last executing test programs:

2.78289729s ago: executing program 1 (id=2706):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000028c0)=""/4049, 0xfd1}, {&(0x7f0000001880)=""/4105, 0x1009}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000000d80)=""/117, 0x75}], 0x4}, 0x100)

2.748237951s ago: executing program 2 (id=2707):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080a2, 0x9, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x0, 0x23, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x9, &(0x7f0000000380), 0x98)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b87, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x4)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000ec0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func_proto]}, {0x0, [0x61]}}, &(0x7f0000000340)=""/81, 0x27, 0x51, 0x1, 0x5}, 0x28)
openat$cgroup_int(r2, &(0x7f0000000480)='cpu.max\x00', 0x2, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x8}, [@ldst={0x6, 0x3, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3}, &(0x7f0000000040), &(0x7f0000000580)=r4}, 0x20)
r5 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0xfe, &(0x7f0000000000)=[{&(0x7f0000000040)="0207000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)

2.616336929s ago: executing program 3 (id=2709):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400090000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a891588d818a0afc0b3116a130974cac0615232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f84e4272d2cc72d4e771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de457f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5bfc182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456cd7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b4"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x85, &(0x7f0000000ac0), 0x90)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(r1, &(0x7f00000006c0)={&(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000180)="83", 0x1}], 0x1}, 0x4c0e0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000480)=@can={0x1d, r2}, 0x80, &(0x7f0000000500)=[{&(0x7f00000002c0)="ee200d55666ea4dd7c5d9b52b7aaa6ce4ca2fba37d28ece0f811291840c98534672b28aa4978c58a2cda60fcfb7fa94403", 0x31}], 0x1, &(0x7f00000010c0)=[{0xb0, 0x118, 0x9, "15f745dd8cf5f9850a54237f33825ca7ff14778cff3d41d95400f82320de937fc7df846c23eca27baa4ebfe97880eed3d95da064d0676cb7590ca97566609028d0bc170e55dcf1857da00eeaa4974f2e380932795a9fbd2e024519c4f747d568c0f46303cafc59724802eb972e87bd8fd537451d2152df4c728e9160dd1c0cf6c26a860b4093fe19d6502f0ae0c63dd48563aebf057e87a9c594bf22"}, {0xe8, 0x0, 0x6, "ca0a7f1ab1c8ca9612b0977bcfafb5d630f9d7285c8a5cc589f0d49b7e365f7bb2888d1d09bd095ad1bfc7c71f4c147b3dc21b0e2bd53149cbf2795e5629f2cd16af9d6668061e7c1482ba1ae07169fe444c055fc70cbaaa13f6cd65e56aec1524108a7ed768c1444f615fb9b86a897a15cabb3b0fc2dd66cd982f41497970bee96dea94d2171771aee533eab3532f182e3b58468c7bc6b9e1280aa1a5ffe18f9a4618509009a2dcf13799d709d1685173231dc6f0e335ccbf8e3f7a5157d2a031dd5cb802a2801487cf863220cec69f3b2d52cf"}, {0x70, 0x111, 0x2, "2ad41aa342d0624bd554a03e55e27a734931a1f60cd6dde5c67daf481c1acbc96fbf7a5c72c680c271df5cef190048d0c6b7a564e4dbcdcde007998f4ed1e93254dd85633cac0398c8613cd29bcce99de585c295a62c61ae2ba242da5229"}], 0x208}, 0x4081)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f080350de0ffff00184000632f77fbac14140ce000006a62079f4b4d2f87e505ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f91731dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)

2.578843351s ago: executing program 1 (id=2710):
r0 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000001000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$cgroup_devices(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="d215d100008000000000000000000000f5777ded7015a2404e27419135a332269486bfdba526013c0dfaf4176496c8c27b109452d468334bcedc2322a6087aeafad87a613ca9ad8636cce0fbfd3710fb2d63e0d28571eedafa6c8fa1479fb54661f6729135c47cfdeccaa3cd5050b0461988408ae0be38f2435dd42ca1925138ded95262d8d5a2f84bf4d9f353b485ccf48e3b6c7d78ed58b98036cb1a211a432fc07cc363"], 0x9)
r3 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x9c7c, 0x4, 0x98, 0x9, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000280)={'nicvf0\x00', 0x2000})
syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000001000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
write$cgroup_devices(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="d215d100008000000000000000000000f5777ded7015a2404e27419135a332269486bfdba526013c0dfaf4176496c8c27b109452d468334bcedc2322a6087aeafad87a613ca9ad8636cce0fbfd3710fb2d63e0d28571eedafa6c8fa1479fb54661f6729135c47cfdeccaa3cd5050b0461988408ae0be38f2435dd42ca1925138ded95262d8d5a2f84bf4d9f353b485ccf48e3b6c7d78ed58b98036cb1a211a432fc07cc363"], 0x9) (async)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x9c7c, 0x4, 0x98, 0x9, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) (async)
socket$kcm(0xf, 0x3, 0x2) (async)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) (async)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000280)={'nicvf0\x00', 0x2000}) (async)

2.486814416s ago: executing program 0 (id=2711):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180000000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
close(r0)

1.993537115s ago: executing program 3 (id=2712):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0xf9c, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1080, 0x0, 0x0, 0x6, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0xe, &(0x7f0000000000)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000080)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x16, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0xa, 0x3, 0x42aec60a}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0x1, 0x1, 0x1], &(0x7f0000000240)=[{0x3, 0x4, 0x4, 0x2}, {0x1, 0x3, 0x4, 0xc}], 0x10, 0x40}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000005c0)={0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=r4, 0xe, 0x0, 0x0, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x0, &(0x7f0000000380)=[0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], <r5=>0x0}, 0x40)
r6 = bpf$ITER_CREATE(0x21, &(0x7f00000004c0)={r0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)={@cgroup=r6, r1, 0x2b, 0x0, 0x0, @void, @value, @void, @void, r5}, 0x20)
openat$cgroup_ro(r6, &(0x7f0000000580)='cgroup.controllers\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1fc, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a04, 0x4, @perf_config_ext={0x8000000000000001, 0x2}, 0x1a0a, 0x100000000000002, 0x3, 0x5, 0x0, 0xa, 0x0, 0xfe, 0x6, 0x0, 0xfffffffffffffffc}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0)
r8 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x1, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0d00002d264142a9c2fa58d0be13417400875a0000040000000300000000000000", @ANYRES32=r7, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x2, 0xf}, 0x2018, 0x0, 0x0, 0x8, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r10 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b06d25a806c8c6f94f90324fc600e0005000a000200053582c137153e3708500180040010000400", 0x33fe0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x20000000000000ac, &(0x7f0000001d80)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000087000003d0301000000000095000000000000006926000000000000bf67000000000000150a00000fff07003506000043fe0000160600000ee60000bf050000000000001f620000000000006507000000000000460700004c0000000f72000000000000bf5400000000000007040000f0fff8ffad420100000000009500000000000000050000000000000095000000000000001c0a7900009d3c2792432a4fa650c512aee994a56462712cb064ecce5e7a9ce0a575a4f7952cb768637e60bd5d2e4b5992de991371274fdf535e001022e25659a7c85615c1b88bc894123c090014e8fb87efecdcb73858479526222b22ff81971ef49b2cb0dcebea6d90e9c1677fbefd35893d883a2c559b7af8db8b2d89fcc8af461b2a74af360eace66cec40d927006bd666c8122217c27902b3933106d0cc5bf6fec345ae9606c3c1a3000c94df67ae600900ffa2f49ec035883e27b1a9e9dff3e8bfc7d1be00f1a0820102b19000000000000000009095601e090012086dee84efd375f0642ed261765d3b9efdfbed9b430bcf04060000bdff1c8bcfc00300000000000000ab5d5f299354997c8bef9ca55841a57eddff9220c67c9e17bee524c3dc74c0271124cf9e4e2d23f7062351edf77c7129eb89085967722da6cb884d1afe82f7f722e38397996271700241094d272dd8b754b2dd36d486e7ffd1bdc198deb495cac0995ca3ef6c1affb693ae366b0f11db6ee4830d87a347d448b0737e852306b4713e5ce6cac6a27e29f164b9f16d6f045271b8e9f172c3db24558d77b8bf18be45c50b3fc005fa7b5e45a209d48d6dc2389d7f34cb9c02cf517c8ee8a9b6159ce895101c2ccff2bde95aa860ed9b8b6d6b8fcab7663d9bd8415e6f90fdb007b8f3e0ffe3a638c4fd88d20d235173720c1df1147c9f5013c82fc98604bd70cd56609a6b73943748a900e1d8cf81bcb1d2620bee688eb0a284040000005cc3ba8bf0b5e0fc018463d03a73fa85429725545128b0e9b550a13d0dd35092250b7d00ff03d5314fa8d37932055bb6d30d0000cad2375a34c7f15c3096f31e6aa6887864f62760ae35214552982bba84d92b1261251330dde4cf97b7cc6b2349e4f7a56003f7303d210fccd2efe6cda2595aacc36db66ff83af576b56dfbd40b15d569244d7d6e1182c4fa829c3f86acd17082bfed73ab9ef37705f9d2734801899e248e1a7155e28f000000000000000fce52263e3953a6f8560f852602ca905b58a9e2dbf16dd0322d0bb3ceb1b01752230bcbbf731701b2b1768aabb9a002090c09ab606e91ad9d88e7205464594add8691b62d55127cd891b8abe4358697e1b5f038773c0aa220cdce78b9346adbd72b293e66ef1a04905aaf6bd31e8d40d425d21232956ee45935d7adb2bf9fb37ff145472c58dbc8db58d0cde99df77d86ed71070000000000006d5cf959fb84c9f8ec46ec9af313d13d1bd85d57f598c00eb7bb8b6b4ff5875a50e2ea3287cf0f838bffdbf985fdce1fb66979b51cc6d6d6661354f33986f7acee499e25e3b70db6f15d7f2bfc0000000000000000ff7f00009eeb78c3d2e83f5e0eaf5cec82f45884cb0394271826ac2d5cc0afc4e784b515c659901c5c6a8573436be7b0f64c6176ef37db239a1ee9839436e951aef4196798d518a4820a241cec1b3e4923dae4c87d460900000000000000de7b13645fc6921a759e2c23153f432a3e5167628a94aacd0f40543049d8ef9787b56006227f143ce5554837675b93eeced66fe71bbe2c055660d23af1c9a83b78d0fde1f9dd526858a320563807a1ef41829913ce0b280010dca0cb3a98a8986e8e656dcaa6ae4ee6717a29e50450688763f1b17c156b860ba0d5a121d00ceac30ef5e104c43d76074c3884cb8fa504ebc94f7c83e90b6cad8d2a02df007bd585f4472cfb004cd9f09995000000000021000002cfceb7feffffffffffffffb1a6c40ac666744ca6c8fbba8452b686fd9b6250edd7d86ebc35898637dd88540e40d5799c11ee9883be26229eeee3941494fcd4389af9b755843126338c346b4d50a5b8684ad74bad46f4ffd86292d72a933fcb7304aef4b4a4bf6e054fea3549e08c0dd2334f485da9382887c16306176f73f029e2f9f8145360cfd5ffd66ae82d51e683ff364981b358a5f48af10059a0716951942eed021e41ba076d486cd095ffcefc3e8b8ead226c5a640b06fc13311826d024248f14b62a7fb0f9b95c9e23e7d29aca69e77db40dd00c0b20e43e300b1a46e243e2a8321dbb1270a22d9a2368de08d625566f253f0760abb44c11583fa5b914ab298ade422e4c0ddc7b17dd2aa8ac94d93d6b590000000000000000000000009b90eb1db265c18521667d305886e9c47ad357a76be0c9ce899bdd80a51a2017190a590d092bc500ea71b338098d1007517c1d6e785d5e0975ca2c2edf221b30377e61fce8bf47e7b93da593d154caca75b1ef1273aa501807005593ba45d219d7c656be0fb900000000004093461ceec5fce099368e07060c21cabb846f2447fc7223731787bda817113489be9925b2f568b15e5d22c8fabbfd3edac460c70a5619a043ada38fea3b104f9c1a473b7820faecfbb40b5e0d3681013c0cb2b8acc1ceb5f790210a3be07b2727c4e5a5d20468b3ed35f9a71519904c6dd76dee5738dcdac1f4358bb65c1aca8eb0a65aacbaaca92cc7cc553b1c5181d81c15ff4eaea3bcbfc4e0d06bd8d2e2d941924f860f2aba2253b9038e6923b026b7ece3e9fcdf6aa14a65bd6cd7e78457dac1fb3cdc421d6059e17d44e378189035c2fe489e5b7a87c23ec952e2affbc7a4c707312b17a5f428527cb42a8cbd072490eae617e6ea32ee7d3055bfc9b1128553cb963d3873115296a8bd2efb7368ea2727b294d6eceee49ad9093738a3b1bbfa163a917380953fdc3a443a6585925ee14a817390a655c1988632a414b304d688116d79693efd80b293ddc89bb27529c34f4f8ee3ddbaf1c13a4e15186353efd0ced475794ff5f9b0580f2fb996928f0ca6d1a9f4bda1fe9c1bc2e657448c00ca6afb2e5b1c336d657c87f2634db46e2e8e82366a2de4dd41ca0a26ab49d5d357e5a8af73d9504af230513acadd2f0d9d99c4b6e4ebf68582cf8dc4dac990b216a6a216b0cae87a2339fda14e546b224857f758cb64ca2dcdf32b5420ad9f33dbaeb36b7466c5129508d57329f57ac682757e398c4d2a6f93fb1dfc2c840e06bd6c0d7ceedc3721b19c7c9fc1645cf32d79807c4d3e0898ae2a829df5c03834bc2558aeed652399a9cf9e5c859d3c5c5341b329fea445d2e040562a813c35ed1c1afab50aeb12eea9456adf21953947413c03af836bc339355250daeaca253f809493c75c9dcdbae3a76753d593623348e82b1e9c5480fd099b6322b6c6158ebe8ecba0ab364ce4a58e244b76d16b81905878c4caaad1f54cc11df97a50356638016a7e50a92ee55af3c64ae2b95653373d3471c0f26119e18426fae7739a9031618635a257cf58b1e9b8264b6543d6c1c372b66d9a5f96198ae01beeb398744ac4b6f26b568cd7b792039ac4e10f9307b1a8dc268a5d2af3dbce55fdac6d1a158a2243c679261aa080acdf0d55753d3163664df7e4129f12f850c694dc140cf9380687da9914be848a01bc7f5278eb3c3210664b62743887b822814c58a3304b392c7e2a6e64576248af87c0f995af921be86e8102d8343c0de8cda3512f84c894ed6c0206e41443c456467c42ff9ddad36e882cc5287394aedd8d413a061a2894f2ef5fc3072fc8a0c5c2a9f94954278c3d67a0b0fa6e002ce0840e3405d166f037a6e678ce1af6ed9c6e7023f8663d294f4bee1effc148e096d2eb91903c482548c0c5b135a31ae6903a9cb9a40a89155ce15dbe3e373a7ac4c7b4d391bdac5268b2d419f13aeb86f68725a4633eb883417bc23243a302ccc919e0b141ae8aeb7457264f8cad663255db96efda704cef9428ffeb16acd3295a36b1e514ecf65944d5c754e02410075714612e7841e6c7e1e2366bd6ccf335ac9dd35332ee78aaa2ff6950c81fd53db93dcebe8b9c42aeefaf63150d649bd1542014ac64daaec18e82854454967e37a6dccea142f2504a6aba4dd44594c230101a4574d56a1ff4f5b7dd246f7d607ff6f8bebf4fd7e709122f3129bec4dd5b4129829d15d1d3b1fb82e341a325f7863c5035a6568b35327a8364d98bdf516e27b57976af232128856692b491469c525eb2a48d4794459dae9213bd0088206f364f8c2c727e3e1d1a3ca9f1b40fea92bfea26189d3bf91e92c1e8795334cc268e0b31cd354701eff8adfa247b848b0ae203f78380b818c0afbe01efec884ff0a6cecfb726886bbdaf78ed3ebc40556b434d0fd81799d96cf302e1115c8cda0b4c7f27c8b4ad1a5808f6b908816ca7483f94fbb8391e6533833470c9c3352d70ae03bc8479e64caf16d5fabe77519aa196fcfb4e480620ef153a09e1dd59490ffab33976fba5b3126dc509e4cbc94bd59f745319efc4523e1f0387968be039a920a0abc8aef753f82ca796055bf28affa706df1312a898162454ff9010ee5fa95d56fa608ab283481c20d0fa2b3149a54c268d2b77ad6ce63f97e10bf3baa14dc7a4492587ae1e26237787231d000000000000000000000000003ef8cbcd3ffe8d35974cbb469c41e8ad0b58c5376c4fa943d02a4bd12dab3cab9ef4e62cb10820de0d87ddd79f820879e4ad8868f81cf931760d5c6b9c7337e8efcaa4e63eed8e3eb668f104cf1fa53fb300acb4bd61371d6f12165e9814d2517cba3403530d06737da5cb6ca5996af9a16cca9853430842bdf0995c53681e4a2b0bd1fdaeb0e7839669aed97a6f6f25f7de9ba0ea23384b85957faf49d62dba00af3c7e3c817e13e63c487fc167f2aff6e5a250937bb43b0a8e9d12ff551e6cc2d304aec2a5d843ea327c0a3379594726b92b1919367f3b1711087f160503b3b37170579ce2a664b21d86aca4cf19c1f36d264b0b7ba3de1e020601418d981c6f596e48d5cebe4ff0fb8046e87a5c4d95c079350000008a27cfe092f2b6b3f29599c2fb70e4ff3b6406006f07985f711ffbac75353a4dd0485de8728ce21b970a69815cc9573bf823ac81cb5492fdb730d65febcc86fa51e69972400147308c9e1d4245519934af03cecad1281994e50fff10b517b8a4af87e2cfa0bda85534b381e26c6d0129a0331c4989de36a7ce1fd38038e435d28ea4301eedc52ca3395de54498a4ed8f7d9b777b482da2b69161db7996e196e172e594b5673e3f4c607f570daebc30e0a5fbeb25a0aeb3c6e875aff6aeb6c6865eef373bce286a5557f55e28c290c1780690f3f63e6fedb4d942ddc4182e335e52d0dfe0a26108234b51d77073ce17415ead4cd526952e38353834f71cf0afff05ca8239aab1927ac1453201dd18caa4316814554fca8f579a721476946beae9d9b763b2e42dc69658a0c5d67045028aeb1135e3fabf7b7aa76ec475a06a771bb914188f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x80000}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0xffffffffffffffff}, 0x94)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x599, 0x1, 0x0, 0x1}, 0x48)
mkdir(&(0x7f0000000000)='./file\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file/file0/..//file0/file0\x00', 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r11, 0x0, 0x1ba8847c99}, 0x38)

1.804584766s ago: executing program 0 (id=2713):
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x2000000, @dev, 0x39}, 0x80, 0x0}, 0xe07e872420dfefca)
setsockopt$sock_attach_bpf(r0, 0x29, 0x4e, 0x0, 0x0)

