last executing test programs:

8m28.908111818s ago: executing program 3 (id=557):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x4, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8914, &(0x7f0000000b80)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|C\b\x00\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdd\x85\xaac{\x8c\x8ffp`-\xcd\xf6jh\xbf\x9c\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\x8b\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca^\xf9\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x96\x86\xdb\xa9\xd3\x01\xb2\xc7\xf8G\x069\x90,\xda\xf6\xc5\xcd\xec\xa3B\xc3\"4\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\x7f\xec\xb2\xc5E\x00\xdd\xf2e\xa8\xf1<\xb2\xc82\xbf=o\x00`\xc1A\'\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x92\xbb\xe3Y\x97\xc2')
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32=0x1], 0x48)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000001000)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed@n\x00\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xf3\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x9c\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1') (fail_nth: 9)

8m28.166870004s ago: executing program 3 (id=559):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0xfd, 0x0, 0x0, 0x0, 0xe9, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x100000, 0x10000, 0x9e4, 0x7, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
socket$kcm(0x2, 0x3, 0x106)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000000100000300000000000000", @ANYRES32, @ANYBLOB="0000dd00000045471660ff2469da3a0000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/18], 0x50)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f00000000c0)={0x0, 0x80, 0x5, 0xb, 0x4, 0x8, 0x0, 0x6, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xd4, 0x4, @perf_config_ext={0x7, 0x4}, 0x80, 0x4, 0x7fff, 0x9, 0x4, 0x49780915, 0xd, 0x0, 0x3, 0x0, 0xfffffffffffffff9})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x3b, &(0x7f0000000380)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000003c0), &(0x7f0000000440), 0x8, 0x86, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r6}, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b07d25a806c8c6f94f90624fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800aac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48)
r10 = socket$kcm(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r9}, &(0x7f0000000080)=0x1000000, &(0x7f0000000180)=r10}, 0x20)
ioctl$sock_kcm_SIOCKCMATTACH(r10, 0x541b, 0x0)

8m26.478616828s ago: executing program 3 (id=566):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001100)={r0, 0xe0, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000100), &(0x7f0000001380)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x42, &(0x7f0000000200)=[{}, {}, {}, {}], 0x20, 0x0, 0x0, &(0x7f0000000f80), 0x8, 0x12, 0x8, 0x8, &(0x7f0000000fc0)}}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001200)={&(0x7f0000001140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x5f, 0x30, 0x2e]}}, 0x0, 0x1d, 0x0, 0x1, 0x0, 0x10000}, 0x28)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x0, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x16, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

8m26.00289517s ago: executing program 3 (id=569):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x184104, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x4}, 0x100600, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfdd9}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x6, 0x20, 0x2, 0x40, 0x0, 0x7fffffffffffffff, 0x8, 0x6, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x2ee8, 0x4}, 0x108208, 0x4, 0x4, 0x4, 0x7, 0x1, 0x6, 0x0, 0x5, 0x0, 0x7fffffffffffffff}, 0x0, 0x4, r0, 0x9)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000000500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x0, 0x28, 0x0, &(0x7f00000002c0)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="5c00000011006bec9e3be35c6e17aa31076b876c1d0000007ea20864160af3653c001ac00400020208000200030001001400000007b556a737c160f9555b4755bb05251e618200000051f60a84c9f4d4938037e786a6", 0x56}, {&(0x7f0000000140)="7e3f15d6d2ee", 0x6}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000600)={'tunl0\x00', @local})
close(r3)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000)
r5 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

8m25.126923524s ago: executing program 3 (id=574):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000780)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x2a, &(0x7f0000000100)=r3, 0x4)
sendmsg$unix(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000a40)}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011)
recvmsg$unix(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$inet(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000980)}, 0x2404c140)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000280), &(0x7f0000000240)=r0}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@generic={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x18)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x19, &(0x7f0000000300)=""/25, 0xaee5b285a08e1fb4, 0x22, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x0, 0x2, 0xee7f}, 0x10, 0x17f52, 0xffffffffffffffff, 0x4, &(0x7f0000000380)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], &(0x7f00000003c0)=[{0x0, 0x2, 0xc}, {0x3, 0x5, 0x2, 0x6}, {0x5, 0x3, 0xc, 0x9}, {0x2, 0x4, 0xe}], 0x10, 0x1000}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@map=0x1, 0x24, 0x1, 0x7, &(0x7f00000004c0)=[0x0], 0x1, 0x0, 0x0, &(0x7f0000000540)=[0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0], <r9=>0x0}, 0x40)
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@generic={&(0x7f0000000640)='./file0\x00', 0x0, 0x4}, 0x18)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1a, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000002802000000000000f5000000193b00000139531000000000000000009500000000000000"], &(0x7f0000000700)='syzkaller\x00', 0x0, 0xac, &(0x7f0000000740)=""/172, 0x41100, 0x46, '\x00', 0x0, @tracing=0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0x9, 0x7fff, 0x1d}, 0x10, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000000880)=[0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000008c0)=[{0x3, 0x2, 0x9, 0x5}], 0x10, 0x10}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)={@map=r10, r7, 0x1c, 0x10, r8, @void, @value=r11, @void, @void, r9}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1d, 0x16, &(0x7f0000000c40)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xf, 0x1, 0xffffffff}, 0x10, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000002c0)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000300)=[{0x1, 0x5, 0xe, 0xb}, {0x3, 0x1, 0xb, 0x6}, {0x1, 0x5, 0xc, 0x2}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x3, 0x1, 0x1}, {0x1, 0x4, 0x9, 0x12}, {0x4, 0x1, 0xc, 0x5}, {0x4, 0x1, 0x9, 0x8}, {0x0, 0x2, 0x0, 0xd}]}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x3}, 0x50)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x10101, 0x4, 0x2000000, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a80008000800114004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6", 0xc5}], 0x1}, 0x4000000)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0), 0xc)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r13 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x80000ec}, 0x8)
sendmsg$inet(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9", 0x45}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
ioctl$TUNGETFILTER(r3, 0x801054db, &(0x7f0000000ac0)=""/206)

8m23.814771328s ago: executing program 3 (id=584):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)="4c81fe484da3dfda2accf5d4b0846d453f81a244f5d2d0ace95169f19f2217071bf21381007f3340a2cca3cdb29b51ee2069127829dd18ce513c9088fcd6d561a2e05462d88f7cd1b095720182b751e37d06dd6d520b9b5b346e350e8d9be742aae0fd57a90be88c1d29c8236588de3f1d3d0bfef536ebbf4c93081551542c00302c63b4e70f", &(0x7f0000000180)="36d69a5491", 0x8b50, r0}, 0x38)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x7, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff7}, [@call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x29, 0x5, 0x0)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)='!', 0x1}], 0x1}, 0x0)
syz_clone(0x4000c0fe, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETVNETLE(r3, 0xc008744c, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
unlink(&(0x7f0000000080)='./cgroup/cgroup.procs\x00')
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

8m8.55825921s ago: executing program 32 (id=584):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)="4c81fe484da3dfda2accf5d4b0846d453f81a244f5d2d0ace95169f19f2217071bf21381007f3340a2cca3cdb29b51ee2069127829dd18ce513c9088fcd6d561a2e05462d88f7cd1b095720182b751e37d06dd6d520b9b5b346e350e8d9be742aae0fd57a90be88c1d29c8236588de3f1d3d0bfef536ebbf4c93081551542c00302c63b4e70f", &(0x7f0000000180)="36d69a5491", 0x8b50, r0}, 0x38)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x7, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff7}, [@call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x29, 0x5, 0x0)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x806, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)='!', 0x1}], 0x1}, 0x0)
syz_clone(0x4000c0fe, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETVNETLE(r3, 0xc008744c, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
unlink(&(0x7f0000000080)='./cgroup/cgroup.procs\x00')
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

4.458789331s ago: executing program 4 (id=2744):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0xfd, 0x0, 0x0, 0x0, 0xe9, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x100000, 0x10000, 0x9e4, 0x7, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000000100000300000000000000", @ANYRES32, @ANYBLOB="0000dd00000045471660ff2469da3a0000000000", @ANYBLOB='\x00'/18], 0x50)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f00000000c0)={0x0, 0x80, 0x5, 0xb, 0x4, 0x8, 0x0, 0x6, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xd4, 0x4, @perf_config_ext={0x7, 0x4}, 0x80, 0x4, 0x7fff, 0x9, 0x4, 0x49780915, 0xd, 0x0, 0x3, 0x0, 0xfffffffffffffff9})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x3b, &(0x7f0000000380)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000003c0), &(0x7f0000000440), 0x8, 0x86, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r6}, 0xc)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b07d25a806c8c6f94f90624fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800aac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48)
r11 = socket$kcm(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r10}, &(0x7f0000000080)=0x1000000, &(0x7f0000000180)=r11}, 0x20)
ioctl$sock_kcm_SIOCKCMATTACH(r11, 0x541b, 0x0)

