2, 0x93, 0x10014, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext={0xcf, 0xd}, 0x21, 0x0, 0x0, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000000f01f00810000007f00000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x6, 0xd, &(0x7f0000000040), 0x3)
sendmsg$inet(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000180)="9e29c175f2d0bac72f29c8a648626000de42eb34654f697171d7a7bb5b5334fa197770893b1f9d7ebf3fa5a04a208e6200cdcf02756976f446a92d4494cb03466a57defaab9ec56198178957367d8602cf8f0485fece40f24295bc31cdad61849952a5e9946d9015528c9656c6744d8eb289f37903b0ce63d561ab02fa87d9", &(0x7f0000000280)=""/223}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x5452, &(0x7f0000000100))
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$inet(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001080)="5c00000027006b04400000006e6cfe000a887ea6ea656700004e000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586ccda718ad4b4460bc24eab556000000008b1094e6bcfc1c6a51f60a64c9f4d49380ce2e7d0a88", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

kernel console output (not intermixed with test programs):

 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  945.743420][T18936] RSP: 002b:00007f6bf3bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  945.750147][T18933] : port 1(ip6gretap0) entered disabled state
[  945.754138][T18936] RAX: ffffffffffffffda RBX: 00007f6bf5c15fa0 RCX: 00007f6bf599cdd9
[  945.754158][T18936] RDX: 0000000000000600 RSI: 0000200000003780 RDI: 0000000000000005
[  945.754173][T18936] RBP: 00007f6bf3bf6090 R08: 0000000000000000 R09: 0000000000000000
[  945.754187][T18936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  945.754200][T18936] R13: 00007f6bf5c16038 R14: 00007f6bf5c15fa0 R15: 00007ffef472be98
[  945.754232][T18936]  </TASK>
[  946.155100][T18946] netlink: 'syz.4.4932': attribute type 10 has an invalid length.
[  946.587992][T18972] FAULT_INJECTION: forcing a failure.
[  946.587992][T18972] name failslab, interval 1, probability 0, space 0, times 0
[  946.645190][T18972] CPU: 0 PID: 18972 Comm: syz.1.4942 Not tainted syzkaller #0
[  946.652754][T18972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  946.662859][T18972] Call Trace:
[  946.666194][T18972]  <TASK>
[  946.669256][T18972]  dump_stack_lvl+0x188/0x24e
[  946.673994][T18972]  ? show_regs_print_info+0x12/0x12
[  946.679266][T18972]  ? load_image+0x400/0x400
[  946.683836][T18972]  ? __might_sleep+0xd0/0xd0
[  946.688467][T18972]  ? __lock_acquire+0x7d10/0x7d10
[  946.693550][T18972]  should_fail_ex+0x399/0x4d0
[  946.698283][T18972]  should_failslab+0x5/0x20
[  946.702831][T18972]  slab_pre_alloc_hook+0x59/0x310
[  946.707918][T18972]  ? bpf_prog_test_run_skb+0x234/0x12a0
[  946.713612][T18972]  __kmem_cache_alloc_node+0x4f/0x260
[  946.719046][T18972]  ? bpf_prog_test_run_skb+0x234/0x12a0
[  946.724744][T18972]  __kmalloc+0xa0/0x240
[  946.728973][T18972]  bpf_prog_test_run_skb+0x234/0x12a0
[  946.734415][T18972]  ? __fget_files+0x28/0x4b0
[  946.739060][T18972]  ? __fget_files+0x28/0x4b0
[  946.743718][T18972]  ? __fget_files+0x43d/0x4b0
[  946.748466][T18972]  ? cpu_online+0xa0/0xa0
[  946.752854][T18972]  bpf_prog_test_run+0x31e/0x390
[  946.757858][T18972]  __sys_bpf+0x62b/0x780
[  946.762159][T18972]  ? bpf_link_show_fdinfo+0x380/0x380
[  946.767606][T18972]  ? lock_chain_count+0x20/0x20
[  946.772535][T18972]  __x64_sys_bpf+0x78/0x90
[  946.777011][T18972]  do_syscall_64+0x4c/0xa0
[  946.781492][T18972]  ? clear_bhb_loop+0x60/0xb0
[  946.786228][T18972]  ? clear_bhb_loop+0x60/0xb0
[  946.790964][T18972]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  946.794920][T18978] netlink: 'syz.3.4944': attribute type 27 has an invalid length.
[  946.796917][T18972] RIP: 0033:0x7f6bf599cdd9
[  946.796943][T18972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  946.796963][T18972] RSP: 002b:00007f6bf3bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  946.796989][T18972] RAX: ffffffffffffffda RBX: 00007f6bf5c15fa0 RCX: 00007f6bf599cdd9
[  946.797007][T18972] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[  946.813760][T18978] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4944'.
[  946.828891][T18972] RBP: 00007f6bf3bf6090 R08: 0000000000000000 R09: 0000000000000000
[  946.828917][T18972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  946.828930][T18972] R13: 00007f6bf5c16038 R14: 00007f6bf5c15fa0 R15: 00007ffef472be98
[  946.828962][T18972]  </TASK>
[  947.229454][T18991] netlink: 'syz.0.4948': attribute type 10 has an invalid length.
[  948.072225][T19013] netlink: 'syz.2.4957': attribute type 5 has an invalid length.
[  948.538530][T19040] netlink: 'syz.1.4964': attribute type 10 has an invalid length.
[  948.962578][T13107] Bluetooth: hci0: ISO packet for unknown connection handle 2622
[  949.420740][T19071] netlink: 'syz.3.4978': attribute type 10 has an invalid length.
[  949.699733][T19079] netlink: 'syz.2.4980': attribute type 10 has an invalid length.
[  953.547235][T19144] netlink: 'syz.4.4998': attribute type 10 has an invalid length.
[  953.937917][T19157] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.5003'.
[  955.205503][T19189] netlink: 'syz.1.5013': attribute type 10 has an invalid length.
[  955.616661][T19200] netlink: 'syz.1.5018': attribute type 27 has an invalid length.
[  955.939421][T19214] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.5023'.
[  956.122899][T19214] openvswitch: netlink: Key 2 has unexpected len 41210 expected 4
[  956.616870][T19230] netlink: 'syz.1.5028': attribute type 10 has an invalid length.
[  957.311505][T19247] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.5035'.
[  957.477798][T19253] netlink: 'syz.4.5038': attribute type 27 has an invalid length.
[  957.695677][T19263] netlink: 'syz.0.5040': attribute type 10 has an invalid length.
[  959.446169][T19299] netlink: 'syz.4.5053': attribute type 10 has an invalid length.
[  959.854646][T19312] netlink: 'syz.2.5055': attribute type 27 has an invalid length.
[  960.753539][T19329] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  963.483402][T19365] netlink: 'syz.0.5072': attribute type 27 has an invalid length.
[  964.555155][T19383] FAULT_INJECTION: forcing a failure.
[  964.555155][T19383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  964.846982][T19383] CPU: 0 PID: 19383 Comm: syz.1.5077 Not tainted syzkaller #0
[  964.854550][T19383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  964.864718][T19383] Call Trace:
[  964.868055][T19383]  <TASK>
[  964.871036][T19383]  dump_stack_lvl+0x188/0x24e
[  964.875788][T19383]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  964.882047][T19383]  ? show_regs_print_info+0x12/0x12
[  964.887417][T19383]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  964.893661][T19383]  should_fail_ex+0x399/0x4d0
[  964.898417][T19383]  _copy_to_user+0x2c/0x130
[  964.902986][T19383]  simple_read_from_buffer+0xe3/0x150
[  964.908534][T19383]  proc_fail_nth_read+0x1a6/0x220
[  964.913628][T19383]  ? proc_fault_inject_write+0x310/0x310
[  964.919334][T19383]  ? fsnotify_perm+0x248/0x550
[  964.924160][T19383]  ? proc_fault_inject_write+0x310/0x310
[  964.929869][T19383]  vfs_read+0x2de/0xa00
[  964.934118][T19383]  ? kernel_read+0x1e0/0x1e0
[  964.938790][T19383]  ? __fget_files+0x28/0x4b0
[  964.943449][T19383]  ? __fget_files+0x28/0x4b0
[  964.948104][T19383]  ? __fget_files+0x43d/0x4b0
[  964.952852][T19383]  ? __fdget_pos+0x2ae/0x360
[  964.957514][T19383]  ? ksys_read+0x71/0x250
[  964.961912][T19383]  ksys_read+0x14c/0x250
[  964.966287][T19383]  ? vfs_write+0xa30/0xa30
[  964.970788][T19383]  do_syscall_64+0x4c/0xa0
[  964.975276][T19383]  ? clear_bhb_loop+0x60/0xb0
[  964.980014][T19383]  ? clear_bhb_loop+0x60/0xb0
[  964.984758][T19383]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  964.990722][T19383] RIP: 0033:0x7f6bf595d60e
[  964.995193][T19383] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  965.014867][T19383] RSP: 002b:00007f6bf3bf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  965.023353][T19383] RAX: ffffffffffffffda RBX: 00007f6bf3bf66c0 RCX: 00007f6bf595d60e
[  965.031393][T19383] RDX: 000000000000000f RSI: 00007f6bf3bf60a0 RDI: 0000000000000006
[  965.039417][T19383] RBP: 00007f6bf3bf6090 R08: 0000000000000000 R09: 0000000000000000
[  965.047442][T19383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  965.055596][T19383] R13: 00007f6bf5c16038 R14: 00007f6bf5c15fa0 R15: 00007ffef472be98
[  965.063651][T19383]  </TASK>
[  965.254901][T19387] netlink: 196 bytes leftover after parsing attributes in process `syz.2.5078'.
[  965.273830][T19387] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  965.991249][T19401] ÿ: renamed from bond_slave_0
[  966.272190][T19409] FAULT_INJECTION: forcing a failure.
[  966.272190][T19409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  966.302307][T19409] CPU: 0 PID: 19409 Comm: syz.4.5085 Not tainted syzkaller #0
[  966.309883][T19409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  966.319991][T19409] Call Trace:
[  966.323322][T19409]  <TASK>
[  966.326345][T19409]  dump_stack_lvl+0x188/0x24e
[  966.331088][T19409]  ? show_regs_print_info+0x12/0x12
[  966.336358][T19409]  ? load_image+0x400/0x400
[  966.340952][T19409]  ? __lock_acquire+0x7d10/0x7d10
[  966.346043][T19409]  should_fail_ex+0x399/0x4d0
[  966.350773][T19409]  _copy_from_user+0x2c/0x170
[  966.355516][T19409]  bpf_prog_test_run_skb+0x262/0x12a0
[  966.360944][T19409]  ? __fget_files+0x28/0x4b0
[  966.365591][T19409]  ? __fget_files+0x28/0x4b0
[  966.370235][T19409]  ? __fget_files+0x43d/0x4b0
[  966.374997][T19409]  ? cpu_online+0xa0/0xa0
[  966.379377][T19409]  bpf_prog_test_run+0x31e/0x390
[  966.384383][T19409]  __sys_bpf+0x62b/0x780
[  966.388683][T19409]  ? bpf_link_show_fdinfo+0x380/0x380
[  966.394166][T19409]  ? lock_chain_count+0x20/0x20
[  966.399087][T19409]  __x64_sys_bpf+0x78/0x90
[  966.403564][T19409]  do_syscall_64+0x4c/0xa0
[  966.408037][T19409]  ? clear_bhb_loop+0x60/0xb0
[  966.412770][T19409]  ? clear_bhb_loop+0x60/0xb0
[  966.417504][T19409]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  966.423454][T19409] RIP: 0033:0x7efd2f19cdd9
[  966.427916][T19409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  966.447581][T19409] RSP: 002b:00007efd30087028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  966.456063][T19409] RAX: ffffffffffffffda RBX: 00007efd2f415fa0 RCX: 00007efd2f19cdd9
[  966.464186][T19409] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[  966.472206][T19409] RBP: 00007efd30087090 R08: 0000000000000000 R09: 0000000000000000
[  966.480241][T19409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.488264][T19409] R13: 00007efd2f416038 R14: 00007efd2f415fa0 R15: 00007ffebdd25458
[  966.496316][T19409]  </TASK>
[  967.110813][T19421] netlink: 'syz.3.5089': attribute type 27 has an invalid length.
[  968.479100][T19469] netlink: 'syz.2.5108': attribute type 27 has an invalid length.
[  970.113262][T19485] bond0: (slave wlan1): Error: Slave device does not support XDP
[  970.596968][T19508] netlink: 'syz.2.5122': attribute type 10 has an invalid length.
[  971.213849][T19524] netlink: 'syz.4.5128': attribute type 2 has an invalid length.
[  971.221908][T19524] netlink: 190784 bytes leftover after parsing attributes in process `syz.4.5128'.
[  973.172561][T19573] netlink: 'syz.1.5147': attribute type 25 has an invalid length.
[  973.196199][T19573] netlink: 'syz.1.5147': attribute type 9 has an invalid length.
[  973.248881][T19573] netlink: 'syz.1.5147': attribute type 16 has an invalid length.
[  973.287462][T19573] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5147'.
[  973.361394][T19577] bond0: (slave wlan1): Error: Slave device does not support XDP
[  973.886766][T19599] netlink: 'syz.1.5161': attribute type 1 has an invalid length.
[  973.902997][T19599] netlink: 144 bytes leftover after parsing attributes in process `syz.1.5161'.
[  975.040822][T19627] netlink: 'syz.1.5173': attribute type 46 has an invalid length.
[  976.129676][T19663] FAULT_INJECTION: forcing a failure.
[  976.129676][T19663] name failslab, interval 1, probability 0, space 0, times 0
[  976.199926][T19663] CPU: 1 PID: 19663 Comm: syz.0.5188 Not tainted syzkaller #0
[  976.207689][T19663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  976.217905][T19663] Call Trace:
[  976.221251][T19663]  <TASK>
[  976.224249][T19663]  dump_stack_lvl+0x188/0x24e
[  976.229021][T19663]  ? show_regs_print_info+0x12/0x12
[  976.234302][T19663]  ? load_image+0x400/0x400
[  976.238902][T19663]  ? __might_sleep+0xd0/0xd0
[  976.243572][T19663]  ? __lock_acquire+0x7d10/0x7d10
[  976.248698][T19663]  should_fail_ex+0x399/0x4d0
[  976.253456][T19663]  should_failslab+0x5/0x20
[  976.258038][T19663]  slab_pre_alloc_hook+0x59/0x310
[  976.263137][T19663]  ? prepend_path+0xa68/0xc20
[  976.267882][T19663]  ? tomoyo_encode+0x27e/0x540
[  976.272746][T19663]  __kmem_cache_alloc_node+0x4f/0x260
[  976.278210][T19663]  ? tomoyo_encode+0x27e/0x540
[  976.283065][T19663]  __kmalloc+0xa0/0x240
[  976.287311][T19663]  tomoyo_encode+0x27e/0x540
[  976.292027][T19663]  tomoyo_realpath_from_path+0x58e/0x5d0
[  976.297769][T19663]  ? tomoyo_path_number_perm+0x205/0x650
[  976.303518][T19663]  tomoyo_path_number_perm+0x22f/0x650
[  976.309073][T19663]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  976.314614][T19663]  ? ksys_write+0x1c0/0x250
[  976.319205][T19663]  ? common_file_perm+0x171/0x1c0
[  976.324413][T19663]  ? __fget_files+0x28/0x4b0
[  976.329087][T19663]  ? __fget_files+0x28/0x4b0
[  976.333790][T19663]  security_file_ioctl+0x6c/0xa0
[  976.338830][T19663]  __se_sys_ioctl+0x48/0x170
[  976.343560][T19663]  do_syscall_64+0x4c/0xa0
[  976.348067][T19663]  ? clear_bhb_loop+0x60/0xb0
[  976.352817][T19663]  ? clear_bhb_loop+0x60/0xb0
[  976.357572][T19663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  976.363544][T19663] RIP: 0033:0x7f7570b9cdd9
[  976.368041][T19663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  976.387723][T19663] RSP: 002b:00007f7571a92028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  976.396219][T19663] RAX: ffffffffffffffda RBX: 00007f7570e15fa0 RCX: 00007f7570b9cdd9
[  976.404260][T19663] RDX: 0000200000000040 RSI: 00000000401054d5 RDI: 0000000000000004
[  976.412301][T19663] RBP: 00007f7571a92090 R08: 0000000000000000 R09: 0000000000000000
[  976.420352][T19663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  976.428387][T19663] R13: 00007f7570e16038 R14: 00007f7570e15fa0 R15: 00007fff9a9564c8
[  976.436502][T19663]  </TASK>
[  976.573771][T19663] ERROR: Out of memory at tomoyo_realpath_from_path.
[  978.051183][T19717] netlink: 'syz.3.5213': attribute type 3 has an invalid length.
[  978.080118][T19727] netlink: 'syz.0.5215': attribute type 21 has an invalid length.
[  978.106743][T19717] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.5213'.
[  979.700578][T19764] netlink: 'syz.3.5229': attribute type 27 has an invalid length.
[  979.983403][T19773] netlink: 'syz.2.5231': attribute type 3 has an invalid length.
[  979.992490][T19773] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.5231'.
[  981.067637][T19803] FAULT_INJECTION: forcing a failure.
[  981.067637][T19803] name failslab, interval 1, probability 0, space 0, times 0
[  981.102079][T19805] netlink: 'syz.0.5246': attribute type 27 has an invalid length.
[  981.110545][T19803] CPU: 1 PID: 19803 Comm: syz.1.5245 Not tainted syzkaller #0
[  981.118098][T19803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  981.128315][T19803] Call Trace:
[  981.131650][T19803]  <TASK>
[  981.134632][T19803]  dump_stack_lvl+0x188/0x24e
[  981.139383][T19803]  ? show_regs_print_info+0x12/0x12
[  981.144647][T19803]  ? load_image+0x400/0x400
[  981.149214][T19803]  ? __lock_acquire+0x7d10/0x7d10
[  981.154313][T19803]  should_fail_ex+0x399/0x4d0
[  981.159057][T19803]  should_failslab+0x5/0x20
[  981.163616][T19803]  slab_pre_alloc_hook+0x59/0x310
[  981.168701][T19803]  ? verify_lock_unused+0x140/0x140
[  981.173956][T19803]  ? bpf_test_init+0x9f/0x140
[  981.178679][T19803]  __kmem_cache_alloc_node+0x4f/0x260
[  981.184086][T19803]  ? bpf_test_init+0x9f/0x140
[  981.188805][T19803]  __kmalloc+0xa0/0x240
[  981.193010][T19803]  bpf_test_init+0x9f/0x140
[  981.197560][T19803]  bpf_prog_test_run_xdp+0x484/0xf10
[  981.202981][T19803]  ? dev_put+0x80/0x80
[  981.207123][T19803]  ? dev_put+0x80/0x80
[  981.211281][T19803]  bpf_prog_test_run+0x31e/0x390
[  981.216277][T19803]  __sys_bpf+0x62b/0x780
[  981.220653][T19803]  ? bpf_link_show_fdinfo+0x380/0x380
[  981.226082][T19803]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  981.232301][T19803]  __x64_sys_bpf+0x78/0x90
[  981.236767][T19803]  do_syscall_64+0x4c/0xa0
[  981.241319][T19803]  ? clear_bhb_loop+0x60/0xb0
[  981.246035][T19803]  ? clear_bhb_loop+0x60/0xb0
[  981.250761][T19803]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  981.256696][T19803] RIP: 0033:0x7f6bf599cdd9
[  981.261154][T19803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  981.280810][T19803] RSP: 002b:00007f6bf3bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  981.289268][T19803] RAX: ffffffffffffffda RBX: 00007f6bf5c15fa0 RCX: 00007f6bf599cdd9
[  981.297287][T19803] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  981.305310][T19803] RBP: 00007f6bf3bf6090 R08: 0000000000000000 R09: 0000000000000000
[  981.313325][T19803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  981.321345][T19803] R13: 00007f6bf5c16038 R14: 00007f6bf5c15fa0 R15: 00007ffef472be98
[  981.329368][T19803]  </TASK>
[  982.406167][T19836] netlink: 122896 bytes leftover after parsing attributes in process `syz.1.5264'.
[  982.488933][T19840] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5258'.
[  982.490708][T19835] netlink: 122896 bytes leftover after parsing attributes in process `syz.1.5264'.
[  982.559833][T19835] sysfs: cannot create duplicate filename '/class/ieee80211/!!!'
[  982.582532][T19835] CPU: 1 PID: 19835 Comm: syz.1.5264 Not tainted syzkaller #0
[  982.590106][T19835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  982.600234][T19835] Call Trace:
[  982.603650][T19835]  <TASK>
[  982.606636][T19835]  dump_stack_lvl+0x188/0x24e
[  982.611524][T19835]  ? show_regs_print_info+0x12/0x12
[  982.616800][T19835]  ? load_image+0x400/0x400
[  982.621374][T19835]  sysfs_warn_dup+0x8a/0xa0
[  982.625944][T19835]  sysfs_do_create_link_sd+0xc0/0x110
[  982.631476][T19835]  device_add+0x7ed/0xfb0
[  982.635875][T19835]  wiphy_register+0x1d9f/0x2ac0
[  982.640858][T19835]  ? cfg80211_event_work+0x40/0x40
[  982.646043][T19835]  ? minstrel_ht_alloc+0x894/0xa20
[  982.651232][T19835]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[  982.657361][T19835]  ieee80211_register_hw+0x2d00/0x39f0
[  982.662891][T19835]  ? ieee80211_register_hw+0xf21/0x39f0
[  982.668494][T19835]  ? ieee80211_register_hw+0xf21/0x39f0
[  982.674196][T19835]  ? ieee80211_tasklet_handler+0x20/0x20
[  982.679909][T19835]  ? memset+0x1e/0x40
[  982.683969][T19835]  ? __hrtimer_init+0x186/0x270
[  982.688877][T19835]  mac80211_hwsim_new_radio+0x28c2/0x4c40
[  982.694688][T19835]  hwsim_new_radio_nl+0xafa/0xce0
[  982.699798][T19835]  genl_family_rcv_msg_doit+0x22a/0x330
[  982.705404][T19835]  ? end_current_label_crit_section+0x170/0x170
[  982.711810][T19835]  ? genl_family_rcv_msg_dumpit+0x3c0/0x3c0
[  982.717859][T19835]  ? bpf_lsm_capable+0x5/0x10
[  982.722620][T19835]  ? security_capable+0x85/0xb0
[  982.727541][T19835]  genl_rcv_msg+0x604/0x790
[  982.732161][T19835]  ? genl_bind+0x360/0x360
[  982.736628][T19835]  ? hwsim_tx_info_frame_received_nl+0xfc0/0xfc0
[  982.743049][T19835]  netlink_rcv_skb+0x1fb/0x450
[  982.747885][T19835]  ? genl_bind+0x360/0x360
[  982.752387][T19835]  ? netlink_ack+0x1170/0x1170
[  982.757228][T19835]  ? down_read+0x1a8/0x2d0
[  982.761709][T19835]  genl_rcv+0x24/0x40
[  982.765738][T19835]  netlink_unicast+0x74d/0x8d0
[  982.770569][T19835]  netlink_sendmsg+0x8ad/0xbd0
[  982.775412][T19835]  ? netlink_getsockopt+0x550/0x550
[  982.780689][T19835]  ? aa_sock_msg_perm+0x94/0x150
[  982.785879][T19835]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  982.791316][T19835]  ? security_socket_sendmsg+0x7c/0xa0
[  982.796945][T19835]  ? netlink_getsockopt+0x550/0x550
[  982.802298][T19835]  ____sys_sendmsg+0x5be/0x970
[  982.807226][T19835]  ? __sys_sendmsg_sock+0x30/0x30
[  982.812308][T19835]  ? __import_iovec+0x315/0x500
[  982.817307][T19835]  ? import_iovec+0x6f/0xa0
[  982.822304][T19835]  ___sys_sendmsg+0x2a2/0x360
[  982.827048][T19835]  ? __sys_sendmsg+0x290/0x290
[  982.831896][T19835]  ? trace_call_bpf+0xbf/0x6b0
[  982.836753][T19835]  __se_sys_sendmsg+0x1bb/0x2a0
[  982.841665][T19835]  ? __x64_sys_sendmsg+0x80/0x80
[  982.846681][T19835]  ? lockdep_hardirqs_on+0x94/0x140
[  982.851935][T19835]  do_syscall_64+0x4c/0xa0
[  982.856411][T19835]  ? clear_bhb_loop+0x60/0xb0
[  982.861146][T19835]  ? clear_bhb_loop+0x60/0xb0
[  982.865920][T19835]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  982.871874][T19835] RIP: 0033:0x7f6bf599cdd9
[  982.876360][T19835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  982.896021][T19835] RSP: 002b:00007f6bf3bd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  982.904494][T19835] RAX: ffffffffffffffda RBX: 00007f6bf5c16090 RCX: 00007f6bf599cdd9
[  982.912523][T19835] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[  982.920547][T19835] RBP: 00007f6bf5a32d69 R08: 0000000000000000 R09: 0000000000000000
[  982.928583][T19835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  982.936624][T19835] R13: 00007f6bf5c16128 R14: 00007f6bf5c16090 R15: 00007ffef472be98
[  982.944675][T19835]  </TASK>
[  983.490280][T19861] netlink: 'syz.0.5269': attribute type 3 has an invalid length.
[  983.528524][T19862] netlink: 'syz.4.5268': attribute type 27 has an invalid length.
[  983.543071][T19861] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.5269'.
[  983.862472][T19877] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5274'.
[  984.050961][T19887] netlink: 'syz.1.5276': attribute type 27 has an invalid length.
[  984.087069][T19887] netlink: 164 bytes leftover after parsing attributes in process `syz.1.5276'.
[  984.858297][T19917] netlink: 'syz.3.5291': attribute type 27 has an invalid length.
[  985.011248][T19925] bond0: (slave wlan1): Error: Slave device does not support XDP
[  986.187333][T19971] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  986.502400][T19980] netlink: 'syz.3.5315': attribute type 27 has an invalid length.
[  987.663281][T20004] netlink: 'syz.3.5324': attribute type 15 has an invalid length.
[  987.671198][T20004] netlink: 'syz.3.5324': attribute type 7 has an invalid length.
[  987.835035][T20014] netlink: 'syz.1.5328': attribute type 27 has an invalid length.
[  992.369254][T20066] netlink: 'syz.2.5347': attribute type 27 has an invalid length.
[  993.161165][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  993.167692][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  993.635140][T20119] netlink: 'syz.4.5365': attribute type 10 has an invalid length.
[  993.723322][T20121] netlink: 'syz.3.5366': attribute type 27 has an invalid length.
[  994.007601][T20139] FAULT_INJECTION: forcing a failure.
[  994.007601][T20139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  994.063207][T20139] CPU: 0 PID: 20139 Comm: syz.0.5370 Not tainted syzkaller #0
[  994.070776][T20139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  994.080890][T20139] Call Trace:
[  994.084217][T20139]  <TASK>
[  994.087199][T20139]  dump_stack_lvl+0x188/0x24e
[  994.092040][T20139]  ? show_regs_print_info+0x12/0x12
[  994.097308][T20139]  ? load_image+0x400/0x400
[  994.101880][T20139]  ? __lock_acquire+0x7d10/0x7d10
[  994.106992][T20139]  ? mutex_lock_nested+0x10/0x10
[  994.112042][T20139]  should_fail_ex+0x399/0x4d0
[  994.116871][T20139]  _copy_from_user+0x2c/0x170
[  994.121614][T20139]  __tun_chr_ioctl+0x1331/0x1e60
[  994.126630][T20139]  ? tun_flow_create+0x310/0x310
[  994.131655][T20139]  ? bpf_lsm_file_ioctl+0x5/0x10
[  994.136665][T20139]  ? security_file_ioctl+0x7c/0xa0
[  994.141853][T20139]  ? tun_chr_poll+0x630/0x630
[  994.146600][T20139]  __se_sys_ioctl+0xfa/0x170
[  994.151271][T20139]  do_syscall_64+0x4c/0xa0
[  994.155758][T20139]  ? clear_bhb_loop+0x60/0xb0
[  994.160504][T20139]  ? clear_bhb_loop+0x60/0xb0
[  994.165258][T20139]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  994.171213][T20139] RIP: 0033:0x7f7570b9cdd9
[  994.175694][T20139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  994.195362][T20139] RSP: 002b:00007f7571a71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  994.203936][T20139] RAX: ffffffffffffffda RBX: 00007f7570e16090 RCX: 00007f7570b9cdd9
[  994.211973][T20139] RDX: 0000200000000040 RSI: 00000000401054d5 RDI: 0000000000000004
[  994.220010][T20139] RBP: 00007f7571a71090 R08: 0000000000000000 R09: 0000000000000000
[  994.228042][T20139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.236103][T20139] R13: 00007f7570e16128 R14: 00007f7570e16090 R15: 00007fff9a9564c8
[  994.244236][T20139]  </TASK>
[  995.131138][T20166] netlink: 'syz.2.5382': attribute type 10 has an invalid length.