1.626621526s ago: executing program 2 (id=2714):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20029, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xd}, 0x806, 0x3, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5c31, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x100c, 0x4, 0x0, 0x0, 0x2000000, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800d0ff0000000040000000000095000000000000000000ae0c7485fc05e3faa503fc40d8c26d64d0fb6157a6a3f1cea1d0f28b5a2a1c9dcd9ffd58287057143db19db69d815db2492be8ffb590d0e9b65f6a8ea47007c77dac11"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c00000009"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2}, 0xc)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r0, &(0x7f0000000040)="3e6a3bf3194920de03fd333beaa6998500b2c775b7d2e6236ef08c844b4651238775e0c6d72a20deb9a841104f22eeaf5f714e6a48cd0fe6f6e07022a1e6abf970df6ad2d451045f4b7be27a6ca4b8a3c41e02150519dfb2e486341cf946424646cd21fc5649b68e9820dd6579d13d96018ccc764018e8ae9ba77a13e207a77f8455376b33e05f3266cf362251c7d1e620ccff0b717377260fd9753bb33ed142d506de3295e54a57f41a7d3b3192", &(0x7f0000000140)=""/53}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

1.535705721s ago: executing program 0 (id=2715):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0xa, 0x3, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x8, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x1, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040), 0x3f00}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3f, 0x4, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b35, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90424fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000940)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007de0b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cd67b5b18065752a3ad500000000000000cb450063bc36005400000000000000ff7f00000001000000000000000000cb04fcbb0b5ba9918d37b056b9bbd11b6b9f260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb4845124ef2e487204000000aaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aadffcc75fe369258673b5d053bdec75dca377232a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db9af1b5d356d0f062137d866d11be4b1260b06cca9098a3f0151fdbbd4e97d62ecc6405003a60f1c6edc76683073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bdaeecc952a3fd2c46f3c1cde71a19d1a2982492abaa96765372831210e00"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x1f2f, 0x18, 0x1e8, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x1e8, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000000), 0x0, 0xe8030000}, 0x23)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000e00)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000e40)='blkio.bfq.io_serviced\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000e80)=ANY=[@ANYBLOB="9feb010018000000000000005400000054000000040000000700000009000006040000000d0000000100000006000000f0b10000070000000300000000000000020000000e000000f8ffffff00000000070000000c000000070000000200000006000000010000008100000000615f00b0d71a95"], &(0x7f0000000600)=""/148, 0x70, 0x94, 0x0, 0x0, 0x10000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0x20, &(0x7f00000006c0)={&(0x7f0000000800)=""/83, 0x53, <r6=>0x0, &(0x7f0000000880)=""/152, 0x98}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x18, 0x18, &(0x7f0000000380)=@raw=[@tail_call, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @jmp={0x5, 0x1, 0xd, 0x0, 0x7, 0x50, 0xfffffffffffffff0}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x7}, @jmp={0x5, 0x0, 0x8, 0x3, 0x3, 0x2, 0xfffffffffffffff0}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x77d}, @exit], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x78, &(0x7f00000002c0)=""/120, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x32, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xabb80000}, 0x94)

1.405751768s ago: executing program 1 (id=2716):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0xe, &(0x7f00000011c0)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e240000000000004504040001ffffff9404000001000a00b7040000000100006a0af2fe000000008500000078000000b70000000000000095000000000000009e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9171e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62dd7c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18568136207304e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100d33128954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e117e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3feec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f864b0ba45efbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90104c48e41d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b81da301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3040000002e334319c8979c322e92fbc2c400009f2404b941553843de114fdb03"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
r1 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x1e, 0x100000000}, 0x1cad, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$kcm(0xf, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc008744c, 0xf0ff1f00000000)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e502000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r4, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
gettid()
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

1.335477863s ago: executing program 2 (id=2717):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/29], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
close(r0)

1.264973587s ago: executing program 0 (id=2718):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000028c0)=""/4049, 0xfd1}, {&(0x7f0000001880)=""/4105, 0x1009}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000000d80)=""/117, 0x75}], 0x4}, 0x100)

1.068354009s ago: executing program 0 (id=2719):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001040)="b8b2cc1e00c1dba49dbb66ca892f", 0xe}], 0x1}, 0x0)

1.023481131s ago: executing program 1 (id=2720):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x465d8bf07e5af213}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000018000000000c4bcd733a539395d", @ANYRES16=r0, @ANYRESHEX=r1, @ANYRES32=r1, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x16, 0x7, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0xe, 0x0, &(0x7f0000000340)="0000000000005eefc9bb9fd1b208", 0x0, 0x2e8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYRES32], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r4) (async, rerun: 64)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
write$cgroup_pid(r6, &(0x7f0000000040), 0x12) (async)
openat$cgroup_ro(r6, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0)
openat$cgroup_pressure(r5, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f00000003c0)=0x201, 0x12) (async)
mkdirat$cgroup(r7, &(0x7f00000001c0)='syz0\x00', 0x1ff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x4080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x4206}, 0x2, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) (async, rerun: 32)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0xb, 0x0, 0x0, 0x1, 0xa66a6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x4, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, 0x0)
write$cgroup_subtree(r9, 0x0, 0xfdef) (async)
socket$kcm(0x2, 0xa, 0x2) (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)) (async, rerun: 32)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x100002e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0x1, r1, 0x9)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000380)) (async)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

1.003201682s ago: executing program 2 (id=2721):
socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001140)="9d7fcf3efc55ba8b4726d7ccaf31b838053ece910d1680964f855f9f96bd206d4776368ed2a92432e5af290000000000000008000000000000000000", 0x3c}], 0x2, &(0x7f0000001240)=[@ip_tos_u8={{0x11, 0x4410, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @remote}}}, @ip_tos_int={{0x14, 0x29, 0x32}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@rr={0x7, 0x2b, 0xac, [@private=0xa011100, @local, @dev={0xac, 0x14, 0x14, 0x1b}, @rand_addr=0x64010102, @private=0xa010100, @empty, @empty, @private=0xa010102, @private=0xa010100, @empty]}, @rr={0x7, 0x17, 0x43, [@empty, @broadcast, @multicast1, @multicast2, @empty]}, @ssrr={0x89, 0xf, 0xa8, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @loopback]}, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}], 0xc0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x7, 0x4, 0x0, 0x3be3d60c}, {0x6, 0xb, 0xca}]})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x29, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8040, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3efd7ab4c41335d9, @perf_config_ext={0x7, 0x4}, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0xff81, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f00000018c0)={r3})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={0xffffffffffffffff, &(0x7f0000000080)="a0", 0x0}, 0x20)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)="2000000020008107090f9becdb4cb96b0200000000fbff010000000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x89, 0x1, 0x0, 0x0, 0x0, 0x34, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x2}, 0x8002, 0x2, 0xfffffffe, 0x0, 0x200, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x0, 0x9a, 0x0, 0xfd, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x408, 0xca, 0xfffffffc, 0x2, 0xfffffffffffffffc, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xfffffff9, 0x0, 0x1}, 0x0, 0x1001, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
write$cgroup_subtree(r6, &(0x7f0000000200)=ANY=[], 0x12)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r9, &(0x7f0000000140)={&(0x7f0000000440)=@l2={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r9, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/43, 0x2b}, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r9], 0x0, 0x5a, 0x0, 0x1}, 0x28)

933.762156ms ago: executing program 0 (id=2722):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080a2, 0x9, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x0, 0x23, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x9, &(0x7f0000000380), 0x98)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b87, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x4)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000ec0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func_proto]}, {0x0, [0x61]}}, &(0x7f0000000340)=""/81, 0x27, 0x51, 0x1, 0x5}, 0x28)
openat$cgroup_int(r2, &(0x7f0000000480)='cpu.max\x00', 0x2, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x8}, [@ldst={0x6, 0x3, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3}, &(0x7f0000000040), &(0x7f0000000580)=r4}, 0x20)
r5 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0xfe, &(0x7f0000000000)=[{&(0x7f0000000040)="0207000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)

882.350799ms ago: executing program 3 (id=2723):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040)=0x1)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x803})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x40840)

632.636443ms ago: executing program 1 (id=2724):
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000e40)={0xe4a6a88}, 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f800800000f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303"], 0x0}, 0x94) (async)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f91624fc60100c214002000003050582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000d80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x4}, 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000e00)={&(0x7f00000002c0)="a15cbd66bc33077fe06b1c23c533ac02d7bfddcf8aa22a6d3d801bdbcbc6eafc70bc9dd049b4b26f1879b1acae33f7982f3a5e2200b7e4a3a98a17450cb94b2f59a6915c9e2071fe3cdc457ecc1b606e4a924b3119adcb3a06f71add4d6394df3d41f6b25162d7ee5c8be1088b1a", &(0x7f0000000c80)=""/78, &(0x7f0000000d00)="65e1d4160afff0e382ca4914e1fa6596c24c4786555c4e3bf64522757cae0eb2093950db13ab7ebbecf7d73182e9999a4afef6a33714236a50f681a8455d270c84518e14c9544697", &(0x7f00000001c0)="9c78e73d825605", 0x7ff, r1}, 0x38) (async)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) (async, rerun: 32)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 32)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106) (rerun: 32)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x3000c041) (async)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) (async)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r7, 0x20, &(0x7f00000002c0)={0x0, 0x3c, 0x0, &(0x7f00000000c0)=""/171, 0xab}}, 0x10) (async)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x40af1d, 0x1, @perf_config_ext={0xff, 0x7}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) (async)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000e80)={r0, r3})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async, rerun: 32)
r9 = socket$kcm(0x2, 0x5, 0x0) (rerun: 32)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x4) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000001f00)=@generic={&(0x7f0000000ec0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x10}, 0x18) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000002040)={@fallback=r1, 0x12, 0x0, 0x0, &(0x7f0000001f40)=[0x0], 0x1, 0x0, &(0x7f0000001f80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001fc0)=[0x0, 0x0], &(0x7f0000002000)=[0x0]}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8}, 0x94)

492.001732ms ago: executing program 2 (id=2725):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$kcm(r0, 0x0, 0x40000)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x4b, &(0x7f0000000100), 0x4)

491.049922ms ago: executing program 3 (id=2726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f00000001c0)='%pS    \x00'}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb7030000080003aab704000000000000850000003300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000860000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000046cb95a850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

301.795992ms ago: executing program 1 (id=2727):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080a2, 0x9, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x0, 0x23, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x9, &(0x7f0000000380), 0x98)
socket$kcm(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b87, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x4)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000ec0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func_proto]}, {0x0, [0x61]}}, &(0x7f0000000340)=""/81, 0x27, 0x51, 0x1, 0x5}, 0x28)
openat$cgroup_int(r2, &(0x7f0000000480)='cpu.max\x00', 0x2, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x8}, [@ldst={0x6, 0x3, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3}, &(0x7f0000000040), &(0x7f0000000580)=r4}, 0x20)
r5 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0xfe, &(0x7f0000000000)=[{&(0x7f0000000040)="0207000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)

287.433183ms ago: executing program 2 (id=2728):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0xe, &(0x7f00000011c0)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e240000000000004504040001ffffff9404000001000a00b7040000000100006a0af2fe000000008500000078000000b70000000000000095000000000000009e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9171e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62dd7c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18568136207304e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100d33128954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e117e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3feec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f864b0ba45efbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90104c48e41d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b81da301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3040000002e334319c8979c322e92fbc2c400009f2404b941553843de114fdb03"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
r1 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x1e, 0x100000000}, 0x1cad, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$kcm(0xf, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc008744c, 0xf0ff1f00000000)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e502000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
ioctl$SIOCSIFHWADDR(r4, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
gettid()
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)

218.086727ms ago: executing program 3 (id=2729):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000028c0)=""/4049, 0xfd1}, {&(0x7f0000001880)=""/4105, 0x1009}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000000d80)=""/117, 0x75}], 0x4}, 0x100)

0s ago: executing program 3 (id=2730):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
close(r0)

kernel console output (not intermixed with test programs):