3.283083548s ago: executing program 4 (id=2747):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb4212"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f9e0ff008001fffffe1ffff86dd632f0806", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.213710102s ago: executing program 2 (id=2748):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b05d25a806f8c6394f91a24fc6007020f", 0x17}], 0x1b, 0x0, 0x0, 0x400300}, 0x8805)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000200000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x1e, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000ac0)={&(0x7f00000001c0)=@l2={0x1f, 0x1000, @none, 0xd4}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000240)="efe6ddefadef2beac29308eaf91f0767fc51a8fe6e54ef27a627397403ddafa2f396369345270f282efad78c78635c7e137263b55e18b3108b7b014b288df9", 0x3f}, {&(0x7f0000000400)="bb548fe11224d21a58ad45aab3ca0df2ce1287ec8dacdd68b93932fcd8c335ed5878c50111d8f6f0400f79d0164c1483fb3133ca7ed7e860d2b1688810da07f97e300d8cebec75fca08745145227b7ef6182d14bc96d885446d0f45500d46f1582e2dc67b2ed4e291bc2e1411549dddb60b2fd0ed1149f0f132f1fb6235f7898decd799950eb5e931b350fa280c1bc7a96614a42e7f3b8edaeb8c3b351a369286df5aed2756b95df273d5898918ed090625f113c657b56d427072d1f5e9aca", 0xbf}, {&(0x7f0000000280)="085d19a770d5d078774a8e1f1e960605ce5055e9eec799369a4ee54e00ba91483e6a73", 0x23}, {&(0x7f0000000700)="450c2e35772b1ce5357537fdd143f62457cbf54bc7886af597459efcbf79a8d6e3332581e3063d45b8132b2ea250172c8703f21a7a7cf6ce15470ba0554422d6645c43c33d450c1f5deafbee5730a24d51d6c277edae79b30d2ed69af6c7ec5f60f8609090fe7d93c0af48e7749473111c4206f99e6212930b42d01448472bb7110298a0f43e4c0aede4936cf97f4a4193c4a599c8f34a1b773740743b0b45a879abb10d590b40c98350892e2dcb0620061a0ccf96eacd660f68bd434387b8c57f0675a7", 0xc4}, {&(0x7f0000000300)="d1e0ac0ce003f982cda706538485ea4b07343c5f1673f0d6e66feb663d9293d224126da02552e26d0de54af6eeb253c55474e05f", 0x34}, {&(0x7f00000004c0)="ab450453b9", 0x5}, {&(0x7f0000000540)="0b5db3c644c6bb2fe87e8a2c38d5219822e3a4786127aa956531c16028679dbb7807fc15c44e8318bb00ed0ad9a4c1d3ec1b346603571864e31f178123f98177cd9ecd849bfbc8fc6b5b4b6739f26631db42b3a3110b17852b7adaca391ef50120dc696c4789ab8242edaa88865abfc3be38e850915a0b46aeccbe62ecb9c4ac54e0a6932e5ec126b0e4f043", 0x8c}, {&(0x7f0000000800)="2a2ca583b3e6a444ef708b510d95bbe6dd76464daa01bf4b246c1859e134c1e76004bff991dc751ba2c8a6a74b2e5ef74dd92fe9e1b487b1cbdcff95745b767bdea0b7b3bc13becd51229e8f894869cd62c6abb9324b312b1300ea168ea28a9d0a2cb0", 0x63}, {&(0x7f00000008c0)="f110b0768842", 0x6}], 0x9, &(0x7f00000009c0)=[{0xc8, 0x18f, 0x5, "78526299b932500f10bbe2c4c963f2288542b6b4c7a2016a8d38ee7f86016868902b0473def5f4ee8c78655467c3df69f22103b65841072c7d56b2cf094881315fe70bee0f3edfc1b068799cb01e821710b8eba0e24e0eaa8245cf1500a760f7b7220768070353582520d00a6960fd08764c147e33ab227336d0b07c6736ba7b6a28b23384a2e3fc144033073cb6704989907fa13dd5e73cc161138483695f9184742345f8863883cc11b972c4c065f4c56e427850"}], 0xc8}, 0x44851)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000042c0)="86", 0x1}, {&(0x7f00000002c0)="794ab6f05259d1b3bd29a47757ca01b92304ad7ac7dece9d204c4b1eea2feb32c12013dc3fdf2ae40958dc", 0x2b}, {&(0x7f0000000340)="d94469a91874fde3d54cf0261ed019a1743de9ea6aeb3a48c84fe243355bc50d49c475f6d7a83e162ee4ce52ba34872f5e0b62e54f0a669d25e869930f3f5858fc7ac5b45884996460645187518e98e83d588712c97a64a4806cdc8053118fbd297dd87bfb7675df60e9c6bb3ad691f5e2448ab0f83f31ebcbffcefdc4a23f8d01de480e6fccdb9923918a967f67c55799ecf0f6aaccbbeba00809f8977a0a5b", 0xa0}], 0x3}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f00000000c0), 0x4)
close(r3)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
close(0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000000080)="b19903dd1a16f8862f2424f90ce2ba507e18b399050980f812450fd3f95c3ccbe7", 0x21}], 0x1, 0x0, 0x50}, 0x14)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

3.144538646s ago: executing program 2 (id=2750):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)

2.963013434s ago: executing program 4 (id=2751):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0600000004000000990500000a"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r2, 0x0, 0x1ba8847c99}, 0x38) (fail_nth: 29)

2.916292807s ago: executing program 0 (id=2753):
socketpair(0x1f, 0x80000, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x6, 0x1, 0xd, 0xa, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800786a00"/28, @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000011c0e00000000df000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8949, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\xe0\xff\xff\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')

