last executing test programs:

20.836981853s ago: executing program 0 (id=2759):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffd}, 0x40002140)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'wg1\x00', @random="0200e97fffff"})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'gretap0\x00', @random="000000001300"})
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r3})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)={r3})
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b000000016007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d522ac78876a4595146add31b35355848794ca3f8b38aef1e114ab9fb0200000000000000a3b0c81c6f8144e74fe13b80ca46c1a6c04ad73c9d44b605f900"/158, 0x9e}, {&(0x7f00000000c0)="68c32a7de6a2395800a6ff00000000000000", 0x12}], 0x2}, 0x0)
r4 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0xb, &(0x7f0000000040), 0x2)
sendmsg$inet(r4, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f00000001c0)="92", 0x1}], 0x1}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x103)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1c, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r0)

20.355365351s ago: executing program 3 (id=2765):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8916, &(0x7f0000000000)={'wg1\x00', @random="0200e97fffff"})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'gretap0\x00', @random="000000001300"})
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r4})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)={r4})
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b000000016007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d522ac78876a4595146add31b35355848794ca3f8b38aef1e114ab9fb0200000000000000a3b0c81c6f8144e74fe13b80ca46c1a6c04ad73c9d44b605f900"/158, 0x9e}, {&(0x7f00000000c0)="68c32a7de6a2395800a6ff00000000000000", 0x12}], 0x2}, 0x0)
r5 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r5, 0x84, 0xb, &(0x7f0000000040), 0x2)
sendmsg$inet(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f00000001c0)="92", 0x1}], 0x1}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x103)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1c, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r0)

19.773614725s ago: executing program 0 (id=2768):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a", 0x23}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

19.533077939s ago: executing program 0 (id=2769):
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000061187f000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000180)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x3, 0x80, 0x40, 0x80, 0x7, 0x2, 0x0, 0x8, 0x400, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x100000, 0x6, 0x912, 0x5, 0xfffffffffffffff7, 0x7, 0x8, 0x0, 0x5, 0x0, 0x7fffffffffffffff}, 0xffffffffffffffff, 0x2, r0, 0x2)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, @perf_config_ext={0x1, 0x4}, 0xa0, 0x58, 0x0, 0x4, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001)
r5 = socket$kcm(0x2, 0x200000000000001, 0x106)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_type(r6, &(0x7f0000000340), 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x80000000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000440), 0x3d)
close(0x3)
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000e80)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x5, 0x9}, 0x8102, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.swap.events\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x18, 0x3ff, 0x1000, 0x2e69, 0xa00, r9, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1}, 0x50)
close(r8)

18.979096731s ago: executing program 3 (id=2772):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x400000000004, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7a, 0x2, @perf_bp={0x0, 0x4}, 0x19122, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
socket$kcm(0x2, 0xa, 0x2)
perf_event_open(0x0, 0x0, 0xb, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b4050000fdff7f006110a40000000000c60000000000000095000000000000009f33ef60916e6e713f1e6b0b725ad99b817fd98cd824498949714e32f21dcc4ae5437aca55f21f3ca9e822d182054d54d53cd2b6da714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed00000000000000000000000000000000000000006c63b40e0c00000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f79829c90bd2114252581567acae715cbe1b57d5cda432c5b9443999f7d24195405f2e76ba88454cc9227069ccb7b37b41215c000000003be991e5e897284cdd6043"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000580)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='&\x00'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000300)=""/143, 0x8f}], 0x1}, 0x2)

18.968804112s ago: executing program 2 (id=2773):
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, 0x0, 0x200048cc)
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000280)="11aa21b257da4a88df28a95bba51a371548d61174e2bc231e66d5c174efc798a02a8c2fb9c519a3f76499ddcf7059f1297a55d9ea7e1f8d0", 0x38}, {0x0}], 0x2}, 0x4000001)

18.846312329s ago: executing program 0 (id=2774):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000001d80)={&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000001880)=[{&(0x7f0000000300)="bb", 0x1}], 0x1}, 0x24000008)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000180)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000340)=[{0x0}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f0000000640)={&(0x7f0000000040)={0x2, 0x74e, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000200)="cff74d1d4872921ef285e1597273d77e710a978142d74cb7c7f256cc608a134809c336f3f7bcebab4cb373ed3ecc39e0968ddd111d6324dae0cefbff4a2594b4847087bbd7e82b03c2241970312f00520acf78ce3752fcf665b5d2e8", 0x5c}, {&(0x7f0000000280)="dc53001e4c6732a79e55a50f3313905bf319d92e038878585152504feb8f5fd8bdeb9431f19f5173afceedbc078b3239ac677566c893130944ce91e6bd582b9bd7d84a1b802af0293bf88f2d43692bb3d61ca00805c9b0f28593d31b0ef4c8027c93bc7675f431c03ca0eb5ca282eb210c391aff3e13dc1967890d6f687cf5", 0x7f}, {&(0x7f0000000440)="b16193c2a7afc72d921b523745b79f8a61468f94697405f477977a6e6c2959a61995db795c6c48036e792ee9d0889a", 0x2f}, {&(0x7f00000004c0)="596eb1abda3b1b7473eacd673d9b46705afec01a1bf8729edc8350da945cac0172299a606fb5577c6d80a4ca31decab88320b22c17b4676c3767dd7d39579e8cf04909b478fd8545f3f3f818d5ce8771cd7f856aea72ed98d044480e4eb70284bb44d73233c27f72059cb1bad8ee308f9f285a896dccea2f485954e408b09d485f1b14283d49d300d1d93ba257fd245ffd1de24e9a103ac28b8eee41d2385d34ca971d1ea54bdb946f9dfc993057d61a5c23312ed441", 0xb6}, {&(0x7f0000000580)="39dcfa4db3", 0x5}], 0x5, &(0x7f00000007c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xc9}}, @ip_retopts={{0x184, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x44, 0x29, 0x3, 0x0, [{@broadcast, 0x4}, {@multicast2, 0x6}, {@multicast1, 0x1}, {@empty, 0xffff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@loopback, 0x9}, {@multicast2, 0x8}, {@broadcast, 0x7ff}]}, @timestamp_prespec={0x44, 0x34, 0x84, 0x3, 0x6, [{@local, 0x3}, {@rand_addr=0x64010102, 0x8001}, {@local, 0x3}, {@multicast2, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@rand_addr=0x64010101, 0x2}]}, @ra={0x94, 0x4}, @noop, @generic={0x89, 0x2}, @cipso={0x86, 0x45, 0x3, [{0x5, 0x8, "1812eef57b77"}, {0x7, 0x12, "d2d6915065cc42ad034c35693cc7ea79"}, {0x1, 0x12, "20484617ea6262433100d98ead2675f3"}, {0x6, 0x2}, {0x6, 0x11, "56a99cfd3ebb744a5b0fa800f8f0b3"}]}, @timestamp_prespec={0x44, 0x2c, 0xaa, 0x3, 0x2, [{@multicast1, 0x7}, {@rand_addr=0x64010101, 0x1}, {@rand_addr=0x64010100, 0x6}, {@local, 0x2}, {@loopback}]}, @cipso={0x86, 0x7e, 0x3, [{0x2, 0xe, "fafb5745b9a1e538ff88250f"}, {0x3, 0x12, "00bc99787c3f8910a8e30972fd6519c2"}, {0x0, 0x7, "f0d85fd2e2"}, {0x1, 0x11, "585dedc837ce7d84b83d70174eed2d"}, {0x2, 0x6, "4c012c3e"}, {0x0, 0xf, "81072ee8fe29860eb663c27152"}, {0x0, 0x7, "c00774bfe7"}, {0x5, 0x12, "ebedc413601e16d79e38d764a3ed559c"}, {0x2, 0x12, "3063ead1a8ff5157eb2760070528a229"}]}, @generic={0x94, 0x3, "19"}, @noop]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}], 0x1d0}, 0x20000800)

18.706187047s ago: executing program 2 (id=2776):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000036000000040000000200000000000000", @ANYRES32, @ANYBLOB="0900000200000000000000000000000000000040", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, &(0x7f00000001c0), 0x0}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x28, 0x5, 0x0)
close(r4)
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2a, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff9}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @ldst={0x3, 0x0, 0x5, 0xb, 0x4, 0xfffffffffffffff8, 0x8}, @printk={@lli}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000001c0)='syzkaller\x00', 0xd, 0xf4, &(0x7f00000007c0)=""/244, 0x41000, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xb, 0x23d, 0x8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0], &(0x7f0000000400)=[{0x4, 0x5, 0x1, 0x1}, {0x2, 0x2, 0x5, 0x3}, {0x3, 0x1, 0xa96, 0x8}]}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000440)=r6, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x2a, 0x3, 0x1000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300, 0xfffffffffffffffd}, 0x0, 0x0, r5, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000050000009500000000f70000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r12, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x0, 0xffff8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8d8f}, 0x50)
sendmsg$unix(r11, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0), 0x0, 0x4004001}, 0x0)

18.586075584s ago: executing program 2 (id=2777):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000036000000040000000200000000000000", @ANYRES32, @ANYBLOB="0900000200000000000000000000000000000040", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, &(0x7f00000001c0), 0x0}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x28, 0x5, 0x0)
close(r4)
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2a, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff9}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @ldst={0x3, 0x0, 0x5, 0xb, 0x4, 0xfffffffffffffff8, 0x8}, @printk={@lli}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000001c0)='syzkaller\x00', 0xd, 0xf4, &(0x7f00000007c0)=""/244, 0x41000, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xb, 0x23d, 0x8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0], &(0x7f0000000400)=[{0x4, 0x5, 0x1, 0x1}, {0x2, 0x2, 0x5, 0x3}, {0x3, 0x1, 0xa96, 0x8}]}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000440)=r6, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x2a, 0x3, 0x1000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300, 0xfffffffffffffffd}, 0x0, 0x0, r5, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000050000009500000000f70000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r12, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x0, 0xffff8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8d8f}, 0x50)
sendmsg$unix(r11, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0), 0x0, 0x4004001}, 0x0)

18.562778006s ago: executing program 3 (id=2778):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a", 0x23}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

18.435494173s ago: executing program 3 (id=2779):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000001c40)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip_vti0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f0, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f3, &(0x7f0000000080))
sendmsg$kcm(r0, 0x0, 0x40840)

18.293980291s ago: executing program 3 (id=2780):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x7303, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=0x1, @ANYBLOB="a8dd00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="2f000000340000000000000007f8a06f3cbde1fbd192f4846f4fab58bb9b4a148500f8a1cbb1083e9c8743d435e54d30f94116afb50610f818ecd23a446417feb21724f1b41a13714ee3275ccdbf2c4b7fc8d016887462393310ec3a2a6b6901a037d98d9e40f280bdab915aaa9fbfb0cc43b56d348d", @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0xe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x3eb4}, 0x94)
socket$kcm(0xa, 0x2, 0x73)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x10004000)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89ed, 0x0)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x8, 0xdff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x1, 0x1, 0x1, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8946, &(0x7f0000000080))

18.292925511s ago: executing program 2 (id=2781):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800010000000000240000002400000002000000000000000000000400000003000000000000000200000000000000000000000d020000000000000024000000000000000000000000000000000000000000002000000000"], 0xffffffffffffffff, 0x3e, 0x0, 0x2}, 0x28)
socket$kcm(0xa, 0x1, 0x106)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="030000000400000026"], 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f0000000780), &(0x7f0000000740)=r0}, 0x22)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x49, &(0x7f0000000180), 0x4)

17.990029999s ago: executing program 2 (id=2782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x7, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x24}, [@call={0x85, 0x0, 0x0, 0xae}]}, &(0x7f00000002c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0xc46, '\x00', 0x0, r0, 0x0, 0x0, 0x4}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], <r1=>0x0, 0xa0, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x21, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0xbf}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000080), &(0x7f0000000180)=r4}, 0x20)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000002f40)=@base={0x5, 0x4, 0xc, 0xc}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r6, r5}, 0xc)
r7 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@o_path={&(0x7f0000000200)='./cgroup\x00', r8, 0x4000, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x2, 0x2a, &(0x7f0000000b40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x21}}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x3, 0x97, &(0x7f0000000cc0)=""/151, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, r2, 0x8, &(0x7f0000000d80)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, r1, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000dc0)=[{0x0, 0x5, 0x0, 0x7}, {0x5, 0x2, 0x2, 0x8}], 0x10, 0xfffffffe}, 0x94)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={0x0, 0xfffffff0, 0x18}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x4}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xb, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x1}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)

17.777668802s ago: executing program 0 (id=2783):
perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000280)="11aa21b257da4a88df28a95bba51a371548d61174e2bc231e66d5c17", 0x1c}], 0x1}, 0x4000001)
close(r0)

17.327780938s ago: executing program 0 (id=2785):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c0000007a006bcd9e3fe3dc6e08000007000004000000027ea60864160af36504005425198bc3488bc3a0e69ee517d34460bc24eab556a705251e4e82949a3651f668c3664402682fb6e27bbfa83b5cae0300c9fcd1938037e786a6", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40000)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x40840)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000300000004000000"], 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0)

17.281831481s ago: executing program 3 (id=2786):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000036000000040000000200000000000000", @ANYRES32, @ANYBLOB="0900000200000000000000000000000000000040", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, &(0x7f00000001c0), 0x0}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x28, 0x5, 0x0)
close(r4)
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2a, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff9}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @ldst={0x3, 0x0, 0x5, 0xb, 0x4, 0xfffffffffffffff8, 0x8}, @printk={@lli}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000001c0)='syzkaller\x00', 0xd, 0xf4, &(0x7f00000007c0)=""/244, 0x41000, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xb, 0x23d, 0x8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0], &(0x7f0000000400)=[{0x4, 0x5, 0x1, 0x1}, {0x2, 0x2, 0x5, 0x3}, {0x3, 0x1, 0xa96, 0x8}]}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000440)=r6, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x2a, 0x3, 0x1000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300, 0xfffffffffffffffd}, 0x0, 0x0, r5, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000050000009500000000f70000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r12, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x0, 0xffff8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8d8f}, 0x50)
sendmsg$unix(r11, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0), 0x0, 0x4004001}, 0x0)

17.221074704s ago: executing program 2 (id=2788):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000001c40)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip_vti0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f0, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f3, &(0x7f0000000080))
sendmsg$kcm(r0, 0x0, 0x40840)

17.049861524s ago: executing program 1 (id=2789):
r0 = socket$kcm(0x2, 0x3, 0x106)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x18)
sendmsg$inet(r0, &(0x7f0000000c80)={&(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000b80)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}], 0x18}, 0x4004800)

16.807072218s ago: executing program 1 (id=2790):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800010000000000240000002400000002000000000000000000000400000003000000000000000200000000000000000000000d0200000000000000240000000000000000000000000000000000000000000020000000"], 0xffffffffffffffff, 0x3e, 0x0, 0x2}, 0x28)
socket$kcm(0xa, 0x1, 0x106)
socket$kcm(0x2, 0x922000000001, 0x106)
bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="030000000400000026"], 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f0000000780), &(0x7f0000000740)=r0}, 0x22)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x49, &(0x7f0000000180), 0x4)

16.751055271s ago: executing program 1 (id=2791):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x7, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x24}, [@call={0x85, 0x0, 0x0, 0xae}]}, &(0x7f00000002c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0xc46, '\x00', 0x0, r0, 0x0, 0x0, 0x4}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], <r3=>0x0, 0xa0, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x21, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0xbf}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x5, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4007ff}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r5}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000500000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0600000000000000feadee4a0027"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000002f40)=@base={0x5, 0x4, 0xc, 0xc}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r10, r9}, 0xc)
r11 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@o_path={&(0x7f0000000200)='./cgroup\x00', r12, 0x4000, r11}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x2, 0x2a, &(0x7f0000000b40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r12}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x21}}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x3, 0x97, &(0x7f0000000cc0)=""/151, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, r4, 0x8, &(0x7f0000000d80)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, r3, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000dc0)=[{0x0, 0x5, 0x0, 0x7}, {0x5, 0x2, 0x2, 0x8}], 0x10, 0xfffffffe}, 0x94)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000780)={0x0, 0xfffffff0, 0x18}, 0xc)
r14 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000007c0)={0x0, 0x4}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xb, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x1}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0x43c, 0x1, 0x1, 0x5440, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x1, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x0, 0x11, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1710a383d1a79f1d}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x9, 0x98, &(0x7f00000001c0)=""/152, 0x40f00, 0x75, '\x00', r2, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x1, 0x7, 0x8, 0x80000000}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000880)=[r5, r6, r7, r8, 0x1, r13, r14, r15], &(0x7f00000008c0)=[{0x2, 0x2, 0x2, 0x1}, {0x4, 0x1, 0xe, 0x8}, {0x4, 0x1, 0x8, 0x2}, {0x1, 0x3, 0xa}, {0x1, 0x5, 0xc, 0x5}, {0x2, 0x5, 0x6, 0xb}, {0x0, 0x5, 0x5, 0x7}, {0x1, 0x3, 0x5, 0xd}, {0x5, 0x5, 0x10, 0x6}, {0x5, 0x5, 0x10, 0x4}], 0x10, 0x2}, 0x94)

16.581236681s ago: executing program 1 (id=2792):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000001d80)={&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000001880)=[{&(0x7f0000000300)="bb", 0x1}], 0x1}, 0x24000008)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000180)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000340)=[{0x0}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f0000000640)={&(0x7f0000000040)={0x2, 0x74e, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000200)="cff74d1d4872921ef285e1597273d77e710a978142d74cb7c7f256cc608a134809c336f3f7bcebab4cb373ed3ecc39e0968ddd111d6324dae0cefbff4a2594b4847087bbd7e82b03c2241970312f00520acf78ce3752fcf665b5d2e8", 0x5c}, {&(0x7f0000000280)="dc53001e4c6732a79e55a50f3313905bf319d92e038878585152504feb8f5fd8bdeb9431f19f5173afceedbc078b3239ac677566c893130944ce91e6bd582b9bd7d84a1b802af0293bf88f2d43692bb3d61ca00805c9b0f28593d31b0ef4c8027c93bc7675f431c03ca0eb5ca282eb210c391aff3e13dc1967890d6f687cf5", 0x7f}, {&(0x7f0000000440)="b16193c2a7afc72d921b523745b79f8a61468f94697405f477977a6e6c2959a61995db795c6c48036e792ee9d0889a", 0x2f}, {&(0x7f00000004c0)="596eb1abda3b1b7473eacd673d9b46705afec01a1bf8729edc8350da945cac0172299a606fb5577c6d80a4ca31decab88320b22c17b4676c3767dd7d39579e8cf04909b478fd8545f3f3f818d5ce8771cd7f856aea72ed98d044480e4eb70284bb44d73233c27f72059cb1bad8ee308f9f285a896dccea2f485954e408b09d485f1b14283d49d300d1d93ba257fd245ffd1de24e9a103ac28b8eee41d2385d34ca971d1ea54bdb946f9dfc993057d61a5c23312ed441", 0xb6}, {&(0x7f0000000580)="39dcfa4db3", 0x5}], 0x5, &(0x7f00000007c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xc9}}, @ip_retopts={{0x184, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x44, 0x29, 0x3, 0x0, [{@broadcast, 0x4}, {@multicast2, 0x6}, {@multicast1, 0x1}, {@empty, 0xffff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@loopback, 0x9}, {@multicast2, 0x8}, {@broadcast, 0x7ff}]}, @timestamp_prespec={0x44, 0x34, 0x84, 0x3, 0x6, [{@local, 0x3}, {@rand_addr=0x64010102, 0x8001}, {@local, 0x3}, {@multicast2, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@rand_addr=0x64010101, 0x2}]}, @ra={0x94, 0x4}, @noop, @generic={0x89, 0x2}, @cipso={0x86, 0x45, 0x3, [{0x5, 0x8, "1812eef57b77"}, {0x7, 0x12, "d2d6915065cc42ad034c35693cc7ea79"}, {0x1, 0x12, "20484617ea6262433100d98ead2675f3"}, {0x6, 0x2}, {0x6, 0x11, "56a99cfd3ebb744a5b0fa800f8f0b3"}]}, @timestamp_prespec={0x44, 0x2c, 0xaa, 0x3, 0x2, [{@multicast1, 0x7}, {@rand_addr=0x64010101, 0x1}, {@rand_addr=0x64010100, 0x6}, {@local, 0x2}, {@loopback}]}, @cipso={0x86, 0x7e, 0x3, [{0x2, 0xe, "fafb5745b9a1e538ff88250f"}, {0x3, 0x12, "00bc99787c3f8910a8e30972fd6519c2"}, {0x0, 0x7, "f0d85fd2e2"}, {0x1, 0x11, "585dedc837ce7d84b83d70174eed2d"}, {0x2, 0x6, "4c012c3e"}, {0x0, 0xf, "81072ee8fe29860eb663c27152"}, {0x0, 0x7, "c00774bfe7"}, {0x5, 0x12, "ebedc413601e16d79e38d764a3ed559c"}, {0x2, 0x12, "3063ead1a8ff5157eb2760070528a229"}]}, @generic={0x94, 0x3, "19"}, @noop]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}], 0x1d0}, 0x20000800)

15.682639774s ago: executing program 1 (id=2793):
perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000280)="11aa21b257da4a88df28a95bba51", 0xe}], 0x1}, 0x4000001)
close(r0)

15.627354697s ago: executing program 1 (id=2794):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000002c0)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x60, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)

2.183645922s ago: executing program 32 (id=2785):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c0000007a006bcd9e3fe3dc6e08000007000004000000027ea60864160af36504005425198bc3488bc3a0e69ee517d34460bc24eab556a705251e4e82949a3651f668c3664402682fb6e27bbfa83b5cae0300c9fcd1938037e786a6", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40000)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x40840)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000300000004000000"], 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0)

2.111982216s ago: executing program 33 (id=2788):
r0 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000001c40)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip_vti0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f0, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f3, &(0x7f0000000080))
sendmsg$kcm(r0, 0x0, 0x40840)