[  995.345680][T20172] netlink: 'syz.3.5385': attribute type 27 has an invalid length.
[  996.506413][T20209] netlink: 'syz.4.5398': attribute type 21 has an invalid length.
[  996.761619][T20216] netlink: 'syz.3.5403': attribute type 27 has an invalid length.
[  999.987916][T20294] FAULT_INJECTION: forcing a failure.
[  999.987916][T20294] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.003063][T20294] CPU: 1 PID: 20294 Comm: syz.4.5434 Not tainted syzkaller #0
[ 1000.010615][T20294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1000.020726][T20294] Call Trace:
[ 1000.024065][T20294]  <TASK>
[ 1000.027040][T20294]  dump_stack_lvl+0x188/0x24e
[ 1000.031806][T20294]  ? show_regs_print_info+0x12/0x12
[ 1000.037110][T20294]  ? load_image+0x400/0x400
[ 1000.041677][T20294]  ? __might_sleep+0xd0/0xd0
[ 1000.046334][T20294]  ? __lock_acquire+0x7d10/0x7d10
[ 1000.051431][T20294]  should_fail_ex+0x399/0x4d0
[ 1000.056166][T20294]  should_failslab+0x5/0x20
[ 1000.060716][T20294]  slab_pre_alloc_hook+0x59/0x310
[ 1000.065832][T20294]  ? apparmor_sk_alloc_security+0x74/0x100
[ 1000.071709][T20294]  __kmem_cache_alloc_node+0x4f/0x260
[ 1000.077242][T20294]  ? apparmor_sk_alloc_security+0x74/0x100
[ 1000.083109][T20294]  kmalloc_trace+0x26/0xe0
[ 1000.087644][T20294]  apparmor_sk_alloc_security+0x74/0x100
[ 1000.093348][T20294]  security_sk_alloc+0x6a/0xa0
[ 1000.098173][T20294]  sk_prot_alloc+0x101/0x210
[ 1000.102831][T20294]  ? sk_alloc+0x20/0x340
[ 1000.107136][T20294]  sk_alloc+0x36/0x340
[ 1000.111261][T20294]  ? bpf_ctx_init+0x163/0x1a0
[ 1000.115989][T20294]  ? bpf_prog_test_run_skb+0x26f/0x12a0
[ 1000.121763][T20294]  bpf_prog_test_run_skb+0x35e/0x12a0
[ 1000.127712][T20294]  ? __fget_files+0x28/0x4b0
[ 1000.132361][T20294]  ? __fget_files+0x43d/0x4b0
[ 1000.137187][T20294]  ? cpu_online+0xa0/0xa0
[ 1000.141567][T20294]  bpf_prog_test_run+0x31e/0x390
[ 1000.146680][T20294]  __sys_bpf+0x62b/0x780
[ 1000.151407][T20294]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1000.156836][T20294]  ? lock_chain_count+0x20/0x20
[ 1000.161750][T20294]  __x64_sys_bpf+0x78/0x90
[ 1000.166220][T20294]  do_syscall_64+0x4c/0xa0
[ 1000.170684][T20294]  ? clear_bhb_loop+0x60/0xb0
[ 1000.175408][T20294]  ? clear_bhb_loop+0x60/0xb0
[ 1000.180132][T20294]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1000.186075][T20294] RIP: 0033:0x7efd2f19cdd9
[ 1000.190737][T20294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1000.210400][T20294] RSP: 002b:00007efd30087028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1000.218882][T20294] RAX: ffffffffffffffda RBX: 00007efd2f415fa0 RCX: 00007efd2f19cdd9
[ 1000.226897][T20294] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[ 1000.234907][T20294] RBP: 00007efd30087090 R08: 0000000000000000 R09: 0000000000000000
[ 1000.242934][T20294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1000.250950][T20294] R13: 00007efd2f416038 R14: 00007efd2f415fa0 R15: 00007ffebdd25458
[ 1000.259160][T20294]  </TASK>
[ 1000.291342][T20302] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.5435'.
[ 1001.829553][T20339] netlink: 'syz.4.5452': attribute type 10 has an invalid length.
[ 1002.124158][T20348] netlink: 'syz.1.5454': attribute type 10 has an invalid length.
[ 1002.543502][T20364] bond0: (slave wlan1): Error: Slave device does not support XDP
[ 1004.685276][T20393] netlink: 'syz.1.5467': attribute type 10 has an invalid length.
[ 1005.356290][T20397] netlink: 'syz.3.5471': attribute type 10 has an invalid length.
[ 1005.417240][T20405] netlink: 'syz.1.5474': attribute type 4 has an invalid length.
[ 1005.443371][T20405] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.5474'.
[ 1005.890894][T20418] netlink: 'syz.3.5480': attribute type 21 has an invalid length.
[ 1005.910667][T20418] netlink: 'syz.3.5480': attribute type 6 has an invalid length.
[ 1005.933140][T20418] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5480'.
[ 1006.318419][T20435] device pim6reg1 entered promiscuous mode
[ 1006.347376][T20437] netlink: 'syz.2.5484': attribute type 10 has an invalid length.
[ 1007.331741][T20460] netlink: 'syz.4.5491': attribute type 27 has an invalid length.
[ 1007.944633][T20478] netlink: 'syz.1.5499': attribute type 10 has an invalid length.
[ 1009.377824][T20510] netlink: 'syz.4.5513': attribute type 27 has an invalid length.
[ 1009.687813][T20517] netlink: 'syz.3.5514': attribute type 10 has an invalid length.
[ 1010.578144][T20543] device pim6reg1 entered promiscuous mode
[ 1010.804157][T20550] netlink: 'syz.2.5525': attribute type 29 has an invalid length.
[ 1010.929023][T20550] netlink: 'syz.2.5525': attribute type 29 has an invalid length.
[ 1010.947526][T20551] netlink: 'syz.2.5525': attribute type 29 has an invalid length.
[ 1011.006167][T20552] netlink: 'syz.2.5525': attribute type 29 has an invalid length.
[ 1011.132151][T20557] netlink: 'syz.0.5527': attribute type 10 has an invalid length.
[ 1011.490819][T20565] netlink: 'syz.3.5531': attribute type 27 has an invalid length.
[ 1012.518584][T20594] netlink: 'syz.0.5543': attribute type 10 has an invalid length.
[ 1012.873406][T20605] netlink: 'syz.0.5547': attribute type 10 has an invalid length.
[ 1012.898461][T20605] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5547'.
[ 1012.983493][T20605] device team0 entered promiscuous mode
[ 1012.991806][T20605] device team_slave_0 entered promiscuous mode
[ 1013.006786][T20605] device team_slave_1 entered promiscuous mode
[ 1013.014331][T20605] bridge0: port 3(team0) entered blocking state
[ 1013.021141][T20605] bridge0: port 3(team0) entered disabled state
[ 1013.030193][T20605] bridge0: port 3(team0) entered blocking state
[ 1013.036686][T20605] bridge0: port 3(team0) entered forwarding state
[ 1013.228153][T20617] FAULT_INJECTION: forcing a failure.
[ 1013.228153][T20617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1013.252542][T20617] CPU: 0 PID: 20617 Comm: syz.2.5554 Not tainted syzkaller #0
[ 1013.260129][T20617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1013.270247][T20617] Call Trace:
[ 1013.273669][T20617]  <TASK>
[ 1013.276646][T20617]  dump_stack_lvl+0x188/0x24e
[ 1013.281404][T20617]  ? show_regs_print_info+0x12/0x12
[ 1013.286762][T20617]  ? load_image+0x400/0x400
[ 1013.291339][T20617]  ? __lock_acquire+0x7d10/0x7d10
[ 1013.296436][T20617]  should_fail_ex+0x399/0x4d0
[ 1013.301195][T20617]  _copy_from_iter+0x1c0/0x1130
[ 1013.306102][T20617]  ? __lock_acquire+0x7d10/0x7d10
[ 1013.311192][T20617]  ? sock_alloc_send_pskb+0x89d/0x9a0
[ 1013.316635][T20617]  ? copyout_mc+0x110/0x110
[ 1013.321256][T20617]  ? __virt_addr_valid+0x188/0x540
[ 1013.326438][T20617]  ? __virt_addr_valid+0x188/0x540
[ 1013.331632][T20617]  ? __virt_addr_valid+0x465/0x540
[ 1013.336831][T20617]  ? __check_object_size+0x500/0xa40
[ 1013.342194][T20617]  skb_copy_datagram_from_iter+0xef/0x690
[ 1013.348039][T20617]  ? skb_put+0x117/0x210
[ 1013.352360][T20617]  tun_get_user+0xb81/0x3c70
[ 1013.357043][T20617]  ? rcu_read_unlock+0xa0/0xa0
[ 1013.361901][T20617]  ? tun_get+0x1c/0x2e0
[ 1013.366137][T20617]  ? __lock_acquire+0x7d10/0x7d10
[ 1013.371370][T20617]  ? tun_get+0x1c/0x2e0
[ 1013.375610][T20617]  tun_chr_write_iter+0x112/0x1f0
[ 1013.380703][T20617]  vfs_write+0x4b1/0xa30
[ 1013.385195][T20617]  ? file_end_write+0x250/0x250
[ 1013.390139][T20617]  ? __fget_files+0x43d/0x4b0
[ 1013.394892][T20617]  ? __fdget_pos+0x1d4/0x360
[ 1013.399541][T20617]  ? ksys_write+0x71/0x250
[ 1013.404039][T20617]  ksys_write+0x14c/0x250
[ 1013.408793][T20617]  ? __ia32_sys_read+0x80/0x80
[ 1013.413634][T20617]  ? lockdep_hardirqs_on+0x94/0x140
[ 1013.419000][T20617]  do_syscall_64+0x4c/0xa0
[ 1013.423470][T20617]  ? clear_bhb_loop+0x60/0xb0
[ 1013.428464][T20617]  ? clear_bhb_loop+0x60/0xb0
[ 1013.433204][T20617]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1013.439149][T20617] RIP: 0033:0x7f63c139cdd9
[ 1013.443615][T20617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1013.463364][T20617] RSP: 002b:00007f63c216e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1013.471833][T20617] RAX: ffffffffffffffda RBX: 00007f63c1615fa0 RCX: 00007f63c139cdd9
[ 1013.479847][T20617] RDX: 000000000000fdef RSI: 0000200000000780 RDI: 00000000000000c8
[ 1013.487858][T20617] RBP: 00007f63c216e090 R08: 0000000000000000 R09: 0000000000000000
[ 1013.495870][T20617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1013.503963][T20617] R13: 00007f63c1616038 R14: 00007f63c1615fa0 R15: 00007fff1cd346b8
[ 1013.511987][T20617]  </TASK>
[ 1013.585095][T20615] netlink: 'syz.1.5552': attribute type 27 has an invalid length.
[ 1013.828413][T20630] netlink: 'syz.2.5557': attribute type 10 has an invalid length.
[ 1014.821059][T20661] netlink: 'syz.0.5569': attribute type 10 has an invalid length.
[ 1015.071135][T20665] netlink: 'syz.3.5571': attribute type 27 has an invalid length.
[ 1015.748442][T20692] netlink: 180 bytes leftover after parsing attributes in process `syz.1.5581'.
[ 1015.984789][T20703] netlink: 'syz.4.5584': attribute type 10 has an invalid length.
[ 1016.232727][T20709] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5587'.
[ 1016.867338][T20734] netlink: 'syz.2.5595': attribute type 27 has an invalid length.
[ 1017.136228][T20745] netlink: 'syz.3.5599': attribute type 10 has an invalid length.
[ 1018.101468][T20778] netlink: 'syz.1.5611': attribute type 10 has an invalid length.
[ 1018.525553][T20791] netlink: 'syz.1.5616': attribute type 27 has an invalid length.
[ 1018.889294][T20809] delete_channel: no stack
[ 1018.904691][T20809] delete_channel: no stack
[ 1019.176252][T20818] netlink: 'syz.4.5626': attribute type 10 has an invalid length.
[ 1019.367998][T20826] netlink: 180 bytes leftover after parsing attributes in process `syz.2.5627'.
[ 1021.113796][T20855] netlink: 'syz.2.5641': attribute type 10 has an invalid length.
[ 1022.556789][T20899] netlink: 180 bytes leftover after parsing attributes in process `syz.0.5652'.
[ 1022.818699][T20902] netlink: 'syz.2.5656': attribute type 10 has an invalid length.
[ 1023.317658][T20914] netlink: 'syz.0.5660': attribute type 10 has an invalid length.
[ 1023.353895][T20914] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5660'.
[ 1023.370007][T20914] device ipvlan1 entered promiscuous mode
[ 1023.426337][T20914] bridge0: port 4(ipvlan1) entered blocking state
[ 1023.456977][T20914] bridge0: port 4(ipvlan1) entered disabled state
[ 1023.511976][T20914] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1023.540928][T20918] netlink: 'syz.2.5663': attribute type 27 has an invalid length.
[ 1023.990859][T20935] netlink: 'syz.4.5668': attribute type 10 has an invalid length.
[ 1024.318592][T20940] netlink: 'syz.0.5681': attribute type 10 has an invalid length.
[ 1024.502993][T20943] netlink: 180 bytes leftover after parsing attributes in process `syz.4.5671'.
[ 1024.958810][T20960] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.5679'.
[ 1025.099765][T20960] netlink: 1034 bytes leftover after parsing attributes in process `syz.1.5679'.
[ 1025.668152][T20985] netlink: 'syz.3.5687': attribute type 10 has an invalid length.
[ 1025.718561][T20976] netlink: 'syz.0.5685': attribute type 27 has an invalid length.
[ 1026.374587][T21001] netlink: 'syz.3.5693': attribute type 3 has an invalid length.
[ 1026.389293][T21001] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.5693'.
[ 1027.223173][T21017] netlink: 194236 bytes leftover after parsing attributes in process `syz.2.5698'.
[ 1027.234301][T21025] netlink: 'syz.1.5700': attribute type 10 has an invalid length.
[ 1027.270607][T21017] netlink: zone id is out of range
[ 1027.286175][T21017] netlink: zone id is out of range
[ 1027.300122][T21017] netlink: zone id is out of range
[ 1027.323529][T21017] netlink: zone id is out of range
[ 1027.329526][T21017] netlink: zone id is out of range
[ 1027.346173][T21017] netlink: zone id is out of range
[ 1027.351543][T21017] netlink: zone id is out of range
[ 1027.367090][T21017] netlink: zone id is out of range
[ 1027.383254][T21017] netlink: zone id is out of range
[ 1027.946642][T21039] netlink: 'syz.3.5704': attribute type 27 has an invalid length.
[ 1028.396399][T21056] netlink: 'syz.0.5712': attribute type 10 has an invalid length.
[ 1028.750203][T21063] netlink: 122896 bytes leftover after parsing attributes in process `syz.2.5715'.
[ 1028.804506][T21063] debugfs: Directory '!!!' with parent 'ieee80211' already present!
[ 1029.659847][T21085] FAULT_INJECTION: forcing a failure.
[ 1029.659847][T21085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1029.774537][T21085] CPU: 1 PID: 21085 Comm: syz.4.5724 Not tainted syzkaller #0
[ 1029.782142][T21085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1029.792265][T21085] Call Trace:
[ 1029.795641][T21085]  <TASK>
[ 1029.798625][T21085]  dump_stack_lvl+0x188/0x24e
[ 1029.803375][T21085]  ? show_regs_print_info+0x12/0x12
[ 1029.808630][T21085]  ? load_image+0x400/0x400
[ 1029.813210][T21085]  ? __lock_acquire+0x7d10/0x7d10
[ 1029.818376][T21085]  ? snprintf+0xe5/0x140
[ 1029.822781][T21085]  should_fail_ex+0x399/0x4d0
[ 1029.827559][T21085]  _copy_to_user+0x2c/0x130
[ 1029.832123][T21085]  simple_read_from_buffer+0xe3/0x150
[ 1029.837992][T21085]  proc_fail_nth_read+0x1a6/0x220
[ 1029.843073][T21085]  ? proc_fault_inject_write+0x310/0x310
[ 1029.848758][T21085]  ? fsnotify_perm+0x248/0x550
[ 1029.853567][T21085]  ? proc_fault_inject_write+0x310/0x310
[ 1029.859255][T21085]  vfs_read+0x2de/0xa00
[ 1029.863464][T21085]  ? kernel_read+0x1e0/0x1e0
[ 1029.868104][T21085]  ? __fget_files+0x28/0x4b0
[ 1029.872741][T21085]  ? __fget_files+0x28/0x4b0
[ 1029.877481][T21085]  ? __fget_files+0x43d/0x4b0
[ 1029.882215][T21085]  ? __fdget_pos+0x2ae/0x360
[ 1029.886858][T21085]  ? ksys_read+0x71/0x250
[ 1029.891254][T21085]  ksys_read+0x14c/0x250
[ 1029.895555][T21085]  ? vfs_write+0xa30/0xa30
[ 1029.900027][T21085]  ? lockdep_hardirqs_on+0x94/0x140
[ 1029.905274][T21085]  do_syscall_64+0x4c/0xa0
[ 1029.909750][T21085]  ? clear_bhb_loop+0x60/0xb0
[ 1029.914479][T21085]  ? clear_bhb_loop+0x60/0xb0
[ 1029.919208][T21085]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1029.925150][T21085] RIP: 0033:0x7efd2f15d60e
[ 1029.929599][T21085] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1029.949340][T21085] RSP: 002b:00007efd30086fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1029.957806][T21085] RAX: ffffffffffffffda RBX: 00007efd300876c0 RCX: 00007efd2f15d60e
[ 1029.965824][T21085] RDX: 000000000000000f RSI: 00007efd300870a0 RDI: 0000000000000005
[ 1029.974041][T21085] RBP: 00007efd30087090 R08: 0000000000000000 R09: 0000000000000000
[ 1029.982173][T21085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1029.990215][T21085] R13: 00007efd2f416038 R14: 00007efd2f415fa0 R15: 00007ffebdd25458
[ 1029.998296][T21085]  </TASK>
[ 1030.305350][T21094] netlink: 'syz.4.5728': attribute type 10 has an invalid length.
[ 1030.733042][T21098] netlink: 'syz.3.5729': attribute type 27 has an invalid length.
[ 1030.977590][T21112] netlink: 'syz.1.5733': attribute type 10 has an invalid length.
[ 1031.036950][T21112] team0: Port device hsr_slave_0 added
[ 1031.065465][T21117] netlink: 'syz.1.5733': attribute type 3 has an invalid length.
[ 1031.102436][T21117] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.5733'.
[ 1032.469788][T21139] netlink: 'syz.2.5742': attribute type 10 has an invalid length.
[ 1032.534081][T21143] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5744'.
[ 1032.678078][T21141] netlink: 194236 bytes leftover after parsing attributes in process `syz.0.5741'.
[ 1032.740119][T21141] net_ratelimit: 3 callbacks suppressed
[ 1032.740143][T21141] netlink: zone id is out of range
[ 1032.831959][T21141] netlink: zone id is out of range
[ 1032.893884][T21141] netlink: zone id is out of range
[ 1032.975824][T21141] netlink: zone id is out of range
[ 1032.998824][T21141] netlink: zone id is out of range
[ 1033.018720][T21141] netlink: zone id is out of range
[ 1033.038644][T21141] netlink: zone id is out of range
[ 1033.058181][T21141] netlink: zone id is out of range
[ 1033.074820][T21141] netlink: zone id is out of range
[ 1033.091129][T21141] netlink: zone id is out of range
[ 1035.904949][T21172] netlink: 'syz.4.5754': attribute type 27 has an invalid length.
[ 1036.254869][T21182] netlink: 'syz.0.5758': attribute type 10 has an invalid length.
[ 1036.347299][T21181] netlink: 'syz.1.5757': attribute type 10 has an invalid length.
[ 1036.814726][T21188] netlink: 'syz.2.5760': attribute type 10 has an invalid length.
[ 1036.868675][T21188] team0: Port device hsr_slave_0 added
[ 1036.897429][T21190] netlink: 'syz.2.5760': attribute type 3 has an invalid length.
[ 1036.975543][T21190] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.5760'.
[ 1037.523672][T21208] netlink: 'syz.3.5767': attribute type 10 has an invalid length.
[ 1037.558940][T21208] device wlan1 entered promiscuous mode
[ 1037.572506][T21208] team0: Port device wlan1 added
[ 1037.769914][T21212] netlink: 65043 bytes leftover after parsing attributes in process `syz.1.5768'.
[ 1037.796609][T21212] delete_channel: no stack
[ 1037.812294][T21212] delete_channel: no stack
[ 1037.906947][T21216] netlink: 830 bytes leftover after parsing attributes in process `syz.2.5770'.
[ 1038.153645][T21223] netlink: 'syz.4.5773': attribute type 10 has an invalid length.
[ 1038.458124][T21225] Ÿë
: port 1(gretap0) entered blocking state
[ 1038.473111][T21225] Ÿë
: port 1(gretap0) entered disabled state
[ 1038.480851][T21225] device gretap0 entered promiscuous mode
[ 1042.270393][T21279] netlink: 'syz.0.5787': attribute type 10 has an invalid length.
[ 1043.184030][T21305] netlink: 'syz.1.5800': attribute type 10 has an invalid length.
[ 1043.575844][T21314] : port 1(ip6gretap0) entered blocking state
[ 1043.714040][T21314] : port 1(ip6gretap0) entered disabled state
[ 1043.775135][T21314] device ip6gretap0 entered promiscuous mode
[ 1043.885148][T21316] device ip6gretap0 left promiscuous mode
[ 1043.899390][T21316] : port 1(ip6gretap0) entered disabled state
[ 1044.633345][T21333] netlink: 'syz.2.5808': attribute type 27 has an invalid length.
[ 1045.156511][T21356] netlink: 'syz.1.5814': attribute type 10 has an invalid length.
[ 1045.303005][T21360] netlink: 'syz.3.5821': attribute type 21 has an invalid length.
[ 1045.424959][T21362] netlink: 'syz.4.5820': attribute type 21 has an invalid length.
[ 1045.452915][T21362] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5820'.
[ 1045.881077][T21376] netlink: 'syz.1.5826': attribute type 27 has an invalid length.
[ 1046.282549][T21389] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5829'.
[ 1046.404978][T21389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1046.519273][T21395] netlink: 'syz.3.5831': attribute type 10 has an invalid length.
[ 1046.532698][T21395] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5831'.
[ 1046.768494][T21396] netlink: 'syz.2.5832': attribute type 10 has an invalid length.
[ 1050.352595][T21434] netlink: 'syz.4.5844': attribute type 27 has an invalid length.
[ 1050.388494][T21438] netlink: 'syz.3.5846': attribute type 10 has an invalid length.
[ 1050.478396][T21438] device wlan1 left promiscuous mode
[ 1050.520675][T21438] team0: Port device wlan1 removed
[ 1051.599403][T21474] netlink: 'syz.3.5859': attribute type 10 has an invalid length.
[ 1051.672945][T21478] netlink: 'syz.0.5861': attribute type 5 has an invalid length.
[ 1051.720681][T21477] netlink: 'syz.1.5860': attribute type 10 has an invalid length.
[ 1052.067150][T13107] Bluetooth: hci3: unexpected event 0x1c length: 15 > 5
[ 1052.310344][T21500] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5870'.
[ 1052.777074][T21509] netlink: 'syz.2.5875': attribute type 10 has an invalid length.
[ 1053.026618][T21511] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.5876'.
[ 1053.604717][T13107] Bluetooth: hci5: unexpected event 0x1c length: 15 > 5
[ 1054.102629][T21549] netlink: 'syz.4.5889': attribute type 10 has an invalid length.
[ 1054.534847][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.541242][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.932403][T13107] Bluetooth: hci0: unexpected event 0x1c length: 15 > 5
[ 1055.006035][T21574] netlink: 'syz.1.5900': attribute type 1 has an invalid length.
[ 1055.025178][T21574] netlink: 'syz.1.5900': attribute type 1 has an invalid length.
[ 1055.035815][T21574] netlink: 116376 bytes leftover after parsing attributes in process `syz.1.5900'.
[ 1055.155191][T21580] netlink: 'syz.3.5902': attribute type 21 has an invalid length.
[ 1055.432629][T21587] netlink: 'syz.1.5904': attribute type 10 has an invalid length.
[ 1055.529038][T21589] netlink: 15478 bytes leftover after parsing attributes in process `syz.2.5905'.
[ 1055.993522][T21607] netlink: 'syz.1.5912': attribute type 3 has an invalid length.
[ 1056.094169][T21607] netlink: 114680 bytes leftover after parsing attributes in process `syz.1.5912'.
[ 1056.905444][ T4288] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1056.914964][ T4288] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1056.923858][T21622] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1056.932145][T21622] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1056.940182][T21622] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1056.952983][T21622] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1058.277593][T13106] bridge0: port 3(syz_tun) entered disabled state
[ 1058.386174][T13106] device syz_tun left promiscuous mode
[ 1058.391827][T13106] bridge0: port 3(syz_tun) entered disabled state
[ 1058.652579][T19128] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1059.103194][T21622] Bluetooth: hci4: command 0x0409 tx timeout
[ 1059.262612][T21629] netlink: 'syz.2.5919': attribute type 10 has an invalid length.
[ 1059.437587][T19128] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1059.578799][T19128] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1059.698762][T19128] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1059.986864][T21620] chnl_net:caif_netlink_parms(): no params data found
[ 1060.224645][T19128] device 0 left promiscuous mode
[ 1060.377249][T19128] device 1 left promiscuous mode
[ 1060.409389][T21658] FAULT_INJECTION: forcing a failure.
[ 1060.409389][T21658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1060.468389][T21658] CPU: 0 PID: 21658 Comm: syz.2.5929 Not tainted syzkaller #0
[ 1060.475998][T21658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1060.486105][T21658] Call Trace:
[ 1060.489477][T21658]  <TASK>
[ 1060.492473][T21658]  dump_stack_lvl+0x188/0x24e
[ 1060.497239][T21658]  ? show_regs_print_info+0x12/0x12
[ 1060.502528][T21658]  ? load_image+0x400/0x400
[ 1060.507109][T21658]  ? __lock_acquire+0x7d10/0x7d10
[ 1060.512246][T21658]  ? snprintf+0xe5/0x140
[ 1060.516564][T21658]  should_fail_ex+0x399/0x4d0
[ 1060.521422][T21658]  _copy_to_user+0x2c/0x130
[ 1060.526004][T21658]  simple_read_from_buffer+0xe3/0x150
[ 1060.531451][T21658]  proc_fail_nth_read+0x1a6/0x220
[ 1060.536668][T21658]  ? proc_fault_inject_write+0x310/0x310
[ 1060.542420][T21658]  ? fsnotify_perm+0x248/0x550
[ 1060.547267][T21658]  ? proc_fault_inject_write+0x310/0x310
[ 1060.552968][T21658]  vfs_read+0x2de/0xa00
[ 1060.557236][T21658]  ? kernel_read+0x1e0/0x1e0
[ 1060.561914][T21658]  ? __fget_files+0x28/0x4b0
[ 1060.566573][T21658]  ? __fget_files+0x28/0x4b0
[ 1060.571230][T21658]  ? __fget_files+0x43d/0x4b0
[ 1060.575997][T21658]  ? __fdget_pos+0x2ae/0x360
[ 1060.580748][T21658]  ? ksys_read+0x71/0x250
[ 1060.585149][T21658]  ksys_read+0x14c/0x250
[ 1060.589471][T21658]  ? vfs_write+0xa30/0xa30
[ 1060.593968][T21658]  ? lockdep_hardirqs_on+0x94/0x140
[ 1060.599242][T21658]  do_syscall_64+0x4c/0xa0
[ 1060.603757][T21658]  ? clear_bhb_loop+0x60/0xb0
[ 1060.608502][T21658]  ? clear_bhb_loop+0x60/0xb0
[ 1060.613269][T21658]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1060.619254][T21658] RIP: 0033:0x7f63c135d60e
[ 1060.623754][T21658] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1060.643746][T21658] RSP: 002b:00007f63c216dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1060.652241][T21658] RAX: ffffffffffffffda RBX: 00007f63c216e6c0 RCX: 00007f63c135d60e
[ 1060.660278][T21658] RDX: 000000000000000f RSI: 00007f63c216e0a0 RDI: 0000000000000008
[ 1060.668342][T21658] RBP: 00007f63c216e090 R08: 0000000000000000 R09: 0000000000000000
[ 1060.676484][T21658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1060.684533][T21658] R13: 00007f63c1616038 R14: 00007f63c1615fa0 R15: 00007fff1cd346b8
[ 1060.693113][T21658]  </TASK>
[ 1060.860988][T19128] tipc: Left network mode
[ 1060.883449][T21620] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1060.890713][T21620] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1060.922512][T21620] device bridge_slave_0 entered promiscuous mode
[ 1060.943441][T21620] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1060.950866][T21620] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1060.984347][T21620] device bridge_slave_1 entered promiscuous mode
[ 1061.172868][T13107] Bluetooth: hci4: command 0x041b tx timeout
[ 1061.203866][T21620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1061.305988][T21620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1061.433564][T21679] netlink: 'syz.2.5932': attribute type 10 has an invalid length.