2.353751525s ago: executing program 4 (id=2754):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d040000000400000004000000000000000000001004000000000000000000000a030000000000000061"], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
close(r1) (async, rerun: 64)
write$cgroup_devices(r1, &(0x7f00000005c0)=ANY=[], 0xfffffeff) (async, rerun: 64)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000780)="2f5b65240c3ad9d09fe6ca152c25fc4ffcbf6b8a6bb673e7893e521f87d897e7ab1447c2a5a49326a2ad0dcf0ae49a0bc6341e1f462465d039df2147c9527c5b7f1cdb028177c433e5818041b2c85d2bf2668cca82b02f83da0263a6d34380a2100f67b23c1a403fb94daebbc522af8cb60a35946ee1e06a2a8cdb7cc0df4bd5a070d1d5947125b47ccc7c5f5e1884276a48a30a51bc5ea8991058d33dfe29046bbae888cda5c12247e7747b079090b1ccaedadb8c883ccfb47945a8c5d332ae2e7a2a55fe917458e13bd34d94c8dac7a17bc4dd8173d9b513d51654f94bbfd106d8619c72938c4854a7a526d06defa4c9f87da62274695df030c04404b83b070da3b3ffcc8f1863263e57368a8f980fea936bf2eb2b9eb12477c939e8e69fa1d94f033107d71c948e754d6dd9384bb6fa2db98d01dc20ab82041365a6349aca777578b336b79638336650876edeca23e19aa7eed4852b79546c6a30b3d8c25919cded25c5bcb97e8cc036ae44fd7789efb3d91a70edbebb440d262f8c0ddfd70c668f2908b654e09ba247bf52819954a6f88792d1d95db00cb0e98275f92bf02bd6f5bc4ad4e2f57958b2e241a860acfa33f94b4d453eec55cfffa2758ff66bf0a7fdf3ff4781d4c9811199f38ef9ec78d7ee9e8492763d238c9fd601f0d7c6ba5e6f6456f6cfecb6df2bb15dbca5d7cceedcf4fbbc6815b190c1f175dfea46d2db8124c4703df45f6e7eaa6223799a55045932cb55204f057ceedede2763255a90fc59ed268e6e57f1dd37abfd1791622bfdef1e970066f86db0637bdb7cfab284fe3ea39beb6c6e72add8a68b14b60d56c48b880adccd04e5161b95ba5ef97e47beb328ae56cb601e819656af28bf18845858db38a342bddfdfbe87dbe5239e36757fbe0314616951dd31142719a60b2a85d54e6d878dc0bde91012cfdc197182fa080a950c43328cf29b4ad3251e56b8a1776c7957bdf8ddfe8526c14b70bc61e536658e85f739038bc4c4251bac75253c6cd5dfb2ab61a5fed2783f639a5c49ac8210a947f20a9fecfdee8518420e5e69c120b49f68fd0eb369af87c01092b476aa99bddfb0fd260cc9820690b6f5acb70dad0140f16ea417447e94d2a815805a57c440ad028ad9c983a6b8ee05a11f6e7dcdc6dba1446d45d6826ace1d6ac3c77083aae0550e9e9380d06b7f45f32f2a20b30cf9db9d2fb6b191e193225ac055911aa16d020c5b1ca0aa2dc9488cea39aadec75f7b432958697df651010e1bb56030f8cc32b70a4cb9f6d392df5057c4775bdeaf96667cb78365aef2901c84debc8de4a6baf4114458efdcf2beb31870cf8e350f61af9cbda5740d2c3eeb43dd663425f7e47d2f8b43839e4b3b24957b5623234ac905603318d2a4fd2813044f44232abf4d4ea965505312940a92e3db7d5c6d5a53a3f42262f71a754318031ab39503a918c0aff0f4120f33bb438b00c4efd7a93480fcc882587871805ef3a0b6542ed60a737f3e0bd277804a7f031fdeea3b7ed18f29b0cb747e7ea9641083c5749cb392816f1ea39328429b0b46b7c32decc092e5d090085fbab252207454ef90f001594a1cd918d50b7ce926b3f320e73bf0737ffb39fac80e5324d9894426d06d36b66c206103669487b32d0c0bd4f7305fc59f686ec89472cd44634e956713464b1e0813555d0f7a65ffe6e10f66c769b2aaa00a2cd9134ed6710572cc987de4006f80303314559ccc45c2449cb99ed868b4c35ded131f68c1e9729915395a3785b31be2914840eb4b095299da9db2abb8800a38ba77202f2b058c8dece61369b08ce096906c351c38cbfbba7b862dedc0a2f6bf3517b65e80ef1c29c2655375cfe3380cc18da77425e6a69a60769506da38b07251b74a3511dd932c862f88312e88717b269f508cc08d07cdd1a4791305b1a034d9cd2a5438d45082f050800c9dbdb9f299120eef71a7ffd88101f1d1e26ffe616057ada7b3916a810ab760953d7a4d497fdfb2b713f443480611edac0f7a24b2f7e46e35b1f176f47c8f7ed8866d6333e83e3314b8c0748e6e48740c21e84dbfc5e73fa39dbfc03c722a07356cbf06bcabd607dc96625b3e1cab60dd604399d89ab10aa69dda6178a4ccb16b0b20bf0f16e4e6b1481140361171180aceeb30d266f7f6327c678d305567825866ac914f90a95412eedf1efc5c7a1b22ca60299e3c0479625a240fd820b0ac25d13dd18203b9b50199a485987fe5899d3ed4446c249431a49c38ebf6de84a0555429e115c3a4c9de40a4c16faae29de285d27d93de1db9c6cfd990218166a7232cc6619128ecdd5e107b605047e0282a411dba8274f28b8070d09ba08ed62fc8db56ee3c6c32cf2ef13395895ff5f3de66cca3fd14f35e31607804c70d7baea03e91ea42568b0cb1d0bd382db7a97c3f6a6b3df33b48f9e667d934c87eff3976666c0427d89bf2bb8cc472b35c5a65f8a8ebbb3fb673e55a0170eb9f65ed199694cd64fbdb00459159cbe66d4c9cfd1030ab882dd8aa56b3f6ac5fd69d24b76329d7ff863076725c3263489d971dd0340207b6be28a3f72a83f351ea95da5f1c924a905cb291a045a71c68ac91bf8814da949bbe95222176eb0b3e9bd2da1d0e5159b7d6b465807dadefd1c593912f58d65f619b8de3d4f5e3cc32ad55bd4c4e6e66680dff133af192ca930ba8ae5368c6228696a8df4a5e4d2ca422b59b55f70d79297c0f1b67b066176afb1624dc0a008cc93ff4b668e10c855f1cb9e7262167d748ca9c657f1ebe6846d66b878fb352dec5c31081df44852040297e38b619fd235ed7064a386b8e66b1b6c970d11ce564cd657e8542a54df6457d6bbcefa372f6353a1f692af94e44b8f2b0529a2810b87f5bdf4a36f683d0bf63fccb75837d94de716c0bbe0e736a3ace1f1231d94c7796c46d6f190f1bf29fbbc89f523cf308c461952f808e8cde326e95f6b7bf5f2c222a0ebd373e2009950d78432b933599a4b1a37bd46a882c41500ceae4ecf9822c1ecdab97fce43b1f272c15e9960467aef145e1f6c2d502c88e2870e016ae9704a41179769415a1a3b4bb54d325a697a589505de0e303d3c524083e3894cc52e64e1041c004e9520d497fb67a3033e2a28ce4be95a885cdf40aff57c9abf3e46a26e8552b4ff74f8ac73c13abbb7ab36feeb0eedfefc0e670880aa662f737b7a5d2ca92caa83b2907408cf838ad72d4a139974eb334d9e380a4735e9b567016f34a2e7d9b8b71530cc66e5ef2d8b9fbfbd6e6ecfb07b4bbfd770d780adfefbb881ab965f225e7a833b9ce58889745519e6f605f2ba6d38ea6fb152e97fb28ae487ad47a8981fe787e975bae8c4b8cc427fe2b534f91090776e1aa76535b3fbdc77c5bf92ecb16e802df74c44e0dc3f9095c944007c95f2dd9b644fd4aeb9dba25d6953d0b79b626ec5e69878d72613ff4b735b2bf1eb17e4d35734469adba41563aac71d4ccef426e97ff264d8aee84289ab390be6ef3ba18a1daaf0e5090947e2f70b8b37974b77b49c74ba538125bf26a3a2247bd198b5a3276907b71de004a18cdfa4c2c1c65082623609e70716033b5ee314331c0a6241d64690338393b1495f0002fc0b939ff398c9980022db9e190afae9c5af3b729774efd1245b77fbe0b57c6318127f4e47bb0c39207034d928e64f1d1808c995ffc299f756efb13b61df4a205789c180c12b805d109f15de968e4ff73d8c6b76b2feaf5d79d040c1f0749624ad262c96a72ac1ff9d1f01d2e33881a08a23651b622f1a59d9b855abe76ccae4f23bcfee8a15597393ef4611cbb0615cb9858e99482542046ed9f846a02746df0df27468bc6789ed89e475ef2f9b581dc5cf830927a82e312460c1ba2f5454b8da3a913e244b7c34512b83e86c311667b887b3d46a3baa76254d0160004e4b1b75c5fbd3f16874ab62209838a9a75aede50ffe18a11655bf46ac257af44f6ae362c83ceefa4d3de9a361bdbc8f85386a8b48dad43fe90554573e798e0c9e6dafd94a97d7f668bf9b98df8276e6ff936b6f167987cef2212bbc9bfa9205c212f9a0ca993d9ebf5614de7439d4d4e6ba8d7df5c1dbd7f71535b421fe5a717e5808be42cd37dd98eddce9198ffe206f34469fe8e5f4178ebb7ffe98c7838e8997a40f04b690a857b7a3ce3ec23c91ed6f75423b162fafdcfed9261ed3cdcf1359097ca11d781f031e16cd3b1c6839656c3fffae79d27353ccbfa175c0fdb4ef3e44cf244fb10063ed0f1d63f167837364d14ecd083ca274201afe3cdde151b011ce031af679caf2a481ac393c5ce36b6a3cf68daadf2b35af1f870635fbe370c497bcd926e798937b2e6e3efeaf263d5b51c29e79b6fca53e22f2acb990b38b107ff1d6c09f70a4a368e57cfd9021bec2d98171f04b0f5f7076b978e423f3c6a4663d35770bf9f4fc0832c2af35e0e8e64615bb2ceb13e55f89a862357333e4e9a6890185b574919f15689fb007656c582da7f9c564acbd7a0228511570a39cd24c691f272dbf13c7dbf02371f079dd96afacc89ab653325f0e838f6a341bec1dc70f13cbe74b203a1f683bed6a4c1f0a8695e817d066be5097e70dfd0cdccf8a09561c35210d455369ceb358b426368fb878243fa1d02acdc6b7631fd8c44e58570d0ebb82420be7b3fa445e9991b31ccb5391a44eaf0d07135ba48fdc842a3a783f6ae66736a52339040cf565874b8e8a573fe25e8fb6d4af9f3fe92e038ae6258c63dcae0278e99f5e768525d1c9e2c907a5bb3adb2b2ac8a5e6ecfdee6cca38af7d45e1a3840ad29741b18dcb5eb499762b5e28124fb432b4584d93754bcc491e529a272841cef2fb662eb5086c4f74ff63e5b5ae79f5e653e21dbca5c31c21683fd1bbdd6c5902e1aad7fc7046f83162d296f62fd04f7467eab577c28cc7477a46063975a9572d82cd644f2ac6698bbcc0ef93ee6065ee3166966ee8a417c8d9531ff579448b49a1770c1d7c110619e23c105cafb8c542029636d73dcdea9ecd3eb4d80987ce9c0589afa1c633c3aa92233e5b6f30d50dd2ce122daceabc997c7109c341bd23d44e680cb931e06a3a16a93d69cb0354c4aec4faaa44c5804dae96f0e2b27cc5f20390976c91685c34f294907f122283d7dc3c57e6d5e397e5e40e2f763d8facd701e243c06948a9b0c65a4c6117529381d8dd3da4fe8ff661629d12e6bb8d6e1261a30773d0c0ad9ee7981996cc6674c19fb4f6d23028ec314bcff3566a41e2db6351824f7b78ac9da3588ad11b4dd3028bc5cedbc314bd2566e9de80fb1be882470710a650a8d2ecf297211a1ec5330f8fb8309824047cf29d428654357d75de7df16dfbdb30d1cfb2aeb7ccb2e356a3aac6f7afba4e6d7f291969df706794b5757486b0a4c46d875767e5181a5896521b7fcdbb9dd40ac2be5e0a897ba9503d39c0386e3cb771427194416071a2551ae23b74e978cbe9c0565bca4abf1e7d2387f77920e0d48e0871de48c11d80338d6513796baaf9cf6943ae26e27af9e68e2c2ac5e999f2beeb77984cce833492f87b81cec7fa93b0d92bacb183063a8ba78ece42c4e08d0a5da154eb92ad902cfd525ad10b0ec6f63a02b4362c0fb5f5d33824dad89c22e1f3e6f6face81951a98c2505f60bc35a15c1ae94a2e6526207a444d538a2a77ae2350b501f0d0bf5e9cda94aa95f22cf1e13f9cbe496bedb82e65be7d490463896c66730824de2b63d9c09bbe13cee7623a0f846a85291bf6384e72c367f6a28fc041c01f99afcfdc0ca03afc493d6c1be7dd6da15", &(0x7f0000000140)=""/23, &(0x7f0000000180)="fbee872075fc793adf1e8e9e18791a3d02f110254805aa59199bab4fcebf681ee58e0fa8ed5dc0c66b87a0374608fb9becea6eecb634b4726b64258dc1c390704c53f9f6e94518c71f996235ff7b95c3e4872d4568c3b5c815b9e8ba708e150883af0a854ddd78269167c966b0f3a6c7978978a60caa8e49247ae0f6382308de9b762636afbe8cea333485e938dc20f801bb0cc2418d5f2167d284e2e7c1c7b0610b8b955f677a6575a618108a8094781e2521a20e910c063abcd7e3ed1b04fe2087b569fcbd98949238abfe0af57e35c80bd61e0a4c53c59d96276c106d72b42db298c6b8505928a6585d2fc1e720e1d4e867cb3d7e6b", &(0x7f00000002c0)="aa598422313b0d15cf210590e7efe77b", 0x3, r1, 0x4}, 0x38)
r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff274, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x1}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x8) (async)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8941, &(0x7f0000000080)) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40000000000000073119a0000000000630a00ff000000009500000000000000b003000000e54d9a4320c267fb3605f6c3f687dcfe09064db290cb1e5db93406c6a38b2b345f8f3c747a79a06ef7917f53fef4d0e04e3b462e606c8bb1d523659dfd3f5e898b83540000c2c680a56b7cf106b2e1b6c8315202d1b30aa6ea5867dc08cc"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffff6c, 0x10, &(0x7f0000000000), 0xfffffe51, 0xffffffffffffffff}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2a}]}, 0x0}, 0x94) (async, rerun: 64)
r5 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r7) (async, rerun: 32)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 32)
socketpair(0x18, 0x800, 0x3, &(0x7f0000000040))