0
[  303.126765][T11663]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  303.132780][T11663]  ? lock_chain_count+0x20/0x20
[  303.137670][T11663]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  303.143856][T11663]  ? lockdep_hardirqs_on+0x98/0x150
[  303.149080][T11663]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  303.155273][T11663]  ? 0xffffffffa0000a10
[  303.159451][T11663]  bpf_test_run+0x2df/0x870
[  303.164004][T11663]  ? bpf_test_run+0x174/0x870
[  303.168709][T11663]  ? convert___skb_to_skb+0x590/0x590
[  303.174110][T11663]  ? eth_get_headlen+0x210/0x210
[  303.179082][T11663]  ? slab_build_skb+0x25f/0x3f0
[  303.183969][T11663]  ? convert___skb_to_skb+0x3d/0x590
[  303.189279][T11663]  bpf_prog_test_run_skb+0xad2/0x12b0
[  303.194689][T11663]  ? cpu_online+0x60/0x60
[  303.199046][T11663]  bpf_prog_test_run+0x321/0x390
[  303.204029][T11663]  __sys_bpf+0x49d/0x890
[  303.208305][T11663]  ? bpf_link_show_fdinfo+0x390/0x390
[  303.213715][T11663]  ? lock_chain_count+0x20/0x20
[  303.218594][T11663]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  303.224607][T11663]  __x64_sys_bpf+0x7c/0x90
[  303.229054][T11663]  do_syscall_64+0x55/0xa0
[  303.233500][T11663]  ? clear_bhb_loop+0x40/0x90
[  303.238223][T11663]  ? clear_bhb_loop+0x40/0x90
[  303.242928][T11663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  303.248850][T11663] RIP: 0033:0x7f2cb059aeb9
[  303.253293][T11663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  303.272922][T11663] RSP: 002b:00007f2cb138c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  303.281361][T11663] RAX: ffffffffffffffda RBX: 00007f2cb0815fa0 RCX: 00007f2cb059aeb9
[  303.289364][T11663] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  303.297357][T11663] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  303.305351][T11663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.313343][T11663] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  303.321359][T11663]  </TASK>
[  303.533753][T11670] netlink: 'syz.2.1601': attribute type 39 has an invalid length.
[  303.757483][T11674] netlink: 'syz.1.1602': attribute type 3 has an invalid length.
[  303.765857][T11674] __nla_validate_parse: 3 callbacks suppressed
[  303.765876][T11674] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1602'.
[  303.869011][T11676] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1603'.
[  304.310370][T11683] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1605'.
[  304.751477][T11696] netlink: 'syz.2.1608': attribute type 10 has an invalid length.
[  304.911190][T11696] team0: Device veth1_macvtap failed to register rx_handler
[  305.147097][T11706] netlink: 10 bytes leftover after parsing attributes in process `syz.3.1610'.
[  305.199955][T11705] pimreg: tun_chr_ioctl cmd 1074025677
[  305.205924][T11705] pimreg: linktype set to 270
[  305.211592][T11707] pimreg: tun_chr_ioctl cmd 35108
[  305.217573][T11705] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1611'.
[  305.244833][T11705] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1611'.
[  305.323567][T11705] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1611'.
[  305.416569][T11696] syz.2.1608 (11696) used greatest stack depth: 17136 bytes left
[  305.654540][T11714] FAULT_INJECTION: forcing a failure.
[  305.654540][T11714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.692249][T11714] CPU: 0 PID: 11714 Comm: syz.1.1614 Not tainted syzkaller #0
[  305.699872][T11714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  305.709970][T11714] Call Trace:
[  305.713283][T11714]  <TASK>
[  305.716248][T11714]  dump_stack_lvl+0x18c/0x250
[  305.720981][T11714]  ? show_regs_print_info+0x20/0x20
[  305.726221][T11714]  ? load_image+0x400/0x400
[  305.730779][T11714]  ? __lock_acquire+0x7d40/0x7d40
[  305.735851][T11714]  should_fail_ex+0x39d/0x4d0
[  305.740568][T11714]  _copy_from_user+0x2f/0xe0
[  305.745193][T11714]  __copy_msghdr+0x3bb/0x580
[  305.749837][T11714]  ___sys_sendmsg+0x214/0x360
[  305.754543][T11714]  ? get_pid_task+0x20/0x1e0
[  305.759183][T11714]  ? __sys_sendmsg+0x2a0/0x2a0
[  305.764027][T11714]  ? __lock_acquire+0x7d40/0x7d40
[  305.769121][T11714]  __se_sys_sendmsg+0x1c2/0x2b0
[  305.774007][T11714]  ? __x64_sys_sendmsg+0x80/0x80
[  305.779052][T11714]  ? lockdep_hardirqs_on+0x98/0x150
[  305.784283][T11714]  do_syscall_64+0x55/0xa0
[  305.788741][T11714]  ? clear_bhb_loop+0x40/0x90
[  305.793459][T11714]  ? clear_bhb_loop+0x40/0x90
[  305.798177][T11714]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  305.804117][T11714] RIP: 0033:0x7f9d2579aeb9
[  305.808541][T11714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  305.828160][T11714] RSP: 002b:00007f9d2663a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  305.836635][T11714] RAX: ffffffffffffffda RBX: 00007f9d25a15fa0 RCX: 00007f9d2579aeb9
[  305.844624][T11714] RDX: 0000000000000804 RSI: 00002000000000c0 RDI: 0000000000000003
[  305.852620][T11714] RBP: 00007f9d2663a090 R08: 0000000000000000 R09: 0000000000000000
[  305.860715][T11714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.868729][T11714] R13: 00007f9d25a16038 R14: 00007f9d25a15fa0 R15: 00007ffcde6e7b38
[  305.876763][T11714]  </TASK>
[  306.161361][T11722] netlink: 'syz.3.1617': attribute type 21 has an invalid length.
[  306.235067][T11722] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1617'.
[  306.326085][T11724] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1616'.
[  306.960594][T11755] FAULT_INJECTION: forcing a failure.
[  306.960594][T11755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.989416][T11755] CPU: 1 PID: 11755 Comm: syz.0.1625 Not tainted syzkaller #0
[  306.996974][T11755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  307.007080][T11755] Call Trace:
[  307.010402][T11755]  <TASK>
[  307.013388][T11755]  dump_stack_lvl+0x18c/0x250
[  307.018134][T11755]  ? show_regs_print_info+0x20/0x20
[  307.023401][T11755]  ? load_image+0x400/0x400
[  307.027971][T11755]  ? __might_fault+0xaa/0x120
[  307.032704][T11755]  ? __lock_acquire+0x7d40/0x7d40
[  307.037802][T11755]  should_fail_ex+0x39d/0x4d0
[  307.042565][T11755]  _copy_from_user+0x2f/0xe0
[  307.047211][T11755]  bpf_prog_test_run_skb+0x266/0x12b0
[  307.052635][T11755]  ? __fget_files+0x28/0x4b0
[  307.057281][T11755]  ? __fget_files+0x28/0x4b0
[  307.061931][T11755]  ? __fget_files+0x43d/0x4b0
[  307.066675][T11755]  ? cpu_online+0x60/0x60
[  307.071056][T11755]  bpf_prog_test_run+0x321/0x390
[  307.076049][T11755]  __sys_bpf+0x49d/0x890
[  307.080346][T11755]  ? bpf_link_show_fdinfo+0x390/0x390
[  307.085788][T11755]  ? lock_chain_count+0x20/0x20
[  307.090702][T11755]  __x64_sys_bpf+0x7c/0x90
[  307.095165][T11755]  do_syscall_64+0x55/0xa0
[  307.099637][T11755]  ? clear_bhb_loop+0x40/0x90
[  307.104399][T11755]  ? clear_bhb_loop+0x40/0x90
[  307.109124][T11755]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.115066][T11755] RIP: 0033:0x7f656679aeb9
[  307.119525][T11755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  307.139190][T11755] RSP: 002b:00007f65675f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  307.147659][T11755] RAX: ffffffffffffffda RBX: 00007f6566a15fa0 RCX: 00007f656679aeb9
[  307.155683][T11755] RDX: 0000000000000050 RSI: 0000200000000280 RDI: 000000000000000a
[  307.163704][T11755] RBP: 00007f65675f9090 R08: 0000000000000000 R09: 0000000000000000
[  307.171727][T11755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.179746][T11755] R13: 00007f6566a16038 R14: 00007f6566a15fa0 R15: 00007ffcb75457e8
[  307.187788][T11755]  </TASK>
[  307.558617][T11767] netlink: 'syz.0.1629': attribute type 21 has an invalid length.
[  307.570604][T11767] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1629'.
[  309.001618][T11806] netlink: 'syz.1.1641': attribute type 6 has an invalid length.
[  309.162007][T11812] netlink: 'syz.1.1643': attribute type 21 has an invalid length.
[  309.172713][T11812] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1643'.
[  309.983221][T11847] netlink: 'syz.1.1655': attribute type 3 has an invalid length.
[  310.001521][T11847] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1655'.
[  310.026116][T11850] netlink: 'syz.2.1656': attribute type 10 has an invalid length.
[  310.033994][T11850] netlink: 65015 bytes leftover after parsing attributes in process `syz.2.1656'.
[  310.151431][T11869] netlink: 'syz.2.1658': attribute type 21 has an invalid length.
[  310.160449][T11869] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1658'.
[  310.653909][T11887] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.666170][T11887] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.681185][T11887] bridge0: entered allmulticast mode
[  314.210315][T11905] netlink: 'syz.3.1670': attribute type 9 has an invalid length.
[  314.218393][T11905] netlink: 154020 bytes leftover after parsing attributes in process `syz.3.1670'.
[  314.420609][T11911] netlink: 'syz.0.1672': attribute type 39 has an invalid length.
[  314.561566][T11908] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.1673'.
[  314.645512][T11918] FAULT_INJECTION: forcing a failure.
[  314.645512][T11918] name failslab, interval 1, probability 0, space 0, times 0
[  314.658620][T11918] CPU: 0 PID: 11918 Comm: syz.3.1674 Not tainted syzkaller #0
[  314.666133][T11918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  314.676264][T11918] Call Trace:
[  314.679577][T11918]  <TASK>
[  314.682546][T11918]  dump_stack_lvl+0x18c/0x250
[  314.687282][T11918]  ? show_regs_print_info+0x20/0x20
[  314.692539][T11918]  ? load_image+0x400/0x400
[  314.697101][T11918]  ? __might_sleep+0xe0/0xe0
[  314.701739][T11918]  ? __lock_acquire+0x7d40/0x7d40
[  314.706815][T11918]  should_fail_ex+0x39d/0x4d0
[  314.711562][T11918]  should_failslab+0x9/0x20
[  314.716113][T11918]  slab_pre_alloc_hook+0x59/0x310
[  314.721191][T11918]  ? kernfs_fop_write_iter+0x159/0x520
[  314.726680][T11918]  ? kernfs_fop_write_iter+0x159/0x520
[  314.732186][T11918]  __kmem_cache_alloc_node+0x53/0x250
[  314.737596][T11918]  ? kernfs_fop_write_iter+0x159/0x520
[  314.743078][T11918]  __kmalloc+0xa4/0x230
[  314.747263][T11918]  kernfs_fop_write_iter+0x159/0x520
[  314.752583][T11918]  vfs_write+0x46c/0x990
[  314.756859][T11918]  ? file_end_write+0x250/0x250
[  314.761751][T11918]  ? __fget_files+0x43d/0x4b0
[  314.766474][T11918]  ? __fdget_pos+0x2a3/0x330
[  314.771100][T11918]  ? ksys_write+0x75/0x260
[  314.775551][T11918]  ksys_write+0x150/0x260
[  314.779910][T11918]  ? __ia32_sys_read+0x90/0x90
[  314.784700][T11918]  ? lockdep_hardirqs_on+0x98/0x150
[  314.789929][T11918]  do_syscall_64+0x55/0xa0
[  314.794376][T11918]  ? clear_bhb_loop+0x40/0x90
[  314.799084][T11918]  ? clear_bhb_loop+0x40/0x90
[  314.803802][T11918]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.809747][T11918] RIP: 0033:0x7f2cb059aeb9
[  314.814187][T11918] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.833818][T11918] RSP: 002b:00007f2cb138c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  314.842268][T11918] RAX: ffffffffffffffda RBX: 00007f2cb0815fa0 RCX: 00007f2cb059aeb9
[  314.850268][T11918] RDX: 0000000000000008 RSI: 0000200000000580 RDI: 0000000000000005
[  314.858267][T11918] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  314.866281][T11918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.874286][T11918] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  314.882308][T11918]  </TASK>
[  315.228131][T11929] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  317.331097][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  317.339023][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  319.016545][T11962] netlink: 'syz.1.1685': attribute type 39 has an invalid length.
[  319.091780][T11964] FAULT_INJECTION: forcing a failure.
[  319.091780][T11964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.107719][T11964] CPU: 1 PID: 11964 Comm: syz.0.1687 Not tainted syzkaller #0
[  319.115249][T11964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  319.125346][T11964] Call Trace:
[  319.128676][T11964]  <TASK>
[  319.131650][T11964]  dump_stack_lvl+0x18c/0x250
[  319.136391][T11964]  ? show_regs_print_info+0x20/0x20
[  319.141691][T11964]  ? load_image+0x400/0x400
[  319.146258][T11964]  ? __might_fault+0xaa/0x120
[  319.150988][T11964]  ? __lock_acquire+0x7d40/0x7d40
[  319.156095][T11964]  should_fail_ex+0x39d/0x4d0
[  319.160860][T11964]  _copy_from_user+0x2f/0xe0
[  319.165521][T11964]  ___sys_sendmsg+0x1c7/0x360
[  319.170287][T11964]  ? __sys_sendmsg+0x2a0/0x2a0
[  319.175194][T11964]  ? trace_call_bpf+0xc3/0x6c0
[  319.180159][T11964]  __se_sys_sendmsg+0x1c2/0x2b0
[  319.185071][T11964]  ? __x64_sys_sendmsg+0x80/0x80
[  319.190098][T11964]  ? lockdep_hardirqs_on+0x98/0x150
[  319.195401][T11964]  do_syscall_64+0x55/0xa0
[  319.199875][T11964]  ? clear_bhb_loop+0x40/0x90
[  319.204599][T11964]  ? clear_bhb_loop+0x40/0x90
[  319.209347][T11964]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  319.215303][T11964] RIP: 0033:0x7f656679aeb9
[  319.219773][T11964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  319.239443][T11964] RSP: 002b:00007f65675f9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.247932][T11964] RAX: ffffffffffffffda RBX: 00007f6566a15fa0 RCX: 00007f656679aeb9
[  319.255953][T11964] RDX: 0000000020000000 RSI: 0000200000000780 RDI: 0000000000000005
[  319.263971][T11964] RBP: 00007f65675f9090 R08: 0000000000000000 R09: 0000000000000000
[  319.271982][T11964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.280003][T11964] R13: 00007f6566a16038 R14: 00007f6566a15fa0 R15: 00007ffcb75457e8
[  319.288072][T11964]  </TASK>
[  320.224449][T11989] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1692'.
[  320.278687][T11989] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1692'.
[  320.316828][T11992] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1692'.
[  323.147583][T12008] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1706'.
[  325.737091][T12008] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1706'.
[  326.181199][T12027] netlink: 'syz.3.1701': attribute type 39 has an invalid length.
[  327.418388][T12052] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1710'.
[  327.512977][T12055] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1711'.
[  327.658257][T12055] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1711'.
[  327.683086][T12056] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1711'.
[  330.688164][T12076] netlink: 'syz.0.1717': attribute type 3 has an invalid length.
[  330.705200][T12076] netlink: 'syz.0.1717': attribute type 5 has an invalid length.
[  330.803975][T12076] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1717'.
[  331.312926][T12095] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1722'.
[  332.158754][T12153] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  332.512128][T12165] netlink: 'syz.3.1728': attribute type 21 has an invalid length.
[  332.538797][T12165] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1728'.
[  332.826523][T12174] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1730'.
[  333.251961][T12188] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1734'.
[  333.275411][T12174] syzkaller0: entered promiscuous mode
[  333.282097][T12174] syzkaller0: entered allmulticast mode
[  336.439414][T12247] FAULT_INJECTION: forcing a failure.
[  336.439414][T12247] name failslab, interval 1, probability 0, space 0, times 0
[  336.453337][T12247] CPU: 1 PID: 12247 Comm: syz.1.1743 Not tainted syzkaller #0
[  336.460859][T12247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  336.470966][T12247] Call Trace:
[  336.474281][T12247]  <TASK>
[  336.477245][T12247]  dump_stack_lvl+0x18c/0x250
[  336.481971][T12247]  ? show_regs_print_info+0x20/0x20
[  336.487219][T12247]  ? load_image+0x400/0x400
[  336.491778][T12247]  should_fail_ex+0x39d/0x4d0
[  336.496504][T12247]  should_failslab+0x9/0x20
[  336.501052][T12247]  slab_pre_alloc_hook+0x59/0x310
[  336.506147][T12247]  kmem_cache_alloc+0x5a/0x2d0
[  336.510951][T12247]  ? dst_alloc+0x105/0x170
[  336.515418][T12247]  dst_alloc+0x105/0x170
[  336.519696][T12247]  ip_route_output_key_hash_rcu+0x14f0/0x2360
[  336.525805][T12247]  ? ip_route_output_key_hash_rcu+0x1331/0x2360
[  336.532109][T12247]  ? ip_route_output_key_hash+0x13d/0x330
[  336.537854][T12247]  ip_route_output_key_hash+0x1f3/0x330
[  336.543432][T12247]  ? ip_route_input_rcu+0x30e0/0x30e0
[  336.548837][T12247]  ? __lock_acquire+0x7d40/0x7d40
[  336.553891][T12247]  ip_route_output_flow+0x2a/0x150
[  336.559027][T12247]  ? security_sk_classify_flow+0x7b/0x90
[  336.564684][T12247]  raw_sendmsg+0x129a/0x1c00
[  336.569310][T12247]  ? compat_raw_ioctl+0x70/0x70
[  336.574202][T12247]  ? __lock_acquire+0x1273/0x7d40
[  336.579268][T12247]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  336.585710][T12247]  ? sock_rps_record_flow+0x19/0x3f0
[  336.591016][T12247]  ? inet_sendmsg+0x7c/0x2f0
[  336.595627][T12247]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  336.600933][T12247]  ? security_socket_sendmsg+0x80/0xa0
[  336.606409][T12247]  ? inet_send_prepare+0x260/0x260
[  336.611543][T12247]  ____sys_sendmsg+0x5ba/0x960
[  336.616329][T12247]  ? __lock_acquire+0x7d40/0x7d40
[  336.621418][T12247]  ? __asan_memset+0x22/0x40
[  336.626035][T12247]  ? __sys_sendmsg_sock+0x30/0x30
[  336.631087][T12247]  ? __import_iovec+0x3fa/0x850
[  336.635963][T12247]  ? import_iovec+0x73/0xa0
[  336.640488][T12247]  ___sys_sendmsg+0x2a6/0x360
[  336.645198][T12247]  ? get_pid_task+0x20/0x1e0
[  336.649815][T12247]  ? __sys_sendmsg+0x2a0/0x2a0
[  336.654631][T12247]  ? __lock_acquire+0x7d40/0x7d40
[  336.659692][T12247]  __se_sys_sendmsg+0x1c2/0x2b0
[  336.664559][T12247]  ? __x64_sys_sendmsg+0x80/0x80
[  336.669536][T12247]  ? lockdep_hardirqs_on+0x98/0x150
[  336.674759][T12247]  do_syscall_64+0x55/0xa0
[  336.679199][T12247]  ? clear_bhb_loop+0x40/0x90
[  336.683895][T12247]  ? clear_bhb_loop+0x40/0x90
[  336.688601][T12247]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.694521][T12247] RIP: 0033:0x7f9d2579aeb9
[  336.698957][T12247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.718602][T12247] RSP: 002b:00007f9d2663a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.727043][T12247] RAX: ffffffffffffffda RBX: 00007f9d25a15fa0 RCX: 00007f9d2579aeb9
[  336.735030][T12247] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  336.743015][T12247] RBP: 00007f9d2663a090 R08: 0000000000000000 R09: 0000000000000000
[  336.751003][T12247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.758989][T12247] R13: 00007f9d25a16038 R14: 00007f9d25a15fa0 R15: 00007ffcde6e7b38
[  336.766994][T12247]  </TASK>
[  338.258526][T12288] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1753'.
[  338.773052][T12297] netlink: 'syz.0.1754': attribute type 10 has an invalid length.
[  338.892755][T12297] team0: Port device geneve1 added
[  338.991868][T12297] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1754'.
[  339.159188][T12305] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  339.226513][T12307] netlink: 'syz.0.1759': attribute type 21 has an invalid length.
[  339.965931][T12335] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1767'.
[  340.773000][T12363] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1778'.
[  341.908425][T12402] netlink: 203296 bytes leftover after parsing attributes in process `syz.0.1793'.
[  342.386123][T12427] FAULT_INJECTION: forcing a failure.
[  342.386123][T12427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.400671][T12427] CPU: 1 PID: 12427 Comm: syz.2.1802 Not tainted syzkaller #0
[  342.408315][T12427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  342.418427][T12427] Call Trace:
[  342.421739][T12427]  <TASK>
[  342.424702][T12427]  dump_stack_lvl+0x18c/0x250
[  342.429426][T12427]  ? show_regs_print_info+0x20/0x20
[  342.434666][T12427]  ? load_image+0x400/0x400
[  342.439255][T12427]  ? __might_fault+0xaa/0x120
[  342.443993][T12427]  ? __lock_acquire+0x7d40/0x7d40
[  342.449075][T12427]  should_fail_ex+0x39d/0x4d0
[  342.453802][T12427]  _copy_from_user+0x2f/0xe0
[  342.458439][T12427]  generic_map_update_batch+0x59a/0x810
[  342.464038][T12427]  ? rcu_read_unlock+0xa0/0xa0