[ 1061.624118][T21685] netlink: 'syz.0.5934': attribute type 25 has an invalid length.
[ 1061.653304][T21685] netlink: 'syz.0.5934': attribute type 9 has an invalid length.
[ 1061.696802][T21620] team0: Port device team_slave_0 added
[ 1061.816911][T21620] team0: Port device team_slave_1 added
[ 1062.021516][T21620] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1062.067034][T21620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1062.140946][T21694] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5937'.
[ 1062.175290][T21620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1062.259539][T21694] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5937'.
[ 1062.283792][T21696] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5937'.
[ 1062.346098][T21620] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1062.356542][T21620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1062.415674][T21620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1062.524733][T21700] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5937'.
[ 1062.614810][T19128] device gretap0 left promiscuous mode
[ 1062.620439][T19128] Ÿë
: port 1(gretap0) entered disabled state
[ 1062.871286][T21620] device hsr_slave_0 entered promiscuous mode
[ 1062.913985][T21620] device hsr_slave_1 entered promiscuous mode
[ 1062.952917][T21620] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1062.960581][T21620] Cannot create hsr debugfs directory
[ 1063.121963][T21720] netlink: 'syz.3.5944': attribute type 10 has an invalid length.
[ 1063.253033][T13107] Bluetooth: hci4: command 0x040f tx timeout
[ 1063.291116][T21723] netlink: 'syz.2.5945': attribute type 9 has an invalid length.
[ 1063.301527][T21723] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.5945'.
[ 1063.485457][T21726] netlink: 'syz.2.5945': attribute type 3 has an invalid length.
[ 1063.510903][T21726] netlink: 55252 bytes leftover after parsing attributes in process `syz.2.5945'.
[ 1063.840411][T19128] bond0: (slave wlan1): Releasing backup interface
[ 1064.339169][T19128] device veth0_to_team left promiscuous mode
[ 1064.357358][T19128] Ÿë
: port 2(veth0_to_team) entered disabled state
[ 1064.401540][T19128] bridge0: port 4(team0) entered disabled state
[ 1064.425332][T19128] device bridge_slave_1 left promiscuous mode
[ 1064.438675][T19128] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.456763][T19128] device bridge_slave_0 left promiscuous mode
[ 1064.472263][T19128] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.585225][T19128] device veth1_macvtap left promiscuous mode
[ 1064.604302][T19128] device veth0_macvtap left promiscuous mode
[ 1064.611131][T19128] device veth0_vlan left promiscuous mode
[ 1065.333400][T13107] Bluetooth: hci4: command 0x0419 tx timeout
[ 1065.376465][T21771] FAULT_INJECTION: forcing a failure.
[ 1065.376465][T21771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1065.392410][T21771] CPU: 0 PID: 21771 Comm: syz.3.5960 Not tainted syzkaller #0
[ 1065.399964][T21771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1065.410166][T21771] Call Trace:
[ 1065.413489][T21771]  <TASK>
[ 1065.416470][T21771]  dump_stack_lvl+0x188/0x24e
[ 1065.421216][T21771]  ? show_regs_print_info+0x12/0x12
[ 1065.426494][T21771]  ? load_image+0x400/0x400
[ 1065.431237][T21771]  ? __lock_acquire+0x7d10/0x7d10
[ 1065.436333][T21771]  ? __rcu_read_unlock+0x78/0xd0
[ 1065.441427][T21771]  should_fail_ex+0x399/0x4d0
[ 1065.446172][T21771]  _copy_to_user+0x2c/0x130
[ 1065.450739][T21771]  bpf_test_finish+0x4a2/0x600
[ 1065.455574][T21771]  ? convert___skb_to_skb+0x580/0x580
[ 1065.461020][T21771]  ? convert_skb_to___skb+0x420/0x420
[ 1065.466471][T21771]  ? __build_skb+0x257/0x3c0
[ 1065.471145][T21771]  bpf_prog_test_run_skb+0xc99/0x12a0
[ 1065.476952][T21771]  ? cpu_online+0xa0/0xa0
[ 1065.481344][T21771]  bpf_prog_test_run+0x31e/0x390
[ 1065.486353][T21771]  __sys_bpf+0x62b/0x780
[ 1065.490665][T21771]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1065.496161][T21771]  ? lock_chain_count+0x20/0x20
[ 1065.501107][T21771]  __x64_sys_bpf+0x78/0x90
[ 1065.505601][T21771]  do_syscall_64+0x4c/0xa0
[ 1065.510097][T21771]  ? clear_bhb_loop+0x60/0xb0
[ 1065.514847][T21771]  ? clear_bhb_loop+0x60/0xb0
[ 1065.519593][T21771]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1065.525554][T21771] RIP: 0033:0x7f88ba19cdd9
[ 1065.530037][T21771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1065.549715][T21771] RSP: 002b:00007f88baff9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1065.558214][T21771] RAX: ffffffffffffffda RBX: 00007f88ba415fa0 RCX: 00007f88ba19cdd9
[ 1065.566258][T21771] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[ 1065.574292][T21771] RBP: 00007f88baff9090 R08: 0000000000000000 R09: 0000000000000000
[ 1065.582317][T21771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1065.590349][T21771] R13: 00007f88ba416038 R14: 00007f88ba415fa0 R15: 00007fff9112c5a8
[ 1065.598409][T21771]  </TASK>
[ 1066.339314][T19128] device team_slave_1 left promiscuous mode
[ 1066.350718][T19128] team0 (unregistering): Port device team_slave_1 removed
[ 1066.411392][T19128] device team_slave_0 left promiscuous mode
[ 1066.419516][T19128] team0 (unregistering): Port device team_slave_0 removed
[ 1066.477254][T19128] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1066.908650][T19128] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1066.918152][T19128] bond0 (unregistering): Released all slaves
[ 1067.039181][T21759] netlink: 'syz.0.5956': attribute type 10 has an invalid length.
[ 1067.061131][T21781] netlink: 'syz.3.5962': attribute type 21 has an invalid length.
[ 1067.070352][T21781] netlink: 'syz.3.5962': attribute type 6 has an invalid length.
[ 1067.092080][T21781] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5962'.
[ 1067.117287][T21782] netlink: 'syz.3.5962': attribute type 21 has an invalid length.
[ 1067.135716][T21782] netlink: 156 bytes leftover after parsing attributes in process `syz.3.5962'.
[ 1067.167567][T21783] netlink: 'syz.3.5962': attribute type 10 has an invalid length.
[ 1067.177996][T21783] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5962'.
[ 1067.460392][T21792] sctp: [Deprecated]: syz.2.5965 (pid 21792) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1067.460392][T21792] Use struct sctp_sack_info instead
[ 1067.537177][T21793] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5966'.
[ 1068.058851][T21620] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1068.124501][T21620] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1068.157158][T21620] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1068.167789][T21620] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1068.383731][T21809] netlink: 'syz.3.5972': attribute type 10 has an invalid length.
[ 1068.574168][T21620] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1068.643540][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1068.666606][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1068.719423][T21620] 8021q: adding VLAN 0 to HW filter on device team0
[ 1068.770903][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1068.824193][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1068.866805][T19131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1068.874177][T19131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1068.904170][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1068.946017][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1068.967824][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1068.992437][T19131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1068.999875][T19131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1070.463386][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1070.504417][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1070.586226][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1070.626832][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1070.661027][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1070.720954][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1070.819554][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1070.844779][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1070.881341][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1070.914850][T21620] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1070.944277][T21620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1070.973407][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1070.994422][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1071.129391][T21848] netlink: 'syz.3.5980': attribute type 3 has an invalid length.
[ 1071.195699][T21848] netlink: 114680 bytes leftover after parsing attributes in process `syz.3.5980'.
[ 1071.273106][T21850] netlink: 'syz.3.5980': attribute type 21 has an invalid length.
[ 1071.316705][T21850] netlink: 'syz.3.5980': attribute type 4 has an invalid length.
[ 1072.148638][T21864] netlink: 'syz.1.5984': attribute type 10 has an invalid length.
[ 1075.106738][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1075.124489][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1075.160496][T21620] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1075.368112][T21891] sctp: [Deprecated]: syz.0.5990 (pid 21891) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1075.368112][T21891] Use struct sctp_sack_info instead
[ 1075.571536][T21898] netlink: 'syz.3.5992': attribute type 3 has an invalid length.
[ 1075.620720][T21898] netlink: 'syz.3.5992': attribute type 4 has an invalid length.
[ 1075.696261][T21898] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5992'.
[ 1075.741112][T21901] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.5992'.
[ 1076.479749][T21918] netlink: 'syz.1.5998': attribute type 10 has an invalid length.
[ 1078.954012][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1078.974170][   T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1079.056381][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1079.074077][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1079.093577][T21620] device veth0_vlan entered promiscuous mode
[ 1079.104520][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1079.116241][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1079.141042][T21620] device veth1_vlan entered promiscuous mode
[ 1079.220088][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1079.234661][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1079.256206][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1079.277217][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1079.290581][T21620] device veth0_macvtap entered promiscuous mode
[ 1079.308028][T21620] device veth1_macvtap entered promiscuous mode
[ 1079.351139][T21948] netlink: 'syz.0.6014': attribute type 1 has an invalid length.
[ 1079.370463][T21948] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.6014'.
[ 1079.393286][T21954] sctp: [Deprecated]: syz.3.6005 (pid 21954) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1079.393286][T21954] Use struct sctp_sack_info instead
[ 1079.455758][T21955] device bond_slave_1 entered promiscuous mode
[ 1079.525513][T21620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1079.564063][T21620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1079.595706][T21620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1079.610725][T21959] FAULT_INJECTION: forcing a failure.
[ 1079.610725][T21959] name failslab, interval 1, probability 0, space 0, times 0
[ 1079.634312][T21620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1079.647335][T21959] CPU: 0 PID: 21959 Comm: syz.2.6007 Not tainted syzkaller #0
[ 1079.654900][T21959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1079.665015][T21959] Call Trace:
[ 1079.668345][T21959]  <TASK>
[ 1079.671332][T21959]  dump_stack_lvl+0x188/0x24e
[ 1079.676095][T21959]  ? show_regs_print_info+0x12/0x12
[ 1079.681405][T21959]  ? load_image+0x400/0x400
[ 1079.685979][T21959]  ? __might_sleep+0xd0/0xd0
[ 1079.688792][T21620] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1079.690627][T21959]  ? __lock_acquire+0x7d10/0x7d10
[ 1079.702987][T21959]  should_fail_ex+0x399/0x4d0
[ 1079.707749][T21959]  should_failslab+0x5/0x20
[ 1079.712308][T21959]  slab_pre_alloc_hook+0x59/0x310
[ 1079.717500][T21959]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1079.723306][T21959]  __kmem_cache_alloc_node+0x4f/0x260
[ 1079.728748][T21959]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1079.734559][T21959]  __kmalloc+0xa0/0x240
[ 1079.738788][T21959]  tomoyo_realpath_from_path+0xdf/0x5d0
[ 1079.744571][T21959]  ? tomoyo_path_number_perm+0x205/0x650
[ 1079.750322][T21959]  tomoyo_path_number_perm+0x22f/0x650
[ 1079.755863][T21959]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1079.761449][T21959]  ? __fget_files+0x28/0x4b0
[ 1079.766132][T21959]  ? __fget_files+0x28/0x4b0
[ 1079.770927][T21959]  security_file_ioctl+0x6c/0xa0
[ 1079.776052][T21959]  __se_sys_ioctl+0x48/0x170
[ 1079.780823][T21959]  do_syscall_64+0x4c/0xa0
[ 1079.785351][T21959]  ? clear_bhb_loop+0x60/0xb0
[ 1079.786691][T21620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1079.790076][T21959]  ? clear_bhb_loop+0x60/0xb0
[ 1079.805285][T21959]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1079.811258][T21959] RIP: 0033:0x7f63c139cdd9
[ 1079.815727][T21959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1079.835485][T21959] RSP: 002b:00007f63c216e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1079.844142][T21959] RAX: ffffffffffffffda RBX: 00007f63c1615fa0 RCX: 00007f63c139cdd9
[ 1079.852277][T21959] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000006
[ 1079.860323][T21959] RBP: 00007f63c216e090 R08: 0000000000000000 R09: 0000000000000000
[ 1079.868422][T21959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1079.872042][T21620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1079.876522][T21959] R13: 00007f63c1616038 R14: 00007f63c1615fa0 R15: 00007fff1cd346b8
[ 1079.876561][T21959]  </TASK>
[ 1079.964499][T21620] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1079.996625][T21959] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1080.025521][T21620] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1080.059554][T21620] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1080.095328][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1080.123804][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1080.178415][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1080.203822][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1080.213563][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1080.234109][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1080.255710][T21620] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.295543][T21620] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.314783][T21620] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.328821][T21620] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.345927][T21962] netlink: 'syz.1.6008': attribute type 10 has an invalid length.
[ 1080.357469][T21962] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6008'.
[ 1080.381363][T21962] batman_adv: batadv0: Adding interface: vlan1
[ 1080.394787][T21962] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1080.428916][T21962] batman_adv: batadv0: Interface activated: vlan1
[ 1083.738288][T21977] netlink: 'syz.2.6012': attribute type 10 has an invalid length.
[ 1083.926929][T19131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1083.956844][T19131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1084.004881][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1084.042185][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1084.051424][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1084.076629][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1084.172545][T21997] netlink: 'syz.1.6020': attribute type 4 has an invalid length.
[ 1084.395161][T21996] netlink: 'syz.2.6019': attribute type 1 has an invalid length.
[ 1084.415099][T21996] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.6019'.
[ 1084.443186][T22001] device bond_slave_1 entered promiscuous mode
[ 1085.656539][T13107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1085.666767][T13107] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1085.676471][T13107] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1085.693600][T13107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1085.705969][T13107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1085.723644][T13107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1085.892290][T19131] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1086.041027][T22030] netlink: 'syz.4.6028': attribute type 10 has an invalid length.
[ 1086.180907][T22030] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1086.315384][T19131] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1087.857445][T21622] Bluetooth: hci0: command 0x0409 tx timeout
[ 1088.994041][T19131] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.157438][T19131] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.547332][T22059] netlink: 'syz.4.6035': attribute type 27 has an invalid length.
[ 1089.561016][T22070] netlink: 'syz.2.6038': attribute type 3 has an invalid length.
[ 1089.616151][T22070] netlink: 'syz.2.6038': attribute type 1 has an invalid length.
[ 1089.641649][T22070] netlink: 60387 bytes leftover after parsing attributes in process `syz.2.6038'.
[ 1089.711172][T22074] netlink: 'syz.1.6037': attribute type 1 has an invalid length.
[ 1089.731987][T22074] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.6037'.
[ 1089.855934][T22075] device bond_slave_1 entered promiscuous mode
[ 1089.866696][T22024] chnl_net:caif_netlink_parms(): no params data found
[ 1089.905803][T13107] Bluetooth: hci0: command 0x041b tx timeout
[ 1091.992201][T13107] Bluetooth: hci0: command 0x040f tx timeout
[ 1092.959131][T22024] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1092.967384][T22024] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1092.996514][T22024] device bridge_slave_0 entered promiscuous mode
[ 1093.111908][T22024] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1093.143185][T22024] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1093.157454][T22024] device bridge_slave_1 entered promiscuous mode
[ 1093.354791][T22024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1093.459723][T22024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1093.475551][T22132] netlink: 'syz.2.6050': attribute type 1 has an invalid length.
[ 1093.504073][T22132] netlink: 5 bytes leftover after parsing attributes in process `syz.2.6050'.
[ 1093.518403][T22128] netlink: 'syz.1.6049': attribute type 27 has an invalid length.
[ 1093.660488][T22024] team0: Port device team_slave_0 added
[ 1093.744956][T22024] team0: Port device team_slave_1 added
[ 1093.903101][T22024] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1093.940382][T22024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1094.024289][T22024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1094.052903][T13107] Bluetooth: hci0: command 0x0419 tx timeout
[ 1094.196133][T22024] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1094.211004][T22024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1094.286454][T22024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1094.303622][T22152] netlink: 'syz.2.6055': attribute type 2 has an invalid length.
[ 1094.311481][T22152] netlink: 10 bytes leftover after parsing attributes in process `syz.2.6055'.
[ 1095.128427][T22024] device hsr_slave_0 entered promiscuous mode
[ 1095.140387][T22024] device hsr_slave_1 entered promiscuous mode
[ 1095.167901][T22024] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1095.192974][T22024] Cannot create hsr debugfs directory
[ 1095.227837][T22163] netlink: 'syz.3.6059': attribute type 10 has an invalid length.
[ 1095.404573][T19131] bond0: (slave wlan1): Releasing backup interface
[ 1095.864190][T19131] device hsr_slave_0 left promiscuous mode
[ 1095.886718][T19131] device hsr_slave_1 left promiscuous mode
[ 1095.909515][T19131] bridge0: port 3(team0) entered disabled state
[ 1095.951707][T19131] device bridge_slave_1 left promiscuous mode
[ 1095.979154][T19131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.029670][T19131] device bridge_slave_0 left promiscuous mode
[ 1096.050788][T19131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1097.982414][T19131] device veth1_macvtap left promiscuous mode
[ 1097.988769][T19131] device veth0_macvtap left promiscuous mode
[ 1097.996312][T19131] device veth0_vlan left promiscuous mode
[ 1098.962588][T19131] device team_slave_1 left promiscuous mode
[ 1098.979257][T19131] team0 (unregistering): Port device team_slave_1 removed
[ 1099.025471][T19131] device team_slave_0 left promiscuous mode
[ 1099.036308][T19131] team0 (unregistering): Port device team_slave_0 removed
[ 1099.084884][T19131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1099.133008][T19131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1099.453854][T19131] bond0 (unregistering): Released all slaves
[ 1099.624767][T22203] netlink: 'syz.1.6072': attribute type 10 has an invalid length.
[ 1100.523981][T22230] netlink: 'syz.4.6079': attribute type 3 has an invalid length.
[ 1100.568028][T22230] netlink: 'syz.4.6079': attribute type 1 has an invalid length.
[ 1100.577523][T22230] netlink: 181400 bytes leftover after parsing attributes in process `syz.4.6079'.
[ 1100.950710][T22243] FAULT_INJECTION: forcing a failure.
[ 1100.950710][T22243] name failslab, interval 1, probability 0, space 0, times 0
[ 1100.989853][T22243] CPU: 1 PID: 22243 Comm: syz.2.6082 Not tainted syzkaller #0
[ 1100.997439][T22243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1101.007585][T22243] Call Trace:
[ 1101.010972][T22243]  <TASK>
[ 1101.013950][T22243]  dump_stack_lvl+0x188/0x24e
[ 1101.018706][T22243]  ? show_regs_print_info+0x12/0x12
[ 1101.023982][T22243]  ? load_image+0x400/0x400
[ 1101.028559][T22243]  ? __might_sleep+0xd0/0xd0
[ 1101.033208][T22243]  ? __lock_acquire+0x7d10/0x7d10
[ 1101.038307][T22243]  should_fail_ex+0x399/0x4d0
[ 1101.043131][T22243]  should_failslab+0x5/0x20
[ 1101.047724][T22243]  slab_pre_alloc_hook+0x59/0x310
[ 1101.052954][T22243]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1101.058789][T22243]  __kmem_cache_alloc_node+0x4f/0x260
[ 1101.064230][T22243]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1101.070029][T22243]  __kmalloc+0xa0/0x240
[ 1101.074260][T22243]  tomoyo_realpath_from_path+0xdf/0x5d0
[ 1101.079882][T22243]  ? tomoyo_path_number_perm+0x205/0x650
[ 1101.085584][T22243]  tomoyo_path_number_perm+0x22f/0x650
[ 1101.091125][T22243]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1101.096732][T22243]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 1101.102630][T22243]  ? perf_trace_preemptirq_template+0x268/0x320
[ 1101.108957][T22243]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1101.115027][T22243]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1101.121268][T22243]  security_file_ioctl+0x6c/0xa0
[ 1101.126277][T22243]  __se_sys_ioctl+0x48/0x170
[ 1101.130946][T22243]  do_syscall_64+0x4c/0xa0
[ 1101.135436][T22243]  ? clear_bhb_loop+0x60/0xb0
[ 1101.140174][T22243]  ? clear_bhb_loop+0x60/0xb0
[ 1101.144915][T22243]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1101.150977][T22243] RIP: 0033:0x7f63c139cdd9
[ 1101.155445][T22243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1101.175119][T22243] RSP: 002b:00007f63c216e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1101.183621][T22243] RAX: ffffffffffffffda RBX: 00007f63c1615fa0 RCX: 00007f63c139cdd9
[ 1101.191741][T22243] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000009
[ 1101.199772][T22243] RBP: 00007f63c216e090 R08: 0000000000000000 R09: 0000000000000000
[ 1101.207799][T22243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1101.215824][T22243] R13: 00007f63c1616038 R14: 00007f63c1615fa0 R15: 00007fff1cd346b8
[ 1101.223876][T22243]  </TASK>
[ 1101.472435][T22024] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1101.598605][T22243] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1101.919347][T22024] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1101.963499][T22253] netlink: 'syz.3.6084': attribute type 10 has an invalid length.
[ 1101.996374][T22024] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1102.130465][T22024] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1102.490287][T22268] FAULT_INJECTION: forcing a failure.
[ 1102.490287][T22268] name failslab, interval 1, probability 0, space 0, times 0
[ 1102.503501][T22024] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1102.532510][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1102.555525][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1102.563351][T22268] CPU: 1 PID: 22268 Comm: syz.4.6089 Not tainted syzkaller #0
[ 1102.570887][T22268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1102.581001][T22268] Call Trace:
[ 1102.584325][T22268]  <TASK>
[ 1102.587301][T22268]  dump_stack_lvl+0x188/0x24e
[ 1102.592107][T22268]  ? show_regs_print_info+0x12/0x12
[ 1102.597376][T22268]  ? load_image+0x400/0x400
[ 1102.602031][T22268]  ? __might_sleep+0xd0/0xd0
[ 1102.606676][T22268]  ? __lock_acquire+0x7d10/0x7d10
[ 1102.611790][T22268]  should_fail_ex+0x399/0x4d0
[ 1102.616531][T22268]  should_failslab+0x5/0x20
[ 1102.621187][T22268]  slab_pre_alloc_hook+0x59/0x310
[ 1102.626341][T22268]  ? tomoyo_encode+0x27e/0x540
[ 1102.631158][T22268]  __kmem_cache_alloc_node+0x4f/0x260
[ 1102.636598][T22268]  ? tomoyo_encode+0x27e/0x540
[ 1102.641756][T22268]  __kmalloc+0xa0/0x240
[ 1102.646019][T22268]  tomoyo_encode+0x27e/0x540
[ 1102.650696][T22268]  tomoyo_realpath_from_path+0x58e/0x5d0
[ 1102.656389][T22268]  ? tomoyo_path_number_perm+0x205/0x650
[ 1102.662155][T22268]  tomoyo_path_number_perm+0x22f/0x650
[ 1102.667658][T22268]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1102.673162][T22268]  ? irqentry_enter+0x33/0x50
[ 1102.677939][T22268]  ? __fget_files+0x28/0x4b0
[ 1102.682572][T22268]  ? __fget_files+0x28/0x4b0
[ 1102.687206][T22268]  security_file_ioctl+0x6c/0xa0
[ 1102.692225][T22268]  __se_sys_ioctl+0x48/0x170
[ 1102.696865][T22268]  do_syscall_64+0x4c/0xa0
[ 1102.701321][T22268]  ? clear_bhb_loop+0x60/0xb0
[ 1102.706049][T22268]  ? clear_bhb_loop+0x60/0xb0
[ 1102.710776][T22268]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1102.716712][T22268] RIP: 0033:0x7faa0679cdd9
[ 1102.721163][T22268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1102.740818][T22268] RSP: 002b:00007faa07571028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1102.749277][T22268] RAX: ffffffffffffffda RBX: 00007faa06a15fa0 RCX: 00007faa0679cdd9
[ 1102.757323][T22268] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000006
[ 1102.765335][T22268] RBP: 00007faa07571090 R08: 0000000000000000 R09: 0000000000000000
[ 1102.773484][T22268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1102.781505][T22268] R13: 00007faa06a16038 R14: 00007faa06a15fa0 R15: 00007ffd28905c98
[ 1102.789535][T22268]  </TASK>
[ 1102.814013][T22024] 8021q: adding VLAN 0 to HW filter on device team0
[ 1102.868264][T22268] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1102.922317][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1102.945549][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1102.973709][T19128] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1102.980938][T19128] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1103.011123][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1103.032183][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1103.053603][T19128] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1103.060885][T19128] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1103.090216][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1103.128233][T22272] netlink: 'syz.3.6091': attribute type 21 has an invalid length.
[ 1103.153284][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1103.201393][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1103.242673][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1103.259803][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1103.334773][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1103.354354][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1103.444425][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1103.456814][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1103.483930][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1103.557900][T22024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1103.598756][T22024] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1103.710509][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1103.725545][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1104.002541][T22297] netlink: 'syz.3.6097': attribute type 10 has an invalid length.
[ 1104.583021][T22311] FAULT_INJECTION: forcing a failure.
[ 1104.583021][T22311] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.666245][T22311] CPU: 1 PID: 22311 Comm: syz.1.6101 Not tainted syzkaller #0
[ 1104.674071][T22311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1104.684288][T22311] Call Trace:
[ 1104.687613][T22311]  <TASK>
[ 1104.690626][T22311]  dump_stack_lvl+0x188/0x24e
[ 1104.695396][T22311]  ? show_regs_print_info+0x12/0x12
[ 1104.700673][T22311]  ? load_image+0x400/0x400
[ 1104.705512][T22311]  ? __might_sleep+0xd0/0xd0
[ 1104.710256][T22311]  ? __lock_acquire+0x7d10/0x7d10
[ 1104.715367][T22311]  should_fail_ex+0x399/0x4d0
[ 1104.720108][T22311]  should_failslab+0x5/0x20
[ 1104.724761][T22311]  slab_pre_alloc_hook+0x59/0x310
[ 1104.729873][T22311]  kmem_cache_alloc_node+0x5a/0x320
[ 1104.735156][T22311]  ? perf_event_alloc+0x154/0x21b0
[ 1104.740325][T22311]  perf_event_alloc+0x154/0x21b0
[ 1104.745329][T22311]  ? _raw_spin_unlock+0x24/0x40
[ 1104.750326][T22311]  ? alloc_fd+0x58f/0x630
[ 1104.754734][T22311]  ? find_lively_task_by_vpid+0x19/0x290
[ 1104.760435][T22311]  ? find_lively_task_by_vpid+0x19/0x290
[ 1104.766142][T22311]  __se_sys_perf_event_open+0x6fd/0x1ec0
[ 1104.771839][T22311]  ? __fget_files+0x43d/0x4b0
[ 1104.776599][T22311]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 1104.782429][T22311]  ? lockdep_hardirqs_on+0x94/0x140
[ 1104.787694][T22311]  ? __x64_sys_perf_event_open+0x1c/0xc0
[ 1104.793404][T22311]  do_syscall_64+0x4c/0xa0
[ 1104.797893][T22311]  ? clear_bhb_loop+0x60/0xb0
[ 1104.802631][T22311]  ? clear_bhb_loop+0x60/0xb0
[ 1104.807377][T22311]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1104.813331][T22311] RIP: 0033:0x7f6bf599cdd9
[ 1104.817796][T22311] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1104.837465][T22311] RSP: 002b:00007f6bf3bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 1104.845918][T22311] RAX: ffffffffffffffda RBX: 00007f6bf5c15fa0 RCX: 00007f6bf599cdd9
[ 1104.853929][T22311] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000500
[ 1104.861939][T22311] RBP: 00007f6bf3bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1104.869943][T22311] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 1104.877946][T22311] R13: 00007f6bf5c16038 R14: 00007f6bf5c15fa0 R15: 00007ffef472be98
[ 1104.886006][T22311]  </TASK>
[ 1104.990323][T22321] FAULT_INJECTION: forcing a failure.