2.04984719s ago: executing program 34 (id=2786):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000036000000040000000200000000000000", @ANYRES32, @ANYBLOB="0900000200000000000000000000000000000040", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r3, &(0x7f00000001c0), 0x0}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0x28, 0x5, 0x0)
close(r4)
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2a, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff9}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @ldst={0x3, 0x0, 0x5, 0xb, 0x4, 0xfffffffffffffff8, 0x8}, @printk={@lli}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000001c0)='syzkaller\x00', 0xd, 0xf4, &(0x7f00000007c0)=""/244, 0x41000, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xb, 0x23d, 0x8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0], &(0x7f0000000400)=[{0x4, 0x5, 0x1, 0x1}, {0x2, 0x2, 0x5, 0x3}, {0x3, 0x1, 0xa96, 0x8}]}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000440)=r6, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='{[\\]+\x00')
socketpair(0x2a, 0x3, 0x1000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@float={0x3, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x0, 0x2}]}]}, {0x0, [0x61, 0x61, 0x2e]}}, 0x0, 0x51}, 0x28)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0xde, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11300, 0xfffffffffffffffd}, 0x0, 0x0, r5, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a02413bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a99281000000059f425ec2f8580fe3c6f605f9a00e90ba71cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e0852c8e7536bd1f018fa6be1e4de61fdccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4065903124bff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae441e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719a"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff05000500", 0x2c}, {&(0x7f00000019c0)="06bb", 0x2}], 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000050000009500000000f70000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r12, 0x0, 0x0, 0x0, &(0x7f0000000540), 0x0, 0xffff8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8d8f}, 0x50)
sendmsg$unix(r11, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0), 0x0, 0x4004001}, 0x0)

0s ago: executing program 35 (id=2794):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000002c0)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x60, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)

kernel console output (not intermixed with test programs):