[  342.468843][T12427]  ? __fdget+0x180/0x210
[  342.473128][T12427]  ? rcu_read_unlock+0xa0/0xa0
[  342.477921][T12427]  bpf_map_do_batch+0x3d7/0x610
[  342.482811][T12427]  __sys_bpf+0x381/0x890
[  342.487088][T12427]  ? bpf_link_show_fdinfo+0x390/0x390
[  342.492528][T12427]  ? lock_chain_count+0x20/0x20
[  342.497516][T12427]  __x64_sys_bpf+0x7c/0x90
[  342.501979][T12427]  do_syscall_64+0x55/0xa0
[  342.506450][T12427]  ? clear_bhb_loop+0x40/0x90
[  342.511187][T12427]  ? clear_bhb_loop+0x40/0x90
[  342.515913][T12427]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  342.521847][T12427] RIP: 0033:0x7fe09139aeb9
[  342.526298][T12427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.546037][T12427] RSP: 002b:00007fe0921b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  342.554509][T12427] RAX: ffffffffffffffda RBX: 00007fe091615fa0 RCX: 00007fe09139aeb9
[  342.562519][T12427] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  342.570518][T12427] RBP: 00007fe0921b0090 R08: 0000000000000000 R09: 0000000000000000
[  342.578511][T12427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.586495][T12427] R13: 00007fe091616038 R14: 00007fe091615fa0 R15: 00007ffc38853d98
[  342.594509][T12427]  </TASK>
[  342.932384][T12440] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1807'.
[  344.405896][T12489] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  344.769998][T12505] netlink: 'syz.2.1828': attribute type 21 has an invalid length.
[  345.738818][T12542] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  346.438682][T12573] netlink: 'syz.3.1843': attribute type 10 has an invalid length.
[  346.554102][T12574] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  347.291607][T12601] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1852'.
[  347.813364][T12613] netlink: 'syz.3.1855': attribute type 1 has an invalid length.
[  347.830934][T12613] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.1855'.
[  349.038293][T12654] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  349.217516][T12661] netlink: 'syz.0.1873': attribute type 21 has an invalid length.
[  349.429780][T12668] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  350.090093][T12691] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  350.354692][T12698] netlink: 'syz.2.1887': attribute type 21 has an invalid length.
[  350.382175][T12696] netlink: 'syz.1.1886': attribute type 4 has an invalid length.
[  350.460944][T12696] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1886'.
[  350.880568][T12716] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1893'.
[  351.089149][T12724] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  351.796718][T12741] FAULT_INJECTION: forcing a failure.
[  351.796718][T12741] name failslab, interval 1, probability 0, space 0, times 0
[  351.809808][T12741] CPU: 0 PID: 12741 Comm: syz.2.1901 Not tainted syzkaller #0
[  351.817335][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  351.827510][T12741] Call Trace:
[  351.830927][T12741]  <TASK>
[  351.833896][T12741]  dump_stack_lvl+0x18c/0x250
[  351.838617][T12741]  ? show_regs_print_info+0x20/0x20
[  351.843841][T12741]  ? load_image+0x400/0x400
[  351.848384][T12741]  should_fail_ex+0x39d/0x4d0
[  351.853103][T12741]  should_failslab+0x9/0x20
[  351.857637][T12741]  slab_pre_alloc_hook+0x59/0x310
[  351.862690][T12741]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  351.868704][T12741]  kmem_cache_alloc+0x5a/0x2d0
[  351.873500][T12741]  ? dst_alloc+0x105/0x170
[  351.877950][T12741]  dst_alloc+0x105/0x170
[  351.882224][T12741]  ip_route_output_key_hash_rcu+0x14f0/0x2360
[  351.888346][T12741]  ? ip_route_output_key_hash+0x13d/0x330
[  351.894125][T12741]  ip_route_output_key_hash+0x1f3/0x330
[  351.899736][T12741]  ? ip_route_input_rcu+0x30e0/0x30e0
[  351.905170][T12741]  ? __asan_memset+0x22/0x40
[  351.909798][T12741]  ip_route_output_flow+0x2a/0x150
[  351.914941][T12741]  ip_tunnel_xmit+0x9b1/0x2410
[  351.919745][T12741]  ? ip_tunnel_xmit+0xa0/0x2410
[  351.924643][T12741]  ? ip4_dst_hoplimit+0x2d0/0x2d0
[  351.929693][T12741]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  351.935704][T12741]  ? gre_build_header+0x25b/0x990
[  351.940757][T12741]  ipgre_xmit+0x7a6/0xb20
[  351.945140][T12741]  dev_hard_start_xmit+0x246/0x740
[  351.950291][T12741]  __dev_queue_xmit+0x1ac2/0x36b0
[  351.955354][T12741]  ? __dev_queue_xmit+0x26b/0x36b0
[  351.960520][T12741]  ? netdev_core_pick_tx+0x340/0x340
[  351.965839][T12741]  ? skb_release_data+0x1cf/0x800
[  351.970922][T12741]  ? pskb_expand_head+0xbfe/0x1230
[  351.976070][T12741]  __bpf_tx_skb+0x189/0x250
[  351.980636][T12741]  bpf_clone_redirect+0x30f/0x4a0
[  351.985705][T12741]  bpf_prog_208b094576c80b22+0x5e/0x63
[  351.991197][T12741]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  351.997210][T12741]  ? lock_chain_count+0x20/0x20
[  352.002091][T12741]  ? seqcount_lockdep_reader_access+0x12b/0x1d0
[  352.008357][T12741]  ? lockdep_softirqs_on+0x580/0x580
[  352.013661][T12741]  ? ktime_get+0x7f/0x280
[  352.018022][T12741]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  352.024284][T12741]  ? ktime_get_real_ts64+0x440/0x440
[  352.029598][T12741]  ? __x64_sys_bpf+0x7c/0x90
[  352.034219][T12741]  ? __local_bh_disable_ip+0x108/0x1a0
[  352.039728][T12741]  ? __cant_sleep+0x220/0x220
[  352.044429][T12741]  ? read_tsc+0x9/0x20
[  352.048535][T12741]  ? ktime_get+0x24b/0x280
[  352.052983][T12741]  ? bpf_test_run+0x174/0x870
[  352.057683][T12741]  bpf_test_run+0x2df/0x870
[  352.062222][T12741]  ? bpf_test_run+0x174/0x870
[  352.066922][T12741]  ? convert___skb_to_skb+0x590/0x590
[  352.072328][T12741]  ? eth_get_headlen+0x210/0x210
[  352.077301][T12741]  ? slab_build_skb+0x25f/0x3f0
[  352.082185][T12741]  ? convert___skb_to_skb+0x3d/0x590
[  352.087494][T12741]  bpf_prog_test_run_skb+0xad2/0x12b0
[  352.092920][T12741]  ? cpu_online+0x60/0x60
[  352.097276][T12741]  bpf_prog_test_run+0x321/0x390
[  352.102250][T12741]  __sys_bpf+0x49d/0x890
[  352.106543][T12741]  ? bpf_link_show_fdinfo+0x390/0x390
[  352.111951][T12741]  ? lock_chain_count+0x20/0x20
[  352.116840][T12741]  __x64_sys_bpf+0x7c/0x90
[  352.121275][T12741]  do_syscall_64+0x55/0xa0
[  352.125730][T12741]  ? clear_bhb_loop+0x40/0x90
[  352.130428][T12741]  ? clear_bhb_loop+0x40/0x90
[  352.135133][T12741]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  352.141055][T12741] RIP: 0033:0x7fe09139aeb9
[  352.145513][T12741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  352.165139][T12741] RSP: 002b:00007fe0921b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  352.173572][T12741] RAX: ffffffffffffffda RBX: 00007fe091615fa0 RCX: 00007fe09139aeb9
[  352.181562][T12741] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  352.189549][T12741] RBP: 00007fe0921b0090 R08: 0000000000000000 R09: 0000000000000000
[  352.197536][T12741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.205536][T12741] R13: 00007fe091616038 R14: 00007fe091615fa0 R15: 00007ffc38853d98
[  352.213541][T12741]  </TASK>
[  352.720908][T12757] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  354.468544][T12800] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  354.699697][T12804] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  354.733942][T12804] mac80211_hwsim hwsim7 wlan0: left allmulticast mode
[  354.813972][T12804] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1922'.
[  354.843627][T12804] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  354.859372][T12804] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[  354.929438][T12808] syz.1.1922[12808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  354.929634][T12808] syz.1.1922[12808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  355.758651][T12836] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  355.951220][T12840] netlink: 'syz.2.1934': attribute type 21 has an invalid length.
[  356.359503][T12852] netlink: 'syz.0.1936': attribute type 21 has an invalid length.
[  357.111621][T12873] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  358.888610][T12925] netlink: 'syz.3.1962': attribute type 21 has an invalid length.
[  359.599454][T12940] mac80211_hwsim hwsim8 .3ãc¤±: renamed from wlan1 (while UP)
[  359.745223][T12946] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  360.287441][T12960] netlink: 'syz.1.1971': attribute type 21 has an invalid length.
[  361.017708][T12986] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  361.372440][T13002] netlink: 'syz.1.1983': attribute type 10 has an invalid length.
[  361.536898][T13005] netlink: 'syz.2.1984': attribute type 10 has an invalid length.
[  361.584467][T13005] 8021q: adding VLAN 0 to HW filter on device team0
[  361.597468][T13005] bond0: (slave team0): Enslaving as an active interface with an up link
[  361.653734][T13006] lo: entered allmulticast mode
[  361.843664][T13005] lo: entered promiscuous mode
[  361.861291][T13005] lo: left allmulticast mode
[  362.135991][T13005] syz.2.1984 (13005) used greatest stack depth: 16936 bytes left
[  362.731917][T13040] netlink: 'syz.0.1993': attribute type 21 has an invalid length.
[  362.860910][T13047] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  363.349186][T13063] netlink: 'syz.3.1997': attribute type 39 has an invalid length.
[  364.328984][T13082] netlink: 'syz.3.2004': attribute type 21 has an invalid length.
[  364.885778][T13103] FAULT_INJECTION: forcing a failure.
[  364.885778][T13103] name failslab, interval 1, probability 0, space 0, times 0
[  364.905685][T13103] CPU: 0 PID: 13103 Comm: syz.2.2008 Not tainted syzkaller #0
[  364.913200][T13103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  364.923403][T13103] Call Trace:
[  364.926732][T13103]  <TASK>
[  364.929702][T13103]  dump_stack_lvl+0x18c/0x250
[  364.934438][T13103]  ? sctp_sendmsg+0x1575/0x28c0
[  364.939355][T13103]  ? ___sys_sendmsg+0x2a6/0x360
[  364.944295][T13103]  ? show_regs_print_info+0x20/0x20
[  364.949540][T13103]  ? load_image+0x400/0x400
[  364.954106][T13103]  should_fail_ex+0x39d/0x4d0
[  364.958838][T13103]  should_failslab+0x9/0x20
[  364.963403][T13103]  slab_pre_alloc_hook+0x59/0x310
[  364.968508][T13103]  ? sctp_add_bind_addr+0x8c/0x360
[  364.973689][T13103]  __kmem_cache_alloc_node+0x53/0x250
[  364.979126][T13103]  ? sctp_add_bind_addr+0x8c/0x360
[  364.984301][T13103]  kmalloc_trace+0x2a/0xe0
[  364.988788][T13103]  sctp_add_bind_addr+0x8c/0x360
[  364.993795][T13103]  sctp_copy_local_addr_list+0x315/0x4f0
[  364.999531][T13103]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  365.005326][T13103]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  365.011467][T13103]  ? sctp_v4_is_any+0x35/0x60
[  365.016194][T13103]  ? sctp_copy_one_addr+0x8c/0x350
[  365.021381][T13103]  sctp_bind_addr_copy+0xb3/0x3c0
[  365.026540][T13103]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  365.032906][T13103]  sctp_connect_new_asoc+0x2f9/0x6a0
[  365.038251][T13103]  ? __sctp_connect+0xd80/0xd80
[  365.043160][T13103]  ? __local_bh_enable_ip+0x14b/0x1c0
[  365.048597][T13103]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  365.054202][T13103]  ? security_sctp_bind_connect+0x89/0xb0
[  365.059988][T13103]  sctp_sendmsg+0x1575/0x28c0
[  365.064732][T13103]  ? sctp_getsockopt+0xb60/0xb60
[  365.069731][T13103]  ? lock_chain_count+0x20/0x20
[  365.074839][T13103]  ? inet_send_prepare+0x260/0x260
[  365.080007][T13103]  ? sctp_getsockopt+0xb60/0xb60
[  365.084991][T13103]  ? inet_send_prepare+0x260/0x260
[  365.090160][T13103]  ____sys_sendmsg+0x5ba/0x960
[  365.094988][T13103]  ? __lock_acquire+0x7d40/0x7d40
[  365.100066][T13103]  ? __asan_memset+0x22/0x40
[  365.104698][T13103]  ? __sys_sendmsg_sock+0x30/0x30
[  365.109769][T13103]  ? __import_iovec+0x5f2/0x850
[  365.114671][T13103]  ? import_iovec+0x73/0xa0
[  365.119241][T13103]  ___sys_sendmsg+0x2a6/0x360
[  365.123961][T13103]  ? get_pid_task+0x20/0x1e0
[  365.128645][T13103]  ? __sys_sendmsg+0x2a0/0x2a0
[  365.133481][T13103]  ? __lock_acquire+0x7d40/0x7d40
[  365.138558][T13103]  __se_sys_sendmsg+0x1c2/0x2b0
[  365.143438][T13103]  ? __x64_sys_sendmsg+0x80/0x80
[  365.148409][T13103]  ? lockdep_hardirqs_on+0x98/0x150
[  365.153635][T13103]  do_syscall_64+0x55/0xa0
[  365.158112][T13103]  ? clear_bhb_loop+0x40/0x90
[  365.162810][T13103]  ? clear_bhb_loop+0x40/0x90
[  365.167509][T13103]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  365.173442][T13103] RIP: 0033:0x7fe09139aeb9
[  365.177877][T13103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  365.197508][T13103] RSP: 002b:00007fe0921b0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.205940][T13103] RAX: ffffffffffffffda RBX: 00007fe091615fa0 RCX: 00007fe09139aeb9
[  365.213926][T13103] RDX: 00000000000000fc RSI: 0000200000000600 RDI: 0000000000000005
[  365.222011][T13103] RBP: 00007fe0921b0090 R08: 0000000000000000 R09: 0000000000000000
[  365.230006][T13103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  365.237998][T13103] R13: 00007fe091616038 R14: 00007fe091615fa0 R15: 00007ffc38853d98
[  365.246006][T13103]  </TASK>
[  365.502155][T13111] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  366.288968][T13138] netlink: 'syz.0.2015': attribute type 21 has an invalid length.
[  366.607593][T13151] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2018'.
[  366.688294][T13151] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.699155][T13151] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.711932][T13151] bridge0: entered allmulticast mode
[  366.882542][T13157] netlink: 'syz.0.2019': attribute type 21 has an invalid length.
[  366.896128][T13157] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2019'.
[  367.648849][T13183] netlink: 'syz.0.2030': attribute type 21 has an invalid length.
[  368.116151][T13195] dvmrp1: tun_chr_ioctl cmd 1074812118
[  368.127602][T13195] netlink: 'syz.0.2032': attribute type 4 has an invalid length.
[  368.157397][T13195] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2032'.
[  368.413744][T13195] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  368.810705][T13207] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  369.003581][T13208] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  372.693242][T13247] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  373.250896][T13274] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  373.883448][T13293] netlink: 'syz.0.2060': attribute type 3 has an invalid length.
[  373.913805][T13293] netlink: 13435 bytes leftover after parsing attributes in process `syz.0.2060'.
[  373.969874][T13297] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  374.157724][T13306] netlink: 207496 bytes leftover after parsing attributes in process `syz.0.2063'.
[  374.985683][T13325] FAULT_INJECTION: forcing a failure.
[  374.985683][T13325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  375.008707][T13325] CPU: 0 PID: 13325 Comm: syz.3.2068 Not tainted syzkaller #0
[  375.016345][T13325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  375.026454][T13325] Call Trace:
[  375.029764][T13325]  <TASK>
[  375.032726][T13325]  dump_stack_lvl+0x18c/0x250
[  375.037459][T13325]  ? show_regs_print_info+0x20/0x20
[  375.042725][T13325]  ? load_image+0x400/0x400
[  375.047265][T13325]  ? __might_fault+0xaa/0x120
[  375.052006][T13325]  ? __lock_acquire+0x7d40/0x7d40
[  375.057079][T13325]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  375.063378][T13325]  should_fail_ex+0x39d/0x4d0
[  375.068173][T13325]  _copy_from_user+0x2f/0xe0
[  375.072837][T13325]  __sys_bpf+0x23e/0x890
[  375.077131][T13325]  ? bpf_link_show_fdinfo+0x390/0x390
[  375.082565][T13325]  ? lock_chain_count+0x20/0x20
[  375.087463][T13325]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  375.093500][T13325]  __x64_sys_bpf+0x7c/0x90
[  375.098002][T13325]  do_syscall_64+0x55/0xa0
[  375.102475][T13325]  ? clear_bhb_loop+0x40/0x90
[  375.107196][T13325]  ? clear_bhb_loop+0x40/0x90
[  375.111925][T13325]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  375.117863][T13325] RIP: 0033:0x7f2cb059aeb9
[  375.122319][T13325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  375.141962][T13325] RSP: 002b:00007f2cb138c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  375.150400][T13325] RAX: ffffffffffffffda RBX: 00007f2cb0815fa0 RCX: 00007f2cb059aeb9
[  375.158449][T13325] RDX: 000000000000002d RSI: 00002000002a0fb8 RDI: 0000000000000005
[  375.166447][T13325] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  375.174437][T13325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.182462][T13325] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  375.190473][T13325]  </TASK>
[  375.707744][T13340] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  377.269767][T13386] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  377.533749][T13395] netlink: 'syz.2.2093': attribute type 3 has an invalid length.
[  377.548149][T13395] netlink: 13435 bytes leftover after parsing attributes in process `syz.2.2093'.
[  377.617679][T13397] FAULT_INJECTION: forcing a failure.
[  377.617679][T13397] name failslab, interval 1, probability 0, space 0, times 0
[  377.631610][T13397] CPU: 1 PID: 13397 Comm: syz.3.2094 Not tainted syzkaller #0
[  377.639231][T13397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  377.649361][T13397] Call Trace:
[  377.652711][T13397]  <TASK>
[  377.655692][T13397]  dump_stack_lvl+0x18c/0x250
[  377.660445][T13397]  ? show_regs_print_info+0x20/0x20
[  377.665716][T13397]  ? load_image+0x400/0x400
[  377.670281][T13397]  ? __might_sleep+0xe0/0xe0
[  377.674935][T13397]  ? __lock_acquire+0x7d40/0x7d40
[  377.680011][T13397]  should_fail_ex+0x39d/0x4d0
[  377.684731][T13397]  should_failslab+0x9/0x20
[  377.689278][T13397]  slab_pre_alloc_hook+0x59/0x310
[  377.694353][T13397]  ? __lock_acquire+0x7d40/0x7d40
[  377.699426][T13397]  ? dev_ethtool+0x129/0x18d0
[  377.704145][T13397]  __kmem_cache_alloc_node+0x53/0x250
[  377.709549][T13397]  ? __might_fault+0xaa/0x120
[  377.714255][T13397]  ? dev_ethtool+0x129/0x18d0
[  377.718966][T13397]  kmalloc_trace+0x2a/0xe0
[  377.723426][T13397]  dev_ethtool+0x129/0x18d0
[  377.727983][T13397]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  377.734255][T13397]  ? __lock_acquire+0x7d40/0x7d40
[  377.739319][T13397]  ? __might_fault+0xaa/0x120
[  377.744061][T13397]  ? full_name_hash+0x92/0xe0
[  377.748789][T13397]  ? dev_load+0x21/0x1f0
[  377.753066][T13397]  dev_ioctl+0x392/0x1140
[  377.757432][T13397]  sock_do_ioctl+0x239/0x310
[  377.762056][T13397]  ? sock_show_fdinfo+0xb0/0xb0
[  377.766964][T13397]  sock_ioctl+0x5ba/0x7e0
[  377.771326][T13397]  ? sock_poll+0x3e0/0x3e0
[  377.775787][T13397]  ? bpf_lsm_file_ioctl+0x9/0x10
[  377.780758][T13397]  ? security_file_ioctl+0x80/0xa0
[  377.785902][T13397]  ? sock_poll+0x3e0/0x3e0
[  377.790353][T13397]  __se_sys_ioctl+0xfd/0x170
[  377.795072][T13397]  do_syscall_64+0x55/0xa0
[  377.799530][T13397]  ? clear_bhb_loop+0x40/0x90
[  377.804240][T13397]  ? clear_bhb_loop+0x40/0x90
[  377.808959][T13397]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.814886][T13397] RIP: 0033:0x7f2cb059aeb9
[  377.819368][T13397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.839027][T13397] RSP: 002b:00007f2cb138c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  377.847484][T13397] RAX: ffffffffffffffda RBX: 00007f2cb0815fa0 RCX: 00007f2cb059aeb9
[  377.855491][T13397] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000005
[  377.863506][T13397] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  377.871508][T13397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.879518][T13397] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  377.887555][T13397]  </TASK>
[  378.621954][T13424] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  378.770822][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  378.778614][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  379.606218][T13460] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  380.806719][T13485] netlink: 'syz.1.2126': attribute type 10 has an invalid length.
[  380.987482][T13485] `: Device veth1_macvtap failed to register rx_handler