[ 1104.990323][T22321] name failslab, interval 1, probability 0, space 0, times 0
[ 1105.083018][T22321] CPU: 0 PID: 22321 Comm: syz.4.6102 Not tainted syzkaller #0
[ 1105.090675][T22321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1105.100918][T22321] Call Trace:
[ 1105.104244][T22321]  <TASK>
[ 1105.107216][T22321]  dump_stack_lvl+0x188/0x24e
[ 1105.111960][T22321]  ? show_regs_print_info+0x12/0x12
[ 1105.117225][T22321]  ? load_image+0x400/0x400
[ 1105.121792][T22321]  ? __might_sleep+0xd0/0xd0
[ 1105.126435][T22321]  ? __lock_acquire+0x7d10/0x7d10
[ 1105.131531][T22321]  should_fail_ex+0x399/0x4d0
[ 1105.136262][T22321]  should_failslab+0x5/0x20
[ 1105.140818][T22321]  slab_pre_alloc_hook+0x59/0x310
[ 1105.145900][T22321]  kmem_cache_alloc_node+0x5a/0x320
[ 1105.151323][T22321]  ? perf_event_alloc+0x154/0x21b0
[ 1105.156484][T22321]  perf_event_alloc+0x154/0x21b0
[ 1105.161465][T22321]  ? _raw_spin_unlock+0x24/0x40
[ 1105.166360][T22321]  ? alloc_fd+0x58f/0x630
[ 1105.170747][T22321]  ? find_lively_task_by_vpid+0x19/0x290
[ 1105.176682][T22321]  ? find_lively_task_by_vpid+0x19/0x290
[ 1105.182371][T22321]  __se_sys_perf_event_open+0x6fd/0x1ec0
[ 1105.188053][T22321]  ? __fget_files+0x43d/0x4b0
[ 1105.192816][T22321]  ? __x64_sys_perf_event_open+0xc0/0xc0
[ 1105.198522][T22321]  ? lockdep_hardirqs_on+0x94/0x140
[ 1105.203768][T22321]  ? __x64_sys_perf_event_open+0x1c/0xc0
[ 1105.209492][T22321]  do_syscall_64+0x4c/0xa0
[ 1105.213958][T22321]  ? clear_bhb_loop+0x60/0xb0
[ 1105.218708][T22321]  ? clear_bhb_loop+0x60/0xb0
[ 1105.223534][T22321]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1105.229643][T22321] RIP: 0033:0x7faa0679cdd9
[ 1105.234186][T22321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1105.253861][T22321] RSP: 002b:00007faa07571028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 1105.262320][T22321] RAX: ffffffffffffffda RBX: 00007faa06a15fa0 RCX: 00007faa0679cdd9
[ 1105.270333][T22321] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000500
[ 1105.278440][T22321] RBP: 00007faa07571090 R08: 0000000000000000 R09: 0000000000000000
[ 1105.286532][T22321] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 1105.294547][T22321] R13: 00007faa06a16038 R14: 00007faa06a15fa0 R15: 00007ffd28905c98
[ 1105.302563][T22321]  </TASK>
[ 1105.393906][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1105.420321][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1105.449472][T22024] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1105.531996][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1105.546848][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1105.608726][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1105.619578][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1105.639072][T22024] device veth0_vlan entered promiscuous mode
[ 1105.647676][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1105.658444][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1105.674627][T22024] device veth1_vlan entered promiscuous mode
[ 1105.708963][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1105.718597][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1105.728223][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1105.737517][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1105.770119][T22024] device veth0_macvtap entered promiscuous mode
[ 1105.790318][T13107] Bluetooth: hci2: unexpected event 0x07 length: 15 < 255
[ 1105.797930][T22346] netlink: 'syz.3.6105': attribute type 27 has an invalid length.
[ 1106.285188][T22024] device veth1_macvtap entered promiscuous mode
[ 1106.441945][T22350] netlink: 'syz.4.6109': attribute type 10 has an invalid length.
[ 1106.603603][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1106.616663][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1106.717847][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.762854][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.796197][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.843514][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.862779][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.883581][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.923538][T22024] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1106.935231][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1106.960591][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1107.000438][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.031545][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.092851][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.142779][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.165827][T22024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.202765][T22024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.236742][T22024] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1107.277018][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1107.298317][T19130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1107.370464][T22024] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.393165][T22024] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.421196][T22024] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.442963][T22024] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.461697][T22374] netlink: 'syz.1.6114': attribute type 4 has an invalid length.
[ 1107.682434][T19130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1107.705584][T19130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1107.729514][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1107.823901][T19137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1107.841303][T19137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1107.850158][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1107.995251][T22395] netlink: 'syz.3.6119': attribute type 39 has an invalid length.
[ 1108.204030][T22399] netlink: 'syz.4.6121': attribute type 10 has an invalid length.
[ 1108.691847][T22410] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6124'.
[ 1108.797870][T22417] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6125'.
[ 1109.459917][T21622] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1109.474100][T21622] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1109.482244][T21622] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1109.491735][T21622] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1109.500579][T21622] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1109.508331][T21622] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1109.775966][T22447] netlink: 'syz.2.6134': attribute type 10 has an invalid length.
[ 1109.906141][T19131] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.958228][T22454] netlink: 'syz.4.6136': attribute type 10 has an invalid length.
[ 1110.155150][T19131] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.256537][T22463] netlink: 64527 bytes leftover after parsing attributes in process `syz.2.6137'.
[ 1110.365692][T19131] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.595884][T19131] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.573110][T21622] Bluetooth: hci3: command 0x0409 tx timeout
[ 1112.040260][T22480] netlink: 'syz.4.6143': attribute type 21 has an invalid length.
[ 1112.048400][T22480] netlink: 156 bytes leftover after parsing attributes in process `syz.4.6143'.
[ 1112.394772][T22435] chnl_net:caif_netlink_parms(): no params data found
[ 1112.470714][T19131] device 0 left promiscuous mode
[ 1112.563414][T19131] device 0 left promiscuous mode
[ 1112.607990][T22500] netlink: 'syz.0.6146': attribute type 10 has an invalid length.
[ 1112.676022][T22500] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1112.984730][T22435] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1112.993035][T22435] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.001424][T22435] device bridge_slave_0 entered promiscuous mode
[ 1113.105076][T22435] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1113.112301][T22435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.133928][T22435] device bridge_slave_1 entered promiscuous mode
[ 1113.230180][T22435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1113.322475][T22435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1113.440329][T22529] netlink: 'syz.0.6153': attribute type 16 has an invalid length.
[ 1113.451230][T22529] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6153'.
[ 1113.622297][T22435] team0: Port device team_slave_0 added
[ 1113.659981][T21622] Bluetooth: hci3: command 0x041b tx timeout
[ 1113.707851][T22435] team0: Port device team_slave_1 added
[ 1113.918350][T22435] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1113.927946][T22435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.988322][T22435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1114.083941][T22435] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1114.106800][T22435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1114.250018][T22435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1114.736530][T22435] device hsr_slave_0 entered promiscuous mode
[ 1114.768484][T22435] device hsr_slave_1 entered promiscuous mode
[ 1115.348542][T22561] netlink: 'syz.3.6160': attribute type 10 has an invalid length.
[ 1115.732973][T21622] Bluetooth: hci3: command 0x040f tx timeout
[ 1115.799637][T22572] netlink: 'syz.0.6164': attribute type 29 has an invalid length.
[ 1115.852549][T22572] netlink: 'syz.0.6164': attribute type 29 has an invalid length.
[ 1115.935060][T22577] netlink: 'syz.4.6166': attribute type 16 has an invalid length.
[ 1115.952567][T22577] netlink: 156 bytes leftover after parsing attributes in process `syz.4.6166'.
[ 1115.975631][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.982032][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.252407][T22588] device veth1_macvtap left promiscuous mode
[ 1116.407489][T19131] bond0: (slave wlan1): Releasing backup interface
[ 1116.558950][T22589] device veth1_macvtap entered promiscuous mode
[ 1116.579151][T22589] device macsec0 entered promiscuous mode
[ 1117.032212][T22604] netlink: 'syz.4.6174': attribute type 10 has an invalid length.
[ 1117.183053][T19131] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1117.190687][T19131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1117.245162][T19131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1117.257711][T19131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1117.267781][T19131] batman_adv: batadv0: Interface deactivated: vlan1
[ 1117.275242][T19131] batman_adv: batadv0: Removing interface: vlan1
[ 1117.388560][T19131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1117.404436][T22611] FAULT_INJECTION: forcing a failure.
[ 1117.404436][T22611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1117.420399][T19131] device bridge_slave_0 left promiscuous mode
[ 1117.426795][T22611] CPU: 1 PID: 22611 Comm: syz.3.6177 Not tainted syzkaller #0
[ 1117.434319][T22611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1117.444525][T22611] Call Trace:
[ 1117.447836][T22611]  <TASK>
[ 1117.450805][T22611]  dump_stack_lvl+0x188/0x24e
[ 1117.455544][T22611]  ? show_regs_print_info+0x12/0x12
[ 1117.460807][T22611]  ? load_image+0x400/0x400
[ 1117.465352][T22611]  ? __lock_acquire+0x7d10/0x7d10
[ 1117.470422][T22611]  should_fail_ex+0x399/0x4d0
[ 1117.475138][T22611]  _copy_from_user+0x2c/0x170
[ 1117.479856][T22611]  get_user_ifreq+0x67/0x170
[ 1117.484504][T22611]  sock_ioctl+0x637/0x710
[ 1117.488886][T22611]  ? sock_poll+0x410/0x410
[ 1117.493353][T22611]  ? bpf_lsm_file_ioctl+0x5/0x10
[ 1117.498359][T22611]  ? security_file_ioctl+0x7c/0xa0
[ 1117.503514][T22611]  ? sock_poll+0x410/0x410
[ 1117.507966][T22611]  __se_sys_ioctl+0xfa/0x170
[ 1117.512602][T22611]  do_syscall_64+0x4c/0xa0
[ 1117.517063][T22611]  ? clear_bhb_loop+0x60/0xb0
[ 1117.521809][T22611]  ? clear_bhb_loop+0x60/0xb0
[ 1117.526616][T22611]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1117.532553][T22611] RIP: 0033:0x7f88ba19cdd9
[ 1117.537012][T22611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1117.556678][T22611] RSP: 002b:00007f88bafd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1117.565137][T22611] RAX: ffffffffffffffda RBX: 00007f88ba416090 RCX: 00007f88ba19cdd9
[ 1117.573239][T22611] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000006
[ 1117.581254][T22611] RBP: 00007f88bafd8090 R08: 0000000000000000 R09: 0000000000000000
[ 1117.589306][T22611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1117.597438][T22611] R13: 00007f88ba416128 R14: 00007f88ba416090 R15: 00007fff9112c5a8
[ 1117.605499][T22611]  </TASK>
[ 1117.612213][T19131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1117.657113][T19131] device veth1_macvtap left promiscuous mode
[ 1117.692975][T19131] device veth0_macvtap left promiscuous mode
[ 1117.703899][T19131] device veth0_vlan left promiscuous mode
[ 1117.812872][T21622] Bluetooth: hci3: command 0x0419 tx timeout
[ 1118.083357][T22619] netlink: 2639 bytes leftover after parsing attributes in process `syz.3.6181'.
[ 1119.837431][T19131] team0 (unregistering): Port device hsr_slave_0 removed
[ 1120.116677][T19131] team0 (unregistering): Port device team_slave_1 removed
[ 1120.191439][T19131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1120.257534][T19131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1120.646478][T19131] bond0 (unregistering): Released all slaves
[ 1120.772026][T22660] netlink: 'syz.4.6189': attribute type 10 has an invalid length.
[ 1120.859092][T22435] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1120.961730][T22435] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1121.001494][T22435] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1121.101776][T22435] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1122.494226][T22670] device veth1_macvtap left promiscuous mode
[ 1122.537583][T22673] device veth1_macvtap entered promiscuous mode
[ 1122.572905][T22673] device macsec0 entered promiscuous mode
[ 1122.929583][T22435] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1123.150312][T22435] 8021q: adding VLAN 0 to HW filter on device team0
[ 1123.233392][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1123.241721][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1123.436373][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1123.472517][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1123.494136][T19126] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.501369][T19126] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1123.511515][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1123.520765][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1123.543688][T19126] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.550898][T19126] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1123.621543][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1123.651616][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1123.796960][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1123.861520][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1123.886860][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1123.915188][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1123.967172][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1124.033942][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1124.215330][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1124.234790][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1124.267403][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1124.339801][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1124.381222][T22435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1125.594878][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1125.607177][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1125.639936][T22435] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1125.709310][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1125.724730][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1125.800881][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1125.827799][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1125.848514][T22435] device veth0_vlan entered promiscuous mode
[ 1125.859803][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1125.878744][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1125.920518][T22435] device veth1_vlan entered promiscuous mode
[ 1125.970306][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1125.986995][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1125.998496][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1126.013371][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1126.032648][T22435] device veth0_macvtap entered promiscuous mode
[ 1126.044946][T22435] device veth1_macvtap entered promiscuous mode
[ 1126.073534][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1126.090941][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.102045][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1126.121946][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.132444][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1126.152632][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.164992][T22435] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1126.174169][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1126.188793][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1126.199187][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1126.216006][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1126.236595][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.251685][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.263794][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.279660][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.291346][T22435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.306064][T22435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.321171][T22435] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1126.333769][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1126.347265][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1126.363772][T22435] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.374113][T22435] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.388332][T22435] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.398942][T22435] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.689428][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1126.727890][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1126.748733][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1126.815389][T19137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1126.824138][T19137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1126.843109][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1126.947664][T22731] netlink: 'syz.3.6207': attribute type 10 has an invalid length.
[ 1127.090046][T22737] netlink: 'syz.2.6211': attribute type 4 has an invalid length.
[ 1127.138546][T22737] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.6211'.
[ 1127.353908][T22742] netlink: 'syz.3.6212': attribute type 4 has an invalid length.
[ 1127.375292][T22742] netlink: 152 bytes leftover after parsing attributes in process `syz.3.6212'.
[ 1128.149048][T22764] bond0: (slave wlan1): Error: Slave device does not support XDP
[ 1129.035502][T21622] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1129.045841][T21622] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1129.056110][T21622] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1129.091881][T21622] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1129.101448][T21622] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1129.112994][T21622] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1129.550067][T19137] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1129.708132][T19137] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1129.840885][T19137] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1130.068331][T19137] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1130.209082][T22798] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6232'.
[ 1131.139282][T22798] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6232'.
[ 1131.183453][T21622] Bluetooth: hci5: command 0x0409 tx timeout
[ 1131.187661][T22803] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6232'.
[ 1131.251935][T22775] chnl_net:caif_netlink_parms(): no params data found
[ 1131.988587][T22775] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1132.026998][T22775] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1132.061962][T22775] device bridge_slave_0 entered promiscuous mode
[ 1132.116942][T22775] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1132.168976][T22775] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1132.187990][T22775] device bridge_slave_1 entered promiscuous mode
[ 1132.904610][T22775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1133.253819][T21622] Bluetooth: hci5: command 0x041b tx timeout
[ 1133.265361][T22775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1133.483167][T22775] team0: Port device team_slave_0 added
[ 1133.616655][T22775] team0: Port device team_slave_1 added
[ 1133.805015][T22775] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1133.812093][T22775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1133.902895][T22775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1133.999373][T22897] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6256'.
[ 1134.020465][T19137] device gretap0 left promiscuous mode
[ 1134.034922][T19137] Ÿë
: port 1(gretap0) entered disabled state
[ 1134.061726][T22775] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1134.093200][T22775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1134.180999][T22775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1134.583542][T22912] netlink: 'syz.2.6262': attribute type 3 has an invalid length.
[ 1134.599480][T22775] device hsr_slave_0 entered promiscuous mode
[ 1134.613521][T22775] device hsr_slave_1 entered promiscuous mode
[ 1134.619833][T22912] netlink: 191644 bytes leftover after parsing attributes in process `syz.2.6262'.
[ 1134.638064][T22775] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1134.652604][T22775] Cannot create hsr debugfs directory
[ 1134.688473][T22916] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.6262'.
[ 1135.158102][T22927] netlink: 'syz.0.6268': attribute type 17 has an invalid length.
[ 1135.190477][T22927] netlink: 160 bytes leftover after parsing attributes in process `syz.0.6268'.
[ 1135.199778][T22930] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6269'.
[ 1135.246774][T22932] netlink: 'syz.2.6270': attribute type 21 has an invalid length.
[ 1135.324554][T22930] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6269'.
[ 1135.343013][T21622] Bluetooth: hci5: command 0x040f tx timeout
[ 1135.436306][T22934] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6269'.
[ 1135.606837][T22937] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6269'.
[ 1137.174292][T22956] FAULT_INJECTION: forcing a failure.
[ 1137.174292][T22956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1137.202036][T22956] CPU: 0 PID: 22956 Comm: syz.0.6278 Not tainted syzkaller #0
[ 1137.209582][T22956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1137.219713][T22956] Call Trace:
[ 1137.223037][T22956]  <TASK>
[ 1137.226013][T22956]  dump_stack_lvl+0x188/0x24e
[ 1137.230766][T22956]  ? show_regs_print_info+0x12/0x12
[ 1137.236036][T22956]  ? load_image+0x400/0x400
[ 1137.240614][T22956]  ? __lock_acquire+0x7d10/0x7d10
[ 1137.245732][T22956]  should_fail_ex+0x399/0x4d0
[ 1137.250562][T22956]  _copy_from_user+0x2c/0x170
[ 1137.255305][T22956]  ip_tunnel_siocdevprivate+0xbe/0x1e0
[ 1137.260839][T22956]  ? ip_tunnel_update+0xaa0/0xaa0
[ 1137.265942][T22956]  ? full_name_hash+0x8e/0xe0
[ 1137.270694][T22956]  dev_ifsioc+0xa4a/0xd40
[ 1137.275082][T22956]  ? dev_ioctl+0xe80/0xe80
[ 1137.279572][T22956]  ? perf_trace_preemptirq_template+0x268/0x320
[ 1137.285888][T22956]  ? full_name_hash+0x8e/0xe0
[ 1137.290628][T22956]  ? dev_load+0x1d/0x1e0
[ 1137.294938][T22956]  ? dev_load+0x1d/0x1e0
[ 1137.299239][T22956]  dev_ioctl+0x5f8/0xe80
[ 1137.303531][T22956]  ? get_user_ifreq+0xc7/0x170
[ 1137.308345][T22956]  sock_ioctl+0x691/0x710
[ 1137.312736][T22956]  ? sock_poll+0x410/0x410
[ 1137.317220][T22956]  ? sock_poll+0x410/0x410
[ 1137.321793][T22956]  __se_sys_ioctl+0xfa/0x170
[ 1137.326449][T22956]  do_syscall_64+0x4c/0xa0
[ 1137.330925][T22956]  ? clear_bhb_loop+0x60/0xb0
[ 1137.335677][T22956]  ? clear_bhb_loop+0x60/0xb0
[ 1137.340427][T22956]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1137.346384][T22956] RIP: 0033:0x7f8b5e19cdd9
[ 1137.350943][T22956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1137.370608][T22956] RSP: 002b:00007f8b5f07c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1137.379092][T22956] RAX: ffffffffffffffda RBX: 00007f8b5e415fa0 RCX: 00007f8b5e19cdd9
[ 1137.387118][T22956] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000006
[ 1137.395231][T22956] RBP: 00007f8b5f07c090 R08: 0000000000000000 R09: 0000000000000000
[ 1137.403256][T22956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1137.411279][T22956] R13: 00007f8b5e416038 R14: 00007f8b5e415fa0 R15: 00007ffd153fe618
[ 1137.419324][T22956]  </TASK>
[ 1137.432460][T21622] Bluetooth: hci5: command 0x0419 tx timeout
[ 1137.701946][T22775] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1137.727201][T22775] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1137.779973][T19137] device hsr_slave_0 left promiscuous mode
[ 1137.793656][T19137] device hsr_slave_1 left promiscuous mode
[ 1137.822962][T19137] bridge0: port 3(team0) entered disabled state
[ 1137.845383][T19137] device bridge_slave_1 left promiscuous mode
[ 1137.851710][T19137] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1137.908481][T19137] device bridge_slave_0 left promiscuous mode
[ 1137.925955][T19137] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1138.016313][T19137] device veth1_macvtap left promiscuous mode
[ 1138.038058][T19137] device veth0_macvtap left promiscuous mode
[ 1138.038735][T22985] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6285'.
[ 1138.092612][T19137] device veth0_vlan left promiscuous mode
[ 1138.791287][T19137] device team_slave_1 left promiscuous mode
[ 1138.801876][T19137] team0 (unregistering): Port device team_slave_1 removed
[ 1138.848264][T19137] device team_slave_0 left promiscuous mode
[ 1138.856082][T19137] team0 (unregistering): Port device team_slave_0 removed
[ 1139.250762][T22775] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1139.260927][T22985] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6285'.
[ 1139.271064][T22992] netlink: 'syz.1.6287': attribute type 10 has an invalid length.
[ 1139.283811][T22992] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.291559][T22992] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1139.319613][T22992] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.326869][T22992] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1139.334409][T22992] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.341567][T22992] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1139.366072][T22992] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1139.407970][T22775] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1139.877817][T22775] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1139.960448][T19136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1139.979157][T19136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1140.016403][T22775] 8021q: adding VLAN 0 to HW filter on device team0
[ 1140.069371][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1140.102634][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1140.136936][T19126] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1140.144225][T19126] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1140.175596][T23019] netlink: 'syz.2.6297': attribute type 1 has an invalid length.
[ 1140.223332][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1140.241777][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1140.292328][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1140.333833][T19126] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1140.341082][T19126] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1140.403365][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1140.433371][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1140.453978][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1140.499699][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1140.522678][T23028] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6300'.
[ 1140.534434][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1140.621302][T23028] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6300'.
[ 1140.648800][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1140.678602][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1140.739214][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1140.814065][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1140.904709][T23037] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6300'.
[ 1141.060896][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1141.119565][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1141.155879][T22775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1141.239294][T23047] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6304'.
[ 1141.799747][T23056] syzkaller1: tun_chr_ioctl cmd 2148553947
[ 1142.586850][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1142.621841][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1142.651956][T22775] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1142.735932][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1142.749234][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1142.865066][T22775] device veth0_vlan entered promiscuous mode
[ 1142.904774][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1142.917392][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1142.953927][T22775] device veth1_vlan entered promiscuous mode
[ 1142.981546][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1143.010673][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1143.053019][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1143.142460][T22775] device veth0_macvtap entered promiscuous mode
[ 1143.161573][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1143.216600][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1143.241750][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1143.271700][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1143.319474][T22775] device veth1_macvtap entered promiscuous mode
[ 1143.439457][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.459179][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.472398][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.489864][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.505973][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.525052][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.541120][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1143.554703][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.575670][T22775] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1143.602158][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1143.617200][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1143.673353][T19128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1143.705543][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.742802][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.776846][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.797888][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.828590][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.846243][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.856581][T22775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1143.867577][T22775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1143.879634][T22775] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1143.889204][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1143.921215][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1143.951068][T22775] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.993865][T22775] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1144.042838][T22775] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1144.055886][T22775] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1144.369195][T19137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1144.393047][T19137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1144.432008][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1144.511826][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1144.528461][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1144.561355][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1145.299049][T23150] bond0: (slave bridge0): Error: Slave device does not support XDP
[ 1145.658436][T23167] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6340'.
[ 1145.907778][T23172] netlink: 'syz.4.6341': attribute type 10 has an invalid length.
[ 1145.945318][T23172] netlink: 2 bytes leftover after parsing attributes in process `syz.4.6341'.
[ 1145.982809][T23172] device batadv_slave_1 entered promiscuous mode
[ 1145.989481][T23172] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1146.006215][T23172] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1146.194928][T13107] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1146.205461][T13107] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1146.213988][T13107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1146.243532][T13107] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1146.254896][T13107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1146.262364][T13107] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1146.392841][T19128] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.413266][T23186] netlink: 'syz.4.6344': attribute type 41 has an invalid length.
[ 1146.639915][T19128] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.804222][T19128] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.850615][T23202] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1146.894657][T23202] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1146.946775][T23202] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1147.018718][T23202] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1148.226550][T19128] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1148.292969][T13107] Bluetooth: hci1: command 0x0409 tx timeout
[ 1148.828259][T23231] netlink: 'syz.4.6354': attribute type 6 has an invalid length.
[ 1148.842306][T23231] netlink: 127868 bytes leftover after parsing attributes in process `syz.4.6354'.
[ 1149.079946][T23238] netlink: 'syz.0.6356': attribute type 2 has an invalid length.
[ 1149.462461][T23238] device 0 entered promiscuous mode
[ 1149.666530][T23178] chnl_net:caif_netlink_parms(): no params data found
[ 1150.373435][T13107] Bluetooth: hci1: command 0x041b tx timeout
[ 1150.935020][T23178] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.942316][T23178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.951089][T23178] device bridge_slave_0 entered promiscuous mode
[ 1150.960300][T23178] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1150.967587][T23178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.976196][T23178] device bridge_slave_1 entered promiscuous mode
[ 1151.006306][T23178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1151.019792][T23178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1151.079198][T23178] team0: Port device team_slave_0 added
[ 1151.090530][T23178] team0: Port device team_slave_1 added
[ 1151.220638][T23178] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1151.243989][T23178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1151.332957][T23178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1151.359561][T23178] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1151.379709][T23178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1151.468864][T23178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1151.979415][T23178] device hsr_slave_0 entered promiscuous mode
[ 1152.015135][T23178] device hsr_slave_1 entered promiscuous mode
[ 1152.039297][T23297] netlink: 134056 bytes leftover after parsing attributes in process `syz.1.6369'.
[ 1152.065593][T23178] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1152.083672][T23178] Cannot create hsr debugfs directory
[ 1152.406489][T19128] device gretap0 left promiscuous mode
[ 1152.439823][T19128] Ÿë
: port 1(gretap0) entered disabled state
[ 1152.462368][T13107] Bluetooth: hci1: command 0x040f tx timeout
[ 1152.525453][T23311] delete_channel: no stack
[ 1152.531583][T23311] delete_channel: no stack
[ 1154.532957][T13107] Bluetooth: hci1: command 0x0419 tx timeout
[ 1154.591896][T19128] bond0: (slave wlan1): Releasing backup interface
[ 1154.658929][T23361] syzkaller1: tun_chr_ioctl cmd 1074025677
[ 1154.677917][T23361] syzkaller1: Linktype set failed because interface is up
[ 1155.212223][T23368] netlink: 'syz.1.6386': attribute type 10 has an invalid length.
[ 1155.453728][T23368] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1155.520643][T19128] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1155.542937][T19128] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1155.572049][T19128] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1155.594776][T19128] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1155.620374][T19128] device bridge_slave_1 left promiscuous mode
[ 1155.627674][T19128] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.636959][T19128] device bridge_slave_0 left promiscuous mode
[ 1155.643464][T19128] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.671806][T19128] device veth1_macvtap left promiscuous mode
[ 1155.691589][T19128] device veth0_macvtap left promiscuous mode
[ 1155.713070][T19128] device veth0_vlan left promiscuous mode
[ 1157.444586][T19128] team0 (unregistering): Port device hsr_slave_0 removed
[ 1157.616943][T19128] team0 (unregistering): Port device team_slave_1 removed
[ 1157.680013][T19128] team0 (unregistering): Port device team_slave_0 removed
[ 1157.731574][T19128] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1157.785093][T19128] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1158.027620][T19128] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 1158.126961][T19128] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1158.136159][T19128] bond0 (unregistering): Released all slaves
[ 1158.229406][T23375] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1158.262846][T23375] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1158.299237][T23375] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1158.313887][T23404] netlink: 'syz.4.6398': attribute type 10 has an invalid length.
[ 1158.350125][T23178] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1158.429832][T23178] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1158.452164][T23178] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1158.573607][T23178] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1158.642134][T23410] netlink: 'syz.3.6400': attribute type 10 has an invalid length.
[ 1159.045004][T23424] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6403'.
[ 1159.144907][T23424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1159.279304][T23178] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1159.358221][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1159.389811][T19137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1159.439762][T23178] 8021q: adding VLAN 0 to HW filter on device team0
[ 1159.510362][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1159.546168][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1159.586825][T19131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.594188][T19131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1159.639681][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1159.716470][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1159.746706][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1159.793658][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.800921][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1159.863370][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1159.913368][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1159.939492][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1159.992947][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1160.046209][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1160.071112][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1160.108401][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1160.139426][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1160.186792][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1160.236605][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1160.288465][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1160.329744][T23178] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1160.553323][T23469] netlink: 'syz.0.6416': attribute type 10 has an invalid length.
[ 1160.612667][T23469] bond0: (slave wlan1): Releasing backup interface
[ 1160.676789][T23469] team0: Port device wlan1 added
[ 1161.427452][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1161.446484][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1161.499043][T23178] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1161.644531][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1161.681344][ T5468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1161.833871][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1161.858670][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1161.927604][T23178] device veth0_vlan entered promiscuous mode
[ 1161.945228][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1161.984088][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1162.019389][T23178] device veth1_vlan entered promiscuous mode
[ 1162.118301][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1162.153599][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1162.190551][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1162.225028][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1162.278211][T23178] device veth0_macvtap entered promiscuous mode
[ 1162.310397][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1162.331516][T23178] device veth1_macvtap entered promiscuous mode
[ 1162.432012][T23178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1162.492531][T23178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.520991][T23178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1162.552499][T23178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.579916][T23178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1162.621637][T23178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.650511][T23178] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1162.674442][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1162.715564][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1162.746792][T23178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1162.768505][T23178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.799501][T23178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1162.829837][T23178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.868047][T23178] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1162.895265][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1162.913920][T19126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1162.931592][T23178] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.954753][T23178] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.970230][T23178] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.979733][T23178] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.123931][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1164.131849][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1164.213347][   T62] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1164.244614][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1164.303232][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1164.310913][T19131] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1164.865815][T23530] FAULT_INJECTION: forcing a failure.