2.231061421s ago: executing program 0 (id=2756):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x6, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)}, 0x8000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x11, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0xa0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

2.203945842s ago: executing program 2 (id=2757):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0xfd, 0x0, 0x0, 0x0, 0xe9, 0x40510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x100000, 0x10000, 0x9e4, 0x7, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8003}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x8, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2, @perf_config_ext={0x9}, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000000100000300000000000000", @ANYRES32, @ANYBLOB="0000dd00000045471660ff2469da3a0000000000", @ANYBLOB='\x00'/18], 0x50)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f00000000c0)={0x0, 0x80, 0x5, 0xb, 0x4, 0x8, 0x0, 0x6, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xd4, 0x4, @perf_config_ext={0x7, 0x4}, 0x80, 0x4, 0x7fff, 0x9, 0x4, 0x49780915, 0xd, 0x0, 0x3, 0x0, 0xfffffffffffffff9})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x5, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x3b, &(0x7f0000000380)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000003c0), &(0x7f0000000440), 0x8, 0x86, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r6}, 0xc)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b07d25a806c8c6f94f90624fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c18800aac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x48)
r11 = socket$kcm(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r10}, &(0x7f0000000080)=0x1000000, &(0x7f0000000180)=r11}, 0x20)
ioctl$sock_kcm_SIOCKCMATTACH(r11, 0x541b, 0x0)

2.129276836s ago: executing program 4 (id=2758):
syz_clone(0x45004400, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x48283, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="17000000140081044e81f782db44b904", 0x10}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/14], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x48)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xb)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x6)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000001)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0xa1, 0x0, 0x0, 0x40a10, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x400, 0xffffffffffffec23, 0x0, 0x7, 0x1c3b0979, 0x0, 0x10, 0x0, 0x0, 0x0, 0x959}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r4, 0x2e, 0x0, 0xffffffffffffffff, @void, @value=r4}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x6, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000b305000000000000000000008510000001000000950000000000000085000000ad0000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xa}, 0x94)

2.056527819s ago: executing program 0 (id=2759):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x6}, 0x2901, 0x35, 0x43a1bd76, 0x2, 0x3, 0x206, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="85000000190000006311770000000000070000000000000095000000000000007a4f59fc1e64cc9c718b1f618b12be81248ddd4fd95335dd8f7e942562f2e07ff439b8ebd5bf1b87624caf3c00d319595dd5bfad052f1b30283efb37457decd07d2d20a59a51c4a7a8edc4b83c47cf32281d4d6bfbcb8405ecded3e7c9fe2a85178e499cf5c1ed61b87fd0eecba4d4a2663bfd7a020593131c946bdbfaa22470da5ea8793e4e4021aac0c7e35d969e032bab41071b055868de1a52b91384cb1da034552a887fe6e12e080a95550d9ca32afe7aabb61a"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0xfffffffe, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0xe8a2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.054816809s ago: executing program 1 (id=2760):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb4212"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f9e0ff008001fffffe1ffff86dd632f0806", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.806941961s ago: executing program 1 (id=2761):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f9e0ff008001fffffe1ffff86dd632f0806", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.110430996s ago: executing program 1 (id=2762):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x0, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000c40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x26, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0xa, 0x2}, {0x3, 0x4}, {0xffffffff, 0x2}]}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r3, 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0x5dc}], 0x1}, 0x80d1)

1.02864338s ago: executing program 2 (id=2763):
socket$kcm(0xa, 0x5, 0x0) (async)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001900599c6d0e000091d028ef8020"], 0xfe33) (async, rerun: 32)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x2, @perf_bp={0x0, 0x7}, 0x8000, 0x5, 0x47a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (rerun: 32)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8) (async)
socketpair(0xb, 0xa, 0x49df576f, &(0x7f00000000c0)) (async)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000000c40)={&(0x7f0000000540)=@id={0x1e, 0x3, 0x0, {0x4e23}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000081}, 0x20050)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7}]})
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x426603, 0x0) (async)
ioctl$TUNGETVNETLE(r2, 0x40107447, &(0x7f0000000180))
gettid()
ioctl$TUNSETSTEERINGEBPF(r5, 0x800454e0, &(0x7f0000000040)=r1) (async)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'veth0\x00'}) (async, rerun: 32)
close(r2) (rerun: 32)

992.608751ms ago: executing program 0 (id=2764):
r0 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2, 0x0, 0x5b)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x11, 0xa, 0x300)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000004100000018110000", @ANYRES32=r1], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x8}, 0x7602, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0xffffffff}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='io.stat\x00', 0x26e1, 0x0)
r3 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0xf, &(0x7f00000000c0), 0x4)
socket$kcm(0x29, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a0000000800"], 0x0, 0x46, 0x0, 0x6}, 0x28)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="1400000016000b63d25a80648c2594f91124fc60", 0x14}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x31, &(0x7f0000000640)=r2, 0x4)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0206e7ec02000000ffffffff006d97dc", 0x33fe0}], 0x1}, 0x0)
socket$kcm(0x29, 0x0, 0x0)
r7 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)

986.006462ms ago: executing program 4 (id=2765):
socket$kcm(0x2, 0x5, 0x84)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="7a0a00ff000000007110b6000000000095"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x0, 0xd, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_config_ext={0x4, 0xc8}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r2, 0x1, 0xf, &(0x7f00000002c0), 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8910, &(0x7f0000000040)={'wlan1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x9b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x100e4a, 0x0, 0x4000, 0x0, 0x17}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x2, '\x00', 0x0, r3, 0x4, 0x0, 0x5}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r1, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x8, 0x4, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x69, &(0x7f00000006c0)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0x7f, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x13, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf2bd, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@ldst={0x0, 0x3, 0x3, 0xb, 0x8, 0x20, 0x4}, @map_fd={0x18, 0x2, 0x1, 0x0, r6}, @call={0x85, 0x0, 0x0, 0xc}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x7, 0x8f, &(0x7f00000003c0)=""/143, 0x41100, 0x5c, '\x00', r7, 0x25, r4, 0x8, &(0x7f0000000900)={0x4, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x2, 0xa, 0xa}, {0x2, 0x1, 0x6, 0x8}], 0x10, 0x7}, 0x94)
write$cgroup_devices(r3, &(0x7f00000005c0)=ANY=[], 0xfffffeff)

856.301958ms ago: executing program 1 (id=2766):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000340)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x2}, 0x84e, 0xc8, 0x0, 0x3, 0x40000000000006, 0x5}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000140)={0x2}, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0x12)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)