: Interface deactivated: batadv_slave_1
[  426.938987][T10384] batman_adv: batadv0: Removing interface: batadv_slave_1
[  427.055688][T10386] netlink: 'syz.2.1502': attribute type 3 has an invalid length.
[  427.073682][T10384] bond0: (slave batadv0): Releasing backup interface
[  427.081363][T10384] batadv0 (unregistering): left promiscuous mode
[  427.087535][T10386] netlink: 201336 bytes leftover after parsing attributes in process `syz.2.1502'.
[  427.179951][T10387] syzkaller0: entered promiscuous mode
[  427.190904][T10387] syzkaller0: entered allmulticast mode
[  430.667602][T10447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.698500][T10447] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.504022][T10447] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  431.566136][T10447] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.630914][T10447] bond0: (slave batadv0): Releasing backup interface
[  431.642663][T10447] batadv0 (unregistering): left promiscuous mode
[  432.954770][T10481] syzkaller0: entered promiscuous mode
[  432.960422][T10481] syzkaller0: entered allmulticast mode
[  436.410624][T10520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  436.418295][T10520] batman_adv: batadv0: Removing interface: batadv_slave_0
[  436.427357][T10520] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  436.437613][T10520] batman_adv: batadv0: Removing interface: batadv_slave_1
[  436.508887][T10520] bond0: (slave batadv0): Releasing backup interface
[  436.532075][T10520] batadv0 (unregistering): left promiscuous mode
[  436.979779][T10529] netlink: 'syz.0.1536': attribute type 10 has an invalid length.
[  439.470267][T10588] netlink: 'syz.2.1554': attribute type 10 has an invalid length.
[  439.863616][T10601] netlink: 'syz.0.1558': attribute type 10 has an invalid length.
[  440.469162][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.477939][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.998045][T10620] netlink: 'syz.1.1563': attribute type 10 has an invalid length.
[  441.366434][T10633] netlink: 'syz.3.1566': attribute type 10 has an invalid length.
[  441.812023][T10639] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  442.839362][T10657] netlink: 'syz.3.1573': attribute type 10 has an invalid length.
[  443.278018][T10668] netlink: 'syz.0.1579': attribute type 10 has an invalid length.
[  444.307168][T10687] netlink: 'syz.0.1586': attribute type 10 has an invalid length.
[  444.416276][T10697] netlink: 763 bytes leftover after parsing attributes in process `syz.2.1589'.
[  445.085043][T10723] netlink: 'syz.2.1595': attribute type 10 has an invalid length.
[  446.728916][T10764] netlink: 'syz.3.1612': attribute type 10 has an invalid length.
[  447.655225][T10786] netlink: 'syz.1.1621': attribute type 1 has an invalid length.
[  447.681731][T10786] netlink: 112865 bytes leftover after parsing attributes in process `syz.1.1621'.
[  448.526261][T10801] tap0: tun_chr_ioctl cmd 2147767507
[  448.542970][T10801] tap0: tun_chr_ioctl cmd 1074025684
[  448.550058][T10803] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1626'.
[  448.878883][T10814] netlink: 'syz.2.1629': attribute type 10 has an invalid length.
[  451.003342][T10842] FAULT_INJECTION: forcing a failure.
[  451.003342][T10842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  451.111554][T10842] CPU: 0 PID: 10842 Comm: syz.2.1636 Not tainted syzkaller #0
[  451.120576][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  451.133023][T10842] Call Trace:
[  451.136977][T10842]  <TASK>
[  451.140636][T10842]  dump_stack_lvl+0x18c/0x250
[  451.146149][T10842]  ? show_regs_print_info+0x20/0x20
[  451.151874][T10842]  ? load_image+0x400/0x400
[  451.157103][T10842]  ? __might_fault+0xaa/0x120
[  451.162802][T10842]  ? __lock_acquire+0x7d40/0x7d40
[  451.168226][T10842]  should_fail_ex+0x39d/0x4d0
[  451.173085][T10842]  _copy_from_user+0x2f/0xe0
[  451.177816][T10842]  ___sys_recvmsg+0x176/0x590
[  451.182551][T10842]  ? __sys_recvmsg+0x2a0/0x2a0
[  451.187458][T10842]  ? ksys_write+0x1c4/0x260
[  451.192111][T10842]  ? __fget_files+0x43d/0x4b0
[  451.196943][T10842]  __x64_sys_recvmsg+0x20c/0x2e0
[  451.201925][T10842]  ? ___sys_recvmsg+0x590/0x590
[  451.206830][T10842]  ? lockdep_hardirqs_on+0x98/0x150
[  451.212370][T10842]  do_syscall_64+0x55/0xa0
[  451.216924][T10842]  ? clear_bhb_loop+0x40/0x90
[  451.221785][T10842]  ? clear_bhb_loop+0x40/0x90
[  451.226772][T10842]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  451.232797][T10842] RIP: 0033:0x7f4cf5f9bf79
[  451.237250][T10842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  451.256906][T10842] RSP: 002b:00007f4cf6e64028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  451.265457][T10842] RAX: ffffffffffffffda RBX: 00007f4cf6215fa0 RCX: 00007f4cf5f9bf79
[  451.273838][T10842] RDX: 0000000000010002 RSI: 0000200000000240 RDI: 0000000000000003
[  451.282027][T10842] RBP: 00007f4cf6e64090 R08: 0000000000000000 R09: 0000000000000000
[  451.290238][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.298254][T10842] R13: 00007f4cf6216038 R14: 00007f4cf6215fa0 R15: 00007ffcce2fc6d8
[  451.306365][T10842]  </TASK>
[  451.466182][T10846] pim6reg1: entered promiscuous mode
[  451.514270][T10846] pim6reg1: entered allmulticast mode
[  451.671807][T10854] netlink: 'syz.3.1637': attribute type 1 has an invalid length.
[  451.679628][T10854] netlink: 112865 bytes leftover after parsing attributes in process `syz.3.1637'.
[  452.723574][T10866] FAULT_INJECTION: forcing a failure.
[  452.723574][T10866] name failslab, interval 1, probability 0, space 0, times 0
[  452.771582][T10866] CPU: 1 PID: 10866 Comm: syz.2.1642 Not tainted syzkaller #0
[  452.779308][T10866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  452.789513][T10866] Call Trace:
[  452.793030][T10866]  <TASK>
[  452.796009][T10866]  dump_stack_lvl+0x18c/0x250
[  452.800919][T10866]  ? show_regs_print_info+0x20/0x20
[  452.806175][T10866]  ? load_image+0x400/0x400
[  452.810738][T10866]  ? __might_sleep+0xe0/0xe0
[  452.815467][T10866]  ? __lock_acquire+0x7d40/0x7d40
[  452.820644][T10866]  should_fail_ex+0x39d/0x4d0
[  452.825551][T10866]  should_failslab+0x9/0x20
[  452.830199][T10866]  slab_pre_alloc_hook+0x59/0x310
[  452.835360][T10866]  ? __lock_acquire+0x7d40/0x7d40
[  452.840606][T10866]  kmem_cache_alloc_node+0x60/0x320
[  452.845855][T10866]  ? __alloc_skb+0x103/0x2c0
[  452.850509][T10866]  __alloc_skb+0x103/0x2c0
[  452.854979][T10866]  netlink_sendmsg+0x66a/0xbf0
[  452.859994][T10866]  ? netlink_getsockopt+0x590/0x590
[  452.865606][T10866]  ? aa_sock_msg_perm+0x94/0x150
[  452.870729][T10866]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  452.876221][T10866]  ? security_socket_sendmsg+0x80/0xa0
[  452.881795][T10866]  ? netlink_getsockopt+0x590/0x590
[  452.887108][T10866]  ____sys_sendmsg+0x5ba/0x960
[  452.891924][T10866]  ? __asan_memset+0x22/0x40
[  452.896531][T10866]  ? __sys_sendmsg_sock+0x30/0x30
[  452.901562][T10866]  ? __import_iovec+0x5f2/0x850
[  452.906558][T10866]  ? import_iovec+0x73/0xa0
[  452.911170][T10866]  ___sys_sendmsg+0x2a6/0x360
[  452.915959][T10866]  ? get_pid_task+0x20/0x1e0
[  452.920572][T10866]  ? __sys_sendmsg+0x2a0/0x2a0
[  452.925365][T10866]  ? __lock_acquire+0x7d40/0x7d40
[  452.930426][T10866]  __se_sys_sendmsg+0x1c2/0x2b0
[  452.935377][T10866]  ? __x64_sys_sendmsg+0x80/0x80
[  452.940535][T10866]  ? lockdep_hardirqs_on+0x98/0x150
[  452.945871][T10866]  do_syscall_64+0x55/0xa0
[  452.950427][T10866]  ? clear_bhb_loop+0x40/0x90
[  452.955136][T10866]  ? clear_bhb_loop+0x40/0x90
[  452.959835][T10866]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  452.965748][T10866] RIP: 0033:0x7f4cf5f9bf79
[  452.970262][T10866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  452.990147][T10866] RSP: 002b:00007f4cf6e43028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  452.998879][T10866] RAX: ffffffffffffffda RBX: 00007f4cf6216090 RCX: 00007f4cf5f9bf79
[  453.006934][T10866] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[  453.014985][T10866] RBP: 00007f4cf6e43090 R08: 0000000000000000 R09: 0000000000000000
[  453.023075][T10866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.031324][T10866] R13: 00007f4cf6216128 R14: 00007f4cf6216090 R15: 00007ffcce2fc6d8
[  453.039503][T10866]  </TASK>
[  455.643913][T10892] netlink: 'syz.2.1650': attribute type 10 has an invalid length.
[  456.000001][T10908] netlink: 'syz.2.1654': attribute type 1 has an invalid length.
[  456.017560][T10908] netlink: 112865 bytes leftover after parsing attributes in process `syz.2.1654'.
[  464.084551][T11034] netlink: 'syz.0.1695': attribute type 10 has an invalid length.
[  465.223223][T11064] netlink: 'syz.2.1707': attribute type 10 has an invalid length.
[  465.231951][T11064] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1707'.
[  465.245618][T11064] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  465.291904][T11063] delete_channel: no stack
[  466.152613][T11074] netlink: 'syz.0.1709': attribute type 10 has an invalid length.
[  466.530754][T11087] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.538368][T11087] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.590932][T11087] bridge0: entered allmulticast mode
[  466.713773][T11090] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.789703][T11090] bridge0: entered allmulticast mode
[  466.814826][T11095] netlink: 'syz.0.1717': attribute type 10 has an invalid length.
[  466.825840][T11094] bridge_slave_1: left allmulticast mode
[  466.832637][T11094] bridge_slave_1: left promiscuous mode
[  466.840232][T11094] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.867216][T11094] bridge_slave_0: left allmulticast mode
[  466.873181][T11094] bridge_slave_0: left promiscuous mode
[  466.879792][T11094] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.159222][T11100] netlink: 'syz.2.1720': attribute type 10 has an invalid length.
[  467.192326][T11104] netlink: 'syz.1.1719': attribute type 10 has an invalid length.
[  467.219572][T11104] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1719'.
[  467.234965][T11104] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  467.531577][T11102] delete_channel: no stack
[  468.783437][T11135] netlink: 'syz.1.1730': attribute type 10 has an invalid length.
[  469.380959][T11143] netlink: 'syz.3.1732': attribute type 10 has an invalid length.
[  470.153171][T11151] netlink: 'syz.3.1736': attribute type 10 has an invalid length.
[  470.181698][T11151] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1736'.
[  470.205715][T11151] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  470.404817][T11150] delete_channel: no stack
[  471.471925][T11182] netlink: 'syz.3.1746': attribute type 10 has an invalid length.
[  472.575229][T11216] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.582987][T11216] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.606272][T11216] bridge0: entered allmulticast mode
[  472.653828][T11218] bridge_slave_1: left allmulticast mode
[  472.669877][T11218] bridge_slave_1: left promiscuous mode
[  472.687335][T11218] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.719202][T11218] bridge_slave_0: left allmulticast mode
[  472.726967][T11218] bridge_slave_0: left promiscuous mode
[  472.733247][T11218] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.978883][T11227] netlink: 'syz.3.1759': attribute type 10 has an invalid length.
[  473.829251][T11256] FAULT_INJECTION: forcing a failure.
[  473.829251][T11256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.870733][T11256] CPU: 1 PID: 11256 Comm: syz.1.1770 Not tainted syzkaller #0
[  473.878279][T11256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  473.888540][T11256] Call Trace:
[  473.891852][T11256]  <TASK>
[  473.894925][T11256]  dump_stack_lvl+0x18c/0x250
[  473.899691][T11256]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  473.906009][T11256]  ? show_regs_print_info+0x20/0x20
[  473.911647][T11256]  ? load_image+0x400/0x400
[  473.916516][T11256]  should_fail_ex+0x39d/0x4d0
[  473.921466][T11256]  _copy_from_user+0x2f/0xe0
[  473.926188][T11256]  ___sys_sendmsg+0x1c7/0x360
[  473.931005][T11256]  ? __sys_sendmsg+0x2a0/0x2a0
[  473.935899][T11256]  ? perf_trace_preemptirq_template+0xac/0x330
[  473.942385][T11256]  __se_sys_sendmsg+0x1c2/0x2b0
[  473.947255][T11256]  ? __x64_sys_sendmsg+0x80/0x80
[  473.952301][T11256]  ? syscall_enter_from_user_mode+0x2e/0x80
[  473.958467][T11256]  do_syscall_64+0x55/0xa0
[  473.962987][T11256]  ? clear_bhb_loop+0x40/0x90
[  473.967675][T11256]  ? clear_bhb_loop+0x40/0x90
[  473.972377][T11256]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  473.978802][T11256] RIP: 0033:0x7f3f38b9bf79
[  473.983423][T11256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  474.003213][T11256] RSP: 002b:00007f3f39a57028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  474.011751][T11256] RAX: ffffffffffffffda RBX: 00007f3f38e16090 RCX: 00007f3f38b9bf79
[  474.019748][T11256] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  474.027835][T11256] RBP: 00007f3f39a57090 R08: 0000000000000000 R09: 0000000000000000
[  474.035820][T11256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.044327][T11256] R13: 00007f3f38e16128 R14: 00007f3f38e16090 R15: 00007ffc571e3f88
[  474.052508][T11256]  </TASK>
[  474.368307][T11267] netlink: 'syz.2.1772': attribute type 10 has an invalid length.
[  475.176437][T11284] tap0: tun_chr_ioctl cmd 1074025676
[  475.285814][T11284] tap0: owner set to 778
[  476.776858][T11299] FAULT_INJECTION: forcing a failure.
[  476.776858][T11299] name failslab, interval 1, probability 0, space 0, times 0
[  476.790555][T11299] CPU: 0 PID: 11299 Comm: syz.1.1787 Not tainted syzkaller #0
[  476.798696][T11299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  476.809141][T11299] Call Trace:
[  476.812452][T11299]  <TASK>
[  476.815410][T11299]  dump_stack_lvl+0x18c/0x250
[  476.820217][T11299]  ? show_regs_print_info+0x20/0x20
[  476.825798][T11299]  ? load_image+0x400/0x400
[  476.830333][T11299]  ? stack_trace_save+0xaa/0x100
[  476.835299][T11299]  ? verify_lock_unused+0x140/0x140
[  476.840965][T11299]  should_fail_ex+0x39d/0x4d0
[  476.845718][T11299]  should_failslab+0x9/0x20
[  476.850278][T11299]  slab_pre_alloc_hook+0x59/0x310
[  476.855351][T11299]  ? tipc_setsockopt+0x73f/0x990
[  476.860322][T11299]  ? do_sock_setsockopt+0x175/0x1a0
[  476.865901][T11299]  ? __x64_sys_setsockopt+0x182/0x200
[  476.871490][T11299]  ? tipc_nametbl_insert_publ+0x64/0x1310
[  476.877425][T11299]  __kmem_cache_alloc_node+0x53/0x250
[  476.883008][T11299]  ? tipc_nametbl_insert_publ+0x64/0x1310
[  476.889108][T11299]  kmalloc_trace+0x2a/0xe0
[  476.894004][T11299]  tipc_nametbl_insert_publ+0x64/0x1310
[  476.899758][T11299]  ? do_raw_spin_lock+0x11f/0x2c0
[  476.904904][T11299]  ? __rwlock_init+0x150/0x150
[  476.909785][T11299]  ? tipc_net+0x45/0x270
[  476.914232][T11299]  ? tipc_nametbl_publish+0x77/0x1e0
[  476.919636][T11299]  tipc_nametbl_publish+0xc7/0x1e0
[  476.925055][T11299]  tipc_sk_publish+0x1c8/0x450
[  476.929851][T11299]  ? tipc_nametbl_build_group+0x2e/0x4d0
[  476.935627][T11299]  ? __lock_acquire+0x7d40/0x7d40
[  476.940787][T11299]  ? tipc_sk_withdraw+0x640/0x640
[  476.946185][T11299]  ? tipc_nametbl_build_group+0x2e/0x4d0
[  476.951935][T11299]  ? tipc_nametbl_build_group+0x488/0x4d0
[  476.957687][T11299]  ? tipc_nametbl_build_group+0x2e/0x4d0
[  476.963354][T11299]  tipc_sk_join+0x3a8/0x6a0
[  476.967884][T11299]  ? lockdep_hardirqs_on+0x98/0x150
[  476.973130][T11299]  ? __local_bh_enable_ip+0x13a/0x1c0
[  476.978530][T11299]  ? __tipc_sendstream+0x1270/0x1270
[  476.983942][T11299]  tipc_setsockopt+0x73f/0x990
[  476.988842][T11299]  ? tipc_shutdown+0x4d0/0x4d0
[  476.993726][T11299]  ? __fget_files+0x28/0x4b0
[  476.998354][T11299]  ? __fget_files+0x28/0x4b0
[  477.003154][T11299]  ? aa_sock_opt_perm+0x74/0x100
[  477.008217][T11299]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  477.014071][T11299]  ? security_socket_setsockopt+0x7e/0xa0
[  477.019950][T11299]  ? tipc_shutdown+0x4d0/0x4d0
[  477.025048][T11299]  do_sock_setsockopt+0x175/0x1a0
[  477.030278][T11299]  ? __fdget+0x180/0x210
[  477.034954][T11299]  __x64_sys_setsockopt+0x182/0x200
[  477.040283][T11299]  do_syscall_64+0x55/0xa0
[  477.044825][T11299]  ? clear_bhb_loop+0x40/0x90
[  477.049580][T11299]  ? clear_bhb_loop+0x40/0x90
[  477.054544][T11299]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  477.060725][T11299] RIP: 0033:0x7f3f38b9bf79
[  477.065179][T11299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  477.085183][T11299] RSP: 002b:00007f3f39a78028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  477.093989][T11299] RAX: ffffffffffffffda RBX: 00007f3f38e15fa0 RCX: 00007f3f38b9bf79
[  477.102098][T11299] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000006
[  477.110286][T11299] RBP: 00007f3f39a78090 R08: 0000000000000043 R09: 0000000000000000
[  477.118372][T11299] R10: 00002000000008c0 R11: 0000000000000246 R12: 0000000000000001
[  477.126628][T11299] R13: 00007f3f38e16038 R14: 00007f3f38e15fa0 R15: 00007ffc571e3f88
[  477.134647][T11299]  </TASK>
[  477.207157][T11302] netlink: 'syz.2.1786': attribute type 10 has an invalid length.
[  477.982123][T11324] FAULT_INJECTION: forcing a failure.
[  477.982123][T11324] name failslab, interval 1, probability 0, space 0, times 0
[  477.995686][T11324] CPU: 0 PID: 11324 Comm: syz.3.1796 Not tainted syzkaller #0
[  478.003373][T11324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  478.013470][T11324] Call Trace:
[  478.016876][T11324]  <TASK>
[  478.019833][T11324]  dump_stack_lvl+0x18c/0x250
[  478.024556][T11324]  ? show_regs_print_info+0x20/0x20
[  478.029948][T11324]  ? load_image+0x400/0x400
[  478.034479][T11324]  should_fail_ex+0x39d/0x4d0
[  478.039280][T11324]  should_failslab+0x9/0x20
[  478.043886][T11324]  slab_pre_alloc_hook+0x59/0x310
[  478.049107][T11324]  kmem_cache_alloc+0x5a/0x2d0
[  478.054058][T11324]  ? skb_clone+0x1eb/0x370
[  478.058493][T11324]  skb_clone+0x1eb/0x370
[  478.062774][T11324]  __netlink_deliver_tap+0x41c/0x830
[  478.068180][T11324]  ? netlink_deliver_tap+0x2e/0x1b0
[  478.073480][T11324]  netlink_deliver_tap+0x19c/0x1b0
[  478.078971][T11324]  netlink_dump+0x94b/0xe50
[  478.083753][T11324]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  478.090006][T11324]  ? netlink_lookup+0x200/0x200
[  478.094977][T11324]  ? slab_free_freelist_hook+0x130/0x1a0
[  478.100720][T11324]  ? netlink_recvmsg+0x5e7/0xe60
[  478.105778][T11324]  ? kmem_cache_free+0xf8/0x270
[  478.110693][T11324]  netlink_recvmsg+0x693/0xe60
[  478.115514][T11324]  ? netlink_sendmsg+0xbf0/0xbf0
[  478.120481][T11324]  ? aa_af_perm+0x330/0x330
[  478.125013][T11324]  ? __lock_acquire+0x1273/0x7d40
[  478.130063][T11324]  ? verify_lock_unused+0x140/0x140
[  478.135289][T11324]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  478.140939][T11324]  ? security_socket_recvmsg+0x89/0xb0
[  478.146527][T11324]  ? netlink_sendmsg+0xbf0/0xbf0
[  478.151488][T11324]  ____sys_recvmsg+0x2ce/0x5e0
[  478.156287][T11324]  ? __sys_recvmsg_sock+0x50/0x50
[  478.161336][T11324]  ? import_iovec+0x73/0xa0
[  478.165978][T11324]  ___sys_recvmsg+0x216/0x590
[  478.170708][T11324]  ? __sys_recvmsg+0x2a0/0x2a0
[  478.175542][T11324]  ? ksys_write+0x1c4/0x260
[  478.180073][T11324]  ? __fget_files+0x43d/0x4b0
[  478.184791][T11324]  __x64_sys_recvmsg+0x20c/0x2e0
[  478.189926][T11324]  ? ___sys_recvmsg+0x590/0x590
[  478.195073][T11324]  ? lockdep_hardirqs_on+0x98/0x150
[  478.200379][T11324]  do_syscall_64+0x55/0xa0
[  478.205002][T11324]  ? clear_bhb_loop+0x40/0x90
[  478.209704][T11324]  ? clear_bhb_loop+0x40/0x90
[  478.214598][T11324]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  478.220501][T11324] RIP: 0033:0x7ff5e679bf79
[  478.225019][T11324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  478.244917][T11324] RSP: 002b:00007ff5e75ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  478.253352][T11324] RAX: ffffffffffffffda RBX: 00007ff5e6a15fa0 RCX: 00007ff5e679bf79
[  478.261431][T11324] RDX: 0000000000000100 RSI: 0000200000000080 RDI: 0000000000000003
[  478.269565][T11324] RBP: 00007ff5e75ce090 R08: 0000000000000000 R09: 0000000000000000
[  478.277808][T11324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  478.286153][T11324] R13: 00007ff5e6a16038 R14: 00007ff5e6a15fa0 R15: 00007fff648def88
[  478.294161][T11324]  </TASK>
[  478.334087][T11325] netlink: 'syz.2.1794': attribute type 10 has an invalid length.
[  479.263533][T11347] netlink: 'syz.2.1802': attribute type 10 has an invalid length.
[  479.415458][T11340] tap0: tun_chr_ioctl cmd 1074025676
[  479.441836][T11340] tap0: owner set to 778
[  480.458044][T11373] FAULT_INJECTION: forcing a failure.
[  480.458044][T11373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.477647][T11373] CPU: 0 PID: 11373 Comm: syz.2.1808 Not tainted syzkaller #0
[  480.485186][T11373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  480.495279][T11373] Call Trace:
[  480.498669][T11373]  <TASK>
[  480.501630][T11373]  dump_stack_lvl+0x18c/0x250
[  480.506357][T11373]  ? show_regs_print_info+0x20/0x20
[  480.511591][T11373]  ? load_image+0x400/0x400
[  480.516212][T11373]  ? __lock_acquire+0x7d40/0x7d40
[  480.521516][T11373]  ? snprintf+0xe9/0x140
[  480.525876][T11373]  should_fail_ex+0x39d/0x4d0
[  480.531132][T11373]  _copy_to_user+0x2f/0xa0
[  480.535878][T11373]  simple_read_from_buffer+0xe7/0x150
[  480.541311][T11373]  proc_fail_nth_read+0x1e8/0x260
[  480.546642][T11373]  ? proc_fault_inject_write+0x360/0x360
[  480.552331][T11373]  ? fsnotify_perm+0x271/0x5e0
[  480.557244][T11373]  ? proc_fault_inject_write+0x360/0x360
[  480.562934][T11373]  vfs_read+0x28b/0x970
[  480.567154][T11373]  ? kernel_read+0x1e0/0x1e0
[  480.572053][T11373]  ? __fget_files+0x28/0x4b0
[  480.576710][T11373]  ? __fget_files+0x28/0x4b0
[  480.581341][T11373]  ? __fget_files+0x43d/0x4b0
[  480.586067][T11373]  ? __fdget_pos+0x2a3/0x330
[  480.590690][T11373]  ? ksys_read+0x75/0x260
[  480.595056][T11373]  ksys_read+0x150/0x260
[  480.599341][T11373]  ? vfs_write+0x990/0x990
[  480.603789][T11373]  ? lockdep_hardirqs_on+0x98/0x150
[  480.609306][T11373]  do_syscall_64+0x55/0xa0
[  480.613758][T11373]  ? clear_bhb_loop+0x40/0x90
[  480.618722][T11373]  ? clear_bhb_loop+0x40/0x90
[  480.623672][T11373]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.629763][T11373] RIP: 0033:0x7f4cf5f5c84e
[  480.634294][T11373] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  480.654023][T11373] RSP: 002b:00007f4cf6e42fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  480.662649][T11373] RAX: ffffffffffffffda RBX: 00007f4cf6e436c0 RCX: 00007f4cf5f5c84e
[  480.670918][T11373] RDX: 000000000000000f RSI: 00007f4cf6e430a0 RDI: 0000000000000005
[  480.679094][T11373] RBP: 00007f4cf6e43090 R08: 0000000000000000 R09: 0000000000000000
[  480.687092][T11373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.695182][T11373] R13: 00007f4cf6216128 R14: 00007f4cf6216090 R15: 00007ffcce2fc6d8
[  480.703375][T11373]  </TASK>
[  481.162136][T11385] netlink: 'syz.2.1815': attribute type 10 has an invalid length.
[  482.552953][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.562693][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.572155][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.581823][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.591565][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.601127][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.604663][T11421] netlink: 'syz.2.1827': attribute type 10 has an invalid length.
[  482.610518][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.628242][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.637634][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  482.647152][T11420] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  483.577570][T11437] FAULT_INJECTION: forcing a failure.
[  483.577570][T11437] name failslab, interval 1, probability 0, space 0, times 0
[  483.611753][T11437] CPU: 1 PID: 11437 Comm: syz.3.1830 Not tainted syzkaller #0
[  483.619245][T11434] netlink: 'syz.0.1837': attribute type 10 has an invalid length.
[  483.619620][T11437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  483.619636][T11437] Call Trace:
[  483.619645][T11437]  <TASK>
[  483.619654][T11437]  dump_stack_lvl+0x18c/0x250
[  483.619691][T11437]  ? show_regs_print_info+0x20/0x20
[  483.619718][T11437]  ? load_image+0x400/0x400
[  483.619743][T11437]  ? __might_sleep+0xe0/0xe0
[  483.619768][T11437]  ? __lock_acquire+0x7d40/0x7d40
[  483.619796][T11437]  should_fail_ex+0x39d/0x4d0
[  483.619828][T11437]  should_failslab+0x9/0x20
[  483.619852][T11437]  slab_pre_alloc_hook+0x59/0x310
[  483.619882][T11437]  ? __xdp_reg_mem_model+0x1e4/0x5c0
[  483.619909][T11437]  __kmem_cache_alloc_node+0x53/0x250
[  483.619934][T11437]  ? __asan_memset+0x22/0x40
[  483.619960][T11437]  ? __xdp_reg_mem_model+0x1e4/0x5c0
[  483.619985][T11437]  kmalloc_trace+0x2a/0xe0
[  483.620012][T11437]  __xdp_reg_mem_model+0x1e4/0x5c0
[  483.620044][T11437]  ? kvmalloc_node+0x70/0x180
[  483.620070][T11437]  ? kvmalloc_node+0x70/0x180
[  483.620093][T11437]  ? xdp_reg_mem_model+0x40/0x40
[  483.620128][T11437]  xdp_reg_mem_model+0x22/0x40
[  483.620152][T11437]  bpf_test_run_xdp_live+0x262/0x1b20
[  483.620183][T11437]  ? 0xffffffffa0004740
[  483.620201][T11437]  ? 0xffffffffa0004740
[  483.620218][T11437]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[  483.620239][T11437]  ? 0xffffffffa0004740
[  483.620261][T11437]  ? xdp_convert_md_to_buff+0x330/0x330
[  483.620339][T11437]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  483.620366][T11437]  ? _copy_from_user+0xa5/0xe0
[  483.775796][T11437]  ? bpf_test_init+0x119/0x140