[  381.135255][T13493] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  382.147670][T13530] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  382.582415][T13545] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  384.376541][T13583] netlink: 'syz.2.2153': attribute type 27 has an invalid length.
[  384.391623][T13583] netlink: 'syz.2.2153': attribute type 3 has an invalid length.
[  384.411726][T13583] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2153'.
[  387.237299][T13683] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2184'.
[  387.260122][T13683] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2184'.
[  387.286151][T13683] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2184'.
[  387.336522][T13686] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  389.104480][T13745] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  391.147588][T13813] netlink: 'syz.1.2222': attribute type 17 has an invalid length.
[  391.176886][T13813] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2222'.
[  391.303427][T13813] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  392.760349][T13873] syz.1.2238[13873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  392.760538][T13873] syz.1.2238[13873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  394.646112][T13927] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  396.450418][T13977] FAULT_INJECTION: forcing a failure.
[  396.450418][T13977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.467301][T13977] CPU: 0 PID: 13977 Comm: syz.2.2266 Not tainted syzkaller #0
[  396.474837][T13977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  396.484942][T13977] Call Trace:
[  396.488278][T13977]  <TASK>
[  396.491250][T13977]  dump_stack_lvl+0x18c/0x250
[  396.495991][T13977]  ? show_regs_print_info+0x20/0x20
[  396.501251][T13977]  ? load_image+0x400/0x400
[  396.505909][T13977]  ? __might_fault+0xaa/0x120
[  396.510810][T13977]  ? __lock_acquire+0x7d40/0x7d40
[  396.515897][T13977]  should_fail_ex+0x39d/0x4d0
[  396.520636][T13977]  _copy_from_iter+0x1d9/0x12e0
[  396.525542][T13977]  ? slab_post_alloc_hook+0x8a/0x4b0
[  396.530885][T13977]  ? __virt_addr_valid+0x18c/0x540
[  396.536053][T13977]  ? __lock_acquire+0x7d40/0x7d40
[  396.541121][T13977]  ? rcu_is_watching+0x15/0xb0
[  396.545941][T13977]  ? copyout_mc+0x70/0x70
[  396.550328][T13977]  ? __virt_addr_valid+0x18c/0x540
[  396.555485][T13977]  ? __virt_addr_valid+0x18c/0x540
[  396.560647][T13977]  ? __virt_addr_valid+0x469/0x540
[  396.565811][T13977]  ? __check_object_size+0x506/0xa20
[  396.571152][T13977]  netlink_sendmsg+0x76b/0xbf0
[  396.575982][T13977]  ? netlink_getsockopt+0x590/0x590
[  396.581237][T13977]  ? aa_sock_msg_perm+0x94/0x150
[  396.586231][T13977]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  396.591559][T13977]  ? security_socket_sendmsg+0x80/0xa0
[  396.597043][T13977]  ? netlink_getsockopt+0x590/0x590
[  396.602277][T13977]  ____sys_sendmsg+0x5ba/0x960
[  396.607079][T13977]  ? __asan_memset+0x22/0x40
[  396.611701][T13977]  ? __sys_sendmsg_sock+0x30/0x30
[  396.616787][T13977]  ? __import_iovec+0x5f2/0x850
[  396.621679][T13977]  ? import_iovec+0x73/0xa0
[  396.626249][T13977]  ___sys_sendmsg+0x2a6/0x360
[  396.630959][T13977]  ? __sys_sendmsg+0x2a0/0x2a0
[  396.635768][T13977]  ? trace_call_bpf+0xc3/0x6c0
[  396.640590][T13977]  __se_sys_sendmsg+0x1c2/0x2b0
[  396.645469][T13977]  ? __x64_sys_sendmsg+0x80/0x80
[  396.650435][T13977]  ? lockdep_hardirqs_on+0x98/0x150
[  396.655660][T13977]  do_syscall_64+0x55/0xa0
[  396.660106][T13977]  ? clear_bhb_loop+0x40/0x90
[  396.664808][T13977]  ? clear_bhb_loop+0x40/0x90
[  396.669506][T13977]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  396.675424][T13977] RIP: 0033:0x7fe09139aeb9
[  396.679866][T13977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  396.699497][T13977] RSP: 002b:00007fe0921b0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  396.707933][T13977] RAX: ffffffffffffffda RBX: 00007fe091615fa0 RCX: 00007fe09139aeb9
[  396.715931][T13977] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  396.723929][T13977] RBP: 00007fe0921b0090 R08: 0000000000000000 R09: 0000000000000000
[  396.731927][T13977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.739920][T13977] R13: 00007fe091616038 R14: 00007fe091615fa0 R15: 00007ffc38853d98
[  396.747930][T13977]  </TASK>
[  396.897570][T13980] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  397.605522][T14002] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2272'.
[  397.891738][T14013] FAULT_INJECTION: forcing a failure.
[  397.891738][T14013] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.928539][T14013] CPU: 0 PID: 14013 Comm: syz.3.2274 Not tainted syzkaller #0
[  397.936119][T14013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  397.946245][T14013] Call Trace:
[  397.949574][T14013]  <TASK>
[  397.952546][T14013]  dump_stack_lvl+0x18c/0x250
[  397.957303][T14013]  ? show_regs_print_info+0x20/0x20
[  397.962552][T14013]  ? load_image+0x400/0x400
[  397.967110][T14013]  ? __lock_acquire+0x7d40/0x7d40
[  397.972190][T14013]  ? snprintf+0xe9/0x140
[  397.976490][T14013]  should_fail_ex+0x39d/0x4d0
[  397.981236][T14013]  _copy_to_user+0x2f/0xa0
[  397.985704][T14013]  simple_read_from_buffer+0xe7/0x150
[  397.991137][T14013]  proc_fail_nth_read+0x1e8/0x260
[  397.996219][T14013]  ? proc_fault_inject_write+0x360/0x360
[  398.001918][T14013]  ? fsnotify_perm+0x271/0x5e0
[  398.006737][T14013]  ? proc_fault_inject_write+0x360/0x360
[  398.012419][T14013]  vfs_read+0x28b/0x970
[  398.016643][T14013]  ? kernel_read+0x1e0/0x1e0
[  398.021288][T14013]  ? __fget_files+0x28/0x4b0
[  398.025919][T14013]  ? __fget_files+0x28/0x4b0
[  398.030682][T14013]  ? __fget_files+0x43d/0x4b0
[  398.035454][T14013]  ? __fdget_pos+0x2a3/0x330
[  398.040100][T14013]  ? ksys_read+0x75/0x260
[  398.044490][T14013]  ksys_read+0x150/0x260
[  398.048891][T14013]  ? vfs_write+0x990/0x990
[  398.053374][T14013]  ? lockdep_hardirqs_on+0x98/0x150
[  398.058644][T14013]  do_syscall_64+0x55/0xa0
[  398.063112][T14013]  ? clear_bhb_loop+0x40/0x90
[  398.067825][T14013]  ? clear_bhb_loop+0x40/0x90
[  398.072550][T14013]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  398.078483][T14013] RIP: 0033:0x7f2cb055b78e
[  398.082940][T14013] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  398.102588][T14013] RSP: 002b:00007f2cb138bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  398.111052][T14013] RAX: ffffffffffffffda RBX: 00007f2cb138c6c0 RCX: 00007f2cb055b78e
[  398.119082][T14013] RDX: 000000000000000f RSI: 00007f2cb138c0a0 RDI: 0000000000000008
[  398.127092][T14013] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  398.135102][T14013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.143124][T14013] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  398.151167][T14013]  </TASK>
[  398.360046][T14017] syz.2.2276[14017] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  398.360226][T14017] syz.2.2276[14017] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  398.979047][T14031] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  399.061222][T14034] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2283'.
[  399.239243][T14038] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  399.653911][T14056] FAULT_INJECTION: forcing a failure.
[  399.653911][T14056] name failslab, interval 1, probability 0, space 0, times 0
[  399.666828][T14056] CPU: 1 PID: 14056 Comm: syz.2.2289 Not tainted syzkaller #0
[  399.674330][T14056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  399.684419][T14056] Call Trace:
[  399.687730][T14056]  <TASK>
[  399.690680][T14056]  dump_stack_lvl+0x18c/0x250
[  399.695398][T14056]  ? show_regs_print_info+0x20/0x20
[  399.700623][T14056]  ? load_image+0x400/0x400
[  399.705154][T14056]  ? __might_sleep+0xe0/0xe0
[  399.709791][T14056]  ? __lock_acquire+0x7d40/0x7d40
[  399.714841][T14056]  should_fail_ex+0x39d/0x4d0
[  399.719546][T14056]  should_failslab+0x9/0x20
[  399.724075][T14056]  slab_pre_alloc_hook+0x59/0x310
[  399.729134][T14056]  kmem_cache_alloc_node+0x60/0x320
[  399.734369][T14056]  ? __alloc_skb+0x103/0x2c0
[  399.738990][T14056]  __alloc_skb+0x103/0x2c0
[  399.743449][T14056]  alloc_skb_with_frags+0xca/0x7b0
[  399.748590][T14056]  ? mark_lock+0x94/0x320
[  399.752955][T14056]  sock_alloc_send_pskb+0x883/0x9a0
[  399.758191][T14056]  ? sock_kzfree_s+0x50/0x50
[  399.762813][T14056]  tun_get_user+0x82c/0x3ca0
[  399.767435][T14056]  ? aa_file_perm+0x11b/0xee0
[  399.772168][T14056]  ? rcu_read_unlock+0xa0/0xa0
[  399.776959][T14056]  ? tun_get+0x1c/0x2e0
[  399.781132][T14056]  ? __lock_acquire+0x7d40/0x7d40
[  399.786183][T14056]  ? tun_get+0x1c/0x2e0
[  399.790378][T14056]  tun_chr_write_iter+0x119/0x200
[  399.795430][T14056]  vfs_write+0x46c/0x990
[  399.799706][T14056]  ? file_end_write+0x250/0x250
[  399.804604][T14056]  ? __fget_files+0x43d/0x4b0
[  399.809313][T14056]  ? __fdget_pos+0x1d8/0x330
[  399.814027][T14056]  ? ksys_write+0x75/0x260
[  399.818475][T14056]  ksys_write+0x150/0x260
[  399.822854][T14056]  ? __ia32_sys_read+0x90/0x90
[  399.827660][T14056]  ? lockdep_hardirqs_on+0x98/0x150
[  399.832888][T14056]  do_syscall_64+0x55/0xa0
[  399.837326][T14056]  ? clear_bhb_loop+0x40/0x90
[  399.842030][T14056]  ? clear_bhb_loop+0x40/0x90
[  399.846747][T14056]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  399.852668][T14056] RIP: 0033:0x7fe09139aeb9
[  399.857135][T14056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  399.876794][T14056] RSP: 002b:00007fe0921b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  399.885242][T14056] RAX: ffffffffffffffda RBX: 00007fe091615fa0 RCX: 00007fe09139aeb9
[  399.893349][T14056] RDX: 000000000000fdef RSI: 0000200000000280 RDI: 00000000000000c8
[  399.901370][T14056] RBP: 00007fe0921b0090 R08: 0000000000000000 R09: 0000000000000000
[  399.909369][T14056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.917377][T14056] R13: 00007fe091616038 R14: 00007fe091615fa0 R15: 00007ffc38853d98
[  399.925408][T14056]  </TASK>
[  400.344432][T14071] syz.0.2292[14071] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  400.344588][T14071] syz.0.2292[14071] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  400.621072][T14075] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2294'.
[  401.053460][T14093] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  402.769926][T14159] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2316'.
[  402.779471][T14157] FAULT_INJECTION: forcing a failure.
[  402.779471][T14157] name failslab, interval 1, probability 0, space 0, times 0
[  402.799080][T14157] CPU: 0 PID: 14157 Comm: syz.1.2315 Not tainted syzkaller #0
[  402.806663][T14157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  402.816815][T14157] Call Trace:
[  402.820212][T14157]  <TASK>
[  402.823249][T14157]  dump_stack_lvl+0x18c/0x250
[  402.828025][T14157]  ? sctp_sendmsg+0x1575/0x28c0
[  402.832967][T14157]  ? ___sys_sendmsg+0x2a6/0x360
[  402.837914][T14157]  ? show_regs_print_info+0x20/0x20
[  402.843225][T14157]  ? load_image+0x400/0x400
[  402.847870][T14157]  should_fail_ex+0x39d/0x4d0
[  402.852637][T14157]  should_failslab+0x9/0x20
[  402.857211][T14157]  slab_pre_alloc_hook+0x59/0x310
[  402.862342][T14157]  ? sctp_add_bind_addr+0x8c/0x360
[  402.867538][T14157]  __kmem_cache_alloc_node+0x53/0x250
[  402.873019][T14157]  ? sctp_add_bind_addr+0x8c/0x360
[  402.878217][T14157]  kmalloc_trace+0x2a/0xe0
[  402.882726][T14157]  sctp_add_bind_addr+0x8c/0x360
[  402.887789][T14157]  sctp_copy_local_addr_list+0x315/0x4f0
[  402.893512][T14157]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  402.899305][T14157]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  402.905490][T14157]  ? sctp_v4_is_any+0x35/0x60
[  402.910251][T14157]  ? sctp_copy_one_addr+0x8c/0x350
[  402.915466][T14157]  sctp_bind_addr_copy+0xb3/0x3c0
[  402.920574][T14157]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  402.926990][T14157]  sctp_connect_new_asoc+0x2f9/0x6a0
[  402.932363][T14157]  ? __sctp_connect+0xd80/0xd80
[  402.937271][T14157]  ? __local_bh_enable_ip+0x13a/0x1c0
[  402.942707][T14157]  ? _local_bh_enable+0xa0/0xa0
[  402.947623][T14157]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  402.953492][T14157]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  402.959390][T14157]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  402.965029][T14157]  ? security_sctp_bind_connect+0x89/0xb0
[  402.970843][T14157]  sctp_sendmsg+0x1575/0x28c0
[  402.975651][T14157]  ? sctp_getsockopt+0xb60/0xb60
[  402.980659][T14157]  ? aa_sk_perm+0x83c/0x970
[  402.985295][T14157]  ? aa_af_perm+0x330/0x330
[  402.989871][T14157]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  402.996375][T14157]  ? sock_rps_record_flow+0x19/0x3f0
[  403.001745][T14157]  ? inet_sendmsg+0x7c/0x2f0
[  403.006397][T14157]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  403.011746][T14157]  ? security_socket_sendmsg+0x80/0xa0
[  403.017278][T14157]  ? inet_send_prepare+0x260/0x260
[  403.022505][T14157]  ____sys_sendmsg+0x5ba/0x960
[  403.027353][T14157]  ? __lock_acquire+0x7d40/0x7d40
[  403.032486][T14157]  ? __asan_memset+0x22/0x40
[  403.037195][T14157]  ? __sys_sendmsg_sock+0x30/0x30
[  403.042328][T14157]  ? __import_iovec+0x5f2/0x850
[  403.047326][T14157]  ? import_iovec+0x73/0xa0
[  403.051941][T14157]  ___sys_sendmsg+0x2a6/0x360
[  403.056702][T14157]  ? get_pid_task+0x20/0x1e0
[  403.061391][T14157]  ? __sys_sendmsg+0x2a0/0x2a0
[  403.066369][T14157]  ? __lock_acquire+0x7d40/0x7d40
[  403.071589][T14157]  __se_sys_sendmsg+0x1c2/0x2b0
[  403.076554][T14157]  ? __x64_sys_sendmsg+0x80/0x80
[  403.081647][T14157]  ? lockdep_hardirqs_on+0x98/0x150
[  403.086931][T14157]  do_syscall_64+0x55/0xa0
[  403.091408][T14157]  ? clear_bhb_loop+0x40/0x90
[  403.096149][T14157]  ? clear_bhb_loop+0x40/0x90
[  403.100908][T14157]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  403.106877][T14157] RIP: 0033:0x7f9d2579aeb9
[  403.111356][T14157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  403.131109][T14157] RSP: 002b:00007f9d2663a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.139597][T14157] RAX: ffffffffffffffda RBX: 00007f9d25a15fa0 RCX: 00007f9d2579aeb9
[  403.147623][T14157] RDX: 0000000000004000 RSI: 0000200000000e40 RDI: 0000000000000003
[  403.155673][T14157] RBP: 00007f9d2663a090 R08: 0000000000000000 R09: 0000000000000000
[  403.163712][T14157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.171758][T14157] R13: 00007f9d25a16038 R14: 00007f9d25a15fa0 R15: 00007ffcde6e7b38
[  403.179867][T14157]  </TASK>
[  403.415842][T14172] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2321'.
[  404.251332][T14206] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2329'.
[  404.277981][T14206] `: Port device team_slave_0 removed
[  404.292235][T14206] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  404.739998][T14216] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2332'.
[  405.067235][T14232] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  405.463464][T14247] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2340'.
[  407.086951][T14309] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2356'.
[  407.143649][T14310] netlink: 'syz.2.2356': attribute type 21 has an invalid length.
[  407.156976][T14310] netlink: 'syz.2.2356': attribute type 1 has an invalid length.
[  408.114412][ T5775] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  408.125428][ T5775] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  408.149905][ T5775] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  408.169892][ T5775] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  408.178648][ T5775] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  408.188225][ T5775] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  410.286012][ T5775] Bluetooth: hci4: command tx timeout
[  411.385813][T11862] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.416788][T14334] chnl_net:caif_netlink_parms(): no params data found
[  411.527438][T11862] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.684286][T14365] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2372'.
[  411.720480][T11862] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.837642][T14334] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.852981][T14334] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.875400][T14334] bridge_slave_0: entered allmulticast mode
[  411.882892][T14334] bridge_slave_0: entered promiscuous mode
[  412.365192][ T5775] Bluetooth: hci4: command tx timeout
[  412.584211][T11862] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.636330][T14334] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.654579][T14334] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.676882][T14334] bridge_slave_1: entered allmulticast mode
[  412.690395][T14334] bridge_slave_1: entered promiscuous mode
[  412.748934][T14334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.786988][T14334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.968302][T14334] team0: Port device team_slave_0 added
[  413.027484][T14334] team0: Port device team_slave_1 added
[  413.125260][T14334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.136172][T14334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.219713][T14334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  413.345899][T14391] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2382'.
[  413.499755][T14334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  413.507030][T14334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.595184][T14334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.121256][T14334] hsr_slave_0: entered promiscuous mode
[  414.179151][T14334] hsr_slave_1: entered promiscuous mode
[  414.196605][T14334] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  414.204248][T14334] Cannot create hsr debugfs directory
[  414.445681][ T5775] Bluetooth: hci4: command tx timeout
[  414.832194][T14441] FAULT_INJECTION: forcing a failure.
[  414.832194][T14441] name failslab, interval 1, probability 0, space 0, times 0
[  414.852490][T14441] CPU: 1 PID: 14441 Comm: syz.3.2393 Not tainted syzkaller #0
[  414.860030][T14441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  414.870134][T14441] Call Trace:
[  414.873461][T14441]  <TASK>
[  414.876445][T14441]  dump_stack_lvl+0x18c/0x250
[  414.881211][T14441]  ? show_regs_print_info+0x20/0x20
[  414.886502][T14441]  ? load_image+0x400/0x400
[  414.891073][T14441]  ? __local_bh_enable_ip+0x13a/0x1c0
[  414.896504][T14441]  ? lockdep_hardirqs_on+0x98/0x150
[  414.901783][T14441]  ? __local_bh_enable_ip+0x13a/0x1c0
[  414.907240][T14441]  should_fail_ex+0x39d/0x4d0
[  414.911991][T14441]  should_failslab+0x9/0x20
[  414.916583][T14441]  slab_pre_alloc_hook+0x59/0x310
[  414.921682][T14441]  ? sctp_get_port_local+0xe65/0x1620
[  414.927122][T14441]  ? sctp_add_bind_addr+0x8c/0x360
[  414.932303][T14441]  __kmem_cache_alloc_node+0x53/0x250
[  414.937748][T14441]  ? sctp_add_bind_addr+0x8c/0x360
[  414.942933][T14441]  kmalloc_trace+0x2a/0xe0
[  414.947439][T14441]  sctp_add_bind_addr+0x8c/0x360
[  414.952507][T14441]  ? sctp_auto_asconf_init+0x15c/0x1e0
[  414.958026][T14441]  sctp_do_bind+0x616/0x990
[  414.962613][T14441]  sctp_connect_new_asoc+0x26a/0x6a0
[  414.967975][T14441]  ? __sctp_connect+0xd80/0xd80
[  414.972884][T14441]  ? __local_bh_enable_ip+0x13a/0x1c0
[  414.978429][T14441]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  414.984048][T14441]  ? security_sctp_bind_connect+0x89/0xb0
[  414.989843][T14441]  sctp_sendmsg+0x1575/0x28c0
[  414.994614][T14441]  ? sctp_getsockopt+0xb60/0xb60
[  414.999612][T14441]  ? aa_sk_perm+0x83c/0x970
[  415.004197][T14441]  ? aa_af_perm+0x330/0x330
[  415.008759][T14441]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  415.015247][T14441]  ? sock_rps_record_flow+0x19/0x3f0
[  415.020612][T14441]  ? inet_sendmsg+0xe9/0x2f0
[  415.025261][T14441]  ? inet_send_prepare+0x260/0x260
[  415.030442][T14441]  ____sys_sendmsg+0x5ba/0x960
[  415.035278][T14441]  ? __lock_acquire+0x7d40/0x7d40
[  415.040401][T14441]  ? __asan_memset+0x22/0x40
[  415.045059][T14441]  ? __sys_sendmsg_sock+0x30/0x30
[  415.050141][T14441]  ? __import_iovec+0x5f2/0x850
[  415.055078][T14441]  ? import_iovec+0x73/0xa0
[  415.059646][T14441]  ___sys_sendmsg+0x2a6/0x360