[ 1164.865815][T23530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.039054][T23530] CPU: 1 PID: 23530 Comm: syz.2.6332 Not tainted syzkaller #0
[ 1165.046646][T23530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1165.056775][T23530] Call Trace:
[ 1165.060120][T23530]  <TASK>
[ 1165.063153][T23530]  dump_stack_lvl+0x188/0x24e
[ 1165.067913][T23530]  ? show_regs_print_info+0x12/0x12
[ 1165.073194][T23530]  ? load_image+0x400/0x400
[ 1165.077776][T23530]  ? __lock_acquire+0x7d10/0x7d10
[ 1165.082876][T23530]  ? perf_trace_run_bpf_submit+0xf3/0x1c0
[ 1165.088707][T23530]  should_fail_ex+0x399/0x4d0
[ 1165.093480][T23530]  _copy_from_user+0x2c/0x170
[ 1165.098347][T23530]  ___sys_sendmsg+0x1c3/0x360
[ 1165.103133][T23530]  ? __sys_sendmsg+0x290/0x290
[ 1165.108076][T23530]  ? __lock_acquire+0x7d10/0x7d10
[ 1165.113267][T23530]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1165.118233][T23530]  ? __x64_sys_sendmsg+0x80/0x80
[ 1165.123294][T23530]  ? lockdep_hardirqs_on+0x94/0x140
[ 1165.128577][T23530]  do_syscall_64+0x4c/0xa0
[ 1165.133164][T23530]  ? clear_bhb_loop+0x60/0xb0
[ 1165.137919][T23530]  ? clear_bhb_loop+0x60/0xb0
[ 1165.142683][T23530]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1165.148658][T23530] RIP: 0033:0x7f8655d9cdd9
[ 1165.153137][T23530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1165.173363][T23530] RSP: 002b:00007f8656c77028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1165.181891][T23530] RAX: ffffffffffffffda RBX: 00007f8656015fa0 RCX: 00007f8655d9cdd9
[ 1165.190030][T23530] RDX: 0000000000000000 RSI: 0000200000003680 RDI: 0000000000000003
[ 1165.198087][T23530] RBP: 00007f8656c77090 R08: 0000000000000000 R09: 0000000000000000
[ 1165.206222][T23530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1165.214262][T23530] R13: 00007f8656016038 R14: 00007f8656015fa0 R15: 00007ffd0c45c4a8
[ 1165.222344][T23530]  </TASK>
[ 1165.832930][T23549] netlink: 126632 bytes leftover after parsing attributes in process `syz.0.6437'.
[ 1165.932638][T23549] netlink: 8192 bytes leftover after parsing attributes in process `syz.0.6437'.
[ 1168.874209][T23617] netlink: 122896 bytes leftover after parsing attributes in process `syz.2.6452'.
[ 1173.772409][T23667] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6468'.
[ 1177.415781][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.422295][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.352935][T23715] netlink: 'syz.3.6485': attribute type 10 has an invalid length.
[ 1178.425107][T13107] Bluetooth: hci1: unexpected event 0x0b length: 151 > 11
[ 1182.781217][T23778] netlink: 'syz.3.6509': attribute type 10 has an invalid length.
[ 1182.848993][T23778] team0: Port device wlan1 added
[ 1183.443335][T23789] netlink: 'syz.0.6514': attribute type 2 has an invalid length.
[ 1184.273980][T23789] device 1 entered promiscuous mode
[ 1184.377140][T23806] netlink: 'syz.2.6518': attribute type 2 has an invalid length.
[ 1184.511485][T23808] netlink: 'syz.0.6519': attribute type 2 has an invalid length.
[ 1184.613465][T21622] Bluetooth: hci4: command 0x0406 tx timeout
[ 1187.526098][T23806] device 0 entered promiscuous mode
[ 1187.549098][T23808] device 2 entered promiscuous mode
[ 1187.848022][T23820] netlink: 'syz.4.6523': attribute type 10 has an invalid length.
[ 1187.993867][T23820] bond0: (slave wlan1): Releasing backup interface
[ 1188.005536][T23828] FAULT_INJECTION: forcing a failure.
[ 1188.005536][T23828] name failslab, interval 1, probability 0, space 0, times 0
[ 1188.028385][T23820] team0: Port device wlan1 added
[ 1188.083945][T23829] net_ratelimit: 2 callbacks suppressed
[ 1188.083965][T23829] wlan1: mtu greater than device maximum
[ 1188.096034][T23828] CPU: 1 PID: 23828 Comm: syz.3.6525 Not tainted syzkaller #0
[ 1188.103740][T23828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1188.113861][T23828] Call Trace:
[ 1188.117199][T23828]  <TASK>
[ 1188.120171][T23828]  dump_stack_lvl+0x188/0x24e
[ 1188.124921][T23828]  ? show_regs_print_info+0x12/0x12
[ 1188.130185][T23828]  ? load_image+0x400/0x400
[ 1188.134733][T23828]  ? __might_sleep+0xd0/0xd0
[ 1188.139367][T23828]  ? __lock_acquire+0x7d10/0x7d10
[ 1188.144435][T23828]  should_fail_ex+0x399/0x4d0
[ 1188.149154][T23828]  should_failslab+0x5/0x20
[ 1188.153710][T23828]  slab_pre_alloc_hook+0x59/0x310
[ 1188.158820][T23828]  ? iovec_from_user+0x83/0x360
[ 1188.163737][T23828]  __kmem_cache_alloc_node+0x4f/0x260
[ 1188.169206][T23828]  ? iovec_from_user+0x83/0x360
[ 1188.174123][T23828]  __kmalloc+0xa0/0x240
[ 1188.178331][T23828]  iovec_from_user+0x83/0x360
[ 1188.183052][T23828]  __import_iovec+0x6d/0x500
[ 1188.187689][T23828]  import_iovec+0x6f/0xa0
[ 1188.192061][T23828]  ___sys_sendmsg+0x252/0x360
[ 1188.196968][T23828]  ? __sys_sendmsg+0x290/0x290
[ 1188.201801][T23828]  ? __lock_acquire+0x7d10/0x7d10
[ 1188.206911][T23828]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1188.211820][T23828]  ? __x64_sys_sendmsg+0x80/0x80
[ 1188.216830][T23828]  ? lockdep_hardirqs_on+0x94/0x140
[ 1188.222080][T23828]  do_syscall_64+0x4c/0xa0
[ 1188.226546][T23828]  ? clear_bhb_loop+0x60/0xb0
[ 1188.231307][T23828]  ? clear_bhb_loop+0x60/0xb0
[ 1188.236038][T23828]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1188.241987][T23828] RIP: 0033:0x7f0e54b9cdd9
[ 1188.246465][T23828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1188.266116][T23828] RSP: 002b:00007f0e55a12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1188.274585][T23828] RAX: ffffffffffffffda RBX: 00007f0e54e16090 RCX: 00007f0e54b9cdd9
[ 1188.282599][T23828] RDX: 0000000000000000 RSI: 0000200000003680 RDI: 0000000000000003
[ 1188.290695][T23828] RBP: 00007f0e55a12090 R08: 0000000000000000 R09: 0000000000000000
[ 1188.298739][T23828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1188.306750][T23828] R13: 00007f0e54e16128 R14: 00007f0e54e16090 R15: 00007ffe15baccd8
[ 1188.314788][T23828]  </TASK>
[ 1188.396467][T23832] netlink: 'syz.0.6524': attribute type 21 has an invalid length.
[ 1188.472893][T23832] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6524'.
[ 1188.513715][T23837] netlink: 'syz.2.6527': attribute type 13 has an invalid length.
[ 1188.521717][T23837] netlink: 172 bytes leftover after parsing attributes in process `syz.2.6527'.
[ 1188.580013][T23837] erspan0: refused to change device tx_queue_len
[ 1188.640294][T23840] netlink: 'syz.1.6529': attribute type 2 has an invalid length.
[ 1188.728220][T23832] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.6524'.
[ 1189.124327][T23848] netlink: 'syz.2.6531': attribute type 2 has an invalid length.
[ 1189.433586][T23840] device 0 entered promiscuous mode
[ 1189.646878][T23848] device 1 entered promiscuous mode
[ 1189.714894][T23858] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[ 1190.578619][T23874] netlink: 'syz.0.6540': attribute type 10 has an invalid length.
[ 1191.026821][T23874] team0 (unregistering): Port device team_slave_0 removed
[ 1191.117394][T23874] team0 (unregistering): Port device team_slave_1 removed
[ 1191.326112][T23874] team0 (unregistering): Port device wlan1 removed
[ 1191.429590][T23890] netlink: 'syz.3.6545': attribute type 2 has an invalid length.
[ 1191.452794][T23890] netlink: 60 bytes leftover after parsing attributes in process `syz.3.6545'.
[ 1191.552987][T23885] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1191.564498][T23885] netlink: 1 bytes leftover after parsing attributes in process `syz.4.6541'.
[ 1191.845910][T23898] netlink: 'syz.0.6547': attribute type 2 has an invalid length.
[ 1192.128665][T23898] device 3 entered promiscuous mode
[ 1193.073263][T23915] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6553'.
[ 1194.162558][T23939] netlink: 'syz.2.6561': attribute type 2 has an invalid length.
[ 1194.388818][T23939] device 2 entered promiscuous mode
[ 1195.515492][T23979] netlink: 'syz.1.6576': attribute type 2 has an invalid length.
[ 1195.626555][T23976] delete_channel: no stack
[ 1195.724416][T23979] device 1 entered promiscuous mode
[ 1196.171858][T24004] netlink: 'syz.0.6585': attribute type 21 has an invalid length.
[ 1199.781495][T24052] netlink: 'syz.1.6604': attribute type 2 has an invalid length.
[ 1201.458801][T24052] device 2 entered promiscuous mode
[ 1204.370797][T24095] netlink: 'syz.0.6618': attribute type 2 has an invalid length.
[ 1204.579969][T24095] device 4 entered promiscuous mode
[ 1204.832516][T24113] netlink: 'syz.4.6623': attribute type 2 has an invalid length.
[ 1204.873707][T24113] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6623'.
[ 1206.044145][T24133] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6630'.
[ 1206.992314][T24152] netlink: 'syz.3.6635': attribute type 2 has an invalid length.
[ 1207.098485][T24158] delete_channel: no stack
[ 1207.411782][T24152] device 0 entered promiscuous mode
[ 1207.531053][T24170] netlink: 'syz.0.6642': attribute type 10 has an invalid length.
[ 1207.564102][T24168] netlink: 'syz.2.6641': attribute type 7 has an invalid length.
[ 1209.521671][T24212] netlink: 'syz.3.6653': attribute type 2 has an invalid length.
[ 1210.011588][T24212] device 1 entered promiscuous mode
[ 1210.372775][T13107] Bluetooth: hci0: command 0x0406 tx timeout
[ 1210.790822][T24233] netlink: 'syz.0.6661': attribute type 10 has an invalid length.
[ 1210.791364][T24239] delete_channel: no stack
[ 1211.097309][T24243] netlink: 'syz.1.6664': attribute type 153 has an invalid length.
[ 1211.187308][T24243] netlink: 69544 bytes leftover after parsing attributes in process `syz.1.6664'.
[ 1211.457420][T24253] netlink: 'syz.2.6668': attribute type 2 has an invalid length.
[ 1212.244354][T24253] device 3 entered promiscuous mode
[ 1213.759237][T24294] netlink: 'syz.0.6680': attribute type 10 has an invalid length.
[ 1214.041265][T24303] netlink: 'syz.1.6682': attribute type 2 has an invalid length.
[ 1214.860558][T24303] device 3 entered promiscuous mode
[ 1216.402996][T24356] netlink: 'syz.0.6695': attribute type 10 has an invalid length.
[ 1216.525813][T24361] FAULT_INJECTION: forcing a failure.
[ 1216.525813][T24361] name failslab, interval 1, probability 0, space 0, times 0
[ 1216.556962][T24361] CPU: 0 PID: 24361 Comm: syz.3.6696 Not tainted syzkaller #0
[ 1216.564539][T24361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1216.574678][T24361] Call Trace:
[ 1216.578006][T24361]  <TASK>
[ 1216.580990][T24361]  dump_stack_lvl+0x188/0x24e
[ 1216.585754][T24361]  ? show_regs_print_info+0x12/0x12
[ 1216.591033][T24361]  ? load_image+0x400/0x400
[ 1216.595608][T24361]  ? __might_sleep+0xd0/0xd0
[ 1216.600252][T24361]  ? __lock_acquire+0x7d10/0x7d10
[ 1216.605350][T24361]  ? mark_lock+0x94/0x320
[ 1216.609751][T24361]  should_fail_ex+0x399/0x4d0
[ 1216.614496][T24361]  should_failslab+0x5/0x20
[ 1216.619062][T24361]  slab_pre_alloc_hook+0x59/0x310
[ 1216.624160][T24361]  kmem_cache_alloc_node+0x5a/0x320
[ 1216.629511][T24361]  ? __alloc_skb+0xfc/0x7e0
[ 1216.634089][T24361]  __alloc_skb+0xfc/0x7e0
[ 1216.638498][T24361]  kcm_sendmsg+0x1eb4/0x2310
[ 1216.643159][T24361]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[ 1216.649808][T24361]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1216.655943][T24361]  ? __might_sleep+0xd0/0xd0
[ 1216.660625][T24361]  ? aa_sk_perm+0x81f/0x950
[ 1216.665305][T24361]  ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[ 1216.671798][T24361]  ? kcm_getsockopt+0x280/0x280
[ 1216.676779][T24361]  ? aa_sock_msg_perm+0x94/0x150
[ 1216.681780][T24361]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1216.687304][T24361]  ? security_socket_sendmsg+0x7c/0xa0
[ 1216.692839][T24361]  ? kcm_getsockopt+0x280/0x280
[ 1216.697765][T24361]  ____sys_sendmsg+0x5be/0x970
[ 1216.702608][T24361]  ? __sys_sendmsg_sock+0x30/0x30
[ 1216.707718][T24361]  ? __import_iovec+0x315/0x500
[ 1216.712656][T24361]  ? import_iovec+0x6f/0xa0
[ 1216.717240][T24361]  ___sys_sendmsg+0x2a2/0x360
[ 1216.722000][T24361]  ? __sys_sendmsg+0x290/0x290
[ 1216.726858][T24361]  ? __lock_acquire+0x7d10/0x7d10
[ 1216.731997][T24361]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1216.736935][T24361]  ? __x64_sys_sendmsg+0x80/0x80
[ 1216.741972][T24361]  ? lockdep_hardirqs_on+0x94/0x140
[ 1216.747241][T24361]  do_syscall_64+0x4c/0xa0
[ 1216.751737][T24361]  ? clear_bhb_loop+0x60/0xb0
[ 1216.756494][T24361]  ? clear_bhb_loop+0x60/0xb0
[ 1216.761264][T24361]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1216.767238][T24361] RIP: 0033:0x7f0e54b9cdd9
[ 1216.771806][T24361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1216.791481][T24361] RSP: 002b:00007f0e55a12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1216.799967][T24361] RAX: ffffffffffffffda RBX: 00007f0e54e16090 RCX: 00007f0e54b9cdd9
[ 1216.808002][T24361] RDX: 0000000000000000 RSI: 0000200000003680 RDI: 0000000000000003
[ 1216.816054][T24361] RBP: 00007f0e55a12090 R08: 0000000000000000 R09: 0000000000000000
[ 1216.824094][T24361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1216.832133][T24361] R13: 00007f0e54e16128 R14: 00007f0e54e16090 R15: 00007ffe15baccd8
[ 1216.840193][T24361]  </TASK>
[ 1217.069034][T24356] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[ 1221.179199][T24402] netlink: 'syz.4.6710': attribute type 10 has an invalid length.
[ 1221.206477][T24402] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1221.511452][T24402] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1221.812045][T24402] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[ 1221.863057][T24415] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6714'.
[ 1222.986895][T24452] netlink: 'syz.1.6727': attribute type 2 has an invalid length.
[ 1223.009851][T24454] netlink: 122896 bytes leftover after parsing attributes in process `syz.4.6723'.
[ 1223.194635][T24452] device 4 entered promiscuous mode
[ 1223.704015][T24471] netlink: 'syz.2.6731': attribute type 3 has an invalid length.
[ 1223.711979][T24471] netlink: 'syz.2.6731': attribute type 8 has an invalid length.
[ 1223.761610][T24471] netlink: 197344 bytes leftover after parsing attributes in process `syz.2.6731'.
[ 1224.211593][T24465] netlink: 'syz.3.6730': attribute type 10 has an invalid length.
[ 1224.221274][T24465] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1224.256663][T24465] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1224.305015][T24465] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[ 1224.331799][T24471] netlink: 'syz.2.6731': attribute type 10 has an invalid length.
[ 1224.364206][T24471] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1224.708539][T24488] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6735'.
[ 1224.752926][T24491] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6737'.
[ 1225.961301][T24512] netlink: 'syz.4.6744': attribute type 2 has an invalid length.
[ 1226.545953][T24512] device 0 entered promiscuous mode
[ 1226.848645][T24537] raw_sendmsg: syz.3.6751 forgot to set AF_INET. Fix it!
[ 1227.197521][T24542] netlink: 'syz.0.6754': attribute type 10 has an invalid length.
[ 1227.212444][T24542] netlink: 168 bytes leftover after parsing attributes in process `syz.0.6754'.
[ 1227.825264][T24552] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6757'.
[ 1228.075898][T24560] netlink: 'syz.0.6760': attribute type 2 has an invalid length.
[ 1228.326067][T24560] device 5 entered promiscuous mode
[ 1228.348218][T24566] netlink: 'syz.2.6763': attribute type 2 has an invalid length.
[ 1228.652483][T24566] device 4 entered promiscuous mode
[ 1229.321142][T24591] netlink: 'syz.0.6773': attribute type 49 has an invalid length.
[ 1229.511937][T24597] netlink: 122896 bytes leftover after parsing attributes in process `syz.3.6772'.
[ 1229.635308][T24597] debugfs: Directory '!!!' with parent 'ieee80211' already present!
[ 1230.301548][T24613] netlink: 'syz.4.6778': attribute type 2 has an invalid length.
[ 1230.548590][T24613] device 1 entered promiscuous mode
[ 1230.616713][T24622] netlink: 'syz.3.6782': attribute type 10 has an invalid length.
[ 1230.642976][T24622] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6782'.
[ 1230.661852][T24622] device ipvlan1 entered promiscuous mode
[ 1230.723015][T24622] bridge0: port 3(ipvlan1) entered blocking state
[ 1230.734378][T24622] bridge0: port 3(ipvlan1) entered disabled state
[ 1230.794648][T24622] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1231.687251][T24665] netlink: 122896 bytes leftover after parsing attributes in process `syz.2.6793'.
[ 1231.783281][T24665] debugfs: Directory '!!!' with parent 'ieee80211' already present!
[ 1231.887787][T24670] netlink: 'syz.3.6796': attribute type 2 has an invalid length.
[ 1232.197226][T24670] device 2 entered promiscuous mode
[ 1233.824765][T24717] netlink: 'syz.0.6812': attribute type 2 has an invalid length.
[ 1234.405306][T24739] netlink: 122896 bytes leftover after parsing attributes in process `syz.1.6818'.
[ 1234.531482][T24717] device 6 entered promiscuous mode
[ 1234.608165][T24728] netlink: 'syz.4.6817': attribute type 33 has an invalid length.
[ 1234.628778][T24728] netlink: 152 bytes leftover after parsing attributes in process `syz.4.6817'.
[ 1234.693764][T24728] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1235.812854][T21622] Bluetooth: hci3: command 0x0406 tx timeout
[ 1236.630848][T24739] debugfs: Directory '!!!' with parent 'ieee80211' already present!
[ 1237.147824][T24773] netlink: 180900 bytes leftover after parsing attributes in process `syz.4.6828'.
[ 1237.255840][T24773] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1237.559608][T24784] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6833'.
[ 1237.603113][T24784] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6833'.
[ 1237.634863][T24784] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6833'.
[ 1238.856680][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.863198][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.661091][T24829] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6852'.
[ 1239.913465][T24834] netlink: 188 bytes leftover after parsing attributes in process `syz.4.6853'.
[ 1241.603965][T24876] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.6867'.
[ 1241.711215][T24878] netlink: 'syz.3.6868': attribute type 10 has an invalid length.
[ 1242.239388][T24894] netlink: 'syz.2.6875': attribute type 2 has an invalid length.
[ 1242.370873][T24899] netlink: 'syz.1.6877': attribute type 3 has an invalid length.
[ 1242.398440][T24899] netlink: 'syz.1.6877': attribute type 8 has an invalid length.
[ 1242.463764][T24899] netlink: 197344 bytes leftover after parsing attributes in process `syz.1.6877'.
[ 1242.494571][T24897] FAULT_INJECTION: forcing a failure.
[ 1242.494571][T24897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1242.676863][T24894] device 5 entered promiscuous mode
[ 1242.713088][T24897] CPU: 1 PID: 24897 Comm: syz.3.6876 Not tainted syzkaller #0
[ 1242.720677][T24897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1242.730915][T24897] Call Trace:
[ 1242.734269][T24897]  <TASK>
[ 1242.737282][T24897]  dump_stack_lvl+0x188/0x24e
[ 1242.742089][T24897]  ? show_regs_print_info+0x12/0x12
[ 1242.747392][T24897]  ? load_image+0x400/0x400
[ 1242.752001][T24897]  ? __lock_acquire+0x7d10/0x7d10
[ 1242.757158][T24897]  should_fail_ex+0x399/0x4d0
[ 1242.761944][T24897]  _copy_from_user+0x2c/0x170
[ 1242.766723][T24897]  ___sys_sendmsg+0x1c3/0x360
[ 1242.771527][T24897]  ? __sys_sendmsg+0x290/0x290
[ 1242.776474][T24897]  ? lockdep_hardirqs_on+0x94/0x140
[ 1242.781853][T24897]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1242.786825][T24897]  ? __x64_sys_sendmsg+0x80/0x80
[ 1242.791928][T24897]  ? lockdep_hardirqs_on+0x94/0x140
[ 1242.797247][T24897]  do_syscall_64+0x4c/0xa0
[ 1242.801763][T24897]  ? clear_bhb_loop+0x60/0xb0
[ 1242.806530][T24897]  ? clear_bhb_loop+0x60/0xb0
[ 1242.811298][T24897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1242.817278][T24897] RIP: 0033:0x7f0e54b9cdd9
[ 1242.822317][T24897] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1242.842175][T24897] RSP: 002b:00007f0e55a33028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1242.850666][T24897] RAX: ffffffffffffffda RBX: 00007f0e54e15fa0 RCX: 00007f0e54b9cdd9
[ 1242.858699][T24897] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1242.867069][T24897] RBP: 00007f0e55a33090 R08: 0000000000000000 R09: 0000000000000000
[ 1242.875094][T24897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1242.883118][T24897] R13: 00007f0e54e16038 R14: 00007f0e54e15fa0 R15: 00007ffe15baccd8
[ 1242.891190][T24897]  </TASK>
[ 1243.930637][T24927] netlink: 'syz.0.6889': attribute type 6 has an invalid length.
[ 1246.838663][T24937] device macsec0 entered promiscuous mode
[ 1247.627027][T24958] netlink: 'syz.2.6897': attribute type 21 has an invalid length.
[ 1250.564566][T24986] @: port 1(vlan0) entered blocking state
[ 1250.582158][T24986] @: port 1(vlan0) entered disabled state
[ 1250.606806][T24986] device vlan0 entered promiscuous mode
[ 1250.659380][T24992] @: port 1(vlan0) entered blocking state
[ 1250.665392][T24992] @: port 1(vlan0) entered forwarding state
[ 1250.900709][T25000] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.6913'.
[ 1250.951188][T25000] netlink: 'syz.4.6913': attribute type 1 has an invalid length.
[ 1250.960307][T25000] netlink: 131740 bytes leftover after parsing attributes in process `syz.4.6913'.
[ 1251.164155][T25005] FAULT_INJECTION: forcing a failure.
[ 1251.164155][T25005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1251.269947][T25005] CPU: 0 PID: 25005 Comm: syz.1.6916 Not tainted syzkaller #0
[ 1251.277538][T25005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1251.287932][T25005] Call Trace:
[ 1251.291273][T25005]  <TASK>
[ 1251.294260][T25005]  dump_stack_lvl+0x188/0x24e
[ 1251.299025][T25005]  ? show_regs_print_info+0x12/0x12
[ 1251.304304][T25005]  ? load_image+0x400/0x400
[ 1251.308891][T25005]  ? __might_fault+0xa6/0x120
[ 1251.313697][T25005]  should_fail_ex+0x399/0x4d0
[ 1251.318459][T25005]  copyin+0x1b/0x120
[ 1251.322416][T25005]  _copy_from_iter+0x447/0x1130
[ 1251.327348][T25005]  ? copyout_mc+0x110/0x110
[ 1251.331923][T25005]  ? __virt_addr_valid+0x188/0x540
[ 1251.337133][T25005]  ? __virt_addr_valid+0x188/0x540
[ 1251.342327][T25005]  ? __virt_addr_valid+0x465/0x540
[ 1251.347579][T25005]  ? __check_object_size+0x500/0xa40
[ 1251.352945][T25005]  kcm_sendmsg+0xc26/0x2310
[ 1251.357707][T25005]  ? kcm_getsockopt+0x280/0x280
[ 1251.362740][T25005]  ? aa_sock_msg_perm+0x94/0x150
[ 1251.367772][T25005]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1251.373121][T25005]  ? security_socket_sendmsg+0x7c/0xa0
[ 1251.378697][T25005]  ? kcm_getsockopt+0x280/0x280
[ 1251.383634][T25005]  ____sys_sendmsg+0x5be/0x970
[ 1251.388489][T25005]  ? __sys_sendmsg_sock+0x30/0x30
[ 1251.393809][T25005]  ? __import_iovec+0x315/0x500
[ 1251.398766][T25005]  ? import_iovec+0x6f/0xa0
[ 1251.403351][T25005]  ___sys_sendmsg+0x2a2/0x360
[ 1251.408121][T25005]  ? __sys_sendmsg+0x290/0x290
[ 1251.413055][T25005]  ? __lock_acquire+0x7d10/0x7d10
[ 1251.418267][T25005]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1251.423226][T25005]  ? __x64_sys_sendmsg+0x80/0x80
[ 1251.428294][T25005]  ? lockdep_hardirqs_on+0x94/0x140
[ 1251.433580][T25005]  do_syscall_64+0x4c/0xa0
[ 1251.438073][T25005]  ? clear_bhb_loop+0x60/0xb0
[ 1251.442825][T25005]  ? clear_bhb_loop+0x60/0xb0
[ 1251.447588][T25005]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1251.453644][T25005] RIP: 0033:0x7f4e34d9cdd9
[ 1251.458135][T25005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1251.477919][T25005] RSP: 002b:00007f4e35b94028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1251.486416][T25005] RAX: ffffffffffffffda RBX: 00007f4e35015fa0 RCX: 00007f4e34d9cdd9
[ 1251.494474][T25005] RDX: 0000000000000000 RSI: 0000200000003680 RDI: 0000000000000003
[ 1251.502521][T25005] RBP: 00007f4e35b94090 R08: 0000000000000000 R09: 0000000000000000
[ 1251.510559][T25005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1251.518703][T25005] R13: 00007f4e35016038 R14: 00007f4e35015fa0 R15: 00007fffa997ec48
[ 1251.526795][T25005]  </TASK>
[ 1251.798833][T25000] device syzkaller0 entered promiscuous mode
[ 1255.914256][T25026] netlink: 'syz.3.6922': attribute type 21 has an invalid length.
[ 1255.922366][T25026] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6922'.
[ 1256.293159][T13107] Bluetooth: hci5: command 0x0406 tx timeout
[ 1258.526883][T25077] netlink: 'syz.4.6942': attribute type 2 has an invalid length.
[ 1259.252336][T25086] netlink: 'syz.2.6945': attribute type 3 has an invalid length.
[ 1259.301747][T25077] device 2 entered promiscuous mode
[ 1259.407625][T25086] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.6945'.
[ 1260.035373][T25109] netlink: 'syz.1.6951': attribute type 2 has an invalid length.
[ 1260.252594][T25109] device 5 entered promiscuous mode
[ 1260.640035][T25126] netlink: 'syz.4.6959': attribute type 1 has an invalid length.