[  483.780931][T11437]  ? xdp_convert_md_to_buff+0x5b/0x330
[  483.786662][T11437]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[  483.792231][T11437]  ? dev_put+0x80/0x80
[  483.796665][T11437]  ? dev_put+0x80/0x80
[  483.800744][T11437]  bpf_prog_test_run+0x321/0x390
[  483.805699][T11437]  __sys_bpf+0x49d/0x890
[  483.810132][T11437]  ? bpf_link_show_fdinfo+0x390/0x390
[  483.815618][T11437]  ? lock_chain_count+0x20/0x20
[  483.820668][T11437]  __x64_sys_bpf+0x7c/0x90
[  483.825198][T11437]  do_syscall_64+0x55/0xa0
[  483.829887][T11437]  ? clear_bhb_loop+0x40/0x90
[  483.834572][T11437]  ? clear_bhb_loop+0x40/0x90
[  483.839434][T11437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  483.845689][T11437] RIP: 0033:0x7ff5e679bf79
[  483.850119][T11437] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  483.870451][T11437] RSP: 002b:00007ff5e75ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  483.879180][T11437] RAX: ffffffffffffffda RBX: 00007ff5e6a15fa0 RCX: 00007ff5e679bf79
[  483.887701][T11437] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  483.895704][T11437] RBP: 00007ff5e75ce090 R08: 0000000000000000 R09: 0000000000000000
[  483.903690][T11437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.911951][T11437] R13: 00007ff5e6a16038 R14: 00007ff5e6a15fa0 R15: 00007fff648def88
[  483.919945][T11437]  </TASK>
[  488.002959][T11545] net_ratelimit: 6648 callbacks suppressed
[  488.002979][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.018246][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.027677][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.037115][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.046613][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.055915][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.065430][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.074936][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.084496][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.093957][T11545] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  488.235764][T11556] FAULT_INJECTION: forcing a failure.
[  488.235764][T11556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.264550][T11556] CPU: 0 PID: 11556 Comm: syz.0.1866 Not tainted syzkaller #0
[  488.272687][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  488.282783][T11556] Call Trace:
[  488.286078][T11556]  <TASK>
[  488.289217][T11556]  dump_stack_lvl+0x18c/0x250
[  488.294006][T11556]  ? show_regs_print_info+0x20/0x20
[  488.299323][T11556]  ? load_image+0x400/0x400
[  488.303846][T11556]  ? __might_fault+0xaa/0x120
[  488.308536][T11556]  ? __lock_acquire+0x7d40/0x7d40
[  488.313826][T11556]  should_fail_ex+0x39d/0x4d0
[  488.318533][T11556]  _copy_from_user+0x2f/0xe0
[  488.323448][T11556]  ___sys_sendmsg+0x1c7/0x360
[  488.328152][T11556]  ? get_pid_task+0x20/0x1e0
[  488.332753][T11556]  ? __sys_sendmsg+0x2a0/0x2a0
[  488.337715][T11556]  ? __lock_acquire+0x7d40/0x7d40
[  488.342852][T11556]  __se_sys_sendmsg+0x1c2/0x2b0
[  488.348070][T11556]  ? __x64_sys_sendmsg+0x80/0x80
[  488.353068][T11556]  ? lockdep_hardirqs_on+0x98/0x150
[  488.358447][T11556]  do_syscall_64+0x55/0xa0
[  488.362960][T11556]  ? clear_bhb_loop+0x40/0x90
[  488.367744][T11556]  ? clear_bhb_loop+0x40/0x90
[  488.372542][T11556]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  488.378632][T11556] RIP: 0033:0x7fb03f39bf79
[  488.383070][T11556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  488.403399][T11556] RSP: 002b:00007fb0401c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  488.412173][T11556] RAX: ffffffffffffffda RBX: 00007fb03f615fa0 RCX: 00007fb03f39bf79
[  488.420154][T11556] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000004
[  488.428498][T11556] RBP: 00007fb0401c5090 R08: 0000000000000000 R09: 0000000000000000
[  488.436577][T11556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.444568][T11556] R13: 00007fb03f616038 R14: 00007fb03f615fa0 R15: 00007ffeea378f88
[  488.452579][T11556]  </TASK>
[  490.876909][T11609] netlink: 'syz.3.1886': attribute type 21 has an invalid length.
[  490.885098][T11609] netlink: 'syz.3.1886': attribute type 1 has an invalid length.
[  490.893282][T11609] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1886'.
[  492.161948][T11633] netlink: 'syz.0.1896': attribute type 21 has an invalid length.
[  492.190818][T11633] netlink: 'syz.0.1896': attribute type 1 has an invalid length.
[  492.218776][T11633] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1896'.
[  494.133261][T11683] netlink: 'syz.0.1915': attribute type 10 has an invalid length.
[  495.455758][T11709] netlink: 'syz.1.1926': attribute type 10 has an invalid length.
[  497.618109][T11736] netlink: 'syz.3.1938': attribute type 10 has an invalid length.
[  500.348279][T11774] netlink: 'syz.2.1950': attribute type 1 has an invalid length.
[  500.444214][T11774] netlink: 'syz.2.1950': attribute type 3 has an invalid length.
[  500.471656][T11774] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1950'.
[  502.023595][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  502.030073][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  503.735571][T11832] netlink: 'syz.3.1971': attribute type 11 has an invalid length.
[  503.768192][T11832] netlink: 'syz.3.1971': attribute type 21 has an invalid length.
[  503.799488][T11832] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1971'.
[  503.842744][T11836] netlink: 'syz.2.1972': attribute type 21 has an invalid length.
[  503.858605][T11836] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.1972'.
[  504.129490][T11846] FAULT_INJECTION: forcing a failure.
[  504.129490][T11846] name failslab, interval 1, probability 0, space 0, times 0
[  504.175252][T11846] CPU: 0 PID: 11846 Comm: syz.0.1978 Not tainted syzkaller #0
[  504.183065][T11846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  504.193160][T11846] Call Trace:
[  504.196487][T11846]  <TASK>
[  504.199483][T11846]  dump_stack_lvl+0x18c/0x250
[  504.204217][T11846]  ? show_regs_print_info+0x20/0x20
[  504.209520][T11846]  ? load_image+0x400/0x400
[  504.214182][T11846]  ? __might_sleep+0xe0/0xe0
[  504.218820][T11846]  ? __lock_acquire+0x7d40/0x7d40
[  504.223977][T11846]  should_fail_ex+0x39d/0x4d0
[  504.228699][T11846]  should_failslab+0x9/0x20
[  504.233246][T11846]  slab_pre_alloc_hook+0x59/0x310
[  504.238425][T11846]  ? kasan_set_track+0x5f/0x70
[  504.243239][T11846]  kmem_cache_alloc_node+0x60/0x320
[  504.248653][T11846]  ? genl_rcv+0x28/0x40
[  504.253018][T11846]  ? __alloc_skb+0x103/0x2c0
[  504.257783][T11846]  __alloc_skb+0x103/0x2c0
[  504.262241][T11846]  netlink_dump+0x1ec/0xe50
[  504.267051][T11846]  ? netlink_lookup+0x200/0x200
[  504.271962][T11846]  ? __asan_memset+0x22/0x40
[  504.276601][T11846]  ? genl_start+0x493/0x6b0
[  504.281261][T11846]  __netlink_dump_start+0x5f1/0x810
[  504.286603][T11846]  genl_family_rcv_msg_dumpit+0x214/0x310
[  504.292458][T11846]  ? genl_rcv_msg+0x7a0/0x7a0
[  504.297168][T11846]  ? genl_get_cmd+0x7f1/0x920
[  504.301981][T11846]  ? genl_family_rcv_msg_doit+0x310/0x310
[  504.307831][T11846]  ? genl_start+0x6b0/0x6b0
[  504.312458][T11846]  ? genl_dumpit+0x1a0/0x1a0
[  504.317617][T11846]  genl_rcv_msg+0x5e5/0x7a0
[  504.322253][T11846]  ? genl_bind+0x360/0x360
[  504.326702][T11846]  ? macsec_netdev_is_offloaded+0x60/0x60
[  504.332466][T11846]  ? ref_tracker_free+0x690/0x840
[  504.337534][T11846]  netlink_rcv_skb+0x241/0x4d0
[  504.342335][T11846]  ? genl_bind+0x360/0x360
[  504.346876][T11846]  ? netlink_ack+0x1180/0x1180
[  504.351854][T11846]  ? __lock_acquire+0x7d40/0x7d40
[  504.356916][T11846]  ? down_read+0x1ac/0x2e0
[  504.361559][T11846]  genl_rcv+0x28/0x40
[  504.365573][T11846]  netlink_unicast+0x751/0x8d0
[  504.370642][T11846]  netlink_sendmsg+0x8d0/0xbf0
[  504.375533][T11846]  ? netlink_getsockopt+0x590/0x590
[  504.380938][T11846]  ? aa_sock_msg_perm+0x94/0x150
[  504.386217][T11846]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  504.391617][T11846]  ? security_socket_sendmsg+0x80/0xa0
[  504.397276][T11846]  ? netlink_getsockopt+0x590/0x590
[  504.402513][T11846]  ____sys_sendmsg+0x5ba/0x960
[  504.407314][T11846]  ? __asan_memset+0x22/0x40
[  504.411943][T11846]  ? __sys_sendmsg_sock+0x30/0x30
[  504.417077][T11846]  ? __import_iovec+0x5f2/0x850
[  504.422056][T11846]  ? import_iovec+0x73/0xa0
[  504.426602][T11846]  ___sys_sendmsg+0x2a6/0x360
[  504.431395][T11846]  ? get_pid_task+0x20/0x1e0
[  504.436030][T11846]  ? __sys_sendmsg+0x2a0/0x2a0
[  504.440945][T11846]  ? __lock_acquire+0x7d40/0x7d40
[  504.446111][T11846]  __se_sys_sendmsg+0x1c2/0x2b0
[  504.451177][T11846]  ? __x64_sys_sendmsg+0x80/0x80
[  504.456243][T11846]  ? lockdep_hardirqs_on+0x98/0x150
[  504.461524][T11846]  do_syscall_64+0x55/0xa0
[  504.466007][T11846]  ? clear_bhb_loop+0x40/0x90
[  504.470708][T11846]  ? clear_bhb_loop+0x40/0x90
[  504.475427][T11846]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.481433][T11846] RIP: 0033:0x7fb03f39bf79
[  504.485875][T11846] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.506028][T11846] RSP: 002b:00007fb0401c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.514747][T11846] RAX: ffffffffffffffda RBX: 00007fb03f615fa0 RCX: 00007fb03f39bf79
[  504.522746][T11846] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000003
[  504.530869][T11846] RBP: 00007fb0401c5090 R08: 0000000000000000 R09: 0000000000000000
[  504.538956][T11846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.547037][T11846] R13: 00007fb03f616038 R14: 00007fb03f615fa0 R15: 00007ffeea378f88
[  504.555492][T11846]  </TASK>
[  509.030545][T11938] netlink: 'syz.0.2007': attribute type 10 has an invalid length.
[  509.576562][T11950] netlink: 'syz.2.2010': attribute type 10 has an invalid length.
[  509.624603][T11950] macvlan0: entered allmulticast mode
[  509.648019][T11950] veth1_vlan: entered allmulticast mode
[  509.685846][T11948] FAULT_INJECTION: forcing a failure.
[  509.685846][T11948] name failslab, interval 1, probability 0, space 0, times 0
[  509.688192][T11950] team0: Port device macvlan0 added
[  509.745446][T11948] CPU: 1 PID: 11948 Comm: syz.2.2010 Not tainted syzkaller #0
[  509.753099][T11948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  509.763213][T11948] Call Trace:
[  509.766547][T11948]  <TASK>
[  509.769522][T11948]  dump_stack_lvl+0x18c/0x250
[  509.774309][T11948]  ? show_regs_print_info+0x20/0x20
[  509.779750][T11948]  ? load_image+0x400/0x400
[  509.784673][T11948]  ? __might_sleep+0xe0/0xe0
[  509.789602][T11948]  ? __lock_acquire+0x7d40/0x7d40
[  509.794975][T11948]  should_fail_ex+0x39d/0x4d0
[  509.799926][T11948]  should_failslab+0x9/0x20
[  509.804524][T11948]  slab_pre_alloc_hook+0x59/0x310
[  509.809893][T11948]  ? __get_vm_area_node+0x125/0x370
[  509.815179][T11948]  __kmem_cache_alloc_node+0x53/0x250
[  509.821341][T11948]  ? __get_vm_area_node+0x125/0x370
[  509.826698][T11948]  kmalloc_node_trace+0x26/0xe0
[  509.831636][T11948]  __get_vm_area_node+0x125/0x370
[  509.836937][T11948]  __vmalloc_node_range+0x36e/0x1330
[  509.842395][T11948]  ? netlink_sendmsg+0x602/0xbf0
[  509.847377][T11948]  ? netlink_insert+0x109f/0x13a0
[  509.852461][T11948]  ? netlink_data_ready+0x10/0x10
[  509.857633][T11948]  ? free_vm_area+0x50/0x50
[  509.862268][T11948]  ? netlink_sendmsg+0x602/0xbf0
[  509.867248][T11948]  vmalloc+0x79/0x90
[  509.871181][T11948]  ? netlink_sendmsg+0x602/0xbf0
[  509.876338][T11948]  netlink_sendmsg+0x602/0xbf0
[  509.881231][T11948]  ? netlink_getsockopt+0x590/0x590
[  509.886462][T11948]  ? aa_sock_msg_perm+0x94/0x150
[  509.891436][T11948]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  509.897003][T11948]  ? security_socket_sendmsg+0x80/0xa0
[  509.902592][T11948]  ? netlink_getsockopt+0x590/0x590
[  509.907938][T11948]  ____sys_sendmsg+0x5ba/0x960
[  509.913224][T11948]  ? __asan_memset+0x22/0x40
[  509.918025][T11948]  ? __sys_sendmsg_sock+0x30/0x30
[  509.923063][T11948]  ? __import_iovec+0x3fa/0x850
[  509.927951][T11948]  ? import_iovec+0x73/0xa0
[  509.932582][T11948]  ___sys_sendmsg+0x2a6/0x360
[  509.937455][T11948]  ? get_pid_task+0x20/0x1e0
[  509.942259][T11948]  ? __sys_sendmsg+0x2a0/0x2a0
[  509.947074][T11948]  ? __lock_acquire+0x7d40/0x7d40
[  509.952337][T11948]  __se_sys_sendmsg+0x1c2/0x2b0
[  509.957737][T11948]  ? __x64_sys_sendmsg+0x80/0x80
[  509.962808][T11948]  ? lockdep_hardirqs_on+0x98/0x150
[  509.968210][T11948]  do_syscall_64+0x55/0xa0
[  509.972657][T11948]  ? clear_bhb_loop+0x40/0x90
[  509.977353][T11948]  ? clear_bhb_loop+0x40/0x90
[  509.982155][T11948]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  509.988244][T11948] RIP: 0033:0x7f4cf5f9bf79
[  509.992682][T11948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.012510][T11948] RSP: 002b:00007f4cf6e64028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.020958][T11948] RAX: ffffffffffffffda RBX: 00007f4cf6215fa0 RCX: 00007f4cf5f9bf79
[  510.029299][T11948] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000b
[  510.037415][T11948] RBP: 00007f4cf6e64090 R08: 0000000000000000 R09: 0000000000000000
[  510.045691][T11948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.053685][T11948] R13: 00007f4cf6216038 R14: 00007f4cf6215fa0 R15: 00007ffcce2fc6d8
[  510.061793][T11948]  </TASK>
[  510.073182][T11948] syz.2.2010: vmalloc error: size 65088, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  510.098119][T11948] CPU: 0 PID: 11948 Comm: syz.2.2010 Not tainted syzkaller #0
[  510.106110][T11948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  510.116417][T11948] Call Trace:
[  510.119839][T11948]  <TASK>
[  510.122998][T11948]  dump_stack_lvl+0x18c/0x250
[  510.127762][T11948]  ? show_regs_print_info+0x20/0x20
[  510.133292][T11948]  ? load_image+0x400/0x400
[  510.137968][T11948]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  510.144640][T11948]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  510.151227][T11948]  warn_alloc+0x246/0x340
[  510.155721][T11948]  ? __get_vm_area_node+0x125/0x370
[  510.161473][T11948]  ? zone_watermark_ok_safe+0x230/0x230
[  510.167213][T11948]  ? rcu_is_watching+0x15/0xb0
[  510.172135][T11948]  ? __get_vm_area_node+0x356/0x370
[  510.177387][T11948]  __vmalloc_node_range+0x393/0x1330
[  510.182707][T11948]  ? netlink_insert+0x109f/0x13a0
[  510.187788][T11948]  ? netlink_data_ready+0x10/0x10
[  510.192865][T11948]  ? free_vm_area+0x50/0x50
[  510.197414][T11948]  ? netlink_sendmsg+0x602/0xbf0
[  510.202558][T11948]  vmalloc+0x79/0x90
[  510.206565][T11948]  ? netlink_sendmsg+0x602/0xbf0
[  510.211523][T11948]  netlink_sendmsg+0x602/0xbf0
[  510.216427][T11948]  ? netlink_getsockopt+0x590/0x590
[  510.221744][T11948]  ? aa_sock_msg_perm+0x94/0x150
[  510.226746][T11948]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  510.232079][T11948]  ? security_socket_sendmsg+0x80/0xa0
[  510.237573][T11948]  ? netlink_getsockopt+0x590/0x590
[  510.242815][T11948]  ____sys_sendmsg+0x5ba/0x960
[  510.247617][T11948]  ? __asan_memset+0x22/0x40
[  510.252239][T11948]  ? __sys_sendmsg_sock+0x30/0x30
[  510.257291][T11948]  ? __import_iovec+0x3fa/0x850
[  510.262278][T11948]  ? import_iovec+0x73/0xa0
[  510.266949][T11948]  ___sys_sendmsg+0x2a6/0x360
[  510.271782][T11948]  ? get_pid_task+0x20/0x1e0
[  510.276503][T11948]  ? __sys_sendmsg+0x2a0/0x2a0
[  510.281364][T11948]  ? __lock_acquire+0x7d40/0x7d40
[  510.286634][T11948]  __se_sys_sendmsg+0x1c2/0x2b0
[  510.291630][T11948]  ? __x64_sys_sendmsg+0x80/0x80
[  510.296669][T11948]  ? lockdep_hardirqs_on+0x98/0x150
[  510.301921][T11948]  do_syscall_64+0x55/0xa0
[  510.306401][T11948]  ? clear_bhb_loop+0x40/0x90
[  510.311195][T11948]  ? clear_bhb_loop+0x40/0x90
[  510.316002][T11948]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  510.322007][T11948] RIP: 0033:0x7f4cf5f9bf79
[  510.326976][T11948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.346867][T11948] RSP: 002b:00007f4cf6e64028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.355481][T11948] RAX: ffffffffffffffda RBX: 00007f4cf6215fa0 RCX: 00007f4cf5f9bf79
[  510.363833][T11948] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000b
[  510.372000][T11948] RBP: 00007f4cf6e64090 R08: 0000000000000000 R09: 0000000000000000
[  510.380376][T11948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.388716][T11948] R13: 00007f4cf6216038 R14: 00007f4cf6215fa0 R15: 00007ffcce2fc6d8
[  510.396758][T11948]  </TASK>
[  510.404573][T11948] Mem-Info:
[  510.407874][T11948] active_anon:16172 inactive_anon:0 isolated_anon:0
[  510.407874][T11948]  active_file:16645 inactive_file:40093 isolated_file:0
[  510.407874][T11948]  unevictable:768 dirty:211 writeback:0
[  510.407874][T11948]  slab_reclaimable:10257 slab_unreclaimable:90532
[  510.407874][T11948]  mapped:34482 shmem:12084 pagetables:567
[  510.407874][T11948]  sec_pagetables:0 bounce:0
[  510.407874][T11948]  kernel_misc_reclaimable:0
[  510.407874][T11948]  free:1341380 free_pcp:11342 free_cma:0
[  510.463307][T11948] Node 0 active_anon:67968kB inactive_anon:0kB active_file:66580kB inactive_file:160168kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137976kB dirty:840kB writeback:0kB shmem:50048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11248kB pagetables:2352kB sec_pagetables:0kB all_unreclaimable? no
[  510.497207][T11948] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  510.529938][T11948] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  510.559076][T11948] lowmem_reserve[]: 0 2521 2522 2522 2522
[  510.565404][T11948] Node 0 DMA32 free:1449160kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:72532kB inactive_anon:0kB active_file:66580kB inactive_file:159340kB unevictable:1536kB writepending:840kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:25924kB local_pcp:12172kB free_cma:0kB
[  510.597563][T11948] lowmem_reserve[]: 0 0 0 0 0
[  510.602449][T11948] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  510.629578][T11948] lowmem_reserve[]: 0 0 0 0 0
[  510.634543][T11948] Node 1 Normal free:3893444kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19424kB local_pcp:6880kB free_cma:0kB
[  510.665177][T11948] lowmem_reserve[]: 0 0 0 0 0
[  510.669992][T11948] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  510.703242][T11948] Node 0 DMA32: 620*4kB (UE) 79*8kB (UME) 73*16kB (UME) 1526*32kB (UE) 456*64kB (UME) 127*128kB (UME) 60*256kB (UM) 38*512kB (UME) 6*1024kB (UM) 2*2048kB (ME) 318*4096kB (UM) = 1446136kB
[  510.736661][T11948] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  510.760129][T11948] Node 1 Normal: 275*4kB (UM) 61*8kB (UME) 51*16kB (UME) 181*32kB (UME) 31*64kB (UE) 10*128kB (UME) 0*256kB 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 946*4096kB (M) = 3893444kB
[  510.798474][T11948] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  510.819790][T11948] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  510.840233][T11948] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  510.860738][T11948] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  510.876340][T11948] 72509 total pagecache pages
[  510.881558][T11948] 0 pages in swap cache
[  510.885940][T11948] Free swap  = 124996kB
[  510.890225][T11948] Total swap = 124996kB
[  510.894989][T11948] 2097051 pages RAM
[  510.911848][T11948] 0 pages HighMem/MovableOnly
[  510.916873][T11948] 416922 pages reserved
[  510.931513][T11948] 0 pages cma reserved
[  511.132675][T11964] netlink: 'syz.0.2015': attribute type 12 has an invalid length.
[  511.141331][T11964] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2015'.
[  514.706314][T12040] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.2037'.
[  515.156945][T12046] netlink: 'syz.2.2042': attribute type 33 has an invalid length.
[  515.169515][T12046] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2042'.
[  515.186787][T12046] `: renamed from team0 (while UP)
[  516.726093][T12091] netlink: 'syz.2.2054': attribute type 10 has an invalid length.
[  516.944608][T12101] netlink: 'syz.3.2057': attribute type 33 has an invalid length.
[  516.956662][T12101] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2057'.
[  516.967186][T12101] `: renamed from team0 (while UP)
[  518.828699][T12131] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2067'.
[  519.838755][T12161] netlink: 'syz.1.2075': attribute type 33 has an invalid length.
[  519.851023][T12161] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2075'.
[  519.864907][T12161] `: renamed from team0 (while UP)
[  521.851488][T12207] netlink: 'syz.0.2086': attribute type 10 has an invalid length.
[  522.200508][T12219] netlink: 'syz.0.2091': attribute type 33 has an invalid length.
[  522.224412][T12219] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2091'.
[  522.235400][T12219] `: renamed from team0 (while UP)
[  523.832179][T12258] netlink: 'syz.0.2102': attribute type 10 has an invalid length.
[  523.997727][T12266] FAULT_INJECTION: forcing a failure.
[  523.997727][T12266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.025993][T12266] CPU: 1 PID: 12266 Comm: syz.0.2104 Not tainted syzkaller #0
[  524.033987][T12266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  524.044169][T12266] Call Trace:
[  524.047483][T12266]  <TASK>
[  524.050460][T12266]  dump_stack_lvl+0x18c/0x250
[  524.055200][T12266]  ? show_regs_print_info+0x20/0x20
[  524.060530][T12266]  ? load_image+0x400/0x400
[  524.065175][T12266]  ? __lock_acquire+0x7d40/0x7d40
[  524.070339][T12266]  ? snprintf+0xe9/0x140
[  524.074632][T12266]  should_fail_ex+0x39d/0x4d0
[  524.079375][T12266]  _copy_to_user+0x2f/0xa0
[  524.083848][T12266]  simple_read_from_buffer+0xe7/0x150
[  524.089281][T12266]  proc_fail_nth_read+0x1e8/0x260
[  524.094366][T12266]  ? proc_fault_inject_write+0x360/0x360
[  524.100050][T12266]  ? fsnotify_perm+0x271/0x5e0
[  524.104935][T12266]  ? proc_fault_inject_write+0x360/0x360
[  524.110858][T12266]  vfs_read+0x28b/0x970
[  524.115090][T12266]  ? kernel_read+0x1e0/0x1e0
[  524.119748][T12266]  ? __fget_files+0x28/0x4b0
[  524.124667][T12266]  ? __fget_files+0x28/0x4b0
[  524.129306][T12266]  ? __fget_files+0x43d/0x4b0
[  524.134049][T12266]  ? __fdget_pos+0x2a3/0x330
[  524.138784][T12266]  ? ksys_read+0x75/0x260
[  524.143160][T12266]  ksys_read+0x150/0x260
[  524.147538][T12266]  ? vfs_write+0x990/0x990
[  524.152028][T12266]  ? lockdep_hardirqs_on+0x98/0x150
[  524.157521][T12266]  do_syscall_64+0x55/0xa0
[  524.162077][T12266]  ? clear_bhb_loop+0x40/0x90
[  524.166795][T12266]  ? clear_bhb_loop+0x40/0x90
[  524.171864][T12266]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  524.177981][T12266] RIP: 0033:0x7fb03f35c84e
[  524.182697][T12266] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  524.202528][T12266] RSP: 002b:00007fb0401c4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  524.210964][T12266] RAX: ffffffffffffffda RBX: 00007fb0401c56c0 RCX: 00007fb03f35c84e
[  524.219114][T12266] RDX: 000000000000000f RSI: 00007fb0401c50a0 RDI: 0000000000000016
[  524.227087][T12266] RBP: 00007fb0401c5090 R08: 0000000000000000 R09: 0000000000000000
[  524.235236][T12266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.243295][T12266] R13: 00007fb03f616038 R14: 00007fb03f615fa0 R15: 00007ffeea378f88
[  524.251479][T12266]  </TASK>
[  524.350814][T12272] netlink: 'syz.3.2106': attribute type 3 has an invalid length.
[  524.359079][T12272] netlink: 'syz.3.2106': attribute type 16 has an invalid length.
[  524.370596][T12272] netlink: 'syz.3.2106': attribute type 18 has an invalid length.
[  524.382640][T12272] netlink: 'syz.3.2106': attribute type 20 has an invalid length.
[  524.390694][T12272] netlink: 'syz.3.2106': attribute type 25 has an invalid length.
[  525.445948][T12303] netlink: 'syz.2.2113': attribute type 10 has an invalid length.
[  527.323360][T12359] syzkaller0: entered promiscuous mode
[  527.351529][T12359] syzkaller0: entered allmulticast mode
[  527.717529][T12352] netlink: 'syz.2.2128': attribute type 10 has an invalid length.
[  528.352571][T12378] netlink: 'syz.3.2136': attribute type 10 has an invalid length.
[  529.779499][T12418] netlink: 'syz.0.2149': attribute type 21 has an invalid length.
[  530.763006][T12457] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.2163'.
[  531.504769][T12466] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2166'.
[  533.001526][T12498] FAULT_INJECTION: forcing a failure.
[  533.001526][T12498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  533.018867][T12498] CPU: 0 PID: 12498 Comm: syz.2.2177 Not tainted syzkaller #0
[  533.026757][T12498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  533.037187][T12498] Call Trace:
[  533.040608][T12498]  <TASK>
[  533.043667][T12498]  dump_stack_lvl+0x18c/0x250
[  533.048592][T12498]  ? show_regs_print_info+0x20/0x20
[  533.053933][T12498]  ? load_image+0x400/0x400
[  533.058491][T12498]  ? __might_fault+0xaa/0x120
[  533.063403][T12498]  ? __lock_acquire+0x7d40/0x7d40
[  533.068580][T12498]  should_fail_ex+0x39d/0x4d0
[  533.073469][T12498]  _copy_from_user+0x2f/0xe0
[  533.078286][T12498]  ___sys_sendmsg+0x1c7/0x360
[  533.083449][T12498]  ? get_pid_task+0x20/0x1e0
[  533.088181][T12498]  ? __sys_sendmsg+0x2a0/0x2a0
[  533.093194][T12498]  ? __lock_acquire+0x7d40/0x7d40
[  533.098404][T12498]  __se_sys_sendmsg+0x1c2/0x2b0
[  533.103564][T12498]  ? __x64_sys_sendmsg+0x80/0x80
[  533.108581][T12498]  ? lockdep_hardirqs_on+0x98/0x150
[  533.113916][T12498]  do_syscall_64+0x55/0xa0
[  533.118459][T12498]  ? clear_bhb_loop+0x40/0x90
[  533.123260][T12498]  ? clear_bhb_loop+0x40/0x90
[  533.128079][T12498]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  533.134108][T12498] RIP: 0033:0x7f4cf5f9bf79
[  533.138572][T12498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  533.158310][T12498] RSP: 002b:00007f4cf6e64028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  533.166866][T12498] RAX: ffffffffffffffda RBX: 00007f4cf6215fa0 RCX: 00007f4cf5f9bf79