[  415.064395][T14441]  ? __sys_sendmsg+0x2a0/0x2a0
[  415.069276][T14441]  ? __lock_acquire+0x7d40/0x7d40
[  415.074420][T14441]  __se_sys_sendmsg+0x1c2/0x2b0
[  415.079391][T14441]  ? __x64_sys_sendmsg+0x80/0x80
[  415.084437][T14441]  ? lockdep_hardirqs_on+0x98/0x150
[  415.089707][T14441]  do_syscall_64+0x55/0xa0
[  415.094191][T14441]  ? clear_bhb_loop+0x40/0x90
[  415.098916][T14441]  ? clear_bhb_loop+0x40/0x90
[  415.103653][T14441]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  415.109592][T14441] RIP: 0033:0x7f2cb059aeb9
[  415.114070][T14441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  415.133732][T14441] RSP: 002b:00007f2cb138c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  415.142214][T14441] RAX: ffffffffffffffda RBX: 00007f2cb0815fa0 RCX: 00007f2cb059aeb9
[  415.150250][T14441] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000004
[  415.158287][T14441] RBP: 00007f2cb138c090 R08: 0000000000000000 R09: 0000000000000000
[  415.166314][T14441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  415.174353][T14441] R13: 00007f2cb0816038 R14: 00007f2cb0815fa0 R15: 00007ffd355900a8
[  415.182409][T14441]  </TASK>
[  415.317143][T14444] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2394'.
[  415.688860][T11862] hsr_slave_0: left promiscuous mode
[  415.705793][T11862] hsr_slave_1: left promiscuous mode
[  415.718197][T11862] bridge_slave_1: left allmulticast mode
[  415.724018][T11862] bridge_slave_1: left promiscuous mode
[  415.759007][T11862] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.773797][T11862] bridge_slave_0: left allmulticast mode
[  415.781496][T11862] bridge_slave_0: left promiscuous mode
[  415.794755][T11862] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.828366][T11862] veth0_macvtap: left promiscuous mode
[  416.065426][T11862] team0 (unregistering): Port device geneve1 removed
[  416.094619][T11862] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  416.514349][T11862] team0 (unregistering): Port device team_slave_1 removed
[  416.525376][ T5775] Bluetooth: hci4: command tx timeout
[  416.571010][T11862] team0 (unregistering): Port device team_slave_0 removed
[  416.613977][T11862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  416.658832][T11862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  416.923457][T11862] team0 (unregistering): Port device dummy0 removed
[  416.969166][T11862] bond0 (unregistering): Released all slaves
[  417.327498][T14485] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  417.629344][T14334] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  417.657783][T14334] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  417.692283][T14334] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  417.716970][T14334] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  417.843300][T14511] netlink: 'syz.1.2406': attribute type 21 has an invalid length.
[  417.872851][T14511] netlink: 'syz.1.2406': attribute type 4 has an invalid length.
[  417.886234][T14511] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2406'.
[  418.049238][T14334] 8021q: adding VLAN 0 to HW filter on device bond0
[  418.179597][T14334] 8021q: adding VLAN 0 to HW filter on device team0
[  418.201179][T11861] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.209344][T11861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  418.234890][T11861] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.242206][T11861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  418.771432][T14543] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  419.062145][T14334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  419.222309][T14334] veth0_vlan: entered promiscuous mode
[  419.254503][T14334] veth1_vlan: entered promiscuous mode
[  419.377552][T14334] veth0_macvtap: entered promiscuous mode
[  419.425851][T14334] veth1_macvtap: entered promiscuous mode
[  419.489384][T14334] batman_adv: batadv0: Interface activated: batadv_slave_0
[  419.525039][T14334] batman_adv: batadv0: Interface activated: batadv_slave_1
[  419.559845][T14334] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  419.580153][T14334] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  419.624066][T14334] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  419.656091][T14334] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.389443][ T2988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.414967][ T2988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.533467][T14597] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  420.559477][ T2988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.575528][ T2988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  421.326347][T14612] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2422'.
[  421.369322][T14612] hsr_slave_0: left promiscuous mode
[  421.402562][T14612] hsr_slave_1: left promiscuous mode
[  421.746553][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  421.759684][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  421.770966][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  421.790996][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  421.799141][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  421.807335][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  422.520821][T14643] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2430'.
[  422.658007][T14646] mac80211_hwsim hwsim17 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  422.694368][T14621] chnl_net:caif_netlink_parms(): no params data found
[  422.802149][T11862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.939022][T11862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.015427][T14621] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.023652][T14621] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.031206][T14621] bridge_slave_0: entered allmulticast mode
[  423.039916][T14621] bridge_slave_0: entered promiscuous mode
[  423.050395][T14621] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.060746][T14621] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.068332][T14621] bridge_slave_1: entered allmulticast mode
[  423.080625][T14621] bridge_slave_1: entered promiscuous mode
[  423.126407][T11862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.204611][T14667] netlink: 'syz.0.2435': attribute type 2 has an invalid length.
[  423.214046][T14667] netlink: 'syz.0.2435': attribute type 8 has an invalid length.
[  423.227252][T14667] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2435'.
[  423.359883][T14621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  423.382248][T14621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  423.430419][T11862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.520643][T14621] team0: Port device team_slave_0 added
[  423.549119][T14621] team0: Port device team_slave_1 added
[  423.636551][T14621] batman_adv: batadv0: Adding interface: batadv_slave_0
[  423.644807][T14621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  423.684740][T14621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  423.774243][T14621] batman_adv: batadv0: Adding interface: batadv_slave_1
[  423.781547][T14621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  423.808367][T14621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  423.886217][ T5775] Bluetooth: hci1: command tx timeout
[  423.932486][T14621] hsr_slave_0: entered promiscuous mode
[  423.944835][T14621] hsr_slave_1: entered promiscuous mode
[  423.956245][T14621] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  423.963938][T14621] Cannot create hsr debugfs directory
[  424.104728][T14689] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  424.295016][T14696] FAULT_INJECTION: forcing a failure.
[  424.295016][T14696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.315519][T14696] CPU: 0 PID: 14696 Comm: syz.0.2445 Not tainted syzkaller #0
[  424.323060][T14696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  424.333174][T14696] Call Trace:
[  424.336486][T14696]  <TASK>
[  424.339455][T14696]  dump_stack_lvl+0x18c/0x250
[  424.344203][T14696]  ? show_regs_print_info+0x20/0x20
[  424.349442][T14696]  ? load_image+0x400/0x400
[  424.354005][T14696]  ? __lock_acquire+0x7d40/0x7d40
[  424.359076][T14696]  ? snprintf+0xe9/0x140
[  424.363375][T14696]  should_fail_ex+0x39d/0x4d0
[  424.368106][T14696]  _copy_to_user+0x2f/0xa0
[  424.372635][T14696]  simple_read_from_buffer+0xe7/0x150
[  424.378076][T14696]  proc_fail_nth_read+0x1e8/0x260
[  424.383190][T14696]  ? proc_fault_inject_write+0x360/0x360
[  424.388884][T14696]  ? fsnotify_perm+0x271/0x5e0
[  424.393710][T14696]  ? proc_fault_inject_write+0x360/0x360
[  424.399416][T14696]  vfs_read+0x28b/0x970
[  424.403634][T14696]  ? kernel_read+0x1e0/0x1e0
[  424.408289][T14696]  ? __fget_files+0x28/0x4b0
[  424.412932][T14696]  ? __fget_files+0x28/0x4b0
[  424.417580][T14696]  ? __fget_files+0x43d/0x4b0
[  424.422306][T14696]  ? __fdget_pos+0x2a3/0x330
[  424.426972][T14696]  ? ksys_read+0x75/0x260
[  424.431381][T14696]  ksys_read+0x150/0x260
[  424.435681][T14696]  ? vfs_write+0x990/0x990
[  424.440147][T14696]  ? lockdep_hardirqs_on+0x98/0x150
[  424.445426][T14696]  do_syscall_64+0x55/0xa0
[  424.449896][T14696]  ? clear_bhb_loop+0x40/0x90
[  424.454628][T14696]  ? clear_bhb_loop+0x40/0x90
[  424.459384][T14696]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  424.465309][T14696] RIP: 0033:0x7fa70195b78e
[  424.469764][T14696] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  424.489416][T14696] RSP: 002b:00007fa7028affe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  424.497888][T14696] RAX: ffffffffffffffda RBX: 00007fa7028b06c0 RCX: 00007fa70195b78e
[  424.505917][T14696] RDX: 000000000000000f RSI: 00007fa7028b00a0 RDI: 0000000000000006
[  424.513934][T14696] RBP: 00007fa7028b0090 R08: 0000000000000000 R09: 0000000000000000
[  424.521959][T14696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  424.529969][T14696] R13: 00007fa701c16038 R14: 00007fa701c15fa0 R15: 00007ffd39381268
[  424.537998][T14696]  </TASK>
[  425.089425][  T125] wlan1: Trigger new scan to find an IBSS to join
[  425.603948][T14733] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2456'.
[  425.719075][T14740] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2457'.
[  425.965227][ T5775] Bluetooth: hci1: command tx timeout
[  426.170684][T14621] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  426.202665][T14621] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  426.315368][T14621] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  426.342688][T14621] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  426.523849][T11862] hsr_slave_0: left promiscuous mode
[  426.540147][T11862] hsr_slave_1: left promiscuous mode
[  426.552645][T11862] bridge_slave_1: left allmulticast mode
[  426.560758][T11862] bridge_slave_1: left promiscuous mode
[  426.569446][T11862] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.584292][T14776] netlink: 'syz.0.2465': attribute type 1 has an invalid length.
[  426.584575][T11862] bridge_slave_0: left allmulticast mode
[  426.601765][T11862] bridge_slave_0: left promiscuous mode
[  426.607579][T14776] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2465'.
[  426.612485][T11862] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.648831][T14776] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2465'.
[  426.658508][T11862] veth0_macvtap: left promiscuous mode
[  426.881811][T11862] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  427.201346][T11862] ` (unregistering): Port device team_slave_1 removed
[  427.279072][T11862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.328477][T11862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  427.572690][T11862] ` (unregistering): Port device dummy0 removed
[  427.619755][T11862] bond0 (unregistering): Released all slaves
[  427.789883][T14621] 8021q: adding VLAN 0 to HW filter on device bond0
[  427.821816][T14621] 8021q: adding VLAN 0 to HW filter on device team0
[  427.842756][ T2988] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.849945][ T2988] bridge0: port 1(bridge_slave_0) entered forwarding state
[  427.866385][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.873532][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  428.045402][ T5775] Bluetooth: hci1: command tx timeout
[  428.127504][T14621] 8021q: adding VLAN 0 to HW filter on device batadv0
[  428.173397][T14621] veth0_vlan: entered promiscuous mode
[  428.184925][T14621] veth1_vlan: entered promiscuous mode
[  428.217570][T14621] veth0_macvtap: entered promiscuous mode
[  428.227916][T14621] veth1_macvtap: entered promiscuous mode
[  428.246896][T14621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.258177][T14621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.269614][T14621] batman_adv: batadv0: Interface activated: batadv_slave_0
[  428.283767][T14621] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.294400][T14621] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.306061][T14621] batman_adv: batadv0: Interface activated: batadv_slave_1
[  428.322309][T14621] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  428.331414][T14621] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  428.340267][T14621] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  428.349639][T14621] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  428.417451][T11861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.430718][T11861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.455409][  T125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.463285][  T125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.699960][T14790] mac80211_hwsim hwsim19 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  429.017943][ T5783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  429.039490][ T5783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  429.048133][ T5783] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  429.082391][ T5783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  429.094379][ T5783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  429.102233][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  429.601717][T14813] netlink: 'syz.1.2470': attribute type 10 has an invalid length.
[  429.970301][T14794] chnl_net:caif_netlink_parms(): no params data found
[  430.057518][T11861] wlan1: Trigger new scan to find an IBSS to join
[  430.125236][ T5775] Bluetooth: hci1: command tx timeout
[  430.203864][T11862] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.223883][T14832] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2476'.
[  430.248150][T14827] netlink: 'syz.3.2475': attribute type 10 has an invalid length.
[  430.295445][T14827] team0 (unregistering): Port device team_slave_0 removed
[  430.308349][T14827] team0 (unregistering): Port device team_slave_1 removed
[  430.333399][T14827] team0 (unregistering): Port device dummy0 removed
[  430.361946][T14794] bridge0: port 1(bridge_slave_0) entered blocking state
[  430.372648][T14794] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.380563][T14794] bridge_slave_0: entered allmulticast mode
[  430.390732][T14794] bridge_slave_0: entered promiscuous mode
[  430.459975][T11862] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.474149][T14794] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.481801][T14794] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.489456][T14794] bridge_slave_1: entered allmulticast mode
[  430.497055][T14794] bridge_slave_1: entered promiscuous mode
[  430.546131][T14794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  430.583989][T11862] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.622182][T14794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  430.739413][T11862] team0: Port device netdevsim0 removed
[  430.759167][T11862] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.811922][T14794] team0: Port device team_slave_0 added
[  430.833830][T14794] team0: Port device team_slave_1 added
[  430.921720][T14794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.937436][T14794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.005411][T11861] wlan1: Trigger new scan to find an IBSS to join
[  431.014881][T14794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.039691][T11861] wlan1: Creating new IBSS network, BSSID 86:2d:33:da:73:42
[  431.081089][T14794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.101295][T14794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.134378][T14794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.170644][ T5775] Bluetooth: hci0: command tx timeout
[  431.218613][T14794] hsr_slave_0: entered promiscuous mode
[  431.225489][T14794] hsr_slave_1: entered promiscuous mode
[  431.232014][T14794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  431.239844][T14794] Cannot create hsr debugfs directory
[  431.252903][T14841] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2480'.
[  431.329074][T14841] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2480'.
[  431.348439][T14842] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2480'.
[  431.834625][T14853] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2484'.
[  432.101920][T14863] FAULT_INJECTION: forcing a failure.
[  432.101920][T14863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.135248][T14863] CPU: 1 PID: 14863 Comm: syz.0.2485 Not tainted syzkaller #0
[  432.142793][T14863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  432.152907][T14863] Call Trace:
[  432.156224][T14863]  <TASK>
[  432.159188][T14863]  dump_stack_lvl+0x18c/0x250
[  432.163923][T14863]  ? show_regs_print_info+0x20/0x20
[  432.169214][T14863]  ? load_image+0x400/0x400
[  432.173772][T14863]  ? __might_fault+0xaa/0x120
[  432.178497][T14863]  ? __lock_acquire+0x7d40/0x7d40
[  432.183578][T14863]  should_fail_ex+0x39d/0x4d0
[  432.188312][T14863]  _copy_to_iter+0x1ce/0x1120
[  432.193131][T14863]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  432.199171][T14863]  ? lock_chain_count+0x20/0x20
[  432.204101][T14863]  ? iov_iter_init+0x1e0/0x1e0
[  432.208928][T14863]  ? __local_bh_enable_ip+0x13a/0x1c0
[  432.214354][T14863]  ? lockdep_hardirqs_on+0x98/0x150
[  432.219610][T14863]  ? page_copy_sane+0x16a/0x270
[  432.224565][T14863]  copy_page_to_iter+0xa7/0x150
[  432.229474][T14863]  sk_msg_recvmsg+0x28c/0xc20
[  432.234196][T14863]  unix_bpf_recvmsg+0x5b2/0xde0
[  432.239110][T14863]  ? unix_stream_bpf_update_proto+0x2f0/0x2f0
[  432.245210][T14863]  ? wait_woken+0x180/0x180
[  432.249757][T14863]  ? aa_sk_perm+0x83c/0x970
[  432.254303][T14863]  unix_stream_recvmsg+0x150/0x1c0
[  432.259453][T14863]  ? unix_stream_sendmsg+0xbf0/0xbf0
[  432.264787][T14863]  ? __unix_stream_recvmsg+0x150/0x150
[  432.270283][T14863]  ? aa_sock_msg_perm+0x94/0x150
[  432.275243][T14863]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  432.280551][T14863]  ? security_socket_recvmsg+0x89/0xb0
[  432.286033][T14863]  ? unix_stream_sendmsg+0xbf0/0xbf0
[  432.291352][T14863]  ____sys_recvmsg+0x2ce/0x5e0
[  432.296143][T14863]  ? __sys_recvmsg_sock+0x50/0x50
[  432.301195][T14863]  ? import_iovec+0x73/0xa0
[  432.305732][T14863]  ___sys_recvmsg+0x216/0x590
[  432.310467][T14863]  ? __sys_recvmsg+0x2a0/0x2a0
[  432.315265][T14863]  ? ksys_write+0x1c4/0x260
[  432.319814][T14863]  ? __fget_files+0x43d/0x4b0
[  432.324559][T14863]  __x64_sys_recvmsg+0x20c/0x2e0
[  432.329534][T14863]  ? ___sys_recvmsg+0x590/0x590
[  432.334421][T14863]  ? lockdep_hardirqs_on+0x98/0x150
[  432.339635][T14863]  do_syscall_64+0x55/0xa0
[  432.344079][T14863]  ? clear_bhb_loop+0x40/0x90
[  432.348772][T14863]  ? clear_bhb_loop+0x40/0x90
[  432.353476][T14863]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  432.359391][T14863] RIP: 0033:0x7fa70199aeb9
[  432.363850][T14863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  432.383477][T14863] RSP: 002b:00007fa7028b0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  432.391910][T14863] RAX: ffffffffffffffda RBX: 00007fa701c15fa0 RCX: 00007fa70199aeb9
[  432.399909][T14863] RDX: 0000000000000012 RSI: 00002000000004c0 RDI: 0000000000000003
[  432.407896][T14863] RBP: 00007fa7028b0090 R08: 0000000000000000 R09: 0000000000000000