632.996029ms ago: executing program 1 (id=2767):
r0 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000), 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f0000000040)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x61, &(0x7f0000000100)=""/97, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x6, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0xf, 0x3, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000300)={r0, 0xffffffffffffffff, 0x4, r1}, 0x10)
r2 = syz_clone(0x5000100, &(0x7f0000000400)="7f57754c61e8324bc92a32b56da5690878e3148a24b482da2a62346c2fd4595871281db6434fa3b249739b25070dbf5537fc32d21c7ae18758703ac56b74", 0x3e, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)="0147f222bc05e6b203b16a060ba762870c45bd86cb0be0bce5a1258ec498be016c1288127555eba2595582eb9d2618200a7a03d3dc62bd5f2d31941169cef512a8c69b19cb9ac476b5d34c1f55cecfba36fa1f28667e2ce3c0a823f92e103119447ee6e67d5943c5800ffb27a88a9cb6922554572800041423c61895be2734f93703c1ef2beeb818e66b9f5a21d2d80435f7e0c9b4a91a64d4cb946b9d286dea6717497930da383ff126a4407100ffce1658349c6e1de99e54a9b88e12173a98bd4097e315df6bbb1d3bfcb28c353b7cdd8222eceb0aed07f386cd3a1d78c7352d")
r3 = perf_event_open$cgroup(&(0x7f0000000600)={0x5, 0x80, 0xfa, 0xe, 0xff, 0x6f, 0x0, 0xffffffff, 0x4, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000005c0), 0x7}, 0xa0, 0x3, 0x4, 0x9, 0xe, 0x31, 0x1, 0x0, 0xf, 0x0, 0xfffffffeffffffff}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x6)
r4 = perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x2, 0xe, 0x1, 0x1, 0x0, 0x6, 0x20000, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000340), 0x2}, 0x8020, 0x2ede7510, 0x4, 0x4, 0x42b8, 0x8000, 0xdbd5, 0x0, 0x4, 0x0, 0x9}, r2, 0x8, r3, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={&(0x7f0000000680)="df6b121ca5fc79574d94a809134966094aa248045d7a88337a627d52d8fe6819d9d7df4aa7b95a2055979fb5caf0df77d99a8e092d9fa0acacc6a07b3cfdbfc09e80b7a389bc8db170483ce4e247c4484b3483b40a2524717773bfa3401dced30e59db2e6dac9a6c984a5a9322edfdad5a900ede320d2864b06cd4e3082a505393cf46e65e8f7f428cbc96606bf8e863fece662f8c6c210afb1abb5d2b6aeee137773ed0a59286fd3daaf9e39edddebc3a9ae576ab4a8152aed0f9caebaf0aa3f74ad5890a420161c6e1ff2bf66f85fcdd239108a45c8502df36aa7b7b09947be43db7bba2833b908dd4f439bf024f62d73bfbc708310ae6e748a42374c3720896d8350a85afae13fe64ab1d328405e9a382b5e9023c439408cae64e4b09b9662153497bb8998e42fa23dcda2b5833a8c2f6ecb2d96e07e92e25b8d166874bb90134a83e368257edfeb1a1836b0135c84baedff69616fe419d94ba60bc27f9a78fe37f7529c84a9b4c6ff63b20bdcf8d924e8591b6b0a074ac20e4b66030f9a229bcf71165141f298e75d6858373fa0150005ee34ba9819b9bb0f7ba2b8533ebce6e5aa56d808b50041f4bdd0456eeaa05d4be9713e92acd43ad07ce4b8d103ad2e0c931afe50d360eaa6d83c01d7001e5a8b1843f9824a392538162a7bc46e678a598b4b07f7d667d4b3c7129eb400ceb9e8b15a631a3fdea1cca19896926afaf90a7af6545ff6f2494f8577a8b8680614260551ffb6ba10a35d44d6811e961457f9de3d572f83f3294729b29fa30febf92ce19cb2319f2a07317cad22be077a6bf4afeb93a52d05ac54e4a3edcaf1b276c90fde18694152003ba2fd263d114345ecb84f2106d4bd5459ecdaa23304449d7e8dcf0b1fbc5fdc9c1cf3988d6a96571982d4a11d0f50b4cd6aea740a7d23db7c624b106c0cbef2ef113824233998107a3e8a0d95bf1e4d894da02efcd7f20522265ca92f102c3c4c28bfad32afc03e1032b43ad55c2189d4029bb493a6acbe0bffc3ed849bda3e28d76ae107103d02c8f1014bedbb16029b3ed5a902044b5dfd52421d18a788138a967dc17cc78832a6e31a82d2ee1a8e40069f667266149950753fae698ad401d5fe407842e7ecb36cc6a97215c32830960cbbdee0ec684d788413f5a75d776dc10eda4be75143c774d709d07b3a6c695add6cd218db8b3a287532fc3203a19fee9c20eb0e546f45d7615ac8f99927acb20ecb3d74d7496ea47cdc136a47616bb94e9d7638952989353a1767ff4f6e9daa3ed286d3098a05224719c52faff1bc41d3c36f2f9a907e5f6fca708f4bf7c91b25c14b70a7f4861fd3afe9f1af9869f385102fc965c62a0c84b2d142e3d72baffe349ca61bc4a8972b9dce32101e3fc54a15ab4eb6426c3f225105d01d833796810e9a911c2032e10dbba965a776258e4de738e7beeb30f8543a4ac228e97cd15adbecac1d24c41c1811ad2fa718eafb24cf607a2f84213c7b638071ca758aea11f02778613277dbb0b03bcc4ee85056c088803d4876c1d8c38c1bcc1f223b24e39d8e5ca61b2c78df4a240049ec390af363ff3d13d485a52ec982f3244ce1156634d9431468855b295101831a4c74e1989fe9d3993f434cd1d40b975d60a8856bee4086249e466ad1ec48f71946900a5761908e4d758ea50ddabee2255c5690e5b19e50e211597e2d8833b1e15c236c084c0e5cc3fdd13e6f04a6cebef3f246de3743240e0344b7cb8fd29da2c073489386c1f73c62ee3b6bdcbadd92d4eb9abfbe10287291cece8a42bd129f106248dea531d4393c9a717b0b415873f4ff732e6cd400d9b41d5754fd596afe6525a591081e9c6c5b34f6d052f7095130fced86e9531716ed9010f068e82c5c08ae6244f30737b5640b68dcfcadf6e251839f2c798a8488a664142ad0a4b35432bcc1a2a51a45d4e8b21f83521d121ac82c4f9a69e65541ad350ae4cd331dd73622ef55de87b13fc7d55bf49b76c4ab4ae281ad6770c64be6a7c760c77b591ecb31a75fb7c591c9ec032d74a267836382a16d67398a7c0977adf3e80a1cc283c54ae2c1d0cfe2c037e8cac8f671ccd98e1e223745c0d5a632925e1a726efe301abd30e4546fd84d97487edf338f11fc306ab22b1a69db814185355520fc5adf5f26bf6e1eedbab8e0e12e98fac2090a583b881a1a25d9c8bf4c7e21550ce0f0ede884834e3649d703b0921a26403d321a0523da2dae2a5114e26094ae95172780f646f322381959831cb262063905af839f2f70df842357f85509147652456d07dfc1766561397fb9aec84e75a2cdacc10417ad9f41376aa8f4da212081c43b05b3510f0ad405d972e9b07e654f0d83621034df8d56e8f3a7a3860c3067b5bd0ba1b30a2d94c93d0dbf6b537c939a8b59f02544de046bbcf654e267a8b2a16f9c8d94d156669e409f2ccccd6b0d411f74daa127ab23d45b4583022bda799c194e7fa6c211195a04e97f74221619cc6ed890191f24da846694021a6b182a98688c3ac213bba8a7411fe69300141321b735f01c710c7fdfcc125f1eb6ccaca3552dc433d41876e9c7a9fdab82d823bbe4e324b6bbd672445d2bcb8c21ecc3e2fdb562a8ba9c14da9d4f504e3d4f7c27fc032bb605135aaaab1851a6f52f18c82611dc6dc4a2a3bd5ff279c00465ded64a6c7b0e3e5a663afd8d00f3b5a7d09132d276951fbc2bbd82afafd52d2829d30537e34a4a5211faf36983ea1956919b0621c45527e6b51c5cff107082ba274a1730aade3c94b21d6fa121da4bf83fe7cd481ba2ca6f23e9446f05d83484badd699bdc27feb7bbb84b859a0199f088e4773254308faf6c53ac30a187ad929f24e70bd01d0e42e76530acb0d03bad7f3897a08fffd0e4c6946079b176bcc2ab8e1b09f9a1fbae27a22eff03de9d2ce696e6f218b1ed40ef3007b4dd280538998631635ffb8994ee2d1c6a08182de1c653c69214190b2baecfdb959a9acfa10eb02368678db31477a62c1274a57f29aa4b8712c289c4e2de039b9c46faa1c728232061a9e687ea7c7c7cac709b251156cfb422f10e5c64a44d3ebe2f1b2a05e512bb37f650b2bdd68cd265004473b23f41640b7ed66c726b7b7e102be5e0526c412ea5513534bc0a1d04a1f834f6d50f9451f70211339dde21d71e69704feec5dcb8c15fb9321b968e92493926f8c658e5d31cfceb32c2cd852b25360876d90e1c46876733bde6986ffb4fb6adb805585c3088beea4aa30c2472e018045cdf480a8287c5d4ddd550739ac55c192f7f640b2aa8aecb08623c78414bcbc1399a6df60bb1a3406d01154a858ab6f8f27ec4b2d4a11a121ca2fef3169bde3a3e47be353c66bb334de5b01553ddaff5b2ea39774c5e3a7b395bbbb8b612b584c9825b5181773f339634b2aa15faaafdc75e7a8d40f4957e0f0ed444267a58036358cd3ba2e8e9acd4ceb8f168fa4a4107edf8e2c81dd0b0fcd79863cc32b34d83efea2b448fb173f9c72d1683dfb72114f92a9252fb1315d7e8796a1f7e720c9ad5bb49f0dcf5307ba9c8dbaed8022f18207ff8af2f667f655dd9293e322e665f22a95e1db657373d44cdc0febf0f5f6f0874044e0aec9f1a72f2e55f1bb04967ef5f6f8cdb56eb7efcb07bd594ca540c8cb70542ae2a8033f1cea4e2909d90adda4cdda6f6d0ad82b42a880ddb5d55c1c28ed5286ff232ffc964b17b2712648b9193abbea4ce1854f4082f9fc76c19d7ad8045d5cc568c28148a209f05546cc85e78548135f02619610deab7c9e142a1a0293253aa391c848574ca5ee312a02660d4abf0a0e02f12fd2be0be3e8285e539ac93ddc701e4d8839e8497039509e216ae1c5b2f9b93c5647db48640e822773e3b614e07197666c7cab8a2cada68f84d1c5af3fce1ab005464e6169009a72de1957f6ce1db51a52fe70789cdf32c34fd332b30a570293d4bdaab8e3e8692188e740d599c9cc3a9a8b04bd12aa4ffa1db4992b99f40115b249ff7975740b71e6783a1568efc8a795d1e978a4f051a32d2597fd6a2675cabca8050ee2bc79666f6c01ffa93e20360504955ad43e3d43ecfdec55c9f93b01988296ff131d4ca69d3edc4347d8f