[ 1260.648729][T25126] netlink: 127868 bytes leftover after parsing attributes in process `syz.4.6959'.
[ 1260.697974][T25133] netlink: 'syz.1.6958': attribute type 2 has an invalid length.
[ 1260.951073][T25133] device 6 entered promiscuous mode
[ 1261.552918][T25158] netlink: 'syz.1.6979': attribute type 10 has an invalid length.
[ 1261.611402][T25159] netlink: 'syz.2.6969': attribute type 2 has an invalid length.
[ 1261.736935][T19136] @: port 1(vlan0) entered disabled state
[ 1262.202505][T25159] device 6 entered promiscuous mode
[ 1262.237863][T25169] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6972'.
[ 1262.280967][T25178] netlink: 'syz.0.6976': attribute type 2 has an invalid length.
[ 1262.529938][T25178] device 7 entered promiscuous mode
[ 1264.416391][T25217] netlink: 'syz.1.6989': attribute type 10 has an invalid length.
[ 1264.849843][T25226] netlink: 'syz.0.6991': attribute type 2 has an invalid length.
[ 1264.898943][T25227] FAULT_INJECTION: forcing a failure.
[ 1264.898943][T25227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1264.976839][T25227] CPU: 1 PID: 25227 Comm: syz.4.6992 Not tainted syzkaller #0
[ 1264.984432][T25227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1264.994579][T25227] Call Trace:
[ 1264.997936][T25227]  <TASK>
[ 1265.000940][T25227]  dump_stack_lvl+0x188/0x24e
[ 1265.005729][T25227]  ? show_regs_print_info+0x12/0x12
[ 1265.011045][T25227]  ? load_image+0x400/0x400
[ 1265.015664][T25227]  ? __lock_acquire+0x7d10/0x7d10
[ 1265.020806][T25227]  should_fail_ex+0x399/0x4d0
[ 1265.025603][T25227]  _copy_from_user+0x2c/0x170
[ 1265.030383][T25227]  iovec_from_user+0x143/0x360
[ 1265.035288][T25227]  __import_iovec+0x6d/0x500
[ 1265.039996][T25227]  import_iovec+0x6f/0xa0
[ 1265.044427][T25227]  ___sys_sendmsg+0x252/0x360
[ 1265.049223][T25227]  ? __sys_sendmsg+0x290/0x290
[ 1265.054154][T25227]  ? __lock_acquire+0x7d10/0x7d10
[ 1265.059357][T25227]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1265.064312][T25227]  ? __x64_sys_sendmsg+0x80/0x80
[ 1265.069392][T25227]  ? lockdep_hardirqs_on+0x94/0x140
[ 1265.074688][T25227]  do_syscall_64+0x4c/0xa0
[ 1265.079185][T25227]  ? clear_bhb_loop+0x60/0xb0
[ 1265.083953][T25227]  ? clear_bhb_loop+0x60/0xb0
[ 1265.088759][T25227]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1265.094744][T25227] RIP: 0033:0x7faa0679cdd9
[ 1265.099236][T25227] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1265.118933][T25227] RSP: 002b:00007faa07571028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1265.127442][T25227] RAX: ffffffffffffffda RBX: 00007faa06a15fa0 RCX: 00007faa0679cdd9
[ 1265.135477][T25227] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1265.143520][T25227] RBP: 00007faa07571090 R08: 0000000000000000 R09: 0000000000000000
[ 1265.151640][T25227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1265.159680][T25227] R13: 00007faa06a16038 R14: 00007faa06a15fa0 R15: 00007ffd28905c98
[ 1265.167771][T25227]  </TASK>
[ 1265.338779][T25226] device 8 entered promiscuous mode
[ 1265.559364][T25238] netlink: 'syz.3.6996': attribute type 2 has an invalid length.
[ 1266.242807][T25238] device 0 entered promiscuous mode
[ 1266.393533][T25252] netlink: 'syz.4.7001': attribute type 10 has an invalid length.
[ 1266.401550][T25252] netlink: 2 bytes leftover after parsing attributes in process `syz.4.7001'.
[ 1266.443550][T25252] device hsr0 entered promiscuous mode
[ 1266.450029][T25252] bridge0: port 3(hsr0) entered blocking state
[ 1266.502070][T25252] bridge0: port 3(hsr0) entered disabled state
[ 1266.521192][T25252] bridge0: port 3(hsr0) entered blocking state
[ 1266.527599][T25252] bridge0: port 3(hsr0) entered forwarding state
[ 1266.746997][T25259] netlink: 'syz.2.7004': attribute type 10 has an invalid length.
[ 1268.624942][T25259] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1269.097922][T25284] netlink: 'syz.2.7013': attribute type 2 has an invalid length.
[ 1269.838120][T25284] device 7 entered promiscuous mode
[ 1270.579727][T25312] netlink: 16054 bytes leftover after parsing attributes in process `syz.2.7023'.
[ 1270.670177][T25319] netlink: 'syz.4.7026': attribute type 2 has an invalid length.
[ 1270.861581][T25319] device 3 entered promiscuous mode
[ 1271.029440][T25325] netlink: 'syz.0.7028': attribute type 39 has an invalid length.
[ 1271.723291][T21622] Bluetooth: hci1: command 0x0406 tx timeout
[ 1272.655567][T25354] netlink: 180 bytes leftover after parsing attributes in process `syz.3.7038'.
[ 1272.798890][T25362] netlink: 'syz.1.7040': attribute type 2 has an invalid length.
[ 1272.958310][T25362] device 7 entered promiscuous mode
[ 1274.370708][T25384] netlink: 134056 bytes leftover after parsing attributes in process `syz.4.7049'.
[ 1275.145810][T25400] netlink: 'syz.0.7055': attribute type 2 has an invalid length.
[ 1275.869284][T25400] device 9 entered promiscuous mode
[ 1276.719010][T25429] netlink: 'syz.2.7064': attribute type 2 has an invalid length.
[ 1277.586972][T25429] device 0 entered promiscuous mode
[ 1278.148359][T25449] netlink: 'syz.3.7069': attribute type 27 has an invalid length.
[ 1278.227081][T25451] netlink: 'syz.1.7071': attribute type 2 has an invalid length.
[ 1278.272782][T25449] netlink: 164 bytes leftover after parsing attributes in process `syz.3.7069'.
[ 1278.979446][T25451] device 8 entered promiscuous mode
[ 1285.308305][T25538] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7098'.
[ 1285.381220][T25534] delete_channel: no stack
[ 1285.823393][T25549] netlink: 'syz.0.7101': attribute type 10 has an invalid length.
[ 1285.869600][T25552] FAULT_INJECTION: forcing a failure.
[ 1285.869600][T25552] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.945014][T25552] CPU: 0 PID: 25552 Comm: syz.1.7102 Not tainted syzkaller #0
[ 1285.952597][T25552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1285.962736][T25552] Call Trace:
[ 1285.966087][T25552]  <TASK>
[ 1285.969098][T25552]  dump_stack_lvl+0x188/0x24e
[ 1285.973913][T25552]  ? show_regs_print_info+0x12/0x12
[ 1285.979234][T25552]  ? load_image+0x400/0x400
[ 1285.983838][T25552]  ? __might_sleep+0xd0/0xd0
[ 1285.988598][T25552]  ? __lock_acquire+0x7d10/0x7d10
[ 1285.993737][T25552]  should_fail_ex+0x399/0x4d0
[ 1285.998510][T25552]  should_failslab+0x5/0x20
[ 1286.003117][T25552]  slab_pre_alloc_hook+0x59/0x310
[ 1286.008250][T25552]  kmem_cache_alloc_node+0x5a/0x320
[ 1286.013533][T25552]  ? __alloc_skb+0xfc/0x7e0
[ 1286.018146][T25552]  __alloc_skb+0xfc/0x7e0
[ 1286.022583][T25552]  ? netlink_autobind+0xda/0x300
[ 1286.027629][T25552]  netlink_sendmsg+0x654/0xbd0
[ 1286.032522][T25552]  ? netlink_getsockopt+0x550/0x550
[ 1286.037828][T25552]  ? aa_sock_msg_perm+0x94/0x150
[ 1286.042854][T25552]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1286.048217][T25552]  ? security_socket_sendmsg+0x7c/0xa0
[ 1286.053797][T25552]  ? netlink_getsockopt+0x550/0x550
[ 1286.059119][T25552]  ____sys_sendmsg+0x5be/0x970
[ 1286.064017][T25552]  ? __sys_sendmsg_sock+0x30/0x30
[ 1286.069143][T25552]  ? __import_iovec+0x315/0x500
[ 1286.074118][T25552]  ? import_iovec+0x6f/0xa0
[ 1286.078723][T25552]  ___sys_sendmsg+0x2a2/0x360
[ 1286.083515][T25552]  ? __sys_sendmsg+0x290/0x290
[ 1286.088641][T25552]  ? __lock_acquire+0x7d10/0x7d10
[ 1286.093856][T25552]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1286.098808][T25552]  ? __x64_sys_sendmsg+0x80/0x80
[ 1286.103897][T25552]  ? lockdep_hardirqs_on+0x94/0x140
[ 1286.109214][T25552]  do_syscall_64+0x4c/0xa0
[ 1286.113725][T25552]  ? clear_bhb_loop+0x60/0xb0
[ 1286.118485][T25552]  ? clear_bhb_loop+0x60/0xb0
[ 1286.123256][T25552]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1286.129233][T25552] RIP: 0033:0x7f4e34d9cdd9
[ 1286.133750][T25552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1286.153437][T25552] RSP: 002b:00007f4e35b94028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1286.161947][T25552] RAX: ffffffffffffffda RBX: 00007f4e35015fa0 RCX: 00007f4e34d9cdd9
[ 1286.170000][T25552] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1286.178079][T25552] RBP: 00007f4e35b94090 R08: 0000000000000000 R09: 0000000000000000
[ 1286.186137][T25552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1286.194233][T25552] R13: 00007f4e35016038 R14: 00007f4e35015fa0 R15: 00007fffa997ec48
[ 1286.202351][T25552]  </TASK>
[ 1294.142019][T25698] FAULT_INJECTION: forcing a failure.
[ 1294.142019][T25698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1294.181958][T25698] CPU: 1 PID: 25698 Comm: syz.0.7146 Not tainted syzkaller #0
[ 1294.189571][T25698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1294.199675][T25698] Call Trace:
[ 1294.203003][T25698]  <TASK>
[ 1294.205980][T25698]  dump_stack_lvl+0x188/0x24e
[ 1294.210735][T25698]  ? show_regs_print_info+0x12/0x12
[ 1294.216099][T25698]  ? load_image+0x400/0x400
[ 1294.220669][T25698]  ? __lock_acquire+0x7d10/0x7d10
[ 1294.225782][T25698]  ? snprintf+0xe5/0x140
[ 1294.230080][T25698]  should_fail_ex+0x399/0x4d0
[ 1294.234817][T25698]  _copy_to_user+0x2c/0x130
[ 1294.239392][T25698]  simple_read_from_buffer+0xe3/0x150
[ 1294.244824][T25698]  proc_fail_nth_read+0x1a6/0x220
[ 1294.249948][T25698]  ? proc_fault_inject_write+0x310/0x310
[ 1294.255644][T25698]  ? fsnotify_perm+0x248/0x550
[ 1294.260536][T25698]  ? proc_fault_inject_write+0x310/0x310
[ 1294.266265][T25698]  vfs_read+0x2de/0xa00
[ 1294.270507][T25698]  ? kernel_read+0x1e0/0x1e0
[ 1294.275161][T25698]  ? __fget_files+0x28/0x4b0
[ 1294.279806][T25698]  ? __fget_files+0x28/0x4b0
[ 1294.284464][T25698]  ? __fget_files+0x43d/0x4b0
[ 1294.289215][T25698]  ? __fdget_pos+0x2ae/0x360
[ 1294.293864][T25698]  ? ksys_read+0x71/0x250
[ 1294.298260][T25698]  ksys_read+0x14c/0x250
[ 1294.302564][T25698]  ? vfs_write+0xa30/0xa30
[ 1294.307038][T25698]  ? lockdep_hardirqs_on+0x94/0x140
[ 1294.312302][T25698]  do_syscall_64+0x4c/0xa0
[ 1294.316771][T25698]  ? clear_bhb_loop+0x60/0xb0
[ 1294.321497][T25698]  ? clear_bhb_loop+0x60/0xb0
[ 1294.326226][T25698]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1294.332216][T25698] RIP: 0033:0x7f8b5e15d60e
[ 1294.336688][T25698] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1294.356351][T25698] RSP: 002b:00007f8b5f07bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1294.364813][T25698] RAX: ffffffffffffffda RBX: 00007f8b5f07c6c0 RCX: 00007f8b5e15d60e
[ 1294.372824][T25698] RDX: 000000000000000f RSI: 00007f8b5f07c0a0 RDI: 0000000000000005
[ 1294.380830][T25698] RBP: 00007f8b5f07c090 R08: 0000000000000000 R09: 0000000000000000
[ 1294.388852][T25698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1294.396862][T25698] R13: 00007f8b5e416038 R14: 00007f8b5e415fa0 R15: 00007ffd153fe618
[ 1294.404909][T25698]  </TASK>
[ 1294.753195][T25702] netlink: 'syz.4.7147': attribute type 7 has an invalid length.
[ 1297.217734][T25800] netlink: 'syz.1.7182': attribute type 10 has an invalid length.
[ 1297.245526][T25800] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7182'.
[ 1297.280310][T25800] device dummy0 entered promiscuous mode
[ 1297.304163][T25800] bridge0: port 3(dummy0) entered blocking state
[ 1297.321968][T25800] bridge0: port 3(dummy0) entered disabled state
[ 1297.370685][T25800] bridge0: port 3(dummy0) entered blocking state
[ 1297.377915][T25800] bridge0: port 3(dummy0) entered forwarding state
[ 1297.709433][T25817] netlink: 'syz.1.7186': attribute type 10 has an invalid length.
[ 1298.573074][T25846] netlink: 'syz.1.7199': attribute type 2 has an invalid length.
[ 1298.591625][T25849] netlink: 'syz.2.7200': attribute type 2 has an invalid length.
[ 1298.621570][T25846] device 9 entered promiscuous mode
[ 1298.685677][T25849] device 8 entered promiscuous mode
[ 1300.295981][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.302599][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.510487][T25880] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7209'.
[ 1300.705249][T25883] netlink: 'syz.2.7212': attribute type 2 has an invalid length.
[ 1300.726292][T25885] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7211'.
[ 1300.830877][T25883] device 9 entered promiscuous mode
[ 1300.959631][T25889] netlink: 'syz.0.7213': attribute type 10 has an invalid length.
[ 1301.011005][T25889] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1302.126288][T25932] netlink: 'syz.1.7227': attribute type 2 has an invalid length.
[ 1302.365976][T25932] device 10 entered promiscuous mode
[ 1302.559070][T25947] netlink: 'syz.3.7232': attribute type 17 has an invalid length.
[ 1302.577437][T25947] netlink: 160 bytes leftover after parsing attributes in process `syz.3.7232'.
[ 1303.000150][T25966] netlink: 763 bytes leftover after parsing attributes in process `syz.1.7239'.
[ 1303.149271][T25966] netlink: 'syz.1.7239': attribute type 11 has an invalid length.
[ 1303.159493][T25973] netlink: 'syz.3.7242': attribute type 11 has an invalid length.
[ 1303.177267][T25966] netlink: 140 bytes leftover after parsing attributes in process `syz.1.7239'.
[ 1303.203900][T25973] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.7242'.
[ 1303.349627][T25977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1303.940713][T25996] netlink: 14 bytes leftover after parsing attributes in process `syz.3.7249'.
[ 1303.963010][T25996] openvswitch: netlink: Message has 6 unknown bytes.
[ 1306.269015][T26026] netlink: 'syz.0.7258': attribute type 10 has an invalid length.
[ 1306.351529][T26026] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7258'.
[ 1306.369215][T26027] netlink: 'syz.1.7261': attribute type 2 has an invalid length.
[ 1306.387496][T26026] bridge0: port 3(veth0_vlan) entered blocking state
[ 1306.423192][T26026] bridge0: port 3(veth0_vlan) entered disabled state
[ 1306.439937][T26026] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[ 1306.534459][T26027] device 11 entered promiscuous mode
[ 1306.831077][T26035] netlink: 763 bytes leftover after parsing attributes in process `syz.4.7264'.
[ 1306.953065][T26041] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7266'.
[ 1306.999519][T26045] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7266'.
[ 1307.051468][T26043] netlink: 'syz.4.7264': attribute type 11 has an invalid length.
[ 1307.077443][T26043] netlink: 140 bytes leftover after parsing attributes in process `syz.4.7264'.
[ 1307.288071][T26053] netlink: 'syz.3.7270': attribute type 2 has an invalid length.
[ 1307.566440][T26053] device 3 entered promiscuous mode
[ 1309.274047][T26066] netlink: 'syz.2.7273': attribute type 27 has an invalid length.
[ 1309.281970][T26066] netlink: 164 bytes leftover after parsing attributes in process `syz.2.7273'.
[ 1309.625865][T26080] netlink: 'syz.3.7277': attribute type 10 has an invalid length.
[ 1309.659753][T26080] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7277'.
[ 1309.724304][T26080] bridge0: port 3(veth0_vlan) entered blocking state
[ 1309.762863][T26080] bridge0: port 3(veth0_vlan) entered disabled state
[ 1309.782381][T26080] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[ 1309.893550][T26082] netlink: 'syz.1.7279': attribute type 10 has an invalid length.
[ 1309.901962][T26082] netlink: 140 bytes leftover after parsing attributes in process `syz.1.7279'.
[ 1309.994052][T26082] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1310.612551][T26101] netlink: 72 bytes leftover after parsing attributes in process `syz.3.7283'.
[ 1310.709524][T26121] netlink: 'syz.4.7288': attribute type 2 has an invalid length.
[ 1311.021576][T26121] device 4 entered promiscuous mode
[ 1311.351395][T26139] netlink: 'syz.2.7296': attribute type 10 has an invalid length.
[ 1311.580614][T26142] netlink: 'syz.4.7294': attribute type 10 has an invalid length.
[ 1311.612925][T26142] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7294'.
[ 1311.680404][T26142] device veth0_vlan left promiscuous mode
[ 1311.742804][T26142] device veth0_vlan entered promiscuous mode
[ 1311.752348][T26142] bridge0: port 4(veth0_vlan) entered blocking state
[ 1311.835343][T26142] bridge0: port 4(veth0_vlan) entered disabled state
[ 1311.851524][T26142] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[ 1312.127274][T26158] device vlan0 entered promiscuous mode
[ 1312.666436][T26187] netlink: 'syz.4.7310': attribute type 20 has an invalid length.
[ 1312.744628][T26178] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7308'.
[ 1314.419187][T26224] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7325'.
[ 1315.009110][T26241] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7328'.
[ 1315.561410][T26255] netlink: 'syz.4.7333': attribute type 10 has an invalid length.
[ 1315.623044][T26255] team0: Port device wlan1 removed
[ 1315.671922][T26255] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1317.136493][T26299] netlink: 'syz.3.7348': attribute type 2 has an invalid length.
[ 1317.290198][T26302] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7344'.
[ 1317.901613][T26299] device 4 entered promiscuous mode
[ 1317.934616][T26300] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.7347'.
[ 1318.512851][T26324] netlink: 172 bytes leftover after parsing attributes in process `syz.4.7355'.
[ 1318.575202][T26322] FAULT_INJECTION: forcing a failure.
[ 1318.575202][T26322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1318.609219][T26322] CPU: 1 PID: 26322 Comm: syz.3.7356 Not tainted syzkaller #0
[ 1318.616812][T26322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1318.626944][T26322] Call Trace:
[ 1318.630305][T26322]  <TASK>
[ 1318.633344][T26322]  dump_stack_lvl+0x188/0x24e
[ 1318.638139][T26322]  ? show_regs_print_info+0x12/0x12
[ 1318.643431][T26322]  ? load_image+0x400/0x400
[ 1318.648030][T26322]  ? __might_fault+0xa6/0x120
[ 1318.652813][T26322]  should_fail_ex+0x399/0x4d0
[ 1318.657626][T26322]  copyin+0x1b/0x120
[ 1318.661613][T26322]  _copy_from_iter+0x447/0x1130
[ 1318.666589][T26322]  ? copyout_mc+0x110/0x110
[ 1318.671178][T26322]  ? __virt_addr_valid+0x188/0x540
[ 1318.676382][T26322]  ? __virt_addr_valid+0x188/0x540
[ 1318.681591][T26322]  ? __virt_addr_valid+0x465/0x540
[ 1318.686804][T26322]  ? __check_object_size+0x500/0xa40
[ 1318.692178][T26322]  netlink_sendmsg+0x755/0xbd0
[ 1318.697031][T26322]  ? netlink_getsockopt+0x550/0x550
[ 1318.702308][T26322]  ? aa_sock_msg_perm+0x94/0x150
[ 1318.707305][T26322]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1318.712686][T26322]  ? security_socket_sendmsg+0x7c/0xa0
[ 1318.718240][T26322]  ? netlink_getsockopt+0x550/0x550
[ 1318.723727][T26322]  ____sys_sendmsg+0x5be/0x970
[ 1318.728607][T26322]  ? __sys_sendmsg_sock+0x30/0x30
[ 1318.733715][T26322]  ? __import_iovec+0x315/0x500
[ 1318.738656][T26322]  ? import_iovec+0x6f/0xa0
[ 1318.743232][T26322]  ___sys_sendmsg+0x2a2/0x360
[ 1318.747989][T26322]  ? __sys_sendmsg+0x290/0x290
[ 1318.752989][T26322]  ? __lock_acquire+0x7d10/0x7d10
[ 1318.758199][T26322]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1318.763158][T26322]  ? __x64_sys_sendmsg+0x80/0x80
[ 1318.768224][T26322]  ? lockdep_hardirqs_on+0x94/0x140
[ 1318.773508][T26322]  do_syscall_64+0x4c/0xa0
[ 1318.777991][T26322]  ? clear_bhb_loop+0x60/0xb0
[ 1318.782823][T26322]  ? clear_bhb_loop+0x60/0xb0
[ 1318.787578][T26322]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1318.793530][T26322] RIP: 0033:0x7f0e54b9cdd9
[ 1318.798012][T26322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1318.818205][T26322] RSP: 002b:00007f0e55a33028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1318.826691][T26322] RAX: ffffffffffffffda RBX: 00007f0e54e15fa0 RCX: 00007f0e54b9cdd9
[ 1318.834752][T26322] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1318.842784][T26322] RBP: 00007f0e55a33090 R08: 0000000000000000 R09: 0000000000000000
[ 1318.850839][T26322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1318.858972][T26322] R13: 00007f0e54e16038 R14: 00007f0e54e15fa0 R15: 00007ffe15baccd8
[ 1318.867045][T26322]  </TASK>
[ 1319.857288][T26348] netlink: 'syz.1.7366': attribute type 2 has an invalid length.
[ 1320.202081][T26348] device 12 entered promiscuous mode
[ 1320.432040][T26356] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.7367'.
[ 1320.498326][T26359] netlink: 'syz.2.7370': attribute type 39 has an invalid length.
[ 1320.683430][T26366] device wlan1 entered promiscuous mode
[ 1320.739066][T26366] netlink: 'syz.4.7372': attribute type 3 has an invalid length.
[ 1320.758391][T26366] netlink: 114680 bytes leftover after parsing attributes in process `syz.4.7372'.
[ 1320.871043][T26374] netlink: 'syz.0.7374': attribute type 1 has an invalid length.
[ 1320.926477][T26374] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.7374'.
[ 1321.025412][T26380] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7376'.
[ 1321.312195][T26393] netlink: 'syz.0.7381': attribute type 2 has an invalid length.
[ 1321.656234][T26393] device 10 entered promiscuous mode
[ 1321.977433][T26409] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.7385'.
[ 1322.342414][T26421] netlink: 'syz.3.7391': attribute type 5 has an invalid length.
[ 1322.916904][T26435] netlink: 'syz.1.7396': attribute type 4 has an invalid length.
[ 1322.952518][T26435] netlink: 128 bytes leftover after parsing attributes in process `syz.1.7396'.
[ 1322.965469][T26435] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1323.197070][T26439] netlink: 'syz.0.7398': attribute type 2 has an invalid length.
[ 1323.775822][T26439] device 11 entered promiscuous mode
[ 1324.671937][T26473] netlink: 'syz.4.7410': attribute type 2 has an invalid length.
[ 1324.875556][T26479] netlink: 'syz.2.7413': attribute type 2 has an invalid length.
[ 1325.181734][T26473] device 5 entered promiscuous mode
[ 1325.411648][T26479] device 10 entered promiscuous mode
[ 1325.996099][T26505] netlink: 'syz.0.7419': attribute type 4 has an invalid length.
[ 1326.104821][T26505] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.7419'.
[ 1326.175966][T26510] netlink: 'syz.4.7424': attribute type 1 has an invalid length.
[ 1326.209748][T26510] netlink: 112865 bytes leftover after parsing attributes in process `syz.4.7424'.
[ 1327.317924][T26518] netlink: 'syz.3.7426': attribute type 2 has an invalid length.
[ 1327.341532][T26523] netlink: 'syz.4.7427': attribute type 2 has an invalid length.
[ 1327.577458][T26518] device 5 entered promiscuous mode
[ 1327.630900][T26523] device 6 entered promiscuous mode
[ 1327.655883][T26531] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7431'.
[ 1327.980261][T26542] netlink: 'syz.4.7434': attribute type 17 has an invalid length.
[ 1328.018897][T26542] netlink: 'syz.4.7434': attribute type 41 has an invalid length.
[ 1328.647943][T26556] netlink: 'syz.2.7439': attribute type 1 has an invalid length.
[ 1328.696223][T26556] netlink: 112865 bytes leftover after parsing attributes in process `syz.2.7439'.
[ 1329.359562][T26575] netlink: 'syz.2.7445': attribute type 2 has an invalid length.
[ 1331.561933][T26575] device 11 entered promiscuous mode
[ 1331.575932][T26583] netlink: 'syz.3.7448': attribute type 10 has an invalid length.
[ 1331.624377][T26583] team0: Port device wlan1 removed
[ 1331.648910][T26583] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1332.138931][T26603] netlink: 'syz.4.7454': attribute type 33 has an invalid length.
[ 1332.235337][T26603] netlink: 152 bytes leftover after parsing attributes in process `syz.4.7454'.
[ 1332.515440][T26613] netlink: 'syz.4.7460': attribute type 21 has an invalid length.
[ 1332.558062][T26614] netlink: 'syz.3.7461': attribute type 2 has an invalid length.
[ 1332.778160][T26619] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7462'.
[ 1332.791024][T26614] device 6 entered promiscuous mode
[ 1332.818237][T26616] bond0: (slave bridge0): Error: Slave device does not support XDP
[ 1333.249578][T26632] FAULT_INJECTION: forcing a failure.
[ 1333.249578][T26632] name failslab, interval 1, probability 0, space 0, times 0
[ 1333.280673][T26632] CPU: 1 PID: 26632 Comm: syz.2.7469 Not tainted syzkaller #0
[ 1333.288263][T26632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1333.298575][T26632] Call Trace:
[ 1333.301929][T26632]  <TASK>
[ 1333.304938][T26632]  dump_stack_lvl+0x188/0x24e
[ 1333.309733][T26632]  ? show_regs_print_info+0x12/0x12
[ 1333.315046][T26632]  ? load_image+0x400/0x400
[ 1333.319646][T26632]  ? verify_lock_unused+0x140/0x140
[ 1333.324950][T26632]  ? perf_trace_lock+0x301/0x390
[ 1333.329994][T26632]  should_fail_ex+0x399/0x4d0
[ 1333.334788][T26632]  should_failslab+0x5/0x20
[ 1333.339380][T26632]  slab_pre_alloc_hook+0x59/0x310
[ 1333.344542][T26632]  kmem_cache_alloc+0x56/0x2f0
[ 1333.349403][T26632]  ? skb_clone+0x1e7/0x370
[ 1333.353940][T26632]  skb_clone+0x1e7/0x370
[ 1333.358303][T26632]  __netlink_deliver_tap+0x3ed/0x800
[ 1333.363744][T26632]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1333.369050][T26632]  netlink_deliver_tap+0x19c/0x1b0
[ 1333.374257][T26632]  netlink_unicast+0x728/0x8d0
[ 1333.379183][T26632]  netlink_sendmsg+0x8ad/0xbd0
[ 1333.384092][T26632]  ? netlink_getsockopt+0x550/0x550
[ 1333.389415][T26632]  ? aa_sock_msg_perm+0x94/0x150
[ 1333.394452][T26632]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1333.399813][T26632]  ? security_socket_sendmsg+0x7c/0xa0
[ 1333.405368][T26632]  ? netlink_getsockopt+0x550/0x550
[ 1333.410749][T26632]  ____sys_sendmsg+0x5be/0x970
[ 1333.415672][T26632]  ? __sys_sendmsg_sock+0x30/0x30
[ 1333.420879][T26632]  ? __import_iovec+0x315/0x500
[ 1333.425891][T26632]  ? import_iovec+0x6f/0xa0
[ 1333.430502][T26632]  ___sys_sendmsg+0x2a2/0x360
[ 1333.435330][T26632]  ? __sys_sendmsg+0x290/0x290
[ 1333.440266][T26632]  ? __lock_acquire+0x7d10/0x7d10
[ 1333.445480][T26632]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1333.450444][T26632]  ? __x64_sys_sendmsg+0x80/0x80
[ 1333.455542][T26632]  ? lockdep_hardirqs_on+0x94/0x140
[ 1333.460849][T26632]  do_syscall_64+0x4c/0xa0
[ 1333.465367][T26632]  ? clear_bhb_loop+0x60/0xb0
[ 1333.470152][T26632]  ? clear_bhb_loop+0x60/0xb0
[ 1333.474917][T26632]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1333.480985][T26632] RIP: 0033:0x7f8655d9cdd9
[ 1333.485491][T26632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1333.505280][T26632] RSP: 002b:00007f8656c77028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1333.513810][T26632] RAX: ffffffffffffffda RBX: 00007f8656015fa0 RCX: 00007f8655d9cdd9
[ 1333.521869][T26632] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1333.529930][T26632] RBP: 00007f8656c77090 R08: 0000000000000000 R09: 0000000000000000
[ 1333.538002][T26632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1333.546103][T26632] R13: 00007f8656016038 R14: 00007f8656015fa0 R15: 00007ffd0c45c4a8
[ 1333.554349][T26632]  </TASK>
[ 1333.783562][T26632] netlink: 'syz.2.7469': attribute type 10 has an invalid length.