[  432.415878][T14863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.423907][T14863] R13: 00007fa701c16038 R14: 00007fa701c15fa0 R15: 00007ffd39381268
[  432.431907][T14863]  </TASK>
[  432.958013][T14884] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2488'.
[  432.969905][T14886] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2489'.
[  433.245785][ T5775] Bluetooth: hci0: command tx timeout
[  433.701932][T14867] syzkaller0: tun_chr_ioctl cmd 2147767517
[  434.051586][ T2946] wlan1: Trigger new scan to find an IBSS to join
[  434.246336][T14794] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  434.262257][T14794] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  434.298599][T14909] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2494'.
[  434.408073][T14794] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  434.426681][T14794] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  434.450217][T14909] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2494'.
[  434.609106][T14912] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2494'.
[  435.314161][T11862] vlan0: left allmulticast mode
[  435.325311][ T5775] Bluetooth: hci0: command tx timeout
[  435.342760][T11862] vlan0: left promiscuous mode
[  435.348035][T11862] À: port 1(vlan0) entered disabled state
[  435.388923][T11862] hsr_slave_0: left promiscuous mode
[  435.399210][T11862] hsr_slave_1: left promiscuous mode
[  435.409534][T11862] bridge_slave_1: left allmulticast mode
[  435.420625][T11862] bridge_slave_1: left promiscuous mode
[  435.430989][T11862] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.449132][T11862] bridge_slave_0: left allmulticast mode
[  435.454836][T11862] bridge_slave_0: left promiscuous mode
[  435.465517][T11862] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.513943][T11862] veth0_macvtap: left promiscuous mode
[  435.528765][T11862] veth1_vlan: left promiscuous mode
[  435.540269][T11862] veth0_vlan: left promiscuous mode
[  435.983287][T11862] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  436.228182][T11862] team0 (unregistering): Port device macvlan0 removed
[  436.643146][T11862] team0 (unregistering): Port device team_slave_1 removed
[  436.686280][T11862] team0 (unregistering): Port device team_slave_0 removed
[  436.727202][T11862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  436.775731][T11862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  437.005352][ T2988] wlan1: Creating new IBSS network, BSSID 82:b1:f3:e3:cd:4d
[  437.032577][T11862] team0 (unregistering): Port device dummy0 removed
[  437.057675][T11862] bond0 (unregistering): (slave team0): Releasing backup interface
[  437.093823][T11862] bond0 (unregistering): Released all slaves
[  437.218269][T14794] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.293703][T14794] 8021q: adding VLAN 0 to HW filter on device team0
[  437.350409][T11854] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.357667][T11854] bridge0: port 1(bridge_slave_0) entered forwarding state
[  437.372106][T11854] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.379318][T11854] bridge0: port 2(bridge_slave_1) entered forwarding state
[  437.405311][ T5775] Bluetooth: hci0: command tx timeout
[  437.446158][T14958] netlink: 'syz.3.2504': attribute type 10 has an invalid length.
[  437.830016][T14970] netlink: 'syz.1.2508': attribute type 10 has an invalid length.
[  437.993551][T14970] team0 (unregistering): Port device team_slave_0 removed
[  438.016701][T14970] team0 (unregistering): Port device team_slave_1 removed
[  438.049142][T14976] mac80211_hwsim hwsim17 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  438.312832][T14794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  438.322791][T14983] __nla_validate_parse: 2 callbacks suppressed
[  438.322807][T14983] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2511'.
[  438.341562][T14983] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2511'.
[  438.381409][T14983] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2511'.
[  438.440405][T14985] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2510'.
[  438.530370][T14794] veth0_vlan: entered promiscuous mode
[  438.660615][T14794] veth1_vlan: entered promiscuous mode
[  438.727091][T14794] veth0_macvtap: entered promiscuous mode
[  438.747141][T14794] veth1_macvtap: entered promiscuous mode
[  438.799761][T14794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.811413][T14794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.821789][T14794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.840587][T14794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.853277][T14794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  438.873218][T14794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  438.884044][T14794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.894242][T14794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  438.905760][T14794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.927820][T14794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  438.957408][T14794] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  438.982467][T14794] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  438.997395][T14794] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  439.009972][T14794] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  439.075643][T15000] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  439.104673][T15003] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  439.122550][T15002] netlink: 'syz.0.2517': attribute type 10 has an invalid length.
[  439.582151][T15012] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2520'.
[  439.599171][T15012] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2520'.
[  439.613363][T15012] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2520'.
[  439.634389][T11862] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.650492][T11862] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  439.697633][T11862] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.722694][T11862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  439.877698][T15021] netlink: 'syz.0.2522': attribute type 21 has an invalid length.
[  439.901274][T15021] netlink: 'syz.0.2522': attribute type 1 has an invalid length.
[  439.928021][T15021] netlink: 16050 bytes leftover after parsing attributes in process `syz.0.2522'.
[  439.998434][T15027] FAULT_INJECTION: forcing a failure.
[  439.998434][T15027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.031135][T15027] CPU: 0 PID: 15027 Comm: syz.2.2474 Not tainted syzkaller #0
[  440.038676][T15027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  440.048764][T15027] Call Trace:
[  440.052072][T15027]  <TASK>
[  440.055029][T15027]  dump_stack_lvl+0x18c/0x250
[  440.059750][T15027]  ? show_regs_print_info+0x20/0x20
[  440.065021][T15027]  ? load_image+0x400/0x400
[  440.069571][T15027]  ? __lock_acquire+0x7d40/0x7d40
[  440.074627][T15027]  ? snprintf+0xe9/0x140
[  440.078900][T15027]  should_fail_ex+0x39d/0x4d0
[  440.083612][T15027]  _copy_to_user+0x2f/0xa0
[  440.088067][T15027]  simple_read_from_buffer+0xe7/0x150
[  440.093481][T15027]  proc_fail_nth_read+0x1e8/0x260
[  440.098541][T15027]  ? proc_fault_inject_write+0x360/0x360
[  440.104209][T15027]  ? fsnotify_perm+0x271/0x5e0
[  440.109004][T15027]  ? proc_fault_inject_write+0x360/0x360
[  440.114667][T15027]  vfs_read+0x28b/0x970
[  440.118856][T15027]  ? kernel_read+0x1e0/0x1e0
[  440.123488][T15027]  ? __fget_files+0x28/0x4b0
[  440.128100][T15027]  ? __fget_files+0x28/0x4b0
[  440.132719][T15027]  ? __fget_files+0x43d/0x4b0
[  440.137447][T15027]  ? __fdget_pos+0x2a3/0x330
[  440.142061][T15027]  ? ksys_read+0x75/0x260
[  440.146416][T15027]  ksys_read+0x150/0x260
[  440.150702][T15027]  ? vfs_write+0x990/0x990
[  440.155160][T15027]  ? lockdep_hardirqs_on+0x98/0x150
[  440.160386][T15027]  do_syscall_64+0x55/0xa0
[  440.164825][T15027]  ? clear_bhb_loop+0x40/0x90
[  440.169567][T15027]  ? clear_bhb_loop+0x40/0x90
[  440.174266][T15027]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  440.180177][T15027] RIP: 0033:0x7fc5f335b78e
[  440.184609][T15027] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  440.204273][T15027] RSP: 002b:00007fc5f4197fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  440.212714][T15027] RAX: ffffffffffffffda RBX: 00007fc5f41986c0 RCX: 00007fc5f335b78e
[  440.220715][T15027] RDX: 000000000000000f RSI: 00007fc5f41980a0 RDI: 0000000000000004
[  440.228730][T15027] RBP: 00007fc5f4198090 R08: 0000000000000000 R09: 0000000000000000
[  440.236732][T15027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.244732][T15027] R13: 00007fc5f3616038 R14: 00007fc5f3615fa0 R15: 00007ffc88777d78
[  440.252748][T15027]  </TASK>
[  440.265696][T11865] wlan1: Trigger new scan to find an IBSS to join
[  440.277145][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  440.283496][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  440.532896][T15035] netlink: 'syz.0.2527': attribute type 10 has an invalid length.
[  440.685060][T15035] team0 (unregistering): Port device team_slave_0 removed
[  440.727568][T15035] team0 (unregistering): Port device team_slave_1 removed
[  441.014075][T15039] mac80211_hwsim hwsim19 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  441.298710][ T5783] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  441.311754][ T5783] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  441.321616][ T5783] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  441.338845][ T5783] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  441.348193][ T5783] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  441.359034][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  441.534113][T15051] netlink: 'syz.2.2532': attribute type 21 has an invalid length.
[  441.581151][T15051] netlink: 'syz.2.2532': attribute type 6 has an invalid length.
[  441.604558][T15051] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2532'.
[  442.101655][T15053] chnl_net:caif_netlink_parms(): no params data found
[  442.201991][T11862] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.359326][T11862] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.538456][T15076] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2536'.
[  442.608091][T11862] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.664171][T15053] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.682186][T15053] bridge0: port 1(bridge_slave_0) entered disabled state
[  442.689748][T15053] bridge_slave_0: entered allmulticast mode
[  442.700694][T15053] bridge_slave_0: entered promiscuous mode
[  442.730527][T15053] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.760597][T15053] bridge0: port 2(bridge_slave_1) entered disabled state
[  442.770421][T15053] bridge_slave_1: entered allmulticast mode
[  442.791883][T15053] bridge_slave_1: entered promiscuous mode
[  442.897024][T11862] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.128373][T15097] mac80211_hwsim hwsim19 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  443.157040][T15053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.270852][T15053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.387964][T15102] netlink: 'syz.2.2544': attribute type 2 has an invalid length.
[  443.403064][T15102] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2544'.
[  443.413313][ T5775] Bluetooth: hci2: command tx timeout
[  443.427528][T15102] FAULT_INJECTION: forcing a failure.
[  443.427528][T15102] name failslab, interval 1, probability 0, space 0, times 0
[  443.444420][T15102] CPU: 1 PID: 15102 Comm: syz.2.2544 Not tainted syzkaller #0
[  443.451946][T15102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  443.462055][T15102] Call Trace:
[  443.465385][T15102]  <TASK>
[  443.468363][T15102]  dump_stack_lvl+0x18c/0x250
[  443.473118][T15102]  ? show_regs_print_info+0x20/0x20
[  443.478386][T15102]  ? load_image+0x400/0x400
[  443.482949][T15102]  ? __lock_acquire+0x7d40/0x7d40
[  443.488021][T15102]  ? __lock_acquire+0x1273/0x7d40
[  443.493114][T15102]  should_fail_ex+0x39d/0x4d0
[  443.497862][T15102]  should_failslab+0x9/0x20
[  443.502421][T15102]  slab_pre_alloc_hook+0x59/0x310
[  443.507509][T15102]  ? fib_create_info+0xa61/0x2460
[  443.512594][T15102]  ? fib_create_info+0xa61/0x2460
[  443.517682][T15102]  __kmem_cache_alloc_node+0x53/0x250
[  443.523109][T15102]  ? arch_stack_walk+0x160/0x190
[  443.528103][T15102]  ? fib_create_info+0xa61/0x2460
[  443.533189][T15102]  __kmalloc+0xa4/0x230
[  443.537412][T15102]  fib_create_info+0xa61/0x2460
[  443.542329][T15102]  ? __stack_depot_save+0x1f/0x630
[  443.547500][T15102]  ? mark_lock+0x94/0x320
[  443.551896][T15102]  fib_table_insert+0xc6/0x1b20
[  443.556803][T15102]  ? l3mdev_fib_table+0x18/0x160
[  443.561813][T15102]  ? l3mdev_fib_table+0x18/0x160
[  443.566819][T15102]  ? fib_new_table+0x10a/0x2d0
[  443.571646][T15102]  fib_magic+0x2e5/0x3c0
[  443.575954][T15102]  ? _raw_spin_unlock+0x40/0x40
[  443.580858][T15102]  ? fib_add_ifaddr+0x5e0/0x5e0
[  443.585810][T15102]  fib_add_ifaddr+0x144/0x5e0
[  443.590562][T15102]  ? is_eth_active_slave_of_bonding_rcu+0x260/0x260
[  443.597212][T15102]  fib_inetaddr_event+0x140/0x1d0
[  443.602310][T15102]  notifier_call_chain+0x197/0x380
[  443.607495][T15102]  blocking_notifier_call_chain+0x6a/0x90
[  443.613277][T15102]  __inet_insert_ifa+0x9bc/0xbd0
[  443.618345][T15102]  ? inet_rcu_free_ifa+0xc0/0xc0
[  443.623351][T15102]  inet_rtm_newaddr+0xc1d/0x1ae0
[  443.628352][T15102]  ? inet_netconf_fill_devconf+0x8f0/0x8f0
[  443.634185][T15102]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  443.639313][T15102]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  443.644440][T15102]  ? inet_netconf_fill_devconf+0x8f0/0x8f0
[  443.650264][T15102]  rtnetlink_rcv_msg+0x869/0xfa0
[  443.655238][T15102]  ? lockdep_hardirqs_on+0x98/0x150
[  443.660466][T15102]  ? rtnetlink_bind+0x80/0x80
[  443.665174][T15102]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  443.671197][T15102]  ? __dev_queue_xmit+0x26b/0x36b0
[  443.676356][T15102]  ? lock_chain_count+0x20/0x20
[  443.681224][T15102]  ? __local_bh_enable_ip+0x13a/0x1c0
[  443.686615][T15102]  ? lockdep_hardirqs_on+0x98/0x150
[  443.691832][T15102]  ? __local_bh_enable_ip+0x13a/0x1c0
[  443.697221][T15102]  ? _local_bh_enable+0xa0/0xa0
[  443.702095][T15102]  ? __dev_queue_xmit+0x26b/0x36b0
[  443.707227][T15102]  ? __dev_queue_xmit+0x26b/0x36b0
[  443.712360][T15102]  ? __dev_queue_xmit+0x124f/0x36b0
[  443.717572][T15102]  ? __dev_queue_xmit+0x26b/0x36b0
[  443.722725][T15102]  ? ref_tracker_free+0x690/0x840
[  443.727779][T15102]  netlink_rcv_skb+0x241/0x4d0
[  443.732569][T15102]  ? rtnetlink_bind+0x80/0x80
[  443.737262][T15102]  ? netlink_ack+0x1180/0x1180
[  443.742056][T15102]  ? __lock_acquire+0x7d40/0x7d40
[  443.747102][T15102]  ? netlink_deliver_tap+0x2e/0x1b0
[  443.752326][T15102]  netlink_unicast+0x751/0x8d0
[  443.757118][T15102]  netlink_sendmsg+0x8d0/0xbf0
[  443.761906][T15102]  ? netlink_getsockopt+0x590/0x590
[  443.767124][T15102]  ? aa_sock_msg_perm+0x94/0x150
[  443.772076][T15102]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  443.777378][T15102]  ? security_socket_sendmsg+0x80/0xa0
[  443.782865][T15102]  ? netlink_getsockopt+0x590/0x590
[  443.788082][T15102]  ____sys_sendmsg+0x5ba/0x960
[  443.792873][T15102]  ? __asan_memset+0x22/0x40
[  443.797480][T15102]  ? __sys_sendmsg_sock+0x30/0x30
[  443.802531][T15102]  ? __import_iovec+0x5f2/0x850
[  443.807411][T15102]  ? import_iovec+0x73/0xa0
[  443.811945][T15102]  ___sys_sendmsg+0x2a6/0x360
[  443.816680][T15102]  ? get_pid_task+0x20/0x1e0
[  443.821308][T15102]  ? __sys_sendmsg+0x2a0/0x2a0
[  443.826118][T15102]  ? __lock_acquire+0x7d40/0x7d40
[  443.831185][T15102]  __se_sys_sendmsg+0x1c2/0x2b0
[  443.836055][T15102]  ? __x64_sys_sendmsg+0x80/0x80
[  443.841016][T15102]  ? lockdep_hardirqs_on+0x98/0x150
[  443.846231][T15102]  do_syscall_64+0x55/0xa0
[  443.850679][T15102]  ? clear_bhb_loop+0x40/0x90
[  443.855374][T15102]  ? clear_bhb_loop+0x40/0x90
[  443.860087][T15102]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  443.865997][T15102] RIP: 0033:0x7fc5f339aeb9
[  443.870427][T15102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  443.890047][T15102] RSP: 002b:00007fc5f4198028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  443.898481][T15102] RAX: ffffffffffffffda RBX: 00007fc5f3615fa0 RCX: 00007fc5f339aeb9
[  443.906486][T15102] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  443.914495][T15102] RBP: 00007fc5f4198090 R08: 0000000000000000 R09: 0000000000000000
[  443.922499][T15102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.930480][T15102] R13: 00007fc5f3616038 R14: 00007fc5f3615fa0 R15: 00007ffc88777d78
[  443.938480][T15102]  </TASK>
[  444.008485][T15053] team0: Port device team_slave_0 added
[  444.017677][T15053] team0: Port device team_slave_1 added
[  444.062747][  T125] wlan1: Trigger new scan to find an IBSS to join
[  444.241495][T15053] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.248700][T15053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.286562][T15053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.302944][T15053] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.310091][T15053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.337662][T15053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  444.523625][T15116] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2547'.
[  444.667628][T15053] hsr_slave_0: entered promiscuous mode
[  444.688743][T15053] hsr_slave_1: entered promiscuous mode
[  445.070133][   T11] wlan1: Creating new IBSS network, BSSID e6:f2:d5:6e:49:9d
[  445.485148][ T5775] Bluetooth: hci2: command tx timeout
[  446.269559][T15157] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.2555'.
[  446.626901][T15168] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2557'.
[  446.648772][T15053] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  446.703081][T15170] netlink: 'syz.2.2556': attribute type 16 has an invalid length.
[  446.717291][T15170] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2556'.
[  446.730147][T15170] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.749299][T15168] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2557'.
[  446.774644][T15053] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  446.800498][T15175] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2557'.
[  446.846435][T15053] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  446.882059][T15053] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  447.011153][   T11] wlan1: Trigger new scan to find an IBSS to join
[  447.308939][T11862] bridge_slave_1: left allmulticast mode
[  447.353580][T11862] bridge_slave_1: left promiscuous mode
[  447.376712][T11862] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.400642][T11862] bridge_slave_0: left allmulticast mode
[  447.410449][T11862] bridge_slave_0: left promiscuous mode
[  447.424992][T11862] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.572628][ T5775] Bluetooth: hci2: command tx timeout
[  448.000248][T11862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  448.049801][T11862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  448.327707][T11862] bond0 (unregistering): Released all slaves
[  448.432724][T15195] netlink: 'syz.0.2563': attribute type 1 has an invalid length.
[  448.441218][T15195] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.2563'.
[  448.464331][T15198] netlink: 'syz.1.2562': attribute type 10 has an invalid length.
[  448.500969][T15201] mac80211_hwsim hwsim21 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  448.753651][T15211] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2567'.
[  448.766659][T15053] 8021q: adding VLAN 0 to HW filter on device bond0
[  448.787016][T15211] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2567'.
[  448.798216][T15211] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2567'.
[  448.905425][T15053] 8021q: adding VLAN 0 to HW filter on device team0
[  448.947014][  T125] bridge0: port 1(bridge_slave_0) entered blocking state
[  448.954308][  T125] bridge0: port 1(bridge_slave_0) entered forwarding state