08bb61287b1fb7dbb8e91fb802cdab912461789814e5fb2e73dc3c5992fd2001089855d94f26738b2aed0f9624f3f6eaa62d99cffa5505ec152efb13a95d0ac30cc201e0427c8c68b0cda37ee8fa990a5fca88a8e26246f947f42b8dea7a85aad4ff811d33c73bc5a1b4c29fbce87d4aafbb1961e0a35dc891b762ca6d4f997af0a9d4a88b607e937cffeb2d4858569eb0205e214001d41f0b0a2dd00b4911566cf0c5afa6ee417c1a81f2b9b88d0b00868ac6cf441b984bb9e8cc6dac8dccb527f9c49ebf660963db8cd9a1747e5bcf68244228cd6f9c7e2d3ab2cb089f4d11ccba74e3be931c8216b90044edd641cb1f482e114804bc9352eca2d41cd0393eae230c6d887bb17b3cb9b9437aaf8b690e057becfe1fda0bd835a024fab0f82bc526301d7aa5739bcc5e2909f099cdcd93bcb2ddd72a83d95ced7bd4ce94e629da6f824b4b11676a77b6c2a6d24e1b232800ca318009e896406e4de954a55115226444b947f7c6a3c1966c800f207abbc4360d6bd4fda88e6741ddf4f3572189cf252fe3b0d3c60dfef28c0ecb1e2fb89dedd5c556c9e2f488b69c7f0b1f6a3b6743bee2b85396ddf111a83a2b2ad4b51bc17e8a35e7c673e348cd63f7cfa681675e558f621ee5f133f7051761996f67b58c6ebab54f7fa091cd22491e6649bd64880b49b29b62b8a32a6dee0bae1f664f18952071ed19ae9aa52d0dae7a631564c80869e262a9ac453e36358dac205a89d2c303f4efbc6899943d6aaa099c05e25b1403774d24e44eaa9f100b9d1854d79fa6910b967d19f2c32e38f4847bd13de406088b2b1e58181ccc31316e28a6436298e24c7cf621d45ba496db5fdd23ee9929454137e5918f601650b6f0468586aafc699f33263a8ffdffff8d3f3173441a1f5c924888c37b76e802e8ea41c7b768f51a38c6bfdb2cea16255bd5d13c8a9fde1841e322a3c22c2575799419ba05ffeca144ff4cded22caf92a4b0c5a9b4aceea25171bd6828b5e88a4c651a463c80c04622bfe787a8a6c17266fb1450019a24fa1b23e2ec907cfa6aa1650509ddc2a95b5b86aa6dc2c0fa69272d048c5714c83c0eb36924309d5ee59aa98af9a03b875c857aae539511abd2c34a6148544e61727a0e5397e56345b1d905c8f43a3483e17303bb521ef17597bf48bed50f4c835534182883c2f3080c0f465f9b196bf54e1d47be7134baf0d9117a9cd6d95fd0215dfdf822eb9d9f1f3666c8eb296a7627651b43bdd73f851101af2c0babb6b8670f12cee298a8f7f0994b0cc53ff6f7f6872611d5b0e75bb697df142c3739a4303b90312791ff90f87376f8f93d54d15e122a89630210057a2adab94c1e5aa924991ba31e653eacaec32f6c99efb208c3a00a0024b9f6aadbe16dfee97b6c648119e8bdd68a24a58c8096b3a24dd76f8bb3fe186ba33cfbf57a0ba07c4d9cb561aee264ab8f6b0b25940bd2205dd5aefe23c5375c7cfdf146b5313af25805baf96b7b6be25aaa390d7c32b216d4b2f916c1f9aee56507ac642822b33d8c457e367ce5cc5e7c8cef8145ceaf0dfda46cf5424dc6c328f000a686725bc46321d5e7a0b6e3f3af6af07e8531d516a99c53d5111a5681c718f84918c26cab464d7dfd648a0f8268764f90ae19f3f3ab5257c40d8c2cb1a5b6d1ec85052c4aa9360f8311957", &(0x7f0000001680)=""/39, &(0x7f00000016c0)="4b075678ec01be0bd21b2157336866c58509ae782669a1295f7cc18c32870cc6a61503fe71ab44867bf46230c652e29edf492a0b3ff1eab0c28dd7b9ba1f993c62335a64260869d57d9c3eac0a05a015251c33e421befa17ed6a1ea97c8a2758993b5b66c3a3dfa50fbb136d82f0dbfe669a596cd4c77f07fd13d500255883dbbcf877773184bedb9430314891c1c90088092b3b0f9ad143aa4e64f625f724dd92d2c910035a0d9bd17438f2f66f606ae4a4b0612b5d07bb8bb71f75087d59b50016c0bffea8e6b525f1a89054b4dc3b8e", &(0x7f00000017c0)="51b0eddd364a24bf50cdad14ee1c6a6dfca2ef1011fdc1e83ee0dfed96cff03302ea78bdc360fffb4bdb2e132d49045a6ae741ccac016b2e4e3563a07b1874eb75ee179eea544ada31245ccc3113bc442088e0f3dd9b5a3485839726b967d0bf6af81c36b26a1eecc0455c774fab9c2a7abe595c12e0e8e62e7689162da5f6ceff690b22d890155da51a8cd885b5af083137a01dbf83", 0x3, 0x1, 0x4}, 0x38)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001900)=@generic={&(0x7f00000018c0)='./file0\x00', 0x0, 0xc}, 0x18)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000019c0)={0xffffffffffffffff, 0x58, &(0x7f0000001940)={0x0, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001a00)=0xffffffffffffffff, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001a40)=@bloom_filter={0x1e, 0xf, 0x5, 0x1, 0x6c400, r5, 0x101, '\x00', r7, r8, 0x2, 0x1, 0x0, 0xc}, 0x50)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001ac0)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_pressure(r10, &(0x7f0000001b00)='memory.pressure\x00', 0x2, 0x0)
r11 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001b40)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', r7, r8, 0x4, 0x1, 0x1}, 0x50)
sendmsg$inet(r11, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f0000001bc0)="561f3a79457610c50d7fb91995050e79cd150fb636a84e13faa51ea2d934ffafee9fa84fc8ac20437a43d98522ed3de800f3005a45bbff84b6d589ae1f7da72f3b81727e553b223e57e401a447d8f8a5a540276dc5da89d4cd9e2da813fce614a892ece4899727c65adc1bc66d5ff4a2020932f888d27bdc32a4c9dcfa17a0d9e188e8da28818ecb54baa49b0c540b44acf9a98edf5e7e883ee37d9017ba91ad1e5f64d4be9e9076736912c28918caa4055e69c4c30a10702755be", 0xbb}, {&(0x7f0000001c80)="6b2449b72ca4705ca4fc55f879d15589f23af6cd6dc017cc3f9c741f23ce451c57c3ed926f93d1e75c5f3389d5196d22d910259e774e5e53c63e9cf4b495505edc543bbac69766098c8ed384af31ae15b23a67f34ab5379fd223a5f565e88f1e1b3c1ec3e30e2041ca27a30f03c4bc660c84649ea8d98669c9dfc7158283594fc24116fd3412af322c5fc5593ce1fcfc8a9c5f74d6ffde57bcc93db6596d775e72b34f356e66e75b37f1466672c0919dcf52d7d69c9deddfa84cf76274e1abbc248c3c99ab0d52fdcd3df85ed46b85c3b7c9e08b16a4f569c59dccd3a9f9b8f402d5f4e93ac43d1efbeb6c5535b176a25af85df34e2ab7dbab089b13df4cd999480ac7fa8c2ea3cdc87c470ce07536b7b444aaf882a777aff93f2be9867427991f2b248604e58979197a89b082022463d2159071a02146110fa0b2a4453fcf230bcd0cedbe934ebd7c5a145ed64d13ded8a34cdc40aa7e9ffe840c58fd0910bbc27c4ebd22d5282712861825061ea0d7f339c03ca6b3cc952009218c58c9d19c78eeb892731bade66a6460d7e34939f423ac48436c22688b9b922137c2f51ce7b8e1bb99ed1c76ee1cc948f7d0ee7286d740c85eeba40e356f319665084cf5914cbdf18025654a0d222390d1e796cfe8a4257f3df3f1c952818412810df4e92df2f34a53096be018a71d82ce78f1d1b099a7151c56ff9fc7f2c98999fd48ae5cb7028b4ad8d7c2dfa205e5b7da4cabcd3c4a13f9f314011ea9fa2110e8da8cd79195cc92d3aa29057b4ef9d08492c933ddcc24cd15e4440702585d064199bcb610f175f4465ebfd688820ac466cf5899c8112b75b1819e5e2da3afd35e98c67f02215a7981b007239b547d8629529302f5b84abb7e3aa167c486a63bf44b3af89ae1cc30cf789a28f45392f6a6c6ecaaac9e8c30e1d26e73250658156d33a716495e670fdad22cf41a6e16d168700bcf221fd4064f25bb4911c2bfaee0600d8ec3f604ac6c0ce6d95d13419a29c5b30116b15b9a59abce14ede939135541e69129bb23b450a323f5b247de4e6309f074ca52672053e7c39ce1e5d3db3bf04f4463e9dd84823d5bd6b8382ffb5a8fe67dae8fd828e8c6b66b2b996859998508d05979e4bf074611cf5ba259f57c6e9d43a07120e236c914eea34722a2c93d87cb08d2b55f9252023ff36eae92b7b73c16af6ee5c31ffe396bdf2496e9113f69a0a48f0cb8a4544f66da75af8f4894507ac3ad1adc20f8600062c73d03fb51ecb22e193e4fa107b4bbe24d36293d18af0d0d2b526c51168aaac9a7f7d83675e9f878b88b4bc32f8feace39642f6381127fb9963ba7b958722a7927c714db792bcd4c70ddf7db774dcdd02ae7c5cc803700c88432ab5f39a106e37e9f9963fa622cf0ce44cfb6079238784ec11c5c8f35093e72fe8fd6b82fbf88d37ea0447ff1a85586ec553ccad6e0652adca3caae7627842c48c9289173ca084f9d38484f20323aa00ffe8d32d4d98fbc6b50ef686dadf5d9b6d7b1d19993546e2466e9659b9036ebc52a4e16e1bb0c25159a949aee21731dee0b5f3119f4097c08abdb6514f3193ab8be9ae2dddb71c4db7035bd0da5eab78900cca573f860fc869869d46be110903fee8749fddb4f5b97c296c484c97f53e75333e50fb6143f5378c2facfbffe822099cb11ed122dd46c5ea78e0fb209a42e3dcd618dbd8e7e0cc2c8290115a1130fbc57c17b0d7ff6adf1676e7c2185972c5c317cdf11537765dc100678d2e294b40223fa6295597675456050a50eca7dfe25a1247bb73fd1632e5004a57f68a581d86202ad4a2d9ea5e7104f4f14c82a8c3b7bf813e8a224d8bd03d73c391e89d8b5d50f6ad0dd49e9c7fefb5137e4963b68a95b46c1c3c9cfc191d6fa9768188e067bd5c64bdb32bc8770dad966e29e0c181111b2c2a0df01518ae4de510b51a17149bb08d22d3878623bc1e2c382f262a084514e0975d91e75f53e8d671ece779146de74cf9ab9f1030607180c53317376b79b38a12271fe60ff1e908c9c34b279a636250225c2d20b2fff117e2ee3453f97057ccc36c4bd7d9d112eb342155cd2911cc868333d0d555718a4c4c2bcf02fb5b8c2ddd5bcfaa8425321aa3bc4e6ce64e538c25f8aa0a3f4bf1386fe35010518aea42c3d514eabba49481ec756c8c255300f49f1a400c6b062845e15a44d3b31d42d2671