[ 1334.356684][T26657] netlink: 'syz.1.7476': attribute type 2 has an invalid length.
[ 1334.848405][T26657] device 13 entered promiscuous mode
[ 1334.918065][T26663] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7478'.
[ 1335.199596][T26680] netlink: 'syz.3.7485': attribute type 21 has an invalid length.
[ 1335.641062][T26700] netlink: 'syz.1.7492': attribute type 2 has an invalid length.
[ 1336.298748][T26700] device 14 entered promiscuous mode
[ 1336.489353][T26715] netlink: 'syz.4.7495': attribute type 2 has an invalid length.
[ 1336.658127][T26726] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7496'.
[ 1337.209315][T26715] device 7 entered promiscuous mode
[ 1339.019249][T26790] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7515'.
[ 1341.016795][T26849] netlink: 'syz.3.7536': attribute type 10 has an invalid length.
[ 1341.038795][T26849] team0: Device veth1_vlan failed to register rx_handler
[ 1341.124798][T26854] netlink: 'syz.1.7538': attribute type 9 has an invalid length.
[ 1341.227765][T26856] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7534'.
[ 1342.916032][T26889] netlink: 'syz.0.7549': attribute type 17 has an invalid length.
[ 1342.950703][T26889] netlink: 'syz.0.7549': attribute type 41 has an invalid length.
[ 1343.045923][T26892] netlink: 'syz.4.7550': attribute type 2 has an invalid length.
[ 1343.336588][T26893] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7552'.
[ 1343.828993][T26892] device 8 entered promiscuous mode
[ 1347.006541][T26918] netlink: 'syz.1.7559': attribute type 10 has an invalid length.
[ 1347.014865][T26918] netlink: 2 bytes leftover after parsing attributes in process `syz.1.7559'.
[ 1347.024409][T26918] device bond0 entered promiscuous mode
[ 1347.030140][T26918] device bond_slave_0 entered promiscuous mode
[ 1347.036900][T26918] device bond_slave_1 entered promiscuous mode
[ 1347.053056][T26918] device bridge0 entered promiscuous mode
[ 1347.069295][T26918] device wlan1 entered promiscuous mode
[ 1347.079661][T26918] bridge0: port 4(bond0) entered blocking state
[ 1347.092080][T26918] bridge0: port 4(bond0) entered disabled state
[ 1347.379869][T26951] netlink: 'syz.4.7567': attribute type 25 has an invalid length.
[ 1347.400981][T26951] netlink: 'syz.4.7567': attribute type 9 has an invalid length.
[ 1347.547398][T26953] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7568'.
[ 1347.817829][T26966] netlink: 'syz.0.7573': attribute type 2 has an invalid length.
[ 1347.860835][T26968] netlink: 188 bytes leftover after parsing attributes in process `syz.1.7574'.
[ 1348.613159][T26966] device 12 entered promiscuous mode
[ 1348.618968][T26968] netlink: 'syz.1.7574': attribute type 10 has an invalid length.
[ 1348.983619][T26978] netlink: 'syz.1.7577': attribute type 17 has an invalid length.
[ 1349.009525][T26978] netlink: 'syz.1.7577': attribute type 41 has an invalid length.
[ 1349.037620][T26980] netlink: 'syz.4.7579': attribute type 21 has an invalid length.
[ 1349.270830][   T62] tipc: Subscription rejected, illegal request
[ 1349.563378][T26993] netlink: 'syz.0.7580': attribute type 21 has an invalid length.
[ 1350.178123][T27005] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7584'.
[ 1350.238752][T27015] netlink: 'syz.4.7586': attribute type 2 has an invalid length.
[ 1352.116936][T27015] device 9 entered promiscuous mode
[ 1352.455568][T27022] netlink: 14 bytes leftover after parsing attributes in process `syz.2.7590'.
[ 1352.505159][T27022] device hsr_slave_0 left promiscuous mode
[ 1352.515253][T27022] device hsr_slave_1 left promiscuous mode
[ 1352.590456][T27030] FAULT_INJECTION: forcing a failure.
[ 1352.590456][T27030] name failslab, interval 1, probability 0, space 0, times 0
[ 1352.604480][T27030] CPU: 0 PID: 27030 Comm: syz.3.7589 Not tainted syzkaller #0
[ 1352.612123][T27030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1352.622362][T27030] Call Trace:
[ 1352.625722][T27030]  <TASK>
[ 1352.628815][T27030]  dump_stack_lvl+0x188/0x24e
[ 1352.633597][T27030]  ? show_regs_print_info+0x12/0x12
[ 1352.638879][T27030]  ? load_image+0x400/0x400
[ 1352.643451][T27030]  ? __might_sleep+0xd0/0xd0
[ 1352.648101][T27030]  ? __lock_acquire+0x7d10/0x7d10
[ 1352.653205][T27030]  should_fail_ex+0x399/0x4d0
[ 1352.657954][T27030]  should_failslab+0x5/0x20
[ 1352.662507][T27030]  slab_pre_alloc_hook+0x59/0x310
[ 1352.667595][T27030]  ? rtnl_newlink+0x10c/0x20a0
[ 1352.672429][T27030]  __kmem_cache_alloc_node+0x4f/0x260
[ 1352.677898][T27030]  ? rtnl_newlink+0x10c/0x20a0
[ 1352.682838][T27030]  kmalloc_trace+0x26/0xe0
[ 1352.687332][T27030]  ? rtnl_setlink+0x510/0x510
[ 1352.692066][T27030]  rtnl_newlink+0x10c/0x20a0
[ 1352.696737][T27030]  ? __schedule+0x11d9/0x40e0
[ 1352.701515][T27030]  ? __mutex_lock+0x806/0xaf0
[ 1352.706279][T27030]  ? __lock_acquire+0x7d10/0x7d10
[ 1352.711365][T27030]  ? do_raw_spin_lock+0x128/0x2f0
[ 1352.716448][T27030]  ? rtnl_setlink+0x510/0x510
[ 1352.721194][T27030]  ? __rwlock_init+0x140/0x140
[ 1352.726043][T27030]  ? do_raw_spin_unlock+0x11d/0x230
[ 1352.731339][T27030]  ? __mutex_lock+0x810/0xaf0
[ 1352.736198][T27030]  ? __mutex_lock+0x3b2/0xaf0
[ 1352.740991][T27030]  ? rtnetlink_rcv_msg+0x824/0xfc0
[ 1352.746283][T27030]  ? mutex_lock_nested+0x10/0x10
[ 1352.751315][T27030]  ? rtnetlink_rcv_msg+0x226/0xfc0
[ 1352.756508][T27030]  ? rtnetlink_rcv_msg+0x226/0xfc0
[ 1352.761687][T27030]  ? rtnl_setlink+0x510/0x510
[ 1352.766435][T27030]  rtnetlink_rcv_msg+0x87c/0xfc0
[ 1352.771458][T27030]  ? rtnetlink_bind+0x80/0x80
[ 1352.776201][T27030]  ? __local_bh_enable_ip+0x136/0x1c0
[ 1352.781640][T27030]  ? migrate_enable+0x148/0x220
[ 1352.786556][T27030]  ? trace_call_bpf+0xbf/0x6b0
[ 1352.791378][T27030]  ? trace_call_bpf+0xbf/0x6b0
[ 1352.796254][T27030]  ? trace_call_bpf+0x5d6/0x6b0
[ 1352.801166][T27030]  ? trace_call_bpf+0xbf/0x6b0
[ 1352.806000][T27030]  ? __dev_queue_xmit+0x26b/0x37c0
[ 1352.811191][T27030]  ? __dev_queue_xmit+0x26b/0x37c0
[ 1352.816380][T27030]  ? __bpf_trace_bpf_trace_printk+0x20/0x20
[ 1352.822388][T27030]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 1352.828455][T27030]  ? perf_trace_lock+0x301/0x390
[ 1352.833453][T27030]  ? __copy_skb_header+0x3ba/0x4f0
[ 1352.838640][T27030]  ? trace_event_raw_event_lock+0x250/0x250
[ 1352.844605][T27030]  ? __skb_clone+0x480/0x790
[ 1352.849276][T27030]  netlink_rcv_skb+0x1fb/0x450
[ 1352.854102][T27030]  ? rtnetlink_bind+0x80/0x80
[ 1352.859030][T27030]  ? netlink_ack+0x1170/0x1170
[ 1352.863887][T27030]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1352.869161][T27030]  netlink_unicast+0x74d/0x8d0
[ 1352.874064][T27030]  netlink_sendmsg+0x8ad/0xbd0
[ 1352.878927][T27030]  ? netlink_getsockopt+0x550/0x550
[ 1352.884202][T27030]  ? aa_sock_msg_perm+0x94/0x150
[ 1352.889211][T27030]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1352.894553][T27030]  ? security_socket_sendmsg+0x7c/0xa0
[ 1352.900084][T27030]  ? netlink_getsockopt+0x550/0x550
[ 1352.905344][T27030]  ____sys_sendmsg+0x5be/0x970
[ 1352.910203][T27030]  ? __sys_sendmsg_sock+0x30/0x30
[ 1352.915317][T27030]  ? __import_iovec+0x315/0x500
[ 1352.920346][T27030]  ? import_iovec+0x6f/0xa0
[ 1352.924929][T27030]  ___sys_sendmsg+0x2a2/0x360
[ 1352.929696][T27030]  ? __sys_sendmsg+0x290/0x290
[ 1352.934579][T27030]  ? __lock_acquire+0x7d10/0x7d10
[ 1352.939735][T27030]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1352.944661][T27030]  ? ct_nmi_exit+0x145/0x1c0
[ 1352.949498][T27030]  ? __x64_sys_sendmsg+0x80/0x80
[ 1352.954545][T27030]  ? lockdep_hardirqs_on+0x94/0x140
[ 1352.959813][T27030]  do_syscall_64+0x4c/0xa0
[ 1352.964298][T27030]  ? clear_bhb_loop+0x60/0xb0
[ 1352.969052][T27030]  ? clear_bhb_loop+0x60/0xb0
[ 1352.973798][T27030]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1352.979792][T27030] RIP: 0033:0x7f0e54b9cdd9
[ 1352.984322][T27030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1353.004004][T27030] RSP: 002b:00007f0e55a33028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1353.012478][T27030] RAX: ffffffffffffffda RBX: 00007f0e54e15fa0 RCX: 00007f0e54b9cdd9
[ 1353.020504][T27030] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1353.028534][T27030] RBP: 00007f0e55a33090 R08: 0000000000000000 R09: 0000000000000000
[ 1353.036569][T27030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1353.044590][T27030] R13: 00007f0e54e16038 R14: 00007f0e54e15fa0 R15: 00007ffe15baccd8
[ 1353.052719][T27030]  </TASK>
[ 1353.536002][T27044] netlink: 'syz.3.7595': attribute type 27 has an invalid length.
[ 1353.561397][T27044] netlink: 164 bytes leftover after parsing attributes in process `syz.3.7595'.
[ 1353.590137][T27046] netlink: 'syz.4.7597': attribute type 2 has an invalid length.
[ 1353.996851][T27046] device 10 entered promiscuous mode
[ 1354.196739][T27064] netlink: 72 bytes leftover after parsing attributes in process `syz.3.7601'.
[ 1355.124831][T27090] netlink: 'syz.2.7610': attribute type 25 has an invalid length.
[ 1355.165071][T27090] netlink: 'syz.2.7610': attribute type 9 has an invalid length.
[ 1355.716115][T27113] netlink: 'syz.3.7617': attribute type 2 has an invalid length.
[ 1355.790651][T27115] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7616'.
[ 1356.389864][T27113] device 7 entered promiscuous mode
[ 1358.506700][T27167] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7632'.
[ 1358.645581][T27169] netlink: 'syz.2.7633': attribute type 2 has an invalid length.
[ 1358.995742][T27169] device 12 entered promiscuous mode
[ 1359.211027][T27185] netlink: 'syz.3.7639': attribute type 17 has an invalid length.
[ 1359.240351][T27185] netlink: 'syz.3.7639': attribute type 41 has an invalid length.
[ 1359.649230][T27194] netlink: 'syz.0.7642': attribute type 19 has an invalid length.
[ 1359.671045][T27194] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7642'.
[ 1359.737426][T27194] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1359.770714][T27194] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1360.521640][T27205] netlink: 'syz.3.7643': attribute type 3 has an invalid length.
[ 1360.529214][T27203] netlink: 'syz.3.7643': attribute type 3 has an invalid length.
[ 1360.549593][T27206] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7645'.
[ 1360.589228][T27203] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.7643'.
[ 1360.619576][T27208] netlink: 'syz.0.7646': attribute type 25 has an invalid length.
[ 1360.641186][T27205] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.7643'.
[ 1360.663036][T27208] netlink: 'syz.0.7646': attribute type 9 has an invalid length.
[ 1361.012219][T27225] netlink: 'syz.3.7651': attribute type 2 has an invalid length.
[ 1361.137064][T27227] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7650'.
[ 1361.413580][T27225] device 8 entered promiscuous mode
[ 1361.504176][T27230] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7652'.
[ 1361.736883][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.743492][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.520753][T27257] netlink: 'syz.2.7660': attribute type 25 has an invalid length.
[ 1362.707958][T27261] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7663'.
[ 1363.640693][T27280] netlink: 72 bytes leftover after parsing attributes in process `syz.3.7666'.
[ 1363.701435][T27266] device 11 entered promiscuous mode
[ 1364.275419][T27296] validate_nla: 3 callbacks suppressed
[ 1364.275438][T27296] netlink: 'syz.2.7674': attribute type 25 has an invalid length.
[ 1364.322763][T27296] netlink: 'syz.2.7674': attribute type 9 has an invalid length.
[ 1364.489354][T27303] netlink: 'syz.1.7685': attribute type 25 has an invalid length.
[ 1364.499378][T27303] netlink: 'syz.1.7685': attribute type 9 has an invalid length.
[ 1364.848986][T27305] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7675'.
[ 1365.284140][T27318] netlink: 'syz.0.7680': attribute type 21 has an invalid length.
[ 1365.302250][T27316] netlink: 'syz.3.7678': attribute type 2 has an invalid length.
[ 1365.407929][T27316] device 9 entered promiscuous mode
[ 1365.839582][T27325] netlink: 72 bytes leftover after parsing attributes in process `syz.0.7682'.
[ 1367.064054][T27359] netlink: 'syz.0.7696': attribute type 2 has an invalid length.
[ 1367.333959][T27354] bond0: (slave wlan1): Error: Slave device does not support XDP
[ 1367.431395][T27359] device 13 entered promiscuous mode
[ 1367.674141][T27369] netlink: 'syz.3.7698': attribute type 5 has an invalid length.
[ 1367.684553][T27369] netlink: 168 bytes leftover after parsing attributes in process `syz.3.7698'.
[ 1367.694498][T27371] netlink: 'syz.4.7699': attribute type 10 has an invalid length.
[ 1367.702378][T27371] netlink: 65015 bytes leftover after parsing attributes in process `syz.4.7699'.
[ 1367.840168][T27377] FAULT_INJECTION: forcing a failure.
[ 1367.840168][T27377] name failslab, interval 1, probability 0, space 0, times 0
[ 1367.998940][T27381] netlink: 'syz.4.7699': attribute type 3 has an invalid length.
[ 1368.007695][T27377] CPU: 0 PID: 27377 Comm: syz.0.7700 Not tainted syzkaller #0
[ 1368.015260][T27377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1368.025388][T27377] Call Trace:
[ 1368.028731][T27377]  <TASK>
[ 1368.031730][T27377]  dump_stack_lvl+0x188/0x24e
[ 1368.036647][T27377]  ? show_regs_print_info+0x12/0x12
[ 1368.041939][T27377]  ? load_image+0x400/0x400
[ 1368.044084][T27381] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7699'.
[ 1368.046517][T27377]  ? __might_sleep+0xd0/0xd0
[ 1368.060262][T27377]  ? __lock_acquire+0x7d10/0x7d10
[ 1368.065403][T27377]  should_fail_ex+0x399/0x4d0
[ 1368.070184][T27377]  should_failslab+0x5/0x20
[ 1368.074765][T27377]  slab_pre_alloc_hook+0x59/0x310
[ 1368.079861][T27377]  ? rtnl_newlink+0x10c/0x20a0
[ 1368.084693][T27377]  __kmem_cache_alloc_node+0x4f/0x260
[ 1368.090147][T27377]  ? rtnl_newlink+0x10c/0x20a0
[ 1368.094990][T27377]  kmalloc_trace+0x26/0xe0
[ 1368.099487][T27377]  ? rtnl_setlink+0x510/0x510
[ 1368.104231][T27377]  rtnl_newlink+0x10c/0x20a0
[ 1368.108936][T27377]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 1368.114834][T27377]  ? __mutex_trylock_common+0x155/0x260
[ 1368.120444][T27377]  ? rtnl_setlink+0x510/0x510
[ 1368.125197][T27377]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1368.131433][T27377]  ? rcu_is_watching+0x11/0xa0
[ 1368.136407][T27377]  ? trace_contention_end+0x5f/0x170
[ 1368.141829][T27377]  ? __mutex_lock+0x1ab/0xaf0
[ 1368.146632][T27377]  ? rtnetlink_rcv_msg+0x824/0xfc0
[ 1368.151847][T27377]  ? rcu_read_unlock+0x8c/0xa0
[ 1368.156684][T27377]  ? mutex_lock_nested+0x10/0x10
[ 1368.161748][T27377]  ? rtnetlink_rcv_msg+0x226/0xfc0
[ 1368.167030][T27377]  ? rtnetlink_rcv_msg+0x226/0xfc0
[ 1368.172205][T27377]  ? rtnl_setlink+0x510/0x510
[ 1368.176955][T27377]  rtnetlink_rcv_msg+0x87c/0xfc0
[ 1368.181989][T27377]  ? rtnetlink_bind+0x80/0x80
[ 1368.186740][T27377]  ? migrate_enable+0x148/0x220
[ 1368.191656][T27377]  ? trace_call_bpf+0xbf/0x6b0
[ 1368.196483][T27377]  ? trace_call_bpf+0xbf/0x6b0
[ 1368.201319][T27377]  ? trace_call_bpf+0x5d6/0x6b0
[ 1368.206235][T27377]  ? trace_call_bpf+0xbf/0x6b0
[ 1368.211177][T27377]  ? __bpf_trace_bpf_trace_printk+0x20/0x20
[ 1368.217177][T27377]  ? perf_trace_run_bpf_submit+0x124/0x1c0
[ 1368.223089][T27377]  ? perf_trace_lock+0x301/0x390
[ 1368.228166][T27377]  ? __copy_skb_header+0x3ba/0x4f0
[ 1368.233392][T27377]  ? trace_event_raw_event_lock+0x250/0x250
[ 1368.239358][T27377]  ? __skb_clone+0x480/0x790
[ 1368.244033][T27377]  netlink_rcv_skb+0x1fb/0x450
[ 1368.248867][T27377]  ? rtnetlink_bind+0x80/0x80
[ 1368.253649][T27377]  ? netlink_ack+0x1170/0x1170
[ 1368.258540][T27377]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1368.263832][T27377]  netlink_unicast+0x74d/0x8d0
[ 1368.268696][T27377]  netlink_sendmsg+0x8ad/0xbd0
[ 1368.273547][T27377]  ? netlink_getsockopt+0x550/0x550
[ 1368.278819][T27377]  ? aa_sock_msg_perm+0x94/0x150
[ 1368.283861][T27377]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1368.289201][T27377]  ? security_socket_sendmsg+0x7c/0xa0
[ 1368.294722][T27377]  ? netlink_getsockopt+0x550/0x550
[ 1368.299987][T27377]  ____sys_sendmsg+0x5be/0x970
[ 1368.304841][T27377]  ? __sys_sendmsg_sock+0x30/0x30
[ 1368.309923][T27377]  ? __import_iovec+0x315/0x500
[ 1368.314859][T27377]  ? import_iovec+0x6f/0xa0
[ 1368.319429][T27377]  ___sys_sendmsg+0x2a2/0x360
[ 1368.324186][T27377]  ? __sys_sendmsg+0x290/0x290
[ 1368.329073][T27377]  ? __lock_acquire+0x7d10/0x7d10
[ 1368.334240][T27377]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1368.339162][T27377]  ? ct_nmi_exit+0x145/0x1c0
[ 1368.343829][T27377]  ? __x64_sys_sendmsg+0x80/0x80
[ 1368.348882][T27377]  ? lockdep_hardirqs_on+0x94/0x140
[ 1368.354150][T27377]  do_syscall_64+0x4c/0xa0
[ 1368.358628][T27377]  ? clear_bhb_loop+0x60/0xb0
[ 1368.363376][T27377]  ? clear_bhb_loop+0x60/0xb0
[ 1368.368240][T27377]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1368.374285][T27377] RIP: 0033:0x7f8b5e19cdd9
[ 1368.378758][T27377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1368.398615][T27377] RSP: 002b:00007f8b5f05b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1368.407100][T27377] RAX: ffffffffffffffda RBX: 00007f8b5e416090 RCX: 00007f8b5e19cdd9
[ 1368.415122][T27377] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[ 1368.423190][T27377] RBP: 00007f8b5f05b090 R08: 0000000000000000 R09: 0000000000000000
[ 1368.431213][T27377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1368.439253][T27377] R13: 00007f8b5e416128 R14: 00007f8b5e416090 R15: 00007ffd153fe618
[ 1368.447452][T27377]  </TASK>
[ 1368.573033][T27374] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7701'.
[ 1368.587712][T27374] bridge0: port 4(veth0_vlan) entered blocking state
[ 1368.596253][T27374] bridge0: port 4(veth0_vlan) entered disabled state
[ 1368.613999][T27374] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[ 1369.113706][T27386] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7703'.
[ 1369.472317][T27407] validate_nla: 1 callbacks suppressed
[ 1369.472401][T27407] netlink: 'syz.4.7710': attribute type 2 has an invalid length.
[ 1370.194670][T27407] device 12 entered promiscuous mode
[ 1371.158799][T27443] netlink: 'syz.2.7723': attribute type 2 has an invalid length.
[ 1371.511362][T27443] device 13 entered promiscuous mode
[ 1371.829142][T27458] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7725'.
[ 1373.053192][T27471] netlink: 'syz.0.7731': attribute type 25 has an invalid length.
[ 1373.062031][T27471] netlink: 'syz.0.7731': attribute type 9 has an invalid length.
[ 1374.222344][T27492] netlink: 'syz.0.7738': attribute type 2 has an invalid length.
[ 1374.577100][T27492] device 14 entered promiscuous mode
[ 1374.690406][T27502] netlink: 'syz.3.7742': attribute type 2 has an invalid length.
[ 1375.070584][T27502] device 10 entered promiscuous mode
[ 1375.101399][T27509] netlink: 'syz.0.7745': attribute type 25 has an invalid length.
[ 1375.117608][T27509] netlink: 'syz.0.7745': attribute type 9 has an invalid length.
[ 1375.181021][T27513] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7747'.
[ 1376.217564][T27539] netlink: 'syz.3.7755': attribute type 2 has an invalid length.
[ 1376.568938][T27545] netlink: 'syz.4.7759': attribute type 2 has an invalid length.
[ 1376.600722][T27539] device 11 entered promiscuous mode
[ 1376.667237][T27548] netlink: 122896 bytes leftover after parsing attributes in process `syz.0.7760'.
[ 1376.804650][T27545] device 13 entered promiscuous mode
[ 1376.819050][T27548] debugfs: Directory '!!!' with parent 'ieee80211' already present!
[ 1376.865454][T27555] netlink: 'syz.3.7762': attribute type 25 has an invalid length.
[ 1376.892935][T27555] netlink: 'syz.3.7762': attribute type 9 has an invalid length.
[ 1377.142299][T27566] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7763'.
[ 1377.637914][T27577] netlink: 'syz.0.7766': attribute type 3 has an invalid length.
[ 1377.683622][T27577] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.7766'.
[ 1378.123070][T27569] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7767'.
[ 1378.143135][T27576] netlink: 13951 bytes leftover after parsing attributes in process `syz.1.7769'.
[ 1378.751235][T27594] netlink: 'syz.2.7772': attribute type 2 has an invalid length.
[ 1379.421891][T27594] device 14 entered promiscuous mode
[ 1380.451782][T27610] netlink: 'syz.2.7775': attribute type 4 has an invalid length.
[ 1380.641075][T27612] netlink: 'syz.1.7777': attribute type 25 has an invalid length.
[ 1380.681993][T27612] netlink: 'syz.1.7777': attribute type 9 has an invalid length.
[ 1382.063988][T27632] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7782'.
[ 1382.247929][T27639] netlink: 'syz.2.7785': attribute type 2 has an invalid length.
[ 1383.029847][T27639] device 15 entered promiscuous mode
[ 1383.035913][T27654] netlink: 'syz.3.7790': attribute type 25 has an invalid length.
[ 1383.052985][T27654] netlink: 'syz.3.7790': attribute type 9 has an invalid length.
[ 1383.579398][T27664] netlink: 'syz.2.7795': attribute type 21 has an invalid length.
[ 1384.020543][T27676] netlink: 'syz.2.7799': attribute type 3 has an invalid length.
[ 1384.031156][T27676] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.7799'.
[ 1384.161334][T27680] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7798'.
[ 1384.961503][T27690] netlink: 'syz.0.7804': attribute type 2 has an invalid length.
[ 1385.571239][T27690] device 15 entered promiscuous mode
[ 1385.581516][T27694] netlink: 'syz.3.7805': attribute type 25 has an invalid length.
[ 1385.602939][T27694] netlink: 'syz.3.7805': attribute type 9 has an invalid length.
[ 1386.848663][T27717] bond0: (slave bridge0): Error: Slave device does not support XDP
[ 1387.203338][T27733] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7818'.
[ 1387.482502][T27740] netlink: 'syz.3.7821': attribute type 10 has an invalid length.
[ 1388.116701][T27752] netlink: 188 bytes leftover after parsing attributes in process `syz.2.7826'.
[ 1388.589649][T27751] delete_channel: no stack
[ 1388.881787][T27771] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1389.341316][T27775] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7836'.
[ 1389.815205][T27798] netlink: 'syz.3.7843': attribute type 17 has an invalid length.
[ 1389.843957][T27798] netlink: 'syz.3.7843': attribute type 41 has an invalid length.
[ 1390.737303][T27820] netlink: 'syz.0.7846': attribute type 2 has an invalid length.
[ 1390.776184][T27820] netlink: 'syz.0.7846': attribute type 3 has an invalid length.
[ 1390.838021][T27820] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7846'.
[ 1394.224318][T27853] netlink: 72 bytes leftover after parsing attributes in process `syz.2.7852'.
[ 1394.668313][T27868] netlink: 'syz.2.7864': attribute type 17 has an invalid length.
[ 1394.713492][T27868] netlink: 'syz.2.7864': attribute type 41 has an invalid length.
[ 1394.851364][T27873] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7863'.
[ 1396.885016][T27907] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7874'.
[ 1398.434324][T27897] tun0: tun_chr_ioctl cmd 1074025675
[ 1398.439714][T27897] tun0: persist enabled
[ 1398.446931][T27901] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7873'.