[  449.000630][T11861] bridge0: port 2(bridge_slave_1) entered blocking state
[  449.007938][T11861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  449.609961][T15053] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.645346][ T5775] Bluetooth: hci2: command tx timeout
[  449.692304][T15235] sit0: entered promiscuous mode
[  449.698281][T15235] sit0: entered allmulticast mode
[  449.750134][T15053] veth0_vlan: entered promiscuous mode
[  449.764261][T15053] veth1_vlan: entered promiscuous mode
[  449.798781][T15053] veth0_macvtap: entered promiscuous mode
[  449.864524][T15053] veth1_macvtap: entered promiscuous mode
[  449.994561][T15242] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2577'.
[  450.055593][   T11] wlan1: Trigger new scan to find an IBSS to join
[  450.080760][T15242] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2577'.
[  450.095824][T15244] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2577'.
[  450.139118][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.157690][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.173546][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.190697][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.200725][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.222222][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.241133][T15053] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.271405][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.288416][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.301508][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.314858][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.330461][T15053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.341578][T15053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.374428][T15053] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.391297][T15250] netlink: 61211 bytes leftover after parsing attributes in process `syz.1.2580'.
[  450.422117][T15053] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.451874][T15053] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.461209][T15053] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.472482][T15053] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.636811][T11861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.645637][T11861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.732334][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.754383][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.951150][T15262] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.2585'.
[  450.986975][   T11] wlan1: Creating new IBSS network, BSSID 5a:63:da:77:07:0e
[  451.089276][T11861] wlan1: Trigger new scan to find an IBSS to join
[  451.106057][T15268] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2587'.
[  451.327280][T15276] netlink: 'syz.0.2590': attribute type 7 has an invalid length.
[  451.475414][T15280] netlink: 'syz.1.2589': attribute type 1 has an invalid length.
[  451.496517][T15273] delete_channel: no stack
[  451.960065][T15299] mac80211_hwsim hwsim21 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  452.291627][T15309] netlink: 'syz.1.2601': attribute type 3 has an invalid length.
[  452.909198][T15326] netlink: 'syz.3.2605': attribute type 10 has an invalid length.
[  452.928939][T15326] caif0: entered promiscuous mode
[  452.934303][T15326] caif0: entered allmulticast mode
[  452.954242][T15326] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  453.179821][T15337] netlink: 'syz.0.2607': attribute type 16 has an invalid length.
[  453.210500][T15337] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.246500][T15338] mac80211_hwsim hwsim23 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  453.816856][T15347] __nla_validate_parse: 13 callbacks suppressed
[  453.816877][T15347] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2620'.
[  454.036687][T15345] netlink: 61211 bytes leftover after parsing attributes in process `syz.3.2612'.
[  454.058024][T11854] wlan1: Trigger new scan to find an IBSS to join
[  454.173591][T15357] netlink: 'syz.2.2615': attribute type 21 has an invalid length.
[  454.201839][T15357] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2615'.
[  454.221956][T15357] netlink: 'syz.2.2615': attribute type 5 has an invalid length.
[  454.236851][T15357] netlink: 'syz.2.2615': attribute type 6 has an invalid length.
[  454.244817][T15357] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2615'.
[  454.307388][T15363] netlink: 'syz.3.2618': attribute type 3 has an invalid length.
[  454.319529][T15363] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2618'.
[  454.362977][T15364] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2617'.
[  454.426114][T15364] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2617'.
[  454.464567][T15365] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2617'.
[  454.652027][T15373] mac80211_hwsim hwsim23 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  455.320473][T15390] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2625'.
[  456.258439][T15412] netlink: 'syz.3.2631': attribute type 39 has an invalid length.
[  456.639990][T15418] netlink: 'syz.0.2632': attribute type 10 has an invalid length.
[  456.927399][T15427] mac80211_hwsim hwsim19 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  457.011581][T11861] wlan1: Trigger new scan to find an IBSS to join
[  457.376444][T15438] netlink: 'syz.3.2637': attribute type 1 has an invalid length.
[  457.428958][T15438] netlink: 60387 bytes leftover after parsing attributes in process `syz.3.2637'.
[  458.509876][T15477] mac80211_hwsim hwsim23 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  459.088038][T11854] wlan1: Trigger new scan to find an IBSS to join
[  459.094643][T11854] wlan1: Trigger new scan to find an IBSS to join
[  461.105690][T11854] wlan1: Trigger new scan to find an IBSS to join
[  462.031919][ T2946] wlan1: Creating new IBSS network, BSSID f6:1f:1b:a2:5a:f1
[  462.136979][T15500] netlink: 'syz.1.2655': attribute type 10 has an invalid length.
[  462.239859][T15500] hsr_slave_0: entered allmulticast mode
[  462.778039][T15512] __nla_validate_parse: 7 callbacks suppressed
[  462.778162][T15512] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2657'.
[  463.038904][T15529] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2662'.
[  463.075650][T15529] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2662'.
[  463.088484][T15529] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2662'.
[  463.184954][T15531] mac80211_hwsim hwsim21 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  463.501306][T15541] netlink: 'syz.0.2664': attribute type 10 has an invalid length.
[  464.052740][ T2988] wlan1: Trigger new scan to find an IBSS to join
[  464.389038][T15566] FAULT_INJECTION: forcing a failure.
[  464.389038][T15566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  464.407190][T15566] CPU: 0 PID: 15566 Comm: syz.2.2672 Not tainted syzkaller #0
[  464.414721][T15566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  464.424829][T15566] Call Trace:
[  464.428167][T15566]  <TASK>
[  464.431140][T15566]  dump_stack_lvl+0x18c/0x250
[  464.435882][T15566]  ? show_regs_print_info+0x20/0x20
[  464.441137][T15566]  ? load_image+0x400/0x400
[  464.443309][T15565] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2671'.
[  464.445709][T15566]  ? __might_fault+0xaa/0x120
[  464.445739][T15566]  ? __lock_acquire+0x7d40/0x7d40
[  464.445777][T15566]  should_fail_ex+0x39d/0x4d0
[  464.469646][T15566]  _copy_from_user+0x2f/0xe0
[  464.474300][T15566]  generic_map_update_batch+0x59a/0x810
[  464.479921][T15566]  ? rcu_read_unlock+0xa0/0xa0
[  464.484750][T15566]  ? __fdget+0x180/0x210
[  464.489053][T15566]  ? rcu_read_unlock+0xa0/0xa0
[  464.493866][T15566]  bpf_map_do_batch+0x3d7/0x610
[  464.498786][T15566]  __sys_bpf+0x381/0x890
[  464.503087][T15566]  ? bpf_link_show_fdinfo+0x390/0x390
[  464.508524][T15566]  ? lock_chain_count+0x20/0x20
[  464.513418][T15566]  __x64_sys_bpf+0x7c/0x90
[  464.517865][T15566]  do_syscall_64+0x55/0xa0
[  464.522326][T15566]  ? clear_bhb_loop+0x40/0x90
[  464.527049][T15566]  ? clear_bhb_loop+0x40/0x90
[  464.531770][T15566]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.537694][T15566] RIP: 0033:0x7fc5f339aeb9
[  464.542134][T15566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.561774][T15566] RSP: 002b:00007fc5f4198028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  464.570241][T15566] RAX: ffffffffffffffda RBX: 00007fc5f3615fa0 RCX: 00007fc5f339aeb9
[  464.578269][T15566] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  464.586265][T15566] RBP: 00007fc5f4198090 R08: 0000000000000000 R09: 0000000000000000
[  464.594259][T15566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.602253][T15566] R13: 00007fc5f3616038 R14: 00007fc5f3615fa0 R15: 00007ffc88777d78
[  464.610262][T15566]  </TASK>
[  464.843522][T15571] netlink: 'syz.3.2674': attribute type 10 has an invalid length.
[  464.988729][T15571] team0 (unregistering): Port device team_slave_0 removed
[  465.033123][T15571] team0 (unregistering): Port device team_slave_1 removed
[  465.121530][T11865] wlan1: Creating new IBSS network, BSSID 22:d5:cf:b0:2c:37
[  466.075751][T11862] wlan1: Trigger new scan to find an IBSS to join
[  466.208446][T15596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2681'.
[  466.833679][T15596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2681'.
[  466.852693][T15600] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2681'.
[  467.074435][   T11] wlan1: Creating new IBSS network, BSSID 0e:9e:4a:e0:4a:3e
[  467.087683][  T125] wlan1: Trigger new scan to find an IBSS to join
[  467.115323][T15605] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2682'.
[  467.304563][T15621] netlink: 'syz.1.2688': attribute type 10 has an invalid length.
[  467.330931][T15617] netlink: 192436 bytes leftover after parsing attributes in process `syz.0.2685'.
[  467.347909][T15617] openvswitch: netlink: Duplicate key (type 0).
[  467.489744][T15622] netlink: 'syz.0.2685': attribute type 21 has an invalid length.
[  467.529330][T15622] netlink: 'syz.0.2685': attribute type 1 has an invalid length.
[  467.961114][T15643] netlink: 'syz.0.2698': attribute type 10 has an invalid length.
[  468.821802][T15662] FAULT_INJECTION: forcing a failure.
[  468.821802][T15662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  468.841113][T15662] CPU: 0 PID: 15662 Comm: syz.1.2702 Not tainted syzkaller #0
[  468.848647][T15662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  468.858748][T15662] Call Trace:
[  468.862074][T15662]  <TASK>
[  468.865041][T15662]  dump_stack_lvl+0x18c/0x250
[  468.869782][T15662]  ? show_regs_print_info+0x20/0x20
[  468.875041][T15662]  ? load_image+0x400/0x400
[  468.879599][T15662]  ? __might_fault+0xaa/0x120
[  468.884341][T15662]  ? __lock_acquire+0x7d40/0x7d40
[  468.889437][T15662]  should_fail_ex+0x39d/0x4d0
[  468.894205][T15662]  _copy_from_user+0x2f/0xe0
[  468.898851][T15662]  sk_setsockopt+0x2b2/0x2bc0
[  468.903598][T15662]  ? sockopt_capable+0x60/0x60
[  468.908417][T15662]  ? aa_sk_perm+0x83c/0x970
[  468.912982][T15662]  ? __fget_files+0x28/0x4b0
[  468.917637][T15662]  ? aa_af_perm+0x330/0x330
[  468.922231][T15662]  ? __fget_files+0x28/0x4b0
[  468.926872][T15662]  ? __fget_files+0x28/0x4b0
[  468.931603][T15662]  ? aa_sock_opt_perm+0x74/0x100
[  468.936601][T15662]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  468.942203][T15662]  ? security_socket_setsockopt+0x7e/0xa0
[  468.947978][T15662]  do_sock_setsockopt+0x11b/0x1a0
[  468.953088][T15662]  __x64_sys_setsockopt+0x182/0x200
[  468.958365][T15662]  do_syscall_64+0x55/0xa0
[  468.962837][T15662]  ? clear_bhb_loop+0x40/0x90
[  468.967725][T15662]  ? clear_bhb_loop+0x40/0x90
[  468.972449][T15662]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  468.978399][T15662] RIP: 0033:0x7f181e19aeb9
[  468.982897][T15662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  469.002579][T15662] RSP: 002b:00007f181f0d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  469.011021][T15662] RAX: ffffffffffffffda RBX: 00007f181e415fa0 RCX: 00007f181e19aeb9
[  469.019019][T15662] RDX: 0000000000000048 RSI: 0000000000000001 RDI: 0000000000000003
[  469.027012][T15662] RBP: 00007f181f0d8090 R08: 0000000000000004 R09: 0000000000000000
[  469.035035][T15662] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.043042][T15662] R13: 00007f181e416038 R14: 00007f181e415fa0 R15: 00007ffc6ee924c8
[  469.051061][T15662]  </TASK>
[  469.123066][T15665] __nla_validate_parse: 4 callbacks suppressed
[  469.123087][T15665] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2703'.
[  469.148728][T15667] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2705'.
[  469.263826][T15671] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2706'.
[  469.285321][T15671] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2706'.
[  469.299510][T15671] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2706'.
[  470.504132][T15701] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2715'.
[  470.599012][T15695] netlink: 192436 bytes leftover after parsing attributes in process `syz.3.2712'.
[  470.632113][T15695] openvswitch: netlink: Duplicate key (type 0).
[  470.701468][T15705] mac80211_hwsim hwsim19 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  470.797822][T15711] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2718'.
[  470.848468][T15711] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2718'.
[  470.872843][T15711] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2718'.
[  471.009735][  T125] wlan1: Trigger new scan to find an IBSS to join
[  471.204897][ T5775] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  471.355525][T15728] netlink: 'syz.3.2723': attribute type 10 has an invalid length.
[  471.460713][T15733] netlink: 'syz.1.2724': attribute type 33 has an invalid length.
[  471.510873][T15733] netlink: 'syz.1.2724': attribute type 3 has an invalid length.
[  471.950944][T11854] wlan1: Creating new IBSS network, BSSID d2:60:e2:e7:1d:d7
[  471.995977][T15751] mac80211_hwsim hwsim21 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  472.007824][T11865] ------------[ cut here ]------------
[  472.013694][T11865] WARNING: CPU: 0 PID: 11865 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3d2/0x440
[  472.023738][T11865] Modules linked in:
[  472.027804][T11865] CPU: 0 PID: 11865 Comm: kworker/u4:26 Not tainted syzkaller #0
[  472.035663][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  472.046568][T11865] Workqueue: cfg80211 cfg80211_event_work
[  472.052352][T11865] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[  472.058808][T11865] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 77 7c a2 f7 0f 0b eb bb e8 6e 7c a2 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 60 7c a2 f7 0f 0b e9 e0 fd ff ff e8
[  472.078599][T11865] RSP: 0018:ffffc900036dfa20 EFLAGS: 00010293
[  472.084728][T11865] RAX: ffffffff89e49842 RBX: dffffc0000000000 RCX: ffff888026713c00
[  472.092811][T11865] RDX: 0000000000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c81e0
[  472.100929][T11865] RBP: ffffc900036dfaf8 R08: ffffffff911bf56f R09: 1ffffffff2237ead
[  472.109001][T11865] R10: dffffc0000000000 R11: fffffbfff2237eae R12: ffff88806597cc90
[  472.117118][T11865] R13: 1ffff920006dbf4c R14: ffff8880583635b8 R15: 000000000000001f
[  472.125445][T11865] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  472.134446][T11865] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  472.141980][T11865] CR2: 00007fdd55c86e9c CR3: 000000005e8c8000 CR4: 00000000003506f0
[  472.150410][T11865] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  472.158877][T11865] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  472.167316][T11865] Call Trace:
[  472.170656][T11865]  <TASK>
[  472.173648][T11865]  ? mutex_lock_nested+0x20/0x20
[  472.179074][T11865]  ? trace_rdev_return_void+0x1c0/0x1c0
[  472.184699][T11865]  cfg80211_process_wdev_events+0x3bc/0x550
[  472.191055][T11865]  cfg80211_process_rdev_events+0xa1/0x110
[  472.197256][T11865]  cfg80211_event_work+0x2f/0x40
[  472.202262][T11865]  ? process_scheduled_works+0x96f/0x15d0
[  472.208437][T11865]  process_scheduled_works+0xa5d/0x15d0
[  472.214093][T11865]  ? assign_work+0x430/0x430
[  472.218857][T11865]  ? assign_work+0x3d0/0x430
[  472.223532][T11865]  worker_thread+0xa55/0xfc0
[  472.228254][T11865]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  472.234234][T11865]  ? _raw_spin_unlock+0x40/0x40
[  472.239215][T11865]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  472.245760][T11865]  kthread+0x2fa/0x390
[  472.249887][T11865]  ? pr_cont_work+0x560/0x560
[  472.254685][T11865]  ? kthread_blkcg+0xd0/0xd0
[  472.259433][T11865]  ret_from_fork+0x48/0x80
[  472.263903][T11865]  ? kthread_blkcg+0xd0/0xd0
[  472.268593][T11865]  ret_from_fork_asm+0x11/0x20
[  472.273449][T11865]  </TASK>
[  472.276593][T11865] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  472.283903][T11865] CPU: 0 PID: 11865 Comm: kworker/u4:26 Not tainted syzkaller #0
[  472.291663][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  472.301762][T11865] Workqueue: cfg80211 cfg80211_event_work
[  472.307539][T11865] Call Trace:
[  472.310859][T11865]  <TASK>
[  472.313832][T11865]  dump_stack_lvl+0x18c/0x250
[  472.318570][T11865]  ? show_regs_print_info+0x20/0x20
[  472.323826][T11865]  ? load_image+0x400/0x400
[  472.328395][T11865]  panic+0x2dc/0x730
[  472.332351][T11865]  ? bpf_jit_dump+0xd0/0xd0
[  472.336914][T11865]  ? ret_from_fork_asm+0x11/0x20
[  472.341907][T11865]  __warn+0x2e0/0x470
[  472.345936][T11865]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  472.351549][T11865]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  472.357169][T11865]  report_bug+0x2be/0x4f0
[  472.361565][T11865]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  472.367162][T11865]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  472.372758][T11865]  ? __cfg80211_ibss_joined+0x3d4/0x440
[  472.378357][T11865]  handle_bug+0xcf/0x120
[  472.382663][T11865]  exc_invalid_op+0x1a/0x50
[  472.387220][T11865]  asm_exc_invalid_op+0x1a/0x20
[  472.392117][T11865] RIP: 0010:__cfg80211_ibss_joined+0x3d2/0x440
[  472.398331][T11865] Code: 00 00 00 48 3b 84 24 80 00 00 00 75 5c 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 77 7c a2 f7 0f 0b eb bb e8 6e 7c a2 f7 <0f> 0b 4c 8b 6c 24 18 eb ad e8 60 7c a2 f7 0f 0b e9 e0 fd ff ff e8
[  472.417974][T11865] RSP: 0018:ffffc900036dfa20 EFLAGS: 00010293
[  472.424073][T11865] RAX: ffffffff89e49842 RBX: dffffc0000000000 RCX: ffff888026713c00
[  472.432067][T11865] RDX: 0000000000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c81e0
[  472.440061][T11865] RBP: ffffc900036dfaf8 R08: ffffffff911bf56f R09: 1ffffffff2237ead
[  472.448060][T11865] R10: dffffc0000000000 R11: fffffbfff2237eae R12: ffff88806597cc90
[  472.456055][T11865] R13: 1ffff920006dbf4c R14: ffff8880583635b8 R15: 000000000000001f
[  472.464056][T11865]  ? __cfg80211_ibss_joined+0x3d2/0x440
[  472.469638][T11865]  ? mutex_lock_nested+0x20/0x20
[  472.474612][T11865]  ? trace_rdev_return_void+0x1c0/0x1c0
[  472.480197][T11865]  cfg80211_process_wdev_events+0x3bc/0x550
[  472.486135][T11865]  cfg80211_process_rdev_events+0xa1/0x110
[  472.491974][T11865]  cfg80211_event_work+0x2f/0x40
[  472.496947][T11865]  ? process_scheduled_works+0x96f/0x15d0
[  472.502747][T11865]  process_scheduled_works+0xa5d/0x15d0
[  472.508357][T11865]  ? assign_work+0x430/0x430
[  472.512985][T11865]  ? assign_work+0x3d0/0x430
[  472.517605][T11865]  worker_thread+0xa55/0xfc0
[  472.522225][T11865]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  472.528155][T11865]  ? _raw_spin_unlock+0x40/0x40
[  472.533031][T11865]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  472.538964][T11865]  kthread+0x2fa/0x390
[  472.543051][T11865]  ? pr_cont_work+0x560/0x560
[  472.547760][T11865]  ? kthread_blkcg+0xd0/0xd0
[  472.552375][T11865]  ret_from_fork+0x48/0x80
[  472.556824][T11865]  ? kthread_blkcg+0xd0/0xd0
[  472.561442][T11865]  ret_from_fork_asm+0x11/0x20
[  472.566247][T11865]  </TASK>
[  472.569883][T11865] Kernel Offset: disabled
[  472.574305][T11865] Rebooting in 86400 seconds..