[  533.174876][T12498] RDX: 0000000024048800 RSI: 0000200000000100 RDI: 0000000000000007
[  533.182971][T12498] RBP: 00007f4cf6e64090 R08: 0000000000000000 R09: 0000000000000000
[  533.191459][T12498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  533.199786][T12498] R13: 00007f4cf6216038 R14: 00007f4cf6215fa0 R15: 00007ffcce2fc6d8
[  533.208030][T12498]  </TASK>
[  533.364143][T12498] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2177'.
[  534.048873][T12527] netlink: 'syz.2.2185': attribute type 10 has an invalid length.
[  534.408811][T12535] netlink: 'syz.2.2188': attribute type 10 has an invalid length.
[  535.509669][T12575] netlink: 'syz.2.2199': attribute type 10 has an invalid length.
[  537.001021][T12610] netlink: 'syz.3.2211': attribute type 10 has an invalid length.
[  538.324253][T12636] netlink: 'syz.1.2219': attribute type 10 has an invalid length.
[  543.520467][ T5785] Bluetooth: hci2: unexpected event 0x10 length: 15 > 1
[  543.522626][ T5788] Bluetooth: hci2: hardware error 0x00
[  545.309502][T12793] syzkaller0: entered promiscuous mode
[  545.316329][T12793] syzkaller0: entered allmulticast mode
[  545.654567][ T5788] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  546.867158][T12831] syzkaller0: entered promiscuous mode
[  546.879095][T12831] syzkaller0: entered allmulticast mode
[  546.900782][T12833] FAULT_INJECTION: forcing a failure.
[  546.900782][T12833] name failslab, interval 1, probability 0, space 0, times 0
[  546.914323][T12833] CPU: 0 PID: 12833 Comm: syz.3.2276 Not tainted syzkaller #0
[  546.922119][T12833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  546.932402][T12833] Call Trace:
[  546.935900][T12833]  <TASK>
[  546.938874][T12833]  dump_stack_lvl+0x18c/0x250
[  546.943697][T12833]  ? show_regs_print_info+0x20/0x20
[  546.949182][T12833]  ? load_image+0x400/0x400
[  546.953832][T12833]  ? mod_objcg_state+0x511/0x8a0
[  546.958875][T12833]  ? lockdep_hardirqs_on+0x98/0x150
[  546.964184][T12833]  should_fail_ex+0x39d/0x4d0
[  546.968896][T12833]  should_failslab+0x9/0x20
[  546.973514][T12833]  slab_pre_alloc_hook+0x59/0x310
[  546.978658][T12833]  kmem_cache_alloc+0x5a/0x2d0
[  546.983536][T12833]  ? fib6_add_1+0x714/0x1450
[  546.988243][T12833]  fib6_add_1+0x714/0x1450
[  546.992793][T12833]  ? fib6_add+0x3b8/0x46e0
[  546.997335][T12833]  fib6_add+0x5b9/0x46e0
[  547.001889][T12833]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  547.008627][T12833]  ? fib6_update_sernum_stub+0x1e0/0x1e0
[  547.014289][T12833]  ? do_raw_spin_lock+0x11f/0x2c0
[  547.019437][T12833]  ? __rwlock_init+0x150/0x150
[  547.024344][T12833]  ? ip6_route_add+0x75/0x160
[  547.029083][T12833]  ip6_route_add+0x8a/0x160
[  547.033803][T12833]  ipv6_route_ioctl+0x3b4/0x500
[  547.038802][T12833]  ? rt6_purge_dflt_routers+0xb20/0xb20
[  547.044400][T12833]  ? __might_fault+0xaa/0x120
[  547.049187][T12833]  ? __might_fault+0xc6/0x120
[  547.053880][T12833]  ? __might_fault+0xaa/0x120
[  547.058784][T12833]  inet6_ioctl+0x247/0x2d0
[  547.063220][T12833]  ? inet6_getname+0x650/0x650
[  547.068098][T12833]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  547.073600][T12833]  sock_do_ioctl+0xfc/0x310
[  547.078133][T12833]  ? sock_show_fdinfo+0xb0/0xb0
[  547.083037][T12833]  sock_ioctl+0x5ba/0x7e0
[  547.087390][T12833]  ? sock_poll+0x3e0/0x3e0
[  547.092126][T12833]  ? bpf_lsm_file_ioctl+0x9/0x10
[  547.097101][T12833]  ? security_file_ioctl+0x80/0xa0
[  547.102233][T12833]  ? sock_poll+0x3e0/0x3e0
[  547.106934][T12833]  __se_sys_ioctl+0xfd/0x170
[  547.111781][T12833]  do_syscall_64+0x55/0xa0
[  547.116240][T12833]  ? clear_bhb_loop+0x40/0x90
[  547.121053][T12833]  ? clear_bhb_loop+0x40/0x90
[  547.125787][T12833]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  547.131802][T12833] RIP: 0033:0x7ff5e679bf79
[  547.136243][T12833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  547.155961][T12833] RSP: 002b:00007ff5e75ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  547.164401][T12833] RAX: ffffffffffffffda RBX: 00007ff5e6a15fa0 RCX: 00007ff5e679bf79
[  547.172475][T12833] RDX: 0000200000000000 RSI: 000000000000890b RDI: 0000000000000003
[  547.180582][T12833] RBP: 00007ff5e75ce090 R08: 0000000000000000 R09: 0000000000000000
[  547.188905][T12833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.197070][T12833] R13: 00007ff5e6a16038 R14: 00007ff5e6a15fa0 R15: 00007fff648def88
[  547.205174][T12833]  </TASK>
[  548.563335][T12858] netlink: 'syz.1.2293': attribute type 10 has an invalid length.
[  548.709809][T12858] ` (unregistering): Port device team_slave_0 removed
[  548.851860][T12858] ` (unregistering): Port device team_slave_1 removed
[  549.083878][T12867] netlink: 'syz.0.2288': attribute type 10 has an invalid length.
[  549.599089][T12878] syzkaller0: entered promiscuous mode
[  549.626962][T12878] syzkaller0: entered allmulticast mode
[  550.815719][T12898] netlink: 'syz.2.2301': attribute type 10 has an invalid length.
[  550.934334][T12898] ` (unregistering): Port device team_slave_0 removed
[  550.954124][T12898] ` (unregistering): Port device team_slave_1 removed
[  550.966971][T12898] veth1_vlan: left allmulticast mode
[  550.984717][T12898] ` (unregistering): Port device macvlan0 removed
[  551.293770][T12910] FAULT_INJECTION: forcing a failure.
[  551.293770][T12910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  551.310687][T12910] CPU: 1 PID: 12910 Comm: syz.0.2305 Not tainted syzkaller #0
[  551.318459][T12910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  551.328762][T12910] Call Trace:
[  551.332097][T12910]  <TASK>
[  551.335069][T12910]  dump_stack_lvl+0x18c/0x250
[  551.339805][T12910]  ? show_regs_print_info+0x20/0x20
[  551.345079][T12910]  ? load_image+0x400/0x400
[  551.349635][T12910]  ? __might_fault+0xaa/0x120
[  551.354358][T12910]  ? __lock_acquire+0x7d40/0x7d40
[  551.359728][T12910]  should_fail_ex+0x39d/0x4d0
[  551.364683][T12910]  _copy_from_user+0x2f/0xe0
[  551.369324][T12910]  ___sys_sendmsg+0x1c7/0x360
[  551.374045][T12910]  ? get_pid_task+0x20/0x1e0
[  551.378887][T12910]  ? __sys_sendmsg+0x2a0/0x2a0
[  551.383962][T12910]  ? __lock_acquire+0x7d40/0x7d40
[  551.389312][T12910]  __se_sys_sendmsg+0x1c2/0x2b0
[  551.394245][T12910]  ? __x64_sys_sendmsg+0x80/0x80
[  551.399287][T12910]  ? lockdep_hardirqs_on+0x98/0x150
[  551.404580][T12910]  do_syscall_64+0x55/0xa0
[  551.409068][T12910]  ? clear_bhb_loop+0x40/0x90
[  551.413806][T12910]  ? clear_bhb_loop+0x40/0x90
[  551.418561][T12910]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  551.424514][T12910] RIP: 0033:0x7fb03f39bf79
[  551.428972][T12910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  551.448994][T12910] RSP: 002b:00007fb0401c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  551.457649][T12910] RAX: ffffffffffffffda RBX: 00007fb03f615fa0 RCX: 00007fb03f39bf79
[  551.465782][T12910] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000008
[  551.474056][T12910] RBP: 00007fb0401c5090 R08: 0000000000000000 R09: 0000000000000000
[  551.482196][T12910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  551.490321][T12910] R13: 00007fb03f616038 R14: 00007fb03f615fa0 R15: 00007ffeea378f88
[  551.498385][T12910]  </TASK>
[  552.523895][T12928] netlink: 'syz.3.2311': attribute type 10 has an invalid length.
[  552.993293][T12939] netlink: 'syz.3.2315': attribute type 10 has an invalid length.
[  553.049176][T12939] ` (unregistering): Port device team_slave_0 removed
[  553.068287][T12939] ` (unregistering): Port device team_slave_1 removed
[  556.019594][T12998] FAULT_INJECTION: forcing a failure.
[  556.019594][T12998] name failslab, interval 1, probability 0, space 0, times 0
[  556.052705][T12998] CPU: 1 PID: 12998 Comm: syz.1.2334 Not tainted syzkaller #0
[  556.060327][T12998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  556.070529][T12998] Call Trace:
[  556.073849][T12998]  <TASK>
[  556.077069][T12998]  dump_stack_lvl+0x18c/0x250
[  556.081822][T12998]  ? show_regs_print_info+0x20/0x20
[  556.087066][T12998]  ? load_image+0x400/0x400
[  556.091608][T12998]  ? __might_sleep+0xe0/0xe0
[  556.096585][T12998]  ? __lock_acquire+0x7d40/0x7d40
[  556.101770][T12998]  should_fail_ex+0x39d/0x4d0
[  556.106588][T12998]  should_failslab+0x9/0x20
[  556.111139][T12998]  slab_pre_alloc_hook+0x59/0x310
[  556.116390][T12998]  ? kvmalloc_node+0x70/0x180
[  556.121198][T12998]  ? kvmalloc_node+0x70/0x180
[  556.125911][T12998]  __kmem_cache_alloc_node+0x53/0x250
[  556.131326][T12998]  ? kvmalloc_node+0x70/0x180
[  556.136238][T12998]  __kmalloc_node+0xa4/0x230
[  556.140955][T12998]  kvmalloc_node+0x70/0x180
[  556.145490][T12998]  page_pool_create+0x1eb/0x5c0
[  556.150544][T12998]  __veth_napi_enable_range+0x195/0x700
[  556.156141][T12998]  ? __skb_frag_ref+0x1c0/0x1c0
[  556.161153][T12998]  ? netif_napi_add_weight+0xa22/0xdf0
[  556.166744][T12998]  veth_napi_enable_range+0xd0/0x150
[  556.172160][T12998]  veth_set_features+0x1c8/0x2a0
[  556.177137][T12998]  __netdev_update_features+0x9cb/0x18e0
[  556.183003][T12998]  ? dev_xdp_attach+0x1030/0x1030
[  556.188083][T12998]  ? __might_fault+0xaa/0x120
[  556.192791][T12998]  ? __lock_acquire+0x7d40/0x7d40
[  556.198029][T12998]  ? aa_get_newest_label+0xfd/0x5c0
[  556.203261][T12998]  ? __might_fault+0xaa/0x120
[  556.207964][T12998]  ? __might_fault+0xc6/0x120
[  556.212752][T12998]  ? __might_fault+0xaa/0x120
[  556.217483][T12998]  ethtool_set_one_feature+0x2a8/0x2f0
[  556.223063][T12998]  ? apparmor_capable+0x137/0x1a0
[  556.228116][T12998]  ? ethtool_get_one_feature+0x280/0x280
[  556.233784][T12998]  ? security_capable+0x89/0xb0
[  556.238934][T12998]  dev_ethtool+0xfd7/0x18d0
[  556.243586][T12998]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  556.249965][T12998]  ? __lock_acquire+0x7d40/0x7d40
[  556.255039][T12998]  ? __might_fault+0xaa/0x120
[  556.259759][T12998]  ? full_name_hash+0x92/0xe0
[  556.264480][T12998]  ? dev_load+0x21/0x1f0
[  556.268772][T12998]  dev_ioctl+0x392/0x1140
[  556.273317][T12998]  sock_do_ioctl+0x239/0x310
[  556.278296][T12998]  ? sock_show_fdinfo+0xb0/0xb0
[  556.283282][T12998]  sock_ioctl+0x5ba/0x7e0
[  556.287743][T12998]  ? sock_poll+0x3e0/0x3e0
[  556.292208][T12998]  ? bpf_lsm_file_ioctl+0x9/0x10
[  556.297172][T12998]  ? security_file_ioctl+0x80/0xa0
[  556.302321][T12998]  ? sock_poll+0x3e0/0x3e0
[  556.306825][T12998]  __se_sys_ioctl+0xfd/0x170
[  556.311456][T12998]  do_syscall_64+0x55/0xa0
[  556.315904][T12998]  ? clear_bhb_loop+0x40/0x90
[  556.320608][T12998]  ? clear_bhb_loop+0x40/0x90
[  556.325320][T12998]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  556.331353][T12998] RIP: 0033:0x7f3f38b9bf79
[  556.335825][T12998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  556.355594][T12998] RSP: 002b:00007f3f39a57028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  556.364221][T12998] RAX: ffffffffffffffda RBX: 00007f3f38e16090 RCX: 00007f3f38b9bf79
[  556.372466][T12998] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000002d
[  556.380477][T12998] RBP: 00007f3f39a57090 R08: 0000000000000000 R09: 0000000000000000
[  556.388484][T12998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.396851][T12998] R13: 00007f3f38e16128 R14: 00007f3f38e16090 R15: 00007ffc571e3f88
[  556.405141][T12998]  </TASK>
[  556.428167][T12998] page_pool_create() gave up with errno -12
[  556.469550][T12998] veth1_to_bond: set_features() failed (-12); wanted 0x000061164fdd59e9, left 0x000061164fdd19e9
[  556.506921][T13003] netlink: 'syz.2.2335': attribute type 10 has an invalid length.
[  556.706892][T13009] netlink: 209820 bytes leftover after parsing attributes in process `syz.0.2337'.
[  557.392362][T13025] syzkaller0: entered promiscuous mode
[  557.398383][T13025] syzkaller0: entered allmulticast mode
[  558.385519][T13043] netlink: 'syz.2.2347': attribute type 10 has an invalid length.
[  558.443642][T13043] bond0: (slave bond_slave_0): Releasing backup interface
[  558.463092][T13043] bond_slave_0: left promiscuous mode
[  558.662930][T13041] delete_channel: no stack
[  559.768789][ T5785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  559.778724][ T5785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  559.787893][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  559.797601][ T5785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  559.810936][ T5785] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  559.818968][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  560.046446][T13064] chnl_net:caif_netlink_parms(): no params data found
[  560.191834][T13064] bridge0: port 1(bridge_slave_0) entered blocking state
[  560.199770][T13064] bridge0: port 1(bridge_slave_0) entered disabled state
[  560.209099][T13064] bridge_slave_0: entered allmulticast mode
[  560.217513][T13064] bridge_slave_0: entered promiscuous mode
[  560.229313][T13064] bridge0: port 2(bridge_slave_1) entered blocking state
[  560.237337][T13064] bridge0: port 2(bridge_slave_1) entered disabled state
[  560.245352][T13064] bridge_slave_1: entered allmulticast mode
[  560.253151][T13064] bridge_slave_1: entered promiscuous mode
[  560.291788][T13064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  560.305949][T13064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  560.376195][T13064] team0: Port device team_slave_0 added
[  560.388006][T13064] team0: Port device team_slave_1 added
[  560.431151][T13064] batman_adv: batadv0: Adding interface: batadv_slave_0
[  560.445880][T13064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.486587][T13064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  560.508250][T13064] batman_adv: batadv0: Adding interface: batadv_slave_1
[  560.519902][T13064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.559046][T13064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  560.647769][T13064] hsr_slave_0: entered promiscuous mode
[  560.659750][T13064] hsr_slave_1: entered promiscuous mode
[  560.671069][T13064] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  560.685678][T13064] Cannot create hsr debugfs directory
[  560.897421][T13091] netlink: 'syz.2.2359': attribute type 10 has an invalid length.
[  561.028031][T13064] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.125103][T13064] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.242120][T13064] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.320985][T13064] bond0: (slave netdevsim0): Releasing backup interface
[  561.329432][T13064] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[  561.343097][T13064] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.548434][T13064] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  561.560603][T13064] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  561.573163][T13064] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  561.600056][T13064] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  561.773212][T13064] 8021q: adding VLAN 0 to HW filter on device bond0
[  561.845486][T13064] 8021q: adding VLAN 0 to HW filter on device team0
[  561.906733][ T5785] Bluetooth: hci3: command tx timeout
[  561.920038][ T2955] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.931698][ T2955] bridge0: port 1(bridge_slave_0) entered forwarding state
[  561.954726][T12244] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.964694][T12244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  562.712186][T13134] netlink: 'syz.0.2369': attribute type 10 has an invalid length.
[  562.791249][T13134] ` (unregistering): Port device team_slave_0 removed
[  562.803983][T13134] ` (unregistering): Port device team_slave_1 removed
[  562.867304][T13064] 8021q: adding VLAN 0 to HW filter on device batadv0
[  562.968117][T13064] veth0_vlan: entered promiscuous mode
[  562.986422][T13064] veth1_vlan: entered promiscuous mode
[  563.043001][T13064] veth0_macvtap: entered promiscuous mode
[  563.061163][T13064] veth1_macvtap: entered promiscuous mode
[  563.087210][T13064] batman_adv: batadv0: Interface activated: batadv_slave_0
[  563.104476][T13064] batman_adv: batadv0: Interface activated: batadv_slave_1
[  563.124938][T13064] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  563.151637][T13064] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  563.171895][T13064] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  563.186973][T13064] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  563.408508][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  563.420567][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  563.500874][ T3494] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  563.548843][ T3494] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  563.640333][ T8938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  563.650914][ T8938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  564.040912][ T5785] Bluetooth: hci3: command tx timeout
[  564.382709][T13173] netlink: 'syz.1.2376': attribute type 10 has an invalid length.
[  564.386132][T13170] netlink: 'syz.2.2377': attribute type 2 has an invalid length.
[  564.399185][T13170] netlink: 'syz.2.2377': attribute type 1 has an invalid length.
[  564.409492][T13170] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2377'.
[  564.426023][T13170] netlink: 'syz.2.2377': attribute type 27 has an invalid length.
[  564.445173][T13170] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2377'.
[  564.494310][T13173] team0 (unregistering): Port device team_slave_0 removed
[  564.553313][T13173] team0 (unregistering): Port device team_slave_1 removed
[  565.041115][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  565.053167][ T5788] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  565.079016][ T5788] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  565.088354][ T5788] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  565.098012][ T5788] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  565.106866][ T5788] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  565.334934][ T8938] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.426831][T13180] chnl_net:caif_netlink_parms(): no params data found
[  565.518431][T13180] bridge0: port 1(bridge_slave_0) entered blocking state
[  565.525961][T13180] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.533358][T13180] bridge_slave_0: entered allmulticast mode
[  565.541028][T13180] bridge_slave_0: entered promiscuous mode
[  565.551684][T13180] bridge0: port 2(bridge_slave_1) entered blocking state
[  565.558957][T13180] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.567640][T13180] bridge_slave_1: entered allmulticast mode
[  565.575314][T13180] bridge_slave_1: entered promiscuous mode
[  565.582430][T13187] netlink: 'syz.2.2380': attribute type 10 has an invalid length.
[  565.609023][ T8938] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.649047][T13180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  565.669395][T13180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  565.702426][ T8938] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.746110][T13180] team0: Port device team_slave_0 added
[  565.756663][T13180] team0: Port device team_slave_1 added
[  565.795649][ T8938] bond0: (slave netdevsim0): Releasing backup interface
[  565.804209][ T8938] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[  565.816092][ T8938] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.837998][T13180] batman_adv: batadv0: Adding interface: batadv_slave_0
[  565.845194][T13180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  565.874794][T13180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  565.889051][T13180] batman_adv: batadv0: Adding interface: batadv_slave_1
[  565.904833][T13180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  565.931890][T13180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  565.988124][T13180] hsr_slave_0: entered promiscuous mode
[  566.001168][T13180] hsr_slave_1: entered promiscuous mode
[  566.008139][T13180] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  566.016003][T13180] Cannot create hsr debugfs directory
[  566.062547][ T5788] Bluetooth: hci3: command tx timeout
[  566.661033][T13173] syz.1.2376 (13173) used greatest stack depth: 19848 bytes left
[  567.234517][ T5788] Bluetooth: hci2: command tx timeout
[  567.539868][T13180] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  567.603593][T13234] netlink: 'syz.1.2385': attribute type 10 has an invalid length.
[  567.630593][T13234] bond0: (slave bond_slave_0): Releasing backup interface
[  567.759879][T13180] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  567.794611][T13180] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  567.833869][T13228] delete_channel: no stack
[  567.918574][ T8938] hsr_slave_0: left promiscuous mode
[  567.930559][ T8938] hsr_slave_1: left promiscuous mode
[  567.997643][ T8938] veth0_macvtap: left promiscuous mode
[  568.004521][ T8938] veth1_vlan: left promiscuous mode
[  568.013943][ T8938] veth0_vlan: left promiscuous mode
[  568.141987][ T5788] Bluetooth: hci3: command tx timeout
[  569.264341][ T5788] Bluetooth: hci2: command tx timeout
[  569.292595][ T8938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  569.302284][ T8938] bond_slave_1 (unregistering): left promiscuous mode
[  569.350051][ T8938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  569.360984][ T8938] bond_slave_0 (unregistering): left promiscuous mode
[  569.665575][ T8938] bond0 (unregistering): Released all slaves
[  569.703718][T13180] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  569.719386][T13248] netlink: 'syz.0.2389': attribute type 10 has an invalid length.
[  570.056935][T13180] 8021q: adding VLAN 0 to HW filter on device bond0
[  570.107750][T13180] 8021q: adding VLAN 0 to HW filter on device team0
[  570.139183][T12244] bridge0: port 1(bridge_slave_0) entered blocking state
[  570.146790][T12244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  570.196416][T12244] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.203685][T12244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  571.080644][T13297] netlink: 'syz.0.2398': attribute type 10 has an invalid length.
[  571.320682][T13297] bond0: (slave bond_slave_0): Releasing backup interface
[  571.343202][ T5788] Bluetooth: hci2: command tx timeout
[  571.353230][T13297] bond_slave_0: left promiscuous mode
[  571.525781][T13292] delete_channel: no stack
[  571.569578][T13180] 8021q: adding VLAN 0 to HW filter on device batadv0
[  571.649405][T13180] veth0_vlan: entered promiscuous mode
[  571.711957][T13180] veth1_vlan: entered promiscuous mode
[  571.822616][T13180] veth0_macvtap: entered promiscuous mode
[  571.838052][T13313] netlink: 'syz.2.2402': attribute type 10 has an invalid length.
[  571.850490][T13180] veth1_macvtap: entered promiscuous mode
[  571.873052][T13180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  571.884563][T13180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.896673][T13180] batman_adv: batadv0: Interface activated: batadv_slave_0
[  571.937801][T13180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.961399][T13180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.993492][T13180] batman_adv: batadv0: Interface activated: batadv_slave_1
[  572.016269][T13180] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  572.028669][T13180] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  572.039008][T13180] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  572.048437][T13180] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.235296][ T8938] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  572.275462][ T8938] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  572.338048][T13329] FAULT_INJECTION: forcing a failure.
[  572.338048][T13329] name failslab, interval 1, probability 0, space 0, times 0
[  572.355491][ T8938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  572.355518][ T8938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  572.385384][T13329] CPU: 1 PID: 13329 Comm: syz.1.2404 Not tainted syzkaller #0
[  572.393264][T13329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  572.403884][T13329] Call Trace:
[  572.407272][T13329]  <TASK>
[  572.410493][T13329]  dump_stack_lvl+0x18c/0x250
[  572.415475][T13329]  ? show_regs_print_info+0x20/0x20
[  572.420827][T13329]  ? load_image+0x400/0x400
[  572.425688][T13329]  ? __might_sleep+0xe0/0xe0
[  572.430418][T13329]  ? __lock_acquire+0x7d40/0x7d40
[  572.435904][T13329]  should_fail_ex+0x39d/0x4d0
[  572.440876][T13329]  should_failslab+0x9/0x20
[  572.445820][T13329]  slab_pre_alloc_hook+0x59/0x310
[  572.451629][T13329]  ? __lock_acquire+0x7d40/0x7d40
[  572.456834][T13329]  ? dev_ethtool+0x129/0x18d0
[  572.461708][T13329]  __kmem_cache_alloc_node+0x53/0x250
[  572.467223][T13329]  ? __might_fault+0xaa/0x120
[  572.472058][T13329]  ? dev_ethtool+0x129/0x18d0
[  572.476861][T13329]  kmalloc_trace+0x2a/0xe0
[  572.481590][T13329]  dev_ethtool+0x129/0x18d0
[  572.486233][T13329]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  572.492834][T13329]  ? __lock_acquire+0x7d40/0x7d40
[  572.498044][T13329]  ? __might_fault+0xaa/0x120
[  572.503150][T13329]  ? full_name_hash+0x92/0xe0
[  572.507947][T13329]  ? dev_load+0x21/0x1f0
[  572.512382][T13329]  dev_ioctl+0x392/0x1140
[  572.516817][T13329]  sock_do_ioctl+0x239/0x310
[  572.521528][T13329]  ? sock_show_fdinfo+0xb0/0xb0
[  572.526643][T13329]  sock_ioctl+0x5ba/0x7e0
[  572.531061][T13329]  ? sock_poll+0x3e0/0x3e0
[  572.535710][T13329]  ? bpf_lsm_file_ioctl+0x9/0x10
[  572.540976][T13329]  ? security_file_ioctl+0x80/0xa0
[  572.546179][T13329]  ? sock_poll+0x3e0/0x3e0
[  572.550856][T13329]  __se_sys_ioctl+0xfd/0x170
[  572.555600][T13329]  do_syscall_64+0x55/0xa0