f5b280603c1d9b85a62167b3c9c5e4128aeaa53d3bd804bd503438ee76154d4f7de34cc2602741052965f1703c94be0f84e62c50c7e0390967a764bfab944e1f5ad2000762822feccef449e2e7f218ed7c83cbff010b637e541aca02bd851021cb71c0b25cf41d6491f0f0d3582bdec5e12a0ede63ec8340d5a62862df72c83dbf20db68a2974ff7195bc18d985644c6370b92faee4004aa8a4012aac02a2e7f2d6dae7044f22bb9e6a1e02274e1ee911234f33babb6196bcc15297705152964b9d5772ac2fab55501aa7879b29311396c7e906dc71ca0fe22181ab3739c4c01b302629ec47f12081ececc1605c0d200a9aff639cafc51c2f5939624e3ee9dc7fd66c8f0b17725722461a5fcade1ac1d1ee719eedc5da332b10252e493da185b7866faabb60eba9972535832510c6fc4c4c2439c686ef1bf044f0615ebf3d49073b33630f54648df8b3f09676cf5c2edc441e35056764b5978097041f6d0943dc53987a33c3b2aec5609efd96d8e63590a926fbc0393d9b39ffa9a4c191aeea795a2bbe4d9fb549bcedc21fe292b4efbfa4691b542087aee04326dd33f5bf624c7889676d93f4b554cfb8acdb2925867f790a96f5307751d1c872632707d56c8af882a32c912d5e8e25d5c07ecd4b0e256bddc7f42cf4ee6c8786113b254b68237cc7eaffe53b9d5b09bbf50d976c10ed4be3262af42adf64e5e65d293d2f796be274d07687d3e671ec725b2ec4b21dbd553bde1947639e16354165dbf8bb76817c72a6c0f879967197f66381c553aa3fc1b5bbabf3c0cef9b776c06d77d49c012707d8de586364887c6a5372534e478903a6499b5545bed2cc671dd949366b8a044a2206df2fbf17ae0bd3906dbe21f276a77c37b41f97b208ef866eebbdde13d5755cfe345990218906ad6e1d82a738ec1f283c41205bc43339bcd92774aa8cefa4df33872f448e34d1554c5584873a7938898823cbe9f7016fe4753c3b423d8b8420564706b060e0c5a7e5d4e4238f2bd668e1e4c52ab8e0bbf3c7ab5126f0331267e1792c668428a05fa6af61aed8ec9c76cef03fe4315c3467f7b08f5ef7c822f7654dbfc94982f80d9b381630acbb162f8be81e80a7d473f2ac715b0dbb14d7d80dc49cb3b8cdbcec9f0d0c423e7a835f189b085bb803433dad46857eda55fba1f3ad1452bbd688e72c6a97df26f08aa478936492bdb1eea8825c2fce2df592a1510dac6804ed1c31fbf41b0859fb9327e7e1024adf3cdc450141f375a8522162ed135da6bce78c149735e7fa2a381f4bd3ed5049d521fa656c9b5689d27c4f2e8c90df190fc4c9a07c254650ee9b24ba46a83cb6d52538f0c245a950ead2f36c4d3ac2814a960f06bd5b71cbeb6487446983d240b01a85874994bf6d7daaea23f8973e72187b009e867c8b10cb594e768869181cb9aaf5e4555611be276253fa0ac3b584a3f9f90f912d46fed7f25f2827ec9f9181cbe62f1560a491392f5e42b0a9369cb68d94f2cff77f806988dccbf4f2b3094b3edee801da653fcf066573345428536573f850d5095772babd7c16a62e8c89489233a2244be403c19bc1012c5c89e67f300d0d7d4469dd1359d3bbf8b4abc29d5642e83aa76aac74dc926420617783e2d5a06e1a64ec23376e0ddd66bde2575e33a7e98c6bc1e9113210ed944751d8c64f757cb8aae2ef9d88b5da73c25fa1e576d2a2f9b280d05528bd2b8966674464d0f8d95e70779bc7925f2b105cd2748a3a1c7df26b3985a150b17588b31403d9c6c7e394dc3bf8499cd3166518e2f2b55227d9c60b1707f0603881fdb7bd96418af04249d9dd4c275ffbdc2dc6adbc9613de7e3bcc6f748a5c22a56f3ead00725773dbf4099423cd0f88402785d3ef8d72716c9e211e7fb38be0be3521693721eb9e859763794e2c5b7d3473643869bf99ebe01154584f3aedb4e15455e7d60c40afceda4a8c80bee7cb4ce94add31baf332b98ed84214e1fb21d170957864905a32d1f546f9a917082bbb0f28cd3f8726034da4afd3c6892300017a8b10ae3dd72ad454244af8d9abd6998108da0f8aa4f7f7d8e87910d5303a06e8203a649ef1b8cea704baeacbe850a51c9bb1468131260a2b51e61ffdf8f53c3e7e039f5c165ea3a3da5563bdb09c9562e8fcf935c42c248efb661e6498bb5fb74431f2b77ef2a3ff1c5bf5a3152a8f3a2a6e92bb8a7bb297e33ac82f2abc3916e057f842951a9bc9ad984ae901a09c39418f5d1b07debd60b36711cea73380d76607fc6a9e1107d92931d9c9020279274d3e12d227dfe3dba91190b0805587f838f8dc63b8998d1d585320418a05ecddf3e77991e26fb53f7eebb5a01d2a8bf62fe793cf5ff5f2a10e58bbadceb726d4339eb3a37f3234ac6a76b8af8c7b600f278c22b37f76d8470c129e740539a6300704593061895f1048380c94aabd02e61aef593f97a2653c32c59c6aa8fc22cb93e2d7bae1e9e37611a13fb76e5c7116841f941c219f306f07752d8e0bc65bea20c561d303ffeb1f65b37695de9e20ecb4b1b338ab40e4df71db03971a733f2206f617699a21fc668feca12e6040a3e5a17ec373b463da330f8f025a8e45dc85f954d2326f030cf7032349abaa87394f5d555923d2eb7399acbbb0aea1bd98a9ca58bd4e9267d702f031224a0193f020e4e38fadd27a19bdb8f548f0ac6c735ea5e59ef03226d5597cccdd8c743f751b7af459c105be63bec3a2a8c5385d4201ca0f751630cc9413bf7e1c478e7cfc583d6ac0af31f4d9a825b8a3042cb0fed447913bccaf6f983caf5b4d7c28f69dfc17dd00a9e0305399acc8e6e45ff7965dc35caa5c6241313d8e57b7879c8a7cb833f88321edb3ef2a6fbac837e3195ba9d3c396ca2f6f43d042ce0e408e1d30d6facf0348fdd8540f6a5e9d126c682f29b6c44c5820a319dd4882b033c1215b5f5c7b85191268c901116aa8997f155d3f96e7f00499ce8f3c292f8cfb4fba844a9988b0e88112a6d74c66e0fa383ffa124c468b2d4ff77a7effbb104959f164dcdbbd102c414666f36ee5e4476480ce2a9f87af1a2995020cf8712463bce57353a69e38240addf082e1c7b5ef3d0068c69ad81f61afc32f2725d5714ff8b934b809c67a03274895bd5599471e4a07a44996504cf87f15c072b9c6792369a4a927dd13f4e4662c7ce08fcfacd78205c481e3916ee309956fd2755279041edbfdb635571c0a4264e23f863a05764ec36ea056e79bf264126059a1286a44a3431883360677164107a65fe2d142038a344d37db540f64c25cf89c4776e347df6f4e3a191003e40a95ef5c92d4ed692ff3ecff4234266702f5dedab2412216f5f02bd15f3af411a3da2d96a146ad88b1aba4a51ffb5bc4e86c321c9ac2fcbf98691caed40f8f366e34d6ec59f3423abc89237bd2f316aa5e3dace6d01014448818667fa952fb537e03c8119bfacba2b9997b7cb888d0973707c4f3a63b635066665fb61bf3fbf25d235ccbd2d674130d9152ff00b7050c6b0e5b85fe77e348a24a38992d260e1f6298d3796802b7158fed035f0d6c04371b3b75f9bd6d5c111707213f763d6", 0x1000}, {&(0x7f0000002c80)="d5433752e27a16160ddb7c5aa7d4cc6d688a1bda27193f", 0x17}, {&(0x7f0000002cc0)="c0b1796cde73dca8602443c8705a227601471c32685d93445ab304d7afa18206514ebfdefa525f6a5552e6b433f65bd0186c36c76253bc36db44a5c89f39cbc20e7c556142ae2104e957a79052041aa0fa4f5f51380f7aa6064bf973b95f282af74233459ad3c7b9c7b27e55917b792d3732057bfd978021f6f0a37136c17e88fe7580c3903174ebe5188b99359d5580d57996785120d3ff14118e61b5d3dd40505697151a9edef115a9725ab8060789c0ca7114bf9c7925c7", 0xb9}], 0x4}, 0x40)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002e00)=0xffffffffffffffff, 0x4)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002e40)={0x1b, 0x0, 0x0, 0x7ff, 0x0, r9, 0x2f, '\x00', r7, r12, 0x5, 0x5, 0x4}, 0x50)
r14 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002f40)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000002ec0)={0x0, 0x80, 0x9, 0x7, 0x81, 0x9, 0x0, 0x8, 0x2000, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2, 0x9}, 0x201, 0xc, 0x0, 0x0, 0x8, 0x2a, 0x6, 0x0, 0x7, 0x0, 0x7fff}, r14, 0xd, r4, 0x0)
r15 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000002f80)={r6, 0x7, 0x18}, 0xc)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002fc0)={0x2, 0x4, 0x8, 0x1, 0x80, r15, 0x9, '\x00', r7, 0xffffffffffffffff, 0x0, 0x2, 0x2}, 0x50)
r17 = openat$cgroup_subtree(r10, &(0x7f0000003040), 0x2, 0x0)
write$cgroup_subtree(r17, &(0x7f0000003080)={[{0x2d, 'cpuset'}, {0x2d, 'cpuacct'}, {0x2d, 'memory'}, {0x2b, 'net_prio'}, {0x2d, 'rdma'}]}, 0x29)
r18 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000003280)={0x1b, 0x0, 0x0, 0xffffffff, 0x0, r15, 0x4, '\x00', r7, r12, 0x4, 0x0, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000033c0)={0x6, 0x1, &(0x7f00000030c0)=@raw=[@generic={0x6, 0x0, 0x3, 0x8, 0x3}], &(0x7f0000003100)='syzkaller\x00', 0x0, 0x8f, &(0x7f0000003140)=""/143, 0xdcfd3ccf3c933056, 0x40, '\x00', r7, 0x25, r12, 0x8, &(0x7f0000003200)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000003240)={0x3, 0x2, 0x6, 0x7f}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000003300)=[r18, r13, r11, r16, r16, r9], &(0x7f0000003340)=[{0x2, 0xa, 0x0, 0x8}, {0x5, 0x5, 0xb, 0x4}, {0x2, 0x4, 0x6}, {0x2, 0x2, 0x3, 0x8}, {0x4, 0x5, 0x10, 0x6}], 0x10, 0xe36e}, 0x94)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000003480))
r19 = openat$cgroup_procs(r14, &(0x7f00000034c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r19, &(0x7f0000003500)=r2, 0x12)
r20 = bpf$ITER_CREATE(0x21, &(0x7f0000003540)={r0}, 0x8)
ioctl$TUNSETOFFLOAD(r20, 0x400454d0, 0x4)