[ 1398.476609][T27904] tun0: tun_chr_ioctl cmd 1074025675
[ 1398.481997][T27904] tun0: persist disabled
[ 1398.710019][T27917] netlink: 'syz.3.7877': attribute type 10 has an invalid length.
[ 1398.755082][T27917] team0: Device veth1_vlan failed to register rx_handler
[ 1399.086967][T27931] netlink: 'syz.2.7883': attribute type 2 has an invalid length.
[ 1399.261978][T27931] device 16 entered promiscuous mode
[ 1399.306815][T27938] netlink: 'syz.4.7886': attribute type 17 has an invalid length.
[ 1399.343008][T27938] netlink: 'syz.4.7886': attribute type 41 has an invalid length.
[ 1399.935051][T27953] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7888'.
[ 1401.244986][T27989] netlink: 'syz.3.7900': attribute type 2 has an invalid length.
[ 1402.798767][T27986] netlink: 'syz.0.7898': attribute type 21 has an invalid length.
[ 1402.806999][T27986] netlink: 'syz.0.7898': attribute type 6 has an invalid length.
[ 1402.815181][T27986] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7898'.
[ 1402.829934][T27989] device 12 entered promiscuous mode
[ 1403.054061][T27996] netlink: 'syz.2.7904': attribute type 21 has an invalid length.
[ 1403.567942][T28020] netlink: 'syz.0.7913': attribute type 17 has an invalid length.
[ 1403.584069][T28020] netlink: 'syz.0.7913': attribute type 41 has an invalid length.
[ 1406.428948][T28048] netlink: 'syz.4.7921': attribute type 10 has an invalid length.
[ 1406.488889][T28048] device wlan1 left promiscuous mode
[ 1406.563698][T28052] netlink: 'syz.0.7922': attribute type 10 has an invalid length.
[ 1406.913619][T28064] netlink: 'syz.3.7927': attribute type 7 has an invalid length.
[ 1407.327283][T28083] netlink: 'syz.3.7932': attribute type 11 has an invalid length.
[ 1407.352076][T28082] netlink: 'syz.1.7935': attribute type 2 has an invalid length.
[ 1407.512937][T28083] netlink: 176 bytes leftover after parsing attributes in process `syz.3.7932'.
[ 1407.642049][T28082] device 15 entered promiscuous mode
[ 1408.704901][T28113] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.7943'.
[ 1409.115115][T28118] netlink: 188 bytes leftover after parsing attributes in process `syz.3.7945'.
[ 1409.768142][T28136] netlink: 'syz.3.7951': attribute type 2 has an invalid length.
[ 1410.040469][T28136] device 13 entered promiscuous mode
[ 1411.940842][T28202] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7968'.
[ 1412.022353][T28203] netlink: 'syz.3.7971': attribute type 2 has an invalid length.
[ 1412.745840][T28203] device 14 entered promiscuous mode
[ 1412.904961][T28214] netlink: 128 bytes leftover after parsing attributes in process `syz.0.7974'.
[ 1412.942749][T28214] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1412.993051][T28214] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1413.436541][T28227] netlink: 'syz.0.7979': attribute type 17 has an invalid length.
[ 1413.446362][T28227] netlink: 'syz.0.7979': attribute type 41 has an invalid length.
[ 1413.488891][T28229] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7980'.
[ 1413.731011][T28239] netlink: 'syz.4.7983': attribute type 2 has an invalid length.
[ 1414.504798][T28239] device 14 entered promiscuous mode
[ 1415.055495][T28259] netlink: 72 bytes leftover after parsing attributes in process `syz.4.7987'.
[ 1417.265399][T28278] netlink: 'syz.3.7993': attribute type 25 has an invalid length.
[ 1417.277718][T28278] netlink: 'syz.3.7993': attribute type 9 has an invalid length.
[ 1417.484824][T28284] netlink: 'syz.0.7998': attribute type 2 has an invalid length.
[ 1417.564876][T28284] device 16 entered promiscuous mode
[ 1417.571063][T28286] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.7996'.
[ 1417.604168][T28281] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.7996'.
[ 1417.848183][T28302] netlink: 'syz.4.8002': attribute type 2 has an invalid length.
[ 1418.029803][T28302] device 15 entered promiscuous mode
[ 1418.046223][T28306] bond0: (slave bridge0): Error: Slave device does not support XDP
[ 1418.267892][T28318] netlink: 'syz.1.8005': attribute type 25 has an invalid length.
[ 1418.290038][T28318] netlink: 'syz.1.8005': attribute type 9 has an invalid length.
[ 1418.590795][T28326] netlink: 'syz.1.8009': attribute type 17 has an invalid length.
[ 1418.599704][T28326] netlink: 'syz.1.8009': attribute type 41 has an invalid length.
[ 1419.534462][T28343] netlink: 'syz.2.8017': attribute type 2 has an invalid length.
[ 1421.723301][T28343] device 17 entered promiscuous mode
[ 1421.728929][T28357] netlink: 'syz.4.8021': attribute type 25 has an invalid length.
[ 1422.617273][T28387] validate_nla: 1 callbacks suppressed
[ 1422.617332][T28387] netlink: 'syz.2.8035': attribute type 2 has an invalid length.
[ 1422.738734][T28387] device 18 entered promiscuous mode
[ 1422.768928][T28391] netlink: 'syz.3.8036': attribute type 17 has an invalid length.
[ 1422.781752][T28391] netlink: 'syz.3.8036': attribute type 41 has an invalid length.
[ 1422.795353][T28394] netlink: 'syz.4.8037': attribute type 25 has an invalid length.
[ 1422.806153][T28394] netlink: 'syz.4.8037': attribute type 9 has an invalid length.
[ 1423.175950][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.182365][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1426.295175][T28424] netlink: 'syz.0.8048': attribute type 25 has an invalid length.
[ 1426.303673][T28424] netlink: 'syz.0.8048': attribute type 9 has an invalid length.
[ 1426.580946][T28444] netlink: 'syz.0.8056': attribute type 2 has an invalid length.
[ 1427.321372][T28444] device 17 entered promiscuous mode
[ 1427.922378][T28473] netlink: 'syz.4.8065': attribute type 17 has an invalid length.
[ 1427.938251][T28473] netlink: 'syz.4.8065': attribute type 41 has an invalid length.
[ 1428.120470][T28478] netlink: 'syz.2.8066': attribute type 25 has an invalid length.
[ 1428.138841][T28478] netlink: 'syz.2.8066': attribute type 9 has an invalid length.
[ 1428.520200][T28487] netlink: 'syz.1.8071': attribute type 2 has an invalid length.
[ 1431.108389][T28487] device 16 entered promiscuous mode
[ 1431.120071][T28508] netlink: 'syz.3.8080': attribute type 25 has an invalid length.
[ 1431.138761][T28508] netlink: 'syz.3.8080': attribute type 9 has an invalid length.
[ 1431.322708][T28513] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8083'.
[ 1431.617624][T28528] netlink: 72 bytes leftover after parsing attributes in process `syz.3.8084'.
[ 1432.234077][T28537] netlink: 'syz.1.8089': attribute type 2 has an invalid length.
[ 1432.493194][T28537] device 17 entered promiscuous mode
[ 1432.586519][T28543] netlink: 'syz.3.8091': attribute type 2 has an invalid length.
[ 1432.764448][T28543] device 15 entered promiscuous mode
[ 1432.784260][T28549] netlink: 'syz.2.8093': attribute type 17 has an invalid length.
[ 1435.468591][T28562] validate_nla: 3 callbacks suppressed
[ 1435.468610][T28562] netlink: 'syz.1.8098': attribute type 21 has an invalid length.
[ 1435.838406][T28593] netlink: 'syz.4.8106': attribute type 25 has an invalid length.
[ 1435.866100][T28593] netlink: 'syz.4.8106': attribute type 9 has an invalid length.
[ 1436.145458][T28599] netlink: 'syz.3.8109': attribute type 2 has an invalid length.
[ 1436.418328][T28599] device 16 entered promiscuous mode
[ 1436.450845][T28613] netlink: 'syz.0.8115': attribute type 17 has an invalid length.
[ 1436.459329][T28613] netlink: 'syz.0.8115': attribute type 41 has an invalid length.
[ 1436.837777][T28621] netlink: 'syz.2.8117': attribute type 2 has an invalid length.
[ 1439.381662][T28621] device 19 entered promiscuous mode
[ 1439.417626][T28634] netlink: 'syz.3.8120': attribute type 25 has an invalid length.
[ 1439.432863][T28634] netlink: 'syz.3.8120': attribute type 9 has an invalid length.
[ 1440.186191][T28660] netlink: 'syz.2.8128': attribute type 2 has an invalid length.
[ 1440.464196][T28660] device 20 entered promiscuous mode
[ 1440.489964][T28668] validate_nla: 1 callbacks suppressed
[ 1440.489986][T28668] netlink: 'syz.3.8131': attribute type 17 has an invalid length.
[ 1440.523489][T28668] netlink: 'syz.3.8131': attribute type 41 has an invalid length.
[ 1441.141679][T28673] device 18 entered promiscuous mode
[ 1441.304043][T28689] netlink: 'syz.0.8134': attribute type 25 has an invalid length.
[ 1441.312194][T28689] netlink: 'syz.0.8134': attribute type 9 has an invalid length.
[ 1441.625570][T28694] netlink: 'syz.1.8136': attribute type 10 has an invalid length.
[ 1442.414670][T28707] netlink: 15487 bytes leftover after parsing attributes in process `syz.1.8141'.
[ 1442.745588][T28719] netlink: 'syz.4.8145': attribute type 2 has an invalid length.
[ 1443.280543][T28719] device 16 entered promiscuous mode
[ 1443.323117][T28728] netlink: 'syz.0.8147': attribute type 17 has an invalid length.
[ 1443.360767][T28728] netlink: 'syz.0.8147': attribute type 41 has an invalid length.
[ 1443.375004][T28729] netlink: 'syz.2.8148': attribute type 25 has an invalid length.
[ 1443.387245][T28729] netlink: 'syz.2.8148': attribute type 9 has an invalid length.
[ 1444.164074][T28745] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8151'.
[ 1445.527549][T28770] device 17 entered promiscuous mode
[ 1445.593295][T28775] device 21 entered promiscuous mode
[ 1445.600189][T28782] validate_nla: 4 callbacks suppressed
[ 1445.600211][T28782] netlink: 'syz.3.8166': attribute type 17 has an invalid length.
[ 1445.615067][T28782] netlink: 'syz.3.8166': attribute type 41 has an invalid length.
[ 1446.332727][T28794] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8170'.
[ 1446.393656][T28794] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8170'.
[ 1446.466088][T28796] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.8170'.
[ 1446.617290][T28798] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8171'.
[ 1446.670033][T28798] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8171'.
[ 1446.723258][T28800] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8171'.
[ 1447.151215][T28810] netlink: 'syz.0.8174': attribute type 25 has an invalid length.
[ 1447.198773][T28810] netlink: 'syz.0.8174': attribute type 9 has an invalid length.
[ 1449.559516][T28820] netlink: 'syz.2.8178': attribute type 17 has an invalid length.
[ 1449.569916][T28829] netlink: 'syz.3.8180': attribute type 2 has an invalid length.
[ 1449.587957][T28820] netlink: 'syz.2.8178': attribute type 41 has an invalid length.
[ 1449.598722][T28827] netlink: 'syz.0.8181': attribute type 2 has an invalid length.
[ 1449.697346][T28829] device 17 entered promiscuous mode
[ 1449.800051][T28827] device 18 entered promiscuous mode
[ 1450.782057][T28853] netlink: 'syz.0.8189': attribute type 6 has an invalid length.
[ 1450.818145][T28853] netlink: 164 bytes leftover after parsing attributes in process `syz.0.8189'.
[ 1451.027221][T28855] netlink: 'syz.1.8187': attribute type 25 has an invalid length.
[ 1451.049366][T28855] netlink: 'syz.1.8187': attribute type 9 has an invalid length.
[ 1451.269318][T28859] netlink: 'syz.2.8191': attribute type 21 has an invalid length.
[ 1451.850399][T28870] netlink: 'syz.3.8195': attribute type 17 has an invalid length.
[ 1451.860116][T28870] netlink: 'syz.3.8195': attribute type 41 has an invalid length.
[ 1452.204462][T28865] netlink: 'syz.1.8193': attribute type 2 has an invalid length.
[ 1452.260015][T28865] netlink: 'syz.1.8193': attribute type 3 has an invalid length.
[ 1452.278214][T28865] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8193'.
[ 1452.687411][T28883] netlink: 'syz.0.8198': attribute type 10 has an invalid length.
[ 1452.849045][T28887] netlink: 'syz.1.8199': attribute type 2 has an invalid length.
[ 1452.879608][T28887] device 19 entered promiscuous mode
[ 1453.968891][T28911] FAULT_INJECTION: forcing a failure.
[ 1453.968891][T28911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1454.094040][T28911] CPU: 0 PID: 28911 Comm: syz.1.8207 Not tainted syzkaller #0
[ 1454.101630][T28911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1454.111786][T28911] Call Trace:
[ 1454.115104][T28911]  <TASK>
[ 1454.118071][T28911]  dump_stack_lvl+0x188/0x24e
[ 1454.122804][T28911]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1454.129007][T28911]  ? show_regs_print_info+0x12/0x12
[ 1454.134256][T28911]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1454.140469][T28911]  should_fail_ex+0x399/0x4d0
[ 1454.145189][T28911]  _copy_from_user+0x2c/0x170
[ 1454.149916][T28911]  __sys_bpf+0x2ea/0x780
[ 1454.154215][T28911]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1454.159672][T28911]  ? lock_chain_count+0x20/0x20
[ 1454.164563][T28911]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1454.170595][T28911]  __x64_sys_bpf+0x78/0x90
[ 1454.175052][T28911]  do_syscall_64+0x4c/0xa0
[ 1454.179517][T28911]  ? clear_bhb_loop+0x60/0xb0
[ 1454.184236][T28911]  ? clear_bhb_loop+0x60/0xb0
[ 1454.188953][T28911]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1454.194886][T28911] RIP: 0033:0x7f4e34d9cdd9
[ 1454.199380][T28911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1454.219488][T28911] RSP: 002b:00007f4e35b94028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1454.228028][T28911] RAX: ffffffffffffffda RBX: 00007f4e35015fa0 RCX: 00007f4e34d9cdd9
[ 1454.236047][T28911] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1454.244052][T28911] RBP: 00007f4e35b94090 R08: 0000000000000000 R09: 0000000000000000
[ 1454.252059][T28911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1454.260151][T28911] R13: 00007f4e35016038 R14: 00007f4e35015fa0 R15: 00007fffa997ec48
[ 1454.268212][T28911]  </TASK>
[ 1455.438329][T28934] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8216'.
[ 1455.912980][T28955] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8223'.
[ 1456.032132][T28967] validate_nla: 6 callbacks suppressed
[ 1456.032152][T28967] netlink: 'syz.4.8225': attribute type 17 has an invalid length.
[ 1456.092401][T28967] netlink: 'syz.4.8225': attribute type 41 has an invalid length.
[ 1456.136750][T28971] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.8226'.
[ 1456.476859][T28984] netlink: 'syz.4.8229': attribute type 25 has an invalid length.
[ 1456.490896][T28984] netlink: 'syz.4.8229': attribute type 9 has an invalid length.
[ 1456.960766][T29003] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8232'.
[ 1457.014041][T29006] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8235'.
[ 1457.065672][T29008] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8235'.
[ 1457.440745][T29020] netlink: 'syz.3.8240': attribute type 17 has an invalid length.
[ 1457.448937][T29020] netlink: 'syz.3.8240': attribute type 41 has an invalid length.
[ 1457.567727][T29022] device syzkaller0 entered promiscuous mode
[ 1457.888057][T29027] netlink: 'syz.0.8244': attribute type 25 has an invalid length.
[ 1457.897474][T29027] netlink: 'syz.0.8244': attribute type 9 has an invalid length.
[ 1458.992053][T29048] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8249'.
[ 1459.008903][T29050] netlink: 'syz.4.8246': attribute type 2 has an invalid length.
[ 1459.043617][T29050] netlink: 'syz.4.8246': attribute type 3 has an invalid length.
[ 1459.051438][T29050] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8246'.
[ 1459.352914][T29052] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8252'.
[ 1460.907361][T29082] bond0: (slave bond_slave_0): Releasing backup interface
Stopping sshd: stopped /usr/sbin/sshd (pid 4029)
OK
[ 1461.863693][T29104] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8264'.
[ 1462.127596][T29105] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8266'.
Stopping crond: stopped /usr/sbin/crond (pid 4012)
OK
[ 1462.461436][T29118] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8269'.
[ 1462.564957][T29120] validate_nla: 5 callbacks suppressed
[ 1462.564978][T29120] netlink: 'syz.4.8270': attribute type 17 has an invalid length.
[ 1462.653495][T29120] netlink: 'syz.4.8270': attribute type 41 has an invalid length.
[ 1462.708809][T29122] netlink: 'syz.2.8271': attribute type 25 has an invalid length.
[ 1462.740222][T29122] netlink: 'syz.2.8271': attribute type 9 has an invalid length.
Stopping dhcpcd...
stopped /sbin/dhcpcd (pid 3932)
[ 1464.056267][T29157] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8278'.
[ 1464.394383][T29170] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8281'.
[ 1464.551918][T29172] netlink: 'syz.4.8283': attribute type 25 has an invalid length.
Stopping network[ 1464.582908][T29172] netlink: 'syz.4.8283': attribute type 9 has an invalid length.
: [ 1464.645287][T29178] netlink: 'syz.2.8285': attribute type 17 has an invalid length.
[ 1464.717837][T29178] netlink: 'syz.2.8285': attribute type 41 has an invalid length.
[ 1464.902379][T29185] netlink: 1 bytes leftover after parsing attributes in process `syz.4.8287'.
[ 1465.616918][T29205] netlink: 14 bytes leftover after parsing attributes in process `syz.2.8293'.
[ 1466.130748][T29212] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8294'.
[ 1466.180109][T29209] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.8293'.
[ 1466.266871][T29211] bond0: (slave wlan1): Error: Slave device does not support XDP
[ 1466.318406][T29223] netlink: 'syz.3.8296': attribute type 21 has an invalid length.
[ 1466.329611][T29226] netlink: 'syz.1.8297': attribute type 25 has an invalid length.
[ 1466.664922][T29233] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1466.706731][T29233] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1467.363644][T29234] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8299'.
OK
[ 1468.026850][T29273] validate_nla: 3 callbacks suppressed
[ 1468.026891][T29273] netlink: 'syz.3.8307': attribute type 27 has an invalid length.
[ 1468.376665][T29280] FAULT_INJECTION: forcing a failure.
[ 1468.376665][T29280] name failslab, interval 1, probability 0, space 0, times 0
[ 1468.434662][T29278] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8308'.
Stopping iptables: [ 1468.462086][T29280] CPU: 0 PID: 29280 Comm: syz.4.8310 Not tainted syzkaller #0
[ 1468.469682][T29280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1468.479788][T29280] Call Trace:
[ 1468.483107][T29280]  <TASK>
[ 1468.486087][T29280]  dump_stack_lvl+0x188/0x24e
[ 1468.490833][T29280]  ? show_regs_print_info+0x12/0x12
[ 1468.496097][T29280]  ? load_image+0x400/0x400
[ 1468.500659][T29280]  ? __lock_acquire+0x7d10/0x7d10
[ 1468.505743][T29280]  ? trace_call_bpf+0xbf/0x6b0
[ 1468.510575][T29280]  ? trace_call_bpf+0x5d6/0x6b0
[ 1468.515489][T29280]  should_fail_ex+0x399/0x4d0
[ 1468.520214][T29280]  should_failslab+0x5/0x20
[ 1468.524745][T29280]  slab_pre_alloc_hook+0x59/0x310
[ 1468.529807][T29280]  ? bpf_test_init+0x9f/0x140
[ 1468.534522][T29280]  __kmem_cache_alloc_node+0x4f/0x260
[ 1468.539964][T29280]  ? bpf_test_init+0x9f/0x140
[ 1468.544672][T29280]  __kmalloc+0xa0/0x240
[ 1468.548879][T29280]  bpf_test_init+0x9f/0x140
[ 1468.553431][T29280]  bpf_prog_test_run_xdp+0x484/0xf10
[ 1468.558769][T29280]  ? dev_put+0x80/0x80
[ 1468.562947][T29280]  ? bpf_prog_test_run+0x312/0x390
[ 1468.568118][T29280]  ? dev_put+0x80/0x80
[ 1468.572238][T29280]  bpf_prog_test_run+0x31e/0x390
[ 1468.577316][T29280]  __sys_bpf+0x62b/0x780
[ 1468.581605][T29280]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1468.587034][T29280]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1468.593236][T29280]  __x64_sys_bpf+0x78/0x90
[ 1468.597690][T29280]  do_syscall_64+0x4c/0xa0
[ 1468.602146][T29280]  ? clear_bhb_loop+0x60/0xb0
[ 1468.606860][T29280]  ? clear_bhb_loop+0x60/0xb0
[ 1468.611607][T29280]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1468.617558][T29280] RIP: 0033:0x7faa0679cdd9
[ 1468.622006][T29280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1468.641647][T29280] RSP: 002b:00007faa07571028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1468.650096][T29280] RAX: ffffffffffffffda RBX: 00007faa06a15fa0 RCX: 00007faa0679cdd9
[ 1468.658101][T29280] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1468.666107][T29280] RBP: 00007faa07571090 R08: 0000000000000000 R09: 0000000000000000
[ 1468.674197][T29280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1468.682198][T29280] R13: 00007faa06a16038 R14: 00007faa06a15fa0 R15: 00007ffd28905c98
[ 1468.690305][T29280]  </TASK>
OK
[ 1468.959545][T29273] bond0: (slave bond_slave_0): Releasing backup interface
Stopping system message bus: [ 1469.205136][T29291] netlink: 'syz.0.8312': attribute type 25 has an invalid length.
[ 1469.233235][T29291] netlink: 'syz.0.8312': attribute type 9 has an invalid length.
[ 1469.465180][T29299] FAULT_INJECTION: forcing a failure.
[ 1469.465180][T29299] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.513338][T29299] CPU: 1 PID: 29299 Comm: syz.2.8315 Not tainted syzkaller #0
[ 1469.520983][T29299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1469.531106][T29299] Call Trace:
[ 1469.534435][T29299]  <TASK>
[ 1469.537417][T29299]  dump_stack_lvl+0x188/0x24e
[ 1469.542159][T29299]  ? show_regs_print_info+0x12/0x12
[ 1469.547507][T29299]  ? load_image+0x400/0x400
[ 1469.552124][T29299]  ? __might_sleep+0xd0/0xd0
[ 1469.556775][T29299]  ? __lock_acquire+0x7d10/0x7d10
[ 1469.561885][T29299]  should_fail_ex+0x399/0x4d0
[ 1469.566636][T29299]  should_failslab+0x5/0x20
[ 1469.571204][T29299]  slab_pre_alloc_hook+0x59/0x310
[ 1469.576302][T29299]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1469.582141][T29299]  __kmem_cache_alloc_node+0x4f/0x260
[ 1469.587583][T29299]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1469.593376][T29299]  __kmalloc+0xa0/0x240
[ 1469.597608][T29299]  tomoyo_realpath_from_path+0xdf/0x5d0
[ 1469.603237][T29299]  ? tomoyo_path_number_perm+0x205/0x650
[ 1469.608938][T29299]  tomoyo_path_number_perm+0x22f/0x650
[ 1469.614468][T29299]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1469.620080][T29299]  ? ksys_write+0x1c0/0x250
[ 1469.624650][T29299]  ? common_file_perm+0x171/0x1c0
[ 1469.629770][T29299]  ? __fget_files+0x28/0x4b0
[ 1469.634429][T29299]  ? __fget_files+0x28/0x4b0
[ 1469.639096][T29299]  security_file_ioctl+0x6c/0xa0
[ 1469.644190][T29299]  __se_sys_ioctl+0x48/0x170
[ 1469.648858][T29299]  do_syscall_64+0x4c/0xa0
[ 1469.653431][T29299]  ? clear_bhb_loop+0x60/0xb0
[ 1469.658173][T29299]  ? clear_bhb_loop+0x60/0xb0
[ 1469.662921][T29299]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1469.668876][T29299] RIP: 0033:0x7f8655d9cdd9
[ 1469.673344][T29299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1469.693007][T29299] RSP: 002b:00007f8656c77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1469.701472][T29299] RAX: ffffffffffffffda RBX: 00007f8656015fa0 RCX: 00007f8655d9cdd9
[ 1469.709500][T29299] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000004
[ 1469.717529][T29299] RBP: 00007f8656c77090 R08: 0000000000000000 R09: 0000000000000000
[ 1469.725608][T29299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1469.733648][T29299] R13: 00007f8656016038 R14: 00007f8656015fa0 R15: 00007ffd0c45c4a8
[ 1469.741692][T29299]  </TASK>
[ 1469.783525][T29301] netlink: 'syz.4.8316': attribute type 17 has an invalid length.
[ 1469.812782][T29299] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1469.856801][T29301] netlink: 'syz.4.8316': attribute type 41 has an invalid length.
[ 1470.647416][T29318] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8319'.
done
[ 1471.269667][T29346] netlink: 'syz.2.8327': attribute type 25 has an invalid length.
[ 1471.348624][T29346] netlink: 'syz.2.8327': attribute type 9 has an invalid length.
[ 1471.404106][T29348] netlink: 'syz.0.8326': attribute type 27 has an invalid length.
[ 1471.469743][T29350] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8325'.
[ 1471.798388][T29348] bond0: (slave bond_slave_0): Releasing backup interface
[ 1472.543422][T29363] netlink: 'syz.2.8331': attribute type 17 has an invalid length.
[ 1472.551373][T29363] netlink: 'syz.2.8331': attribute type 41 has an invalid length.
[ 1473.371650][T29386] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8336'.
[ 1473.669820][T29392] netlink: 'syz.1.8339': attribute type 25 has an invalid length.
[ 1473.688876][T29392] netlink: 'syz.1.8339': attribute type 9 has an invalid length.
[ 1473.959554][T29400] netlink: 'syz.0.8342': attribute type 10 has an invalid length.
Stopping klogd: [ 1474.281634][T29409] netlink: 'syz.3.8341': attribute type 4 has an invalid length.
[ 1474.315960][T29409] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8341'.
[ 1474.394009][T29413] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8344'.
OK
[ 1474.796613][T29425] netlink: 'syz.2.8348': attribute type 29 has an invalid length.
[ 1474.826771][T29425] netlink: 'syz.2.8348': attribute type 29 has an invalid length.
[ 1474.887177][T29427] netlink: 'syz.2.8348': attribute type 29 has an invalid length.
Stopping acpid: [ 1475.013647][T29425] netlink: 'syz.2.8348': attribute type 39 has an invalid length.
[ 1475.289163][T29440] netlink: 'syz.1.8353': attribute type 25 has an invalid length.
[ 1475.335566][T29440] netlink: 'syz.1.8353': attribute type 9 has an invalid length.
[ 1475.524358][T29455] netlink: 72 bytes leftover after parsing attributes in process `syz.3.8354'.
[ 1475.839649][T29460] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8358'.
OK
[ 1477.033569][T29496] netlink: 14 bytes leftover after parsing attributes in process `syz.2.8369'.
Stopping syslogd: [ 1477.367477][T29510] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8371'.
stopped /sbin/syslogd (pid 3620)
OK
[ 1477.803793][T29526] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8374'.
umount: can't remount debugfs read-only
[ 1479.564325][T29571] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8388'.
[ 1479.897956][T29583] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8391'.
[ 1480.069409][T29591] validate_nla: 5 callbacks suppressed
[ 1480.069430][T29591] netlink: 'syz.2.8395': attribute type 21 has an invalid length.
[ 1480.201549][T29589] bond0: (slave wlan1): Error: Slave device does not support XDP
[ 1481.264966][T29610] netlink: 'syz.4.8402': attribute type 25 has an invalid length.
[ 1481.302945][T29610] netlink: 'syz.4.8402': attribute type 9 has an invalid length.
[ 1481.817217][T29629] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8405'.
umount: sysfs busy - remounted read-only
umount: devtmpfs busy - remounted read-only
umount: can't remount /dev/root read-only
The system is going down NOW!
Sent SIGTERM to all processes
Connection to 10.128.1.7 closed by remote host.
Sent SIGKILL to all processes
Requesting system poweroff
[ 1484.616145][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.622525][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.687547][T29632] kvm: exiting hardware virtualization
[ 1484.769694][T29632] sd 0:0:1:0: [sda] Synchronizing SCSI cache
[ 1484.839490][T29562] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.864979][T29632] ACPI: PM: Preparing to enter system sleep state S5
[ 1484.898969][T29632] reboot: Power down
serialport: VM disconnected.