[  572.560085][T13329]  ? clear_bhb_loop+0x40/0x90
[  572.564965][T13329]  ? clear_bhb_loop+0x40/0x90
[  572.569807][T13329]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  572.575939][T13329] RIP: 0033:0x7fa658b9bf79
[  572.580612][T13329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  572.600628][T13329] RSP: 002b:00007fa659ab4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  572.609473][T13329] RAX: ffffffffffffffda RBX: 00007fa658e15fa0 RCX: 00007fa658b9bf79
[  572.617511][T13329] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000014
[  572.625568][T13329] RBP: 00007fa659ab4090 R08: 0000000000000000 R09: 0000000000000000
[  572.634048][T13329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  572.642173][T13329] R13: 00007fa658e16038 R14: 00007fa658e15fa0 R15: 00007ffc29f4ffc8
[  572.650475][T13329]  </TASK>
[  573.431943][ T5788] Bluetooth: hci2: command tx timeout
[  574.552368][T13357] netlink: 'syz.3.2411': attribute type 10 has an invalid length.
[  574.794027][ T5785] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  574.806280][ T5785] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  574.815817][ T5785] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  574.833804][ T5785] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  574.843641][ T5785] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  574.852926][ T5785] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  574.861177][T13357] team0 (unregistering): Port device team_slave_0 removed
[  574.902088][T13357] team0 (unregistering): Port device team_slave_1 removed
[  575.298063][   T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.604411][   T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.757950][   T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.866493][   T42] bond0: (slave netdevsim0): Releasing backup interface
[  575.874746][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[  575.888625][   T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.915021][T13362] chnl_net:caif_netlink_parms(): no params data found
[  576.133300][T13362] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.143660][T13362] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.155645][T13362] bridge_slave_0: entered allmulticast mode
[  576.163957][T13362] bridge_slave_0: entered promiscuous mode
[  576.196943][T13362] bridge0: port 2(bridge_slave_1) entered blocking state
[  576.211266][T13362] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.219198][T13362] bridge_slave_1: entered allmulticast mode
[  576.228434][T13362] bridge_slave_1: entered promiscuous mode
[  576.344640][T13362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  576.387995][T13362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  577.031619][ T5788] Bluetooth: hci0: command tx timeout
[  577.177726][T13362] team0: Port device team_slave_0 added
[  577.210556][T13362] team0: Port device team_slave_1 added
[  577.480383][T13362] batman_adv: batadv0: Adding interface: batadv_slave_0
[  577.491472][T13362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.560654][T13362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  577.634382][T13413] netlink: 'syz.1.2422': attribute type 10 has an invalid length.
[  577.759003][T13362] batman_adv: batadv0: Adding interface: batadv_slave_1
[  577.770508][T13362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.857469][T13362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  578.340119][T13362] hsr_slave_0: entered promiscuous mode
[  578.358587][T13362] hsr_slave_1: entered promiscuous mode
[  578.374550][T13362] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  578.388488][T13362] Cannot create hsr debugfs directory
[  579.042461][   T42] hsr_slave_0: left promiscuous mode
[  579.056468][   T42] hsr_slave_1: left promiscuous mode
[  579.101736][ T5788] Bluetooth: hci0: command tx timeout
[  579.110129][   T42] veth1_vlan: left promiscuous mode
[  579.127581][   T42] veth0_vlan: left promiscuous mode
[  580.661651][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  580.673161][   T42] bond_slave_1 (unregistering): left promiscuous mode
[  581.134767][   T42] bond0 (unregistering): Released all slaves
[  581.182177][ T5788] Bluetooth: hci0: command tx timeout
[  581.199848][T13463] netlink: 'syz.3.2432': attribute type 10 has an invalid length.
[  581.258117][T13481] netlink: 'syz.1.2438': attribute type 10 has an invalid length.
[  581.378553][T13481] 8021q: adding VLAN 0 to HW filter on device batadv0
[  581.408490][T13481] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  581.430528][T13482] bond0: entered promiscuous mode
[  581.436972][T13482] bond_slave_1: entered promiscuous mode
[  581.444501][T13482] batadv0: entered promiscuous mode
[  581.898564][T13362] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  581.912371][T13362] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  581.928565][T13362] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  581.944079][T13362] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  582.126700][T13362] 8021q: adding VLAN 0 to HW filter on device bond0
[  582.180254][T13362] 8021q: adding VLAN 0 to HW filter on device team0
[  582.213140][T12244] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.220431][T12244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.247056][ T2955] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.254630][ T2955] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.049538][T13362] 8021q: adding VLAN 0 to HW filter on device batadv0
[  583.140052][T13362] veth0_vlan: entered promiscuous mode
[  583.163246][T13362] veth1_vlan: entered promiscuous mode
[  583.262038][ T5788] Bluetooth: hci0: command tx timeout
[  583.276325][T13362] veth0_macvtap: entered promiscuous mode
[  583.297605][T13362] veth1_macvtap: entered promiscuous mode
[  583.344517][T13362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.388246][T13362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.429202][T13362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.468376][T13362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.500674][T13362] batman_adv: batadv0: Interface activated: batadv_slave_0
[  583.528961][T13362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.546637][T13362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.559856][T13362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.577374][T13362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.593586][T13362] batman_adv: batadv0: Interface activated: batadv_slave_1
[  583.662371][T13362] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  583.679623][T13362] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  583.690377][T13362] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  583.706677][T13362] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  583.936069][ T2955] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  583.971636][ T2955] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  584.293384][T12243] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  584.316561][T12243] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  586.310046][ T5785] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  586.319691][ T5785] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  586.330182][ T5785] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  586.343299][ T5785] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  586.348306][   T42] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.366617][ T5785] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  586.511225][ T5785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  586.699292][   T42] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.840735][   T42] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  587.197808][T13616] netlink: 'syz.2.2459': attribute type 10 has an invalid length.
[  587.244749][T13616] 8021q: adding VLAN 0 to HW filter on device batadv0
[  587.266565][T13616] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  587.308632][T13614] bond0: entered promiscuous mode
[  587.338386][T13614] bond_slave_0: entered promiscuous mode
[  587.360611][T13614] bond_slave_1: entered promiscuous mode
[  587.370265][T13614] batadv0: entered promiscuous mode
[  587.519556][   T42] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.136395][T13600] chnl_net:caif_netlink_parms(): no params data found
[  588.372392][T13600] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.380066][T13600] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.394525][T13600] bridge_slave_0: entered allmulticast mode
[  588.403773][T13600] bridge_slave_0: entered promiscuous mode
[  588.415699][T13600] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.427589][T13600] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.435532][T13600] bridge_slave_1: entered allmulticast mode
[  588.443432][T13600] bridge_slave_1: entered promiscuous mode
[  588.567425][T13600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  588.621957][ T5785] Bluetooth: hci1: command tx timeout
[  588.623379][T13600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  588.799973][T13600] team0: Port device team_slave_0 added
[  588.910802][T13600] team0: Port device team_slave_1 added
[  589.300507][T13600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  589.314810][T13600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.421482][T13600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  589.842927][T13600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  589.850242][T13600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.920852][T13600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  590.314796][T13600] hsr_slave_0: entered promiscuous mode
[  590.333835][T13600] hsr_slave_1: entered promiscuous mode
[  590.349568][T13600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  590.357728][T13600] Cannot create hsr debugfs directory
[  590.705015][ T5785] Bluetooth: hci1: command tx timeout
[  591.478981][   T42] hsr_slave_0: left promiscuous mode
[  591.533718][   T42] hsr_slave_1: left promiscuous mode
[  591.548409][   T42] bridge_slave_1: left allmulticast mode
[  591.567255][   T42] bridge_slave_1: left promiscuous mode
[  591.593423][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.616348][   T42] bridge_slave_0: left allmulticast mode
[  591.622950][   T42] bridge_slave_0: left promiscuous mode
[  591.628859][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.669470][   T42] veth1_macvtap: left promiscuous mode
[  591.689148][   T42] veth0_macvtap: left promiscuous mode
[  591.695569][   T42] veth1_vlan: left promiscuous mode
[  591.701031][   T42] veth0_vlan: left promiscuous mode
[  592.792410][ T5785] Bluetooth: hci1: command tx timeout
[  593.731781][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  593.740981][   T42] bond_slave_1 (unregistering): left promiscuous mode
[  594.124103][   T42] bond0 (unregistering): Released all slaves
[  594.239627][T13721] netlink: 'syz.3.2476': attribute type 10 has an invalid length.
[  594.271765][T13721] 8021q: adding VLAN 0 to HW filter on device batadv0
[  594.280798][T13721] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  594.307374][T13722] bond0: entered promiscuous mode
[  594.314983][T13722] bond_slave_0: entered promiscuous mode
[  594.320898][T13722] bond_slave_1: entered promiscuous mode
[  594.333080][T13722] batadv0: entered promiscuous mode
[  594.894989][ T5785] Bluetooth: hci1: command tx timeout
[  597.128125][T13600] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  597.171135][T13782] netlink: 'syz.2.2489': attribute type 10 has an invalid length.
[  597.674880][T13782] 8021q: adding VLAN 0 to HW filter on device team0
[  597.811584][T13782] team0: entered promiscuous mode
[  597.857135][T13782] team_slave_0: entered promiscuous mode
[  597.939833][T13782] team_slave_1: entered promiscuous mode
[  598.051043][T13782] bond0: (slave team0): Enslaving as an active interface with an up link
[  598.088013][T13600] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  598.110538][T13600] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  598.117973][T13782] syz.2.2489 (13782) used greatest stack depth: 19624 bytes left
[  598.133455][T13600] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  598.579629][T13600] 8021q: adding VLAN 0 to HW filter on device bond0
[  598.604841][T13600] 8021q: adding VLAN 0 to HW filter on device team0
[  598.692614][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.700030][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  598.783087][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.790505][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.106949][T13835] netlink: 'syz.1.2499': attribute type 10 has an invalid length.
[  600.120342][T13835] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2499'.
[  600.226854][T13835] 8021q: adding VLAN 0 to HW filter on device bond0
[  600.286701][T13835] bridge0: port 3(bond0) entered blocking state
[  600.328541][T13835] bridge0: port 3(bond0) entered disabled state
[  600.366162][T13835] bond0: entered allmulticast mode
[  600.440926][T13835] bond_slave_1: entered allmulticast mode
[  600.447237][T13835] batadv0: entered allmulticast mode
[  600.457343][T13835] bridge0: port 3(bond0) entered blocking state
[  600.463940][T13835] bridge0: port 3(bond0) entered forwarding state
[  600.516351][ T2955] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  600.526098][ T2955] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  600.635919][T13600] 8021q: adding VLAN 0 to HW filter on device batadv0
[  600.813047][T13850] netlink: 'syz.3.2502': attribute type 10 has an invalid length.
[  600.839708][T13600] veth0_vlan: entered promiscuous mode
[  600.894791][T13600] veth1_vlan: entered promiscuous mode
[  600.987088][T13600] veth0_macvtap: entered promiscuous mode
[  601.003533][T13600] veth1_macvtap: entered promiscuous mode
[  601.053124][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  601.081476][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.106229][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  601.128143][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.148943][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  601.170442][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.273870][T13600] batman_adv: batadv0: Interface activated: batadv_slave_0
[  601.329001][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  601.445029][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.465926][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  601.488415][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.563315][T13600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  601.599650][T13600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.653536][T13600] batman_adv: batadv0: Interface activated: batadv_slave_1
[  601.741098][T13871] bridge0: port 3(bond0) entered disabled state
[  601.775341][T13600] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  601.791719][T13600] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  601.800854][T13600] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  601.811260][T13600] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  602.091779][ T3494] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  602.099854][ T3494] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  602.604053][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  602.722994][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.720806][T13924] netlink: 'syz.3.2513': attribute type 10 has an invalid length.
[  604.749096][T13924] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2513'.
[  604.799052][T13924] 8021q: adding VLAN 0 to HW filter on device bond0
[  604.851017][T13924] bridge0: port 3(bond0) entered blocking state
[  604.883331][T13924] bridge0: port 3(bond0) entered disabled state
[  604.917936][T13924] bond0: entered allmulticast mode
[  604.929126][T13924] bond_slave_0: entered allmulticast mode
[  604.935348][T13924] bond_slave_1: entered allmulticast mode
[  604.941219][T13924] batadv0: entered allmulticast mode
[  604.950683][T13924] bridge0: port 3(bond0) entered blocking state
[  604.957154][T13924] bridge0: port 3(bond0) entered forwarding state
[  605.015852][ T1139] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  605.025756][ T1139] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  606.503666][T13956] netlink: 'syz.2.2519': attribute type 10 has an invalid length.
[  607.020705][T13956] bond0: (slave team0): Releasing backup interface
[  607.087899][T13956] team0 (unregistering): left promiscuous mode
[  607.113099][T13956] team_slave_0: left promiscuous mode
[  607.143644][T13956] team_slave_1: left promiscuous mode
[  607.432085][T13956] team0 (unregistering): Port device team_slave_0 removed
[  607.546753][T13956] team0 (unregistering): Port device team_slave_1 removed
[  608.222307][T13991] wg2: entered allmulticast mode
[  608.302482][T13991] wg2: entered promiscuous mode
[  608.419413][T13999] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2529'.
[  608.497195][T13999] netlink: 'syz.0.2529': attribute type 3 has an invalid length.
[  608.510599][T13999] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2529'.
[  608.987828][T14014] netlink: 'syz.3.2532': attribute type 10 has an invalid length.
[  609.003726][T14014] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2532'.
[  609.861665][T14023] bridge0: port 3(bond0) entered disabled state
[  610.203884][T14027] netlink: 'syz.0.2535': attribute type 10 has an invalid length.
[  610.515972][T14027] team0 (unregistering): Port device team_slave_0 removed
[  610.589442][T14027] team0 (unregistering): Port device team_slave_1 removed
[  610.790435][T14046] netlink: 'syz.1.2543': attribute type 10 has an invalid length.
[  610.809919][T14046] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2543'.
[  610.836199][T14046] bridge0: port 3(bond0) entered blocking state
[  610.842755][T14046] bridge0: port 3(bond0) entered forwarding state
[  610.861673][T14046] 8021q: adding VLAN 0 to HW filter on device bond0
[  612.209805][T14081] netlink: 'syz.1.2553': attribute type 10 has an invalid length.
[  612.806118][T14091] netlink: 'syz.0.2563': attribute type 10 has an invalid length.
[  612.910884][T14090] wg2: entered allmulticast mode
[  612.989020][T14090] wg2: entered promiscuous mode
[  614.175012][T14115] netlink: 'syz.2.2564': attribute type 10 has an invalid length.
[  614.188137][T14115] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2564'.
[  614.257709][T14115] 8021q: adding VLAN 0 to HW filter on device bond0
[  614.792619][T14115] bridge0: port 3(bond0) entered blocking state
[  614.986122][T14115] bridge0: port 3(bond0) entered disabled state
[  614.992820][T14115] bond0: entered allmulticast mode
[  614.997973][T14115] bond_slave_0: entered allmulticast mode
[  615.003950][T14115] bond_slave_1: entered allmulticast mode
[  615.009722][T14115] batadv0: entered allmulticast mode
[  615.030086][T14115] bridge0: port 3(bond0) entered blocking state
[  615.036537][T14115] bridge0: port 3(bond0) entered forwarding state
[  615.048567][T14119] bond0: entered promiscuous mode
[  615.053852][T14119] bond_slave_0: entered promiscuous mode
[  615.059873][T14119] bond_slave_1: entered promiscuous mode
[  615.418583][T12243] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  615.428343][T12243] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  615.524010][T14137] FAULT_INJECTION: forcing a failure.
[  615.524010][T14137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  615.539577][T14137] CPU: 0 PID: 14137 Comm: syz.0.2570 Not tainted syzkaller #0
[  615.547266][T14137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  615.558302][T14137] Call Trace:
[  615.561609][T14137]  <TASK>
[  615.564579][T14137]  dump_stack_lvl+0x18c/0x250
[  615.569414][T14137]  ? show_regs_print_info+0x20/0x20
[  615.574801][T14137]  ? load_image+0x400/0x400
[  615.579457][T14137]  ? __might_fault+0xaa/0x120
[  615.584176][T14137]  ? __lock_acquire+0x7d40/0x7d40
[  615.589245][T14137]  should_fail_ex+0x39d/0x4d0
[  615.593981][T14137]  _copy_from_user+0x2f/0xe0
[  615.598633][T14137]  ___sys_sendmsg+0x1c7/0x360
[  615.603344][T14137]  ? get_pid_task+0x20/0x1e0
[  615.608074][T14137]  ? __sys_sendmsg+0x2a0/0x2a0
[  615.612895][T14137]  ? __lock_acquire+0x7d40/0x7d40
[  615.618053][T14137]  __se_sys_sendmsg+0x1c2/0x2b0
[  615.623025][T14137]  ? __x64_sys_sendmsg+0x80/0x80
[  615.628002][T14137]  ? lockdep_hardirqs_on+0x98/0x150
[  615.633226][T14137]  do_syscall_64+0x55/0xa0
[  615.637673][T14137]  ? clear_bhb_loop+0x40/0x90
[  615.642366][T14137]  ? clear_bhb_loop+0x40/0x90
[  615.647142][T14137]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  615.653066][T14137] RIP: 0033:0x7fe9b019bf79
[  615.657508][T14137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  615.677240][T14137] RSP: 002b:00007fe9ae3f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  615.685681][T14137] RAX: ffffffffffffffda RBX: 00007fe9b0415fa0 RCX: 00007fe9b019bf79
[  615.693669][T14137] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  615.704397][T14137] RBP: 00007fe9ae3f6090 R08: 0000000000000000 R09: 0000000000000000
[  615.712563][T14137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  615.720607][T14137] R13: 00007fe9b0416038 R14: 00007fe9b0415fa0 R15: 00007fff978c1328
[  615.728650][T14137]  </TASK>
[  616.224547][T14149] netlink: 'syz.3.2574': attribute type 5 has an invalid length.
[  616.445384][T14156] netlink: 'syz.1.2575': attribute type 10 has an invalid length.
[  616.491437][T14156] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2575'.
[  616.575259][T14162] netlink: 'syz.0.2579': attribute type 30 has an invalid length.
[  616.799211][T14164] delete_channel: no stack
[  617.193963][T14183] FAULT_INJECTION: forcing a failure.
[  617.193963][T14183] name failslab, interval 1, probability 0, space 0, times 0
[  617.210185][T14183] CPU: 0 PID: 14183 Comm: syz.0.2588 Not tainted syzkaller #0
[  617.217829][T14183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  617.227912][T14183] Call Trace:
[  617.231207][T14183]  <TASK>
[  617.234165][T14183]  dump_stack_lvl+0x18c/0x250
[  617.238910][T14183]  ? show_regs_print_info+0x20/0x20
[  617.244163][T14183]  ? load_image+0x400/0x400
[  617.248789][T14183]  ? __might_sleep+0xe0/0xe0
[  617.253426][T14183]  ? __lock_acquire+0x7d40/0x7d40
[  617.258518][T14183]  should_fail_ex+0x39d/0x4d0
[  617.263479][T14183]  should_failslab+0x9/0x20
[  617.268001][T14183]  slab_pre_alloc_hook+0x59/0x310
[  617.273096][T14183]  kmem_cache_alloc_node+0x60/0x320
[  617.278435][T14183]  ? perf_event_alloc+0x15a/0x21b0
[  617.283783][T14183]  perf_event_alloc+0x15a/0x21b0
[  617.288781][T14183]  ? find_lively_task_by_vpid+0x19/0x290
[  617.294721][T14183]  ? find_lively_task_by_vpid+0x19/0x290
[  617.300499][T14183]  __se_sys_perf_event_open+0x740/0x1c50
[  617.306183][T14183]  ? __perf_sw_event+0x270/0x270
[  617.311141][T14183]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  617.316857][T14183]  ? lock_chain_count+0x20/0x20
[  617.321760][T14183]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  617.328074][T14183]  ? lockdep_hardirqs_on+0x98/0x150
[  617.333291][T14183]  ? __x64_sys_perf_event_open+0x20/0xc0
[  617.338970][T14183]  do_syscall_64+0x55/0xa0
[  617.343426][T14183]  ? clear_bhb_loop+0x40/0x90
[  617.348300][T14183]  ? clear_bhb_loop+0x40/0x90
[  617.353210][T14183]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  617.359266][T14183] RIP: 0033:0x7fe9b019bf79
[  617.363716][T14183] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  617.383423][T14183] RSP: 002b:00007fe9ae3f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  617.391924][T14183] RAX: ffffffffffffffda RBX: 00007fe9b0415fa0 RCX: 00007fe9b019bf79
[  617.400097][T14183] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  617.408356][T14183] RBP: 00007fe9ae3f6090 R08: 000000000000000a R09: 0000000000000000
[  617.416594][T14183] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  617.424714][T14183] R13: 00007fe9b0416038 R14: 00007fe9b0415fa0 R15: 00007fff978c1328
[  617.432868][T14183]  </TASK>
[  617.492118][T14182] delete_channel: no stack
[  617.982899][T14199] netlink: 'syz.3.2592': attribute type 10 has an invalid length.
[  618.089429][T14203] netlink: 'syz.0.2593': attribute type 10 has an invalid length.
[  618.101511][T14203] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2593'.
[  618.115457][T14203] 8021q: adding VLAN 0 to HW filter on device bond0
[  618.124247][T14203] bridge0: port 3(bond0) entered blocking state
[  618.132190][T14203] bridge0: port 3(bond0) entered disabled state
[  618.146126][T14203] bond0: entered allmulticast mode
[  618.153445][T14203] bond_slave_0: entered allmulticast mode
[  618.159431][T14203] bond_slave_1: entered allmulticast mode
[  618.174574][T14203] bridge0: port 3(bond0) entered blocking state
[  618.181142][T14203] bridge0: port 3(bond0) entered forwarding state
[  618.602265][T14201] delete_channel: no stack
[  619.165878][T14235] netlink: 'syz.2.2605': attribute type 10 has an invalid length.
[  619.598988][T14244] delete_channel: no stack
[  620.182197][T14270] bridge0: port 3(bond0) entered disabled state
[  620.335078][T14271] netlink: 'syz.3.2618': attribute type 10 has an invalid length.
[  620.504922][T14280] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2623'.
[  620.514856][T14281] netlink: 'syz.1.2624': attribute type 2 has an invalid length.
[  620.522789][T14281] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2624'.
[  622.176003][T14315] bridge0: port 3(bond0) entered disabled state
[  622.223663][T14321] netlink: 'syz.2.2635': attribute type 10 has an invalid length.
[  624.351440][T14336] netlink: 'syz.3.2641': attribute type 10 has an invalid length.
[  624.887977][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  624.896671][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  625.418827][T14367] netlink: 'syz.3.2650': attribute type 10 has an invalid length.
[  627.056517][T14413] netlink: 'syz.2.2666': attribute type 3 has an invalid length.
[  627.079844][T14413] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2666'.
[  629.951615][T14442] netlink: 'syz.0.2675': attribute type 10 has an invalid length.
[  630.717606][T14471] netlink: 'syz.0.2685': attribute type 2 has an invalid length.
[  630.796673][T14477] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2685'.
[  633.304953][T14548] netlink: 'syz.2.2713': attribute type 10 has an invalid length.
[  633.729585][T14564] bridge0: port 3(bond0) entered disabled state
[  639.217092][T14668] FAULT_INJECTION: forcing a failure.
[  639.217092][T14668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  639.248294][T14668] CPU: 1 PID: 14668 Comm: syz.2.2755 Not tainted syzkaller #0
[  639.255930][T14668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  639.266117][T14668] Call Trace:
[  639.269486][T14668]  <TASK>
[  639.272491][T14668]  dump_stack_lvl+0x18c/0x250
[  639.277281][T14668]  ? show_regs_print_info+0x20/0x20
[  639.282525][T14668]  ? load_image+0x400/0x400
[  639.287161][T14668]  ? __might_fault+0xaa/0x120
[  639.291963][T14668]  ? __lock_acquire+0x7d40/0x7d40
[  639.297037][T14668]  should_fail_ex+0x39d/0x4d0
[  639.301765][T14668]  _copy_from_iter+0x1d9/0x12e0
[  639.306759][T14668]  ? __virt_addr_valid+0x18c/0x540
[  639.311996][T14668]  ? __lock_acquire+0x7d40/0x7d40
[  639.317136][T14668]  ? sock_alloc_send_pskb+0x8a1/0x9a0
[  639.322638][T14668]  ? copyout_mc+0x70/0x70
[  639.327006][T14668]  ? __virt_addr_valid+0x18c/0x540
[  639.332150][T14668]  ? __virt_addr_valid+0x18c/0x540
[  639.337386][T14668]  ? __virt_addr_valid+0x469/0x540
[  639.342551][T14668]  ? __check_object_size+0x506/0xa20
[  639.347978][T14668]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  639.354079][T14668]  ? dev_get_by_index+0x22/0x2d0
[  639.359052][T14668]  ? skb_put+0x11b/0x210
[  639.363327][T14668]  packet_sendmsg+0x3566/0x4d70
[  639.368249][T14668]  ? verify_lock_unused+0x140/0x140
[  639.373561][T14668]  ? mark_lock+0x94/0x320
[  639.377924][T14668]  ? __lock_acquire+0x1273/0x7d40
[  639.382986][T14668]  ? verify_lock_unused+0x140/0x140
[  639.388358][T14668]  ? aa_sk_perm+0x83c/0x970
[  639.392994][T14668]  ? packet_getsockopt+0xad0/0xad0
[  639.398158][T14668]  ? aa_sock_msg_perm+0x94/0x150
[  639.403163][T14668]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  639.408564][T14668]  ? security_socket_sendmsg+0x80/0xa0
[  639.414053][T14668]  ? packet_getsockopt+0xad0/0xad0
[  639.419198][T14668]  ____sys_sendmsg+0x5ba/0x960
[  639.424770][T14668]  ? __lock_acquire+0x7d40/0x7d40
[  639.429922][T14668]  ? __asan_memset+0x22/0x40
[  639.434640][T14668]  ? __sys_sendmsg_sock+0x30/0x30
[  639.439701][T14668]  ? __import_iovec+0x5f2/0x850
[  639.444864][T14668]  ? import_iovec+0x73/0xa0
[  639.449765][T14668]  ___sys_sendmsg+0x2a6/0x360
[  639.454478][T14668]  ? get_pid_task+0x20/0x1e0
[  639.459106][T14668]  ? __sys_sendmsg+0x2a0/0x2a0
[  639.464011][T14668]  ? __lock_acquire+0x7d40/0x7d40
[  639.469100][T14668]  __se_sys_sendmsg+0x1c2/0x2b0
[  639.474067][T14668]  ? __x64_sys_sendmsg+0x80/0x80
[  639.479224][T14668]  ? lockdep_hardirqs_on+0x98/0x150
[  639.484471][T14668]  do_syscall_64+0x55/0xa0
[  639.488918][T14668]  ? clear_bhb_loop+0x40/0x90
[  639.493716][T14668]  ? clear_bhb_loop+0x40/0x90
[  639.498429][T14668]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  639.504642][T14668] RIP: 0033:0x7fb82c99bf79
[  639.509108][T14668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  639.528840][T14668] RSP: 002b:00007fb82d918028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  639.537293][T14668] RAX: ffffffffffffffda RBX: 00007fb82cc15fa0 RCX: 00007fb82c99bf79
[  639.545289][T14668] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  639.553283][T14668] RBP: 00007fb82d918090 R08: 0000000000000000 R09: 0000000000000000
[  639.561290][T14668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  639.569307][T14668] R13: 00007fb82cc16038 R14: 00007fb82cc15fa0 R15: 00007fff70a863a8
[  639.577421][T14668]  </TASK>
[  640.219235][T14685] netlink: 'syz.3.2761': attribute type 10 has an invalid length.
[  642.621039][T12244] hsr_slave_0: left promiscuous mode
[  642.636061][T12244] hsr_slave_1: left promiscuous mode
[  642.651200][T12244] bridge_slave_1: left allmulticast mode
[  642.665280][T12244] bridge_slave_1: left promiscuous mode
[  642.675574][T12244] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.697285][T12244] bridge_slave_0: left allmulticast mode
[  642.710781][T12244] bridge_slave_0: left promiscuous mode
[  642.719252][T12244] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.450845][T12244] veth0_macvtap: left promiscuous mode
[  643.468207][T12244] veth1_vlan: left promiscuous mode
[  659.442469][ T5785] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  659.453103][ T5785] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  659.475415][ T5785] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  659.498364][T14784] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  659.498396][T12762] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  659.507314][T14784] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  659.516297][T12762] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  659.521531][T14784] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  659.538410][T14784] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  659.561334][T12762] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  659.571889][T12762] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  659.579627][T14784] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  659.602233][ T5785] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  659.612714][T14784] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  659.627829][ T5785] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  659.637803][ T5785] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  659.646238][ T5785] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  659.654023][ T5785] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  661.232592][T12762] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  661.241219][T12762] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  661.250105][T12762] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  661.259866][T12762] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  661.269411][T12762] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  661.277823][T12762] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  661.581522][T12762] Bluetooth: hci4: command tx timeout
[  661.661574][T12762] Bluetooth: hci5: command tx timeout
[  661.747215][T12762] Bluetooth: hci6: command tx timeout
[  663.341620][T12762] Bluetooth: hci7: command tx timeout
[  663.661725][T12762] Bluetooth: hci4: command tx timeout
[  663.741585][T12762] Bluetooth: hci5: command tx timeout
[  663.821529][T12762] Bluetooth: hci6: command tx timeout
[  665.421554][T12762] Bluetooth: hci7: command tx timeout
[  665.742393][T12762] Bluetooth: hci4: command tx timeout
[  665.821621][T12762] Bluetooth: hci5: command tx timeout
[  665.901599][T12762] Bluetooth: hci6: command tx timeout
[  667.501411][T12762] Bluetooth: hci7: command tx timeout
[  667.822337][T12762] Bluetooth: hci4: command tx timeout
[  667.901558][T12762] Bluetooth: hci5: command tx timeout
[  667.981506][T12762] Bluetooth: hci6: command tx timeout
[  669.581471][T12762] Bluetooth: hci7: command tx timeout
[  683.192151][ T5785] Bluetooth: hci3: command 0x0406 tx timeout
[  686.226697][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  686.233825][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  688.305704][ T5785] Bluetooth: hci2: command 0x0406 tx timeout
[  698.551591][T12762] Bluetooth: hci0: command 0x0406 tx timeout
[  708.781540][T12762] Bluetooth: hci1: command 0x0406 tx timeout
[  719.055578][T12762] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  719.067999][T12762] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  719.076333][T12762] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  719.086525][T12762] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  719.095805][T12762] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  719.106792][T12762] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  720.236857][ T5785] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  720.246270][ T5785] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  720.255323][ T5785] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  720.264460][ T5785] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  720.285414][ T5785] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  720.293979][ T5785] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  720.333402][ T5785] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  720.343357][ T5785] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  720.352272][ T5785] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  720.365867][ T5785] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  720.374093][ T5785] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  720.385525][ T5785] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  721.181623][ T5785] Bluetooth: hci8: command tx timeout
[  722.109478][T12762] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  722.118543][T12762] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  722.131233][T12762] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  722.140814][T12762] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  722.153425][T12762] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  722.161135][T12762] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  722.391633][T12762] Bluetooth: hci9: command tx timeout
[  722.461637][T12762] Bluetooth: hci10: command tx timeout
[  723.261563][T12762] Bluetooth: hci8: command tx timeout
[  724.221498][T12762] Bluetooth: hci11: command tx timeout
[  724.461701][T12762] Bluetooth: hci9: command tx timeout
[  724.551660][T12762] Bluetooth: hci10: command tx timeout
[  725.351493][T12762] Bluetooth: hci8: command tx timeout
[  726.304725][T12762] Bluetooth: hci11: command tx timeout
[  726.545088][T12762] Bluetooth: hci9: command tx timeout
[  726.631435][T12762] Bluetooth: hci10: command tx timeout
[  727.435250][T12762] Bluetooth: hci8: command tx timeout
[  728.381388][T12762] Bluetooth: hci11: command tx timeout
[  728.631500][T12762] Bluetooth: hci9: command tx timeout
[  728.701534][T12762] Bluetooth: hci10: command tx timeout
[  730.461456][T12762] Bluetooth: hci11: command tx timeout
[  747.667466][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  747.674229][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  779.133306][ T5785] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  779.149592][ T5785] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  779.158817][ T5785] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  779.172848][ T5785] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  779.182471][ T5785] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  779.190201][ T5785] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  780.675992][ T5785] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  780.690093][ T5785] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  780.699207][ T5785] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  780.713915][ T5785] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  780.722375][ T5785] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  780.730226][ T5785] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  780.826620][T12762] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  780.835240][T12762] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  780.846381][T12762] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  780.856351][T12762] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  780.868406][T12762] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  780.876021][T12762] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  781.261553][T12762] Bluetooth: hci12: command tx timeout
[  782.579895][ T5785] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  782.590107][ T5785] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  782.599546][ T5785] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  782.609980][ T5785] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  782.618094][ T5785] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  782.626330][ T5785] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  782.781515][T12762] Bluetooth: hci13: command tx timeout
[  782.951582][T12762] Bluetooth: hci14: command tx timeout
[  783.351581][T12762] Bluetooth: hci12: command tx timeout
[  784.701571][T14839] Bluetooth: hci15: command tx timeout
[  784.861630][T14839] Bluetooth: hci13: command tx timeout
[  785.021405][T14839] Bluetooth: hci14: command tx timeout
[  785.421527][T14839] Bluetooth: hci12: command tx timeout
[  785.585500][T14839] Bluetooth: hci4: command 0x0406 tx timeout
[  785.586339][T14786] Bluetooth: hci7: command 0x0406 tx timeout
[  785.592908][T14839] Bluetooth: hci5: command 0x0406 tx timeout
[  785.598022][T14786] Bluetooth: hci6: command 0x0406 tx timeout
[  786.781565][T14784] Bluetooth: hci15: command tx timeout
[  786.951450][T14784] Bluetooth: hci13: command tx timeout
[  787.101496][T14784] Bluetooth: hci14: command tx timeout
[  787.501546][T14784] Bluetooth: hci12: command tx timeout
[  788.861634][T14784] Bluetooth: hci15: command tx timeout
[  789.021440][T14784] Bluetooth: hci13: command tx timeout
[  789.181427][T14784] Bluetooth: hci14: command tx timeout
[  790.941522][T14784] Bluetooth: hci15: command tx timeout
[  796.948456][   T29] INFO: task kworker/u4:11:2975 blocked for more than 143 seconds.
[  796.956728][   T29]       Not tainted syzkaller #0
[  796.962055][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  796.970858][   T29] task:kworker/u4:11   state:D stack:21896 pid:2975  ppid:2      flags:0x00004000
[  796.991613][   T29] Workqueue: events_unbound linkwatch_event
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  796.997851][   T29] Call Trace:
[  797.001645][   T29]  <TASK>
[  797.004779][   T29]  __schedule+0x1553/0x45a0
[  797.009453][   T29]  ? asan.module_dtor+0x20/0x20
[  797.018461][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  797.028084][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  797.034084][   T29]  ? kthread_data+0x4f/0xc0
[  797.040400][   T29]  ? wq_worker_sleeping+0x63/0x240
[  797.045705][   T29]  schedule+0xbd/0x170
[  797.049819][   T29]  schedule_preempt_disabled+0x13/0x20
[  797.060393][   T29]  __mutex_lock+0x6a9/0xcc0
[  797.076572][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  797.090587][   T29]  ? linkwatch_event+0xe/0x60
[  797.115458][   T29]  ? mutex_lock_nested+0x20/0x20
[  797.127788][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  797.133584][   T29]  ? process_scheduled_works+0x96f/0x15d0
[  797.139499][   T29]  linkwatch_event+0xe/0x60
[  797.144714][   T29]  process_scheduled_works+0xa5d/0x15d0
[  797.150723][   T29]  ? assign_work+0x430/0x430
[  797.155665][   T29]  ? assign_work+0x3d0/0x430
[  797.160537][   T29]  worker_thread+0xa55/0xfc0
[  797.165225][   T29]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  797.171515][   T29]  ? _raw_spin_unlock+0x40/0x40
[  797.176657][   T29]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  797.182873][   T29]  kthread+0x2fa/0x390
[  797.186990][   T29]  ? pr_cont_work+0x560/0x560
[  797.192709][   T29]  ? kthread_blkcg+0xd0/0xd0
[  797.197387][   T29]  ret_from_fork+0x48/0x80
[  797.202041][   T29]  ? kthread_blkcg+0xd0/0xd0
[  797.206723][   T29]  ret_from_fork_asm+0x11/0x20
[  797.211611][   T29]  </TASK>
[  797.214930][   T29] INFO: task kworker/1:4:5843 blocked for more than 143 seconds.
[  797.223196][   T29]       Not tainted syzkaller #0
[  797.228428][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  797.238867][   T29] task:kworker/1:4     state:D stack:23440 pid:5843  ppid:2      flags:0x00004000
[  797.248391][   T29] Workqueue: events switchdev_deferred_process_work
[  797.256223][   T29] Call Trace:
[  797.259581][   T29]  <TASK>
[  797.265882][   T29]  __schedule+0x1553/0x45a0
[  797.270559][   T29]  ? do_raw_spin_lock+0x11f/0x2c0
[  797.276742][   T29]  ? mark_lock+0x94/0x320
[  797.281272][   T29]  ? asan.module_dtor+0x20/0x20
[  797.286274][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  797.293443][   T29]  schedule+0xbd/0x170
[  797.297587][   T29]  schedule_preempt_disabled+0x13/0x20
[  797.303353][   T29]  __mutex_lock+0x6a9/0xcc0
[  797.307907][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  797.312756][   T29]  ? switchdev_deferred_process_work+0xe/0x20
[  797.318952][   T29]  ? mutex_lock_nested+0x20/0x20
[  797.324004][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  797.329341][   T29]  ? process_scheduled_works+0x96f/0x15d0
[  797.335902][   T29]  switchdev_deferred_process_work+0xe/0x20
[  797.342242][   T29]  process_scheduled_works+0xa5d/0x15d0
[  797.347872][   T29]  ? assign_work+0x430/0x430
[  797.352717][   T29]  ? assign_work+0x3d0/0x430
[  797.357532][   T29]  worker_thread+0xa55/0xfc0
[  797.362252][   T29]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  797.368289][   T29]  ? _raw_spin_unlock+0x40/0x40
[  797.373323][   T29]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  797.379361][   T29]  kthread+0x2fa/0x390
[  797.384068][   T29]  ? pr_cont_work+0x560/0x560
[  797.388797][   T29]  ? kthread_blkcg+0xd0/0xd0
[  797.395309][   T29]  ret_from_fork+0x48/0x80
[  797.399773][   T29]  ? kthread_blkcg+0xd0/0xd0
[  797.404460][   T29]  ret_from_fork_asm+0x11/0x20
[  797.409409][   T29]  </TASK>
[  797.412849][   T29] INFO: task syz.0.2785:14750 blocked for more than 143 seconds.
[  797.420644][   T29]       Not tainted syzkaller #0
[  797.425984][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  797.435348][   T29] task:syz.0.2785      state:D stack:25864 pid:14750 ppid:13600  flags:0x00004004
[  797.444674][   T29] Call Trace:
[  797.448067][   T29]  <TASK>
[  797.451148][   T29]  __schedule+0x1553/0x45a0
[  797.456049][   T29]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  797.462742][   T29]  ? kmalloc_reserve+0x116/0x240
[  797.467922][   T29]  ? asan.module_dtor+0x20/0x20
[  797.473178][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  797.477995][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  797.483653][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  797.489976][   T29]  schedule+0xbd/0x170
[  797.494319][   T29]  schedule_preempt_disabled+0x13/0x20
[  797.501157][   T29]  __mutex_lock+0x6a9/0xcc0
[  797.509783][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  797.516775][   T29]  ? netlink_dump+0x78f/0xe50
[  797.523369][   T29]  ? mutex_lock_nested+0x20/0x20
[  797.528326][   T29]  ? __build_skb_around+0x255/0x3d0
[  797.536168][   T29]  ? __alloc_skb+0x1b2/0x2c0
[  797.540983][   T29]  netlink_dump+0x78f/0xe50
[  797.546808][   T29]  ? netlink_lookup+0x200/0x200
[  797.553732][   T29]  ? netlink_autobind+0x300/0x300
[  797.558874][   T29]  ? netlink_lookup+0x30/0x200
[  797.566138][   T29]  ? netlink_lookup+0x30/0x200
[  797.571064][   T29]  __netlink_dump_start+0x5f1/0x810
[  797.578348][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  797.584639][   T29]  rtnetlink_rcv_msg+0xe1d/0xfa0
[  797.590022][   T29]  ? vxlan_fill_vni_filter_entry+0xd50/0xd50
[  797.596389][   T29]  ? rtnetlink_bind+0x80/0x80
[  797.601746][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  797.607780][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  797.613687][   T29]  ? lock_chain_count+0x20/0x20
[  797.618848][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  797.624394][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  797.629964][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  797.635662][   T29]  ? _local_bh_enable+0xa0/0xa0
[  797.640563][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  797.645904][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  797.651053][   T29]  ? __dev_queue_xmit+0x124f/0x36b0
[  797.656477][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  797.662006][   T29]  ? vxlan_fill_vni_filter_entry+0xd50/0xd50
[  797.668147][   T29]  ? ref_tracker_free+0x690/0x840
[  797.673318][   T29]  netlink_rcv_skb+0x241/0x4d0
[  797.678497][   T29]  ? rtnetlink_bind+0x80/0x80
[  797.683487][   T29]  ? netlink_ack+0x1180/0x1180
[  797.688415][   T29]  ? __lock_acquire+0x7d40/0x7d40
[  797.693884][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[  797.699214][   T29]  netlink_unicast+0x751/0x8d0
[  797.704956][   T29]  netlink_sendmsg+0x8d0/0xbf0
[  797.709829][   T29]  ? netlink_getsockopt+0x590/0x590
[  797.715359][   T29]  ? aa_sock_msg_perm+0x94/0x150
[  797.720447][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  797.726082][   T29]  ? security_socket_sendmsg+0x80/0xa0
[  797.731654][   T29]  ? netlink_getsockopt+0x590/0x590
[  797.736904][   T29]  ____sys_sendmsg+0x5ba/0x960
[  797.742243][   T29]  ? __asan_memset+0x22/0x40
[  797.746890][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[  797.752325][   T29]  ? __import_iovec+0x5f2/0x850
[  797.757290][   T29]  ? import_iovec+0x73/0xa0
[  797.763095][   T29]  ___sys_sendmsg+0x2a6/0x360
[  797.767861][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[  797.773153][   T29]  ? debug_mutex_init+0x38/0x70
[  797.778143][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[  797.783394][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[  797.788485][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  797.794084][   T29]  do_syscall_64+0x55/0xa0
[  797.798558][   T29]  ? clear_bhb_loop+0x40/0x90
[  797.804234][   T29]  ? clear_bhb_loop+0x40/0x90
[  797.808959][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  797.815249][   T29] RIP: 0033:0x7fe9b019bf79
[  797.819788][   T29] RSP: 002b:00007fe9ae3f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  797.829307][   T29] RAX: ffffffffffffffda RBX: 00007fe9b0415fa0 RCX: 00007fe9b019bf79
[  797.837523][   T29] RDX: 0000000000040000 RSI: 0000200000000040 RDI: 0000000000000004
[  797.845657][   T29] RBP: 00007fe9b02327e0 R08: 0000000000000000 R09: 0000000000000000
[  797.854087][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  797.862140][   T29] R13: 00007fe9b0416038 R14: 00007fe9b0415fa0 R15: 00007fff978c1328
[  797.870171][   T29]  </TASK>
[  797.873605][   T29] INFO: task syz.0.2785:14752 blocked for more than 144 seconds.
[  797.881780][   T29]       Not tainted syzkaller #0
[  797.886924][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  797.895789][   T29] task:syz.0.2785      state:D stack:26856 pid:14752 ppid:13600  flags:0x00004004
[  797.906571][   T29] Call Trace:
[  797.910154][   T29]  <TASK>
[  797.913190][   T29]  __schedule+0x1553/0x45a0
[  797.918153][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  797.924512][   T29]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  797.931187][   T29]  ? asan.module_dtor+0x20/0x20
[  797.936156][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  797.941113][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  797.946889][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  797.953220][   T29]  schedule+0xbd/0x170
[  797.957409][   T29]  schedule_preempt_disabled+0x13/0x20
[  797.963197][   T29]  __mutex_lock+0x6a9/0xcc0
[  797.967756][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  797.972540][   T29]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  797.977720][   T29]  ? mutex_lock_nested+0x20/0x20
[  797.991992][   T29]  rtnetlink_rcv_msg+0x811/0xfa0
[  797.997125][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  798.002366][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  798.008285][   T29]  ? rtnetlink_bind+0x80/0x80
[  798.013164][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  798.019282][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.024708][   T29]  ? lock_chain_count+0x20/0x20
[  798.029718][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  798.035276][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  798.040554][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  798.046201][   T29]  ? _local_bh_enable+0xa0/0xa0
[  798.051093][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.056400][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.061711][   T29]  ? __dev_queue_xmit+0x124f/0x36b0
[  798.067132][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.072638][   T29]  ? ref_tracker_free+0x690/0x840
[  798.077798][   T29]  netlink_rcv_skb+0x241/0x4d0
[  798.082675][   T29]  ? rtnetlink_bind+0x80/0x80
[  798.087645][   T29]  ? netlink_ack+0x1180/0x1180
[  798.092804][   T29]  ? __lock_acquire+0x7d40/0x7d40
[  798.098110][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[  798.103479][   T29]  netlink_unicast+0x751/0x8d0
[  798.108476][   T29]  netlink_sendmsg+0x8d0/0xbf0
[  798.114280][   T29]  ? netlink_getsockopt+0x590/0x590
[  798.119549][   T29]  ? aa_sock_msg_perm+0x94/0x150
[  798.124773][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  798.130110][   T29]  ? security_socket_sendmsg+0x80/0xa0
[  798.135830][   T29]  ? netlink_getsockopt+0x590/0x590
[  798.141148][   T29]  ____sys_sendmsg+0x5ba/0x960
[  798.146130][   T29]  ? __asan_memset+0x22/0x40
[  798.150788][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[  798.155966][   T29]  ? __import_iovec+0x5f2/0x850
[  798.160918][   T29]  ? import_iovec+0x73/0xa0
[  798.165597][   T29]  ___sys_sendmsg+0x2a6/0x360
[  798.170470][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[  798.175507][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[  798.180494][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[  798.185932][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  798.191509][   T29]  do_syscall_64+0x55/0xa0
[  798.196117][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.200803][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.206037][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.212093][   T29] RIP: 0033:0x7fe9b019bf79
[  798.217069][   T29] RSP: 002b:00007fe9ae3d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  798.225761][   T29] RAX: ffffffffffffffda RBX: 00007fe9b0416090 RCX: 00007fe9b019bf79
[  798.234207][   T29] RDX: 0000000000040840 RSI: 00002000000001c0 RDI: 0000000000000005
[  798.242628][   T29] RBP: 00007fe9b02327e0 R08: 0000000000000000 R09: 0000000000000000
[  798.250868][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.258982][   T29] R13: 00007fe9b0416128 R14: 00007fe9b0416090 R15: 00007fff978c1328
[  798.267470][   T29]  </TASK>
[  798.270700][   T29] INFO: task syz.3.2786:14760 blocked for more than 144 seconds.
[  798.278864][   T29]       Not tainted syzkaller #0
[  798.284060][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  798.293073][   T29] task:syz.3.2786      state:D stack:26504 pid:14760 ppid:13180  flags:0x00004004
[  798.302985][   T29] Call Trace:
[  798.306314][   T29]  <TASK>
[  798.309269][   T29]  __schedule+0x1553/0x45a0
[  798.314205][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.321408][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[  798.327474][   T29]  ? asan.module_dtor+0x20/0x20
[  798.332472][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  798.337289][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  798.343443][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  798.349825][   T29]  schedule+0xbd/0x170
[  798.354298][   T29]  schedule_preempt_disabled+0x13/0x20
[  798.360505][   T29]  __mutex_lock+0x6a9/0xcc0
[  798.365263][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  798.370248][   T29]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  798.375494][   T29]  ? mutex_lock_nested+0x20/0x20
[  798.380860][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  798.386181][   T29]  rtnetlink_rcv_msg+0x811/0xfa0
[  798.391429][   T29]  ? rtnetlink_bind+0x80/0x80
[  798.396160][   T29]  ? perf_trace_preemptirq_template+0xac/0x330
[  798.402715][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  798.408837][   T29]  ? lock_chain_count+0x20/0x20
[  798.413801][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  798.419916][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  798.425469][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  798.431143][   T29]  ? _local_bh_enable+0xa0/0xa0
[  798.436095][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.441334][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.446668][   T29]  ? __dev_queue_xmit+0x124f/0x36b0
[  798.451948][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  798.457142][   T29]  ? perf_trace_lock+0xfc/0x3b0
[  798.462250][   T29]  netlink_rcv_skb+0x241/0x4d0
[  798.467067][   T29]  ? rtnetlink_bind+0x80/0x80
[  798.471838][   T29]  ? netlink_ack+0x1180/0x1180
[  798.476683][   T29]  ? __lock_acquire+0x7d40/0x7d40
[  798.481872][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[  798.487225][   T29]  netlink_unicast+0x751/0x8d0
[  798.492397][   T29]  netlink_sendmsg+0x8d0/0xbf0
[  798.497235][   T29]  ? netlink_getsockopt+0x590/0x590
[  798.503537][   T29]  ? aa_sock_msg_perm+0x94/0x150
[  798.508877][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  798.514490][   T29]  ? security_socket_sendmsg+0x80/0xa0
[  798.520631][   T29]  ? netlink_getsockopt+0x590/0x590
[  798.526064][   T29]  ____sys_sendmsg+0x5ba/0x960
[  798.530976][   T29]  ? __asan_memset+0x22/0x40
[  798.535814][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[  798.540887][   T29]  ? __import_iovec+0x3fa/0x850
[  798.546167][   T29]  ? import_iovec+0x73/0xa0
[  798.550843][   T29]  ___sys_sendmsg+0x2a6/0x360
[  798.556327][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[  798.561439][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[  798.566533][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[  798.572305][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  798.577651][   T29]  do_syscall_64+0x55/0xa0
[  798.582499][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.587293][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.592593][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.598691][   T29] RIP: 0033:0x7f050139bf79
[  798.603723][   T29] RSP: 002b:00007f04ff5d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  798.612727][   T29] RAX: ffffffffffffffda RBX: 00007f0501616090 RCX: 00007f050139bf79
[  798.620914][   T29] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  798.630182][   T29] RBP: 00007f05014327e0 R08: 0000000000000000 R09: 0000000000000000
[  798.638653][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.646842][   T29] R13: 00007f0501616128 R14: 00007f0501616090 R15: 00007fff8e16c738
[  798.655147][   T29]  </TASK>
[  798.658227][   T29] INFO: task syz.2.2788:14757 blocked for more than 145 seconds.
[  798.666684][   T29]       Not tainted syzkaller #0
[  798.672007][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  798.680895][   T29] task:syz.2.2788      state:D stack:28104 pid:14757 ppid:13362  flags:0x00004004
[  798.690433][   T29] Call Trace:
[  798.693805][   T29]  <TASK>
[  798.696866][   T29]  __schedule+0x1553/0x45a0
[  798.701595][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[  798.707556][   T29]  ? mark_lock+0x94/0x320
[  798.712163][   T29]  ? asan.module_dtor+0x20/0x20
[  798.717336][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  798.722523][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  798.729615][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  798.736127][   T29]  schedule+0xbd/0x170
[  798.740558][   T29]  schedule_preempt_disabled+0x13/0x20
[  798.746179][   T29]  __mutex_lock+0x6a9/0xcc0
[  798.750915][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  798.755757][   T29]  ? dev_ioctl+0x83c/0x1140
[  798.760400][   T29]  ? mutex_lock_nested+0x20/0x20
[  798.765551][   T29]  ? dev_load+0x21/0x1f0
[  798.769824][   T29]  ? dev_load+0x21/0x1f0
[  798.774184][   T29]  dev_ioctl+0x83c/0x1140
[  798.778645][   T29]  sock_ioctl+0x74c/0x7e0
[  798.783083][   T29]  ? sock_poll+0x3e0/0x3e0
[  798.787539][   T29]  ? bpf_lsm_file_ioctl+0x9/0x10
[  798.792687][   T29]  ? security_file_ioctl+0x80/0xa0
[  798.797877][   T29]  ? sock_poll+0x3e0/0x3e0
[  798.802521][   T29]  __se_sys_ioctl+0xfd/0x170
[  798.807254][   T29]  do_syscall_64+0x55/0xa0
[  798.811874][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.816678][   T29]  ? clear_bhb_loop+0x40/0x90
[  798.821494][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  798.828135][   T29] RIP: 0033:0x7fb82c99bf79
[  798.832802][   T29] RSP: 002b:00007fb82d918028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  798.841619][   T29] RAX: ffffffffffffffda RBX: 00007fb82cc15fa0 RCX: 00007fb82c99bf79
[  798.849898][   T29] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000006
[  798.858214][   T29] RBP: 00007fb82ca327e0 R08: 0000000000000000 R09: 0000000000000000
[  798.868406][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  798.877904][   T29] R13: 00007fb82cc16038 R14: 00007fb82cc15fa0 R15: 00007fff70a863a8
[  798.887103][   T29]  </TASK>
[  798.890189][   T29] INFO: task syz.2.2788:14761 blocked for more than 145 seconds.
[  798.898088][   T29]       Not tainted syzkaller #0
[  798.903537][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  798.912514][   T29] task:syz.2.2788      state:D stack:28616 pid:14761 ppid:13362  flags:0x00004004
[  798.922389][   T29] Call Trace:
[  798.925704][   T29]  <TASK>
[  798.928659][   T29]  __schedule+0x1553/0x45a0
[  798.934469][   T29]  ? trace_event_raw_event_lock+0x250/0x250
[  798.940466][   T29]  ? asan.module_dtor+0x20/0x20
[  798.945797][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  798.950710][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  798.956570][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  798.962872][   T29]  schedule+0xbd/0x170
[  798.967152][   T29]  schedule_preempt_disabled+0x13/0x20
[  798.972892][   T29]  __mutex_lock+0x6a9/0xcc0
[  798.977627][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  798.982600][   T29]  ? dev_ioctl+0x83c/0x1140
[  798.987165][   T29]  ? mutex_lock_nested+0x20/0x20
[  798.992644][   T29]  ? dev_load+0x21/0x1f0
[  798.996945][   T29]  ? dev_load+0x21/0x1f0
[  799.001381][   T29]  dev_ioctl+0x83c/0x1140
[  799.005851][   T29]  sock_ioctl+0x74c/0x7e0
[  799.010307][   T29]  ? sock_poll+0x3e0/0x3e0
[  799.014856][   T29]  ? bpf_lsm_file_ioctl+0x9/0x10
[  799.019833][   T29]  ? security_file_ioctl+0x80/0xa0
[  799.031429][   T29]  ? sock_poll+0x3e0/0x3e0
[  799.036495][   T29]  __se_sys_ioctl+0xfd/0x170
[  799.043836][   T29]  do_syscall_64+0x55/0xa0
[  799.048530][   T29]  ? clear_bhb_loop+0x40/0x90
[  799.053620][   T29]  ? clear_bhb_loop+0x40/0x90
[  799.058361][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  799.064574][   T29] RIP: 0033:0x7fb82c99bf79
[  799.069140][   T29] RSP: 002b:00007fb82d8f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  799.078042][   T29] RAX: ffffffffffffffda RBX: 00007fb82cc16090 RCX: 00007fb82c99bf79
[  799.086205][   T29] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000008
[  799.094488][   T29] RBP: 00007fb82ca327e0 R08: 0000000000000000 R09: 0000000000000000
[  799.102772][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  799.111551][   T29] R13: 00007fb82cc16128 R14: 00007fb82cc16090 R15: 00007fff70a863a8
[  799.119638][   T29]  </TASK>
[  799.122932][   T29] INFO: task syz.1.2794:14776 blocked for more than 145 seconds.
[  799.130844][   T29]       Not tainted syzkaller #0
[  799.136400][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  799.145194][   T29] task:syz.1.2794      state:D stack:25800 pid:14776 ppid:13064  flags:0x00004004
[  799.154536][   T29] Call Trace:
[  799.157857][   T29]  <TASK>
[  799.160824][   T29]  __schedule+0x1553/0x45a0
[  799.165963][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  799.172478][   T29]  ? asan.module_dtor+0x20/0x20
[  799.177434][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  799.182248][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  799.187756][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  799.194522][   T29]  schedule+0xbd/0x170
[  799.198645][   T29]  schedule_preempt_disabled+0x13/0x20
[  799.204210][   T29]  __mutex_lock+0x6a9/0xcc0
[  799.208769][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  799.213646][   T29]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  799.218795][   T29]  ? mutex_lock_nested+0x20/0x20
[  799.224187][   T29]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  799.229437][   T29]  rtnetlink_rcv_msg+0x811/0xfa0
[  799.234505][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  799.240378][   T29]  ? rtnetlink_bind+0x80/0x80
[  799.245369][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  799.251463][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  799.256884][   T29]  ? lock_chain_count+0x20/0x20
[  799.262054][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  799.267732][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  799.273042][   T29]  ? __local_bh_enable_ip+0x13a/0x1c0
[  799.278446][   T29]  ? _local_bh_enable+0xa0/0xa0
[  799.283688][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  799.288882][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  799.294244][   T29]  ? __dev_queue_xmit+0x124f/0x36b0
[  799.299711][   T29]  ? __dev_queue_xmit+0x26b/0x36b0
[  799.305506][   T29]  ? ref_tracker_free+0x690/0x840
[  799.310646][   T29]  netlink_rcv_skb+0x241/0x4d0
[  799.315555][   T29]  ? rtnetlink_bind+0x80/0x80
[  799.320574][   T29]  ? netlink_ack+0x1180/0x1180
[  799.325595][   T29]  ? __lock_acquire+0x7d40/0x7d40
[  799.330841][   T29]  ? netlink_deliver_tap+0x2e/0x1b0
[  799.336391][   T29]  netlink_unicast+0x751/0x8d0
[  799.341912][   T29]  netlink_sendmsg+0x8d0/0xbf0
[  799.346753][   T29]  ? netlink_getsockopt+0x590/0x590
[  799.352238][   T29]  ? aa_sock_msg_perm+0x94/0x150
[  799.357236][   T29]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  799.362723][   T29]  ? security_socket_sendmsg+0x80/0xa0
[  799.368321][   T29]  ? netlink_getsockopt+0x590/0x590
[  799.373751][   T29]  ____sys_sendmsg+0x5ba/0x960
[  799.378574][   T29]  ? __asan_memset+0x22/0x40
[  799.383367][   T29]  ? __sys_sendmsg_sock+0x30/0x30
[  799.388624][   T29]  ? __import_iovec+0x3fa/0x850
[  799.393781][   T29]  ? import_iovec+0x73/0xa0
[  799.398388][   T29]  ___sys_sendmsg+0x2a6/0x360
[  799.403303][   T29]  ? __sys_sendmsg+0x2a0/0x2a0
[  799.408314][   T29]  __se_sys_sendmsg+0x1c2/0x2b0
[  799.413370][   T29]  ? __x64_sys_sendmsg+0x80/0x80
[  799.418389][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  799.423932][   T29]  do_syscall_64+0x55/0xa0
[  799.428507][   T29]  ? clear_bhb_loop+0x40/0x90
[  799.433576][   T29]  ? clear_bhb_loop+0x40/0x90
[  799.438392][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  799.445218][   T29] RIP: 0033:0x7fa658b9bf79
[  799.449690][   T29] RSP: 002b:00007fa659ab4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  799.458318][   T29] RAX: ffffffffffffffda RBX: 00007fa658e15fa0 RCX: 00007fa658b9bf79
[  799.466679][   T29] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  799.474840][   T29] RBP: 00007fa658c327e0 R08: 0000000000000000 R09: 0000000000000000
[  799.483349][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  799.491545][   T29] R13: 00007fa658e16038 R14: 00007fa658e15fa0 R15: 00007ffc29f4ffc8
[  799.499742][   T29]  </TASK>
[  799.503136][   T29] 
[  799.503136][   T29] Showing all locks held in the system:
[  799.510890][   T29] 1 lock held by khungtaskd/29:
[  799.516376][   T29]  #0: ffffffff8d131fa0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  799.526437][   T29] 3 locks held by kworker/u4:11/2975:
[  799.532442][   T29]  #0: ffff888017c71538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.545308][   T29]  #1: ffffc9000bc17d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.556674][   T29]  #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  799.565888][   T29] 5 locks held by kworker/u4:12/3494:
[  799.571436][   T29] 2 locks held by getty/5529:
[  799.576665][   T29]  #0: ffff88814d18b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  799.586579][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  799.596812][   T29] 3 locks held by kworker/1:4/5843:
[  799.602545][   T29]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.614086][   T29]  #1: ffffc90004b9fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.625449][   T29]  #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  799.636354][   T29] 3 locks held by kworker/0:2/11515:
[  799.641989][   T29]  #0: ffff888017c71d38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.655626][   T29]  #1: ffffc9000ba87d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.666854][   T29]  #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x92/0xd90
[  799.676533][   T29] 3 locks held by kworker/u4:8/12243:
[  799.682172][   T29]  #0: ffff88802c4d8138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.693976][   T29]  #1: ffffc90010047d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  799.707838][   T29]  #2: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  799.717604][   T29] 5 locks held by kworker/u4:10/12244:
[  799.723526][   T29] 2 locks held by syz.0.2785/14750:
[  799.728841][   T29]  #0: ffff88803064a690 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0xf4/0x810
[  799.739690][   T29]  #1: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x78f/0xe50
[  799.749645][   T29] 1 lock held by syz.0.2785/14752:
[  799.755383][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.765315][   T29] 1 lock held by syz.3.2786/14760:
[  799.770547][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.780336][   T29] 1 lock held by syz.2.2788/14757:
[  799.785533][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x83c/0x1140
[  799.794580][   T29] 1 lock held by syz.2.2788/14761:
[  799.799991][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x83c/0x1140
[  799.809351][   T29] 1 lock held by syz.1.2794/14776:
[  799.814563][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.824359][   T29] 1 lock held by syz-executor/14780:
[  799.829770][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.839520][   T29] 1 lock held by syz-executor/14782:
[  799.845012][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.855382][   T29] 1 lock held by syz-executor/14785:
[  799.860707][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.870338][   T29] 1 lock held by syz-executor/14793:
[  799.875879][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.885463][   T29] 1 lock held by syz-executor/14806:
[  799.890788][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.900594][   T29] 1 lock held by syz-executor/14811:
[  799.906890][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.916760][   T29] 1 lock held by syz-executor/14813:
[  799.922430][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.932251][   T29] 1 lock held by syz-executor/14817:
[  799.937737][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.947566][   T29] 1 lock held by syz-executor/14826:
[  799.953059][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.964078][   T29] 1 lock held by syz-executor/14832:
[  799.969477][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.979258][   T29] 1 lock held by syz-executor/14834:
[  799.985124][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  799.994857][   T29] 1 lock held by syz-executor/14837:
[  800.000281][   T29]  #0: ffffffff8e3c0288 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  800.009915][   T29] 
[  800.012412][   T29] =============================================
[  800.012412][   T29] 
[  800.020866][   T29] NMI backtrace for cpu 1
[  800.025464][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  800.033042][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  800.043461][   T29] Call Trace:
[  800.046766][   T29]  <TASK>
[  800.049755][   T29]  dump_stack_lvl+0x18c/0x250
[  800.054541][   T29]  ? show_regs_print_info+0x20/0x20
[  800.059769][   T29]  ? load_image+0x400/0x400
[  800.064434][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[  800.069644][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  800.075904][   T29]  ? _printk+0xde/0x130
[  800.080163][   T29]  ? load_image+0x400/0x400
[  800.084781][   T29]  ? load_image+0x400/0x400
[  800.089407][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  800.095679][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  800.101810][   T29]  watchdog+0xf3d/0xf80
[  800.106107][   T29]  ? watchdog+0x1e1/0xf80
[  800.110493][   T29]  kthread+0x2fa/0x390
[  800.114590][   T29]  ? hungtask_pm_notify+0x90/0x90
[  800.119676][   T29]  ? kthread_blkcg+0xd0/0xd0
[  800.124286][   T29]  ret_from_fork+0x48/0x80
[  800.128812][   T29]  ? kthread_blkcg+0xd0/0xd0
[  800.133543][   T29]  ret_from_fork_asm+0x11/0x20
[  800.138387][   T29]  </TASK>
[  800.142167][   T29] Sending NMI from CPU 1 to CPUs 0:
[  800.147424][    C0] NMI backtrace for cpu 0
[  800.147435][    C0] CPU: 0 PID: 5122 Comm: syslogd Not tainted syzkaller #0
[  800.147451][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  800.147459][    C0] RIP: 0010:lock_release+0x0/0x8c0
[  800.147482][    C0] Code: 80 c1 03 38 c1 0f 8c 1b fa ff ff 48 89 df e8 a7 99 76 00 e9 0e fa ff ff bb 2f 00 00 00 e9 24 fa ff ff 0f 1f 84 00 00 00 00 00 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[  800.147495][    C0] RSP: 0018:ffffc90003267540 EFLAGS: 00000287
[  800.147524][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8880753a5a00
[  800.147535][    C0] RDX: 0000000000000000 RSI: ffffffff819466c6 RDI: ffffffff8d131fa0
[  800.147545][    C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: 1ffffffff2237ea0
[  800.147555][    C0] R10: dffffc0000000000 R11: fffffbfff2237ea1 R12: 00000000000019c4
[  800.147565][    C0] R13: dffffc0000000000 R14: 00007fb7155bd407 R15: 0000000000000000
[  800.147576][    C0] FS:  00007fb71546dc80(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  800.147589][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  800.147600][    C0] CR2: 000055d446057000 CR3: 0000000030c35000 CR4: 00000000003506f0
[  800.147615][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  800.147624][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  800.147633][    C0] Call Trace:
[  800.147639][    C0]  <TASK>
[  800.147643][    C0]  is_bpf_text_address+0x28f/0x2a0
[  800.147663][    C0]  ? is_bpf_text_address+0x26/0x2a0
[  800.147679][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  800.147696][    C0]  kernel_text_address+0xa0/0xd0
[  800.147717][    C0]  __kernel_text_address+0xd/0x30
[  800.147735][    C0]  unwind_get_return_address+0x5d/0xc0
[  800.147750][    C0]  ? stack_trace_save+0x100/0x100
[  800.147767][    C0]  arch_stack_walk+0x11d/0x190
[  800.147798][    C0]  stack_trace_save+0xaa/0x100
[  800.147814][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  800.147830][    C0]  ? __unix_dgram_recvmsg+0x9fa/0xd80
[  800.147851][    C0]  ? do_syscall_64+0x55/0xa0
[  800.147870][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  800.147887][    C0]  kasan_set_track+0x4e/0x70
[  800.147903][    C0]  ? kasan_set_track+0x4e/0x70
[  800.147917][    C0]  ? kasan_save_free_info+0x2e/0x50
[  800.147933][    C0]  ? ____kasan_slab_free+0x126/0x1e0
[  800.147949][    C0]  ? slab_free_freelist_hook+0x130/0x1a0
[  800.147962][    C0]  ? kmem_cache_free+0xf8/0x270
[  800.147981][    C0]  ? __unix_dgram_recvmsg+0x9fa/0xd80
[  800.147999][    C0]  ? sock_read_iter+0x2d9/0x3e0
[  800.148013][    C0]  ? vfs_read+0x46a/0x970
[  800.148040][    C0]  ? ksys_read+0x150/0x260
[  800.148057][    C0]  ? do_syscall_64+0x55/0xa0
[  800.148074][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  800.148111][    C0]  ? kmem_cache_free+0xf8/0x270
[  800.148129][    C0]  kasan_save_free_info+0x2e/0x50
[  800.148147][    C0]  ____kasan_slab_free+0x126/0x1e0
[  800.148164][    C0]  slab_free_freelist_hook+0x130/0x1a0
[  800.148181][    C0]  ? __unix_dgram_recvmsg+0x9fa/0xd80
[  800.148199][    C0]  kmem_cache_free+0xf8/0x270
[  800.148221][    C0]  __unix_dgram_recvmsg+0x9fa/0xd80
[  800.148251][    C0]  ? unix_unhash+0x10/0x10
[  800.148271][    C0]  ? aa_af_perm+0x330/0x330
[  800.148290][    C0]  ? aa_file_perm+0x3e3/0xee0
[  800.148312][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  800.148329][    C0]  ? security_socket_recvmsg+0x89/0xb0
[  800.148344][    C0]  ? unix_dgram_recvmsg+0xad/0xd0
[  800.148366][    C0]  sock_read_iter+0x2d9/0x3e0
[  800.148382][    C0]  ? kernel_sock_ip_overhead+0x5a0/0x5a0
[  800.148402][    C0]  ? common_file_perm+0x198/0x1f0
[  800.148423][    C0]  vfs_read+0x46a/0x970
[  800.148444][    C0]  ? kernel_read+0x1e0/0x1e0
[  800.148460][    C0]  ? rcu_is_watching+0x15/0xb0
[  800.148487][    C0]  ? __fdget_pos+0x1d8/0x330
[  800.148507][    C0]  ksys_read+0x150/0x260
[  800.148526][    C0]  ? vfs_write+0x990/0x990
[  800.148546][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  800.148563][    C0]  do_syscall_64+0x55/0xa0
[  800.148581][    C0]  ? clear_bhb_loop+0x40/0x90
[  800.148596][    C0]  ? clear_bhb_loop+0x40/0x90
[  800.148611][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  800.148626][    C0] RIP: 0033:0x7fb7155bd407
[  800.148639][    C0] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  800.148651][    C0] RSP: 002b:00007ffccce7e5b0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  800.148665][    C0] RAX: ffffffffffffffda RBX: 00007fb71546dc80 RCX: 00007fb7155bd407
[  800.148676][    C0] RDX: 00000000000000ff RSI: 000055e4abc40950 RDI: 0000000000000000
[  800.148685][    C0] RBP: 000055e4abc40910 R08: 0000000000000000 R09: 0000000000000000
[  800.148694][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 000055e4abc40982
[  800.148703][    C0] R13: 0000000000000000 R14: 000055e4abc40950 R15: 000055e4971e9d98
[  800.148721][    C0]  </TASK>
[  800.157485][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  800.157500][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  800.157517][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  800.157526][   T29] Call Trace:
[  800.157534][   T29]  <TASK>
[  800.157541][   T29]  dump_stack_lvl+0x18c/0x250
[  800.157573][   T29]  ? show_regs_print_info+0x20/0x20
[  800.157596][   T29]  ? load_image+0x400/0x400
[  800.157627][   T29]  panic+0x2dc/0x730
[  800.157645][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  800.157671][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  800.157688][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  800.157712][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  800.157743][   T29]  watchdog+0xf7c/0xf80
[  800.157765][   T29]  ? watchdog+0x1e1/0xf80
[  800.157793][   T29]  kthread+0x2fa/0x390
[  800.157808][   T29]  ? hungtask_pm_notify+0x90/0x90
[  800.157830][   T29]  ? kthread_blkcg+0xd0/0xd0
[  800.157846][   T29]  ret_from_fork+0x48/0x80
[  800.157865][   T29]  ? kthread_blkcg+0xd0/0xd0
[  800.157882][   T29]  ret_from_fork_asm+0x11/0x20
[  800.157935][   T29]  </TASK>
[  800.163419][   T29] Kernel Offset: disabled
[  800.744613][   T29] Rebooting in 86400 seconds..