389.043441ms ago: executing program 2 (id=2768):
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
close(0x3)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22101, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="fc", 0x1}], 0x1}, 0x20040d4)
sendmsg$kcm(r0, &(0x7f00000062c0)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)="f6", 0x1}], 0x1}, 0x4004045)
close(r0)

229.592499ms ago: executing program 0 (id=2769):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb4212"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f9e0ff008001fffffe1ffff86dd632f0806", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

95.246206ms ago: executing program 1 (id=2770):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f9e0ff008001fffffe1ffff86dd632f0806", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.2676ms ago: executing program 0 (id=2771):
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
close(0x3)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22101, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="fc", 0x1}], 0x1}, 0x20040d4)
sendmsg$kcm(r0, &(0x7f00000062c0)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)="f6", 0x1}], 0x1}, 0x4004045)
close(r0)

0s ago: executing program 2 (id=2772):
r0 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8910, &(0x7f0000000040)={'wlan1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRESDEC=r0, @ANYRES32, @ANYBLOB="000050e10000000000000000000000000000000000000000000000007fa00d82c04e11b68ecbd1383627cea4b0d6c0df944e4afdaa534956f64e020858892c6b019d1f760c5db379d98e86cdfa55138865b1f39fa8d78479d677eb7289ab296c0838529cd18e27c6f182cf5fcd23ed70194c6fc6431cb65d4459c53a297d8353d744b98011e7017bcd8e287335d261ea6deef7e6d52906ae061cc8ae3754d39df1279ee86c2cc0c542f076"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r2}, 0x20) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407ffd, 0xaea}, 0x14105, 0x31, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) (async)
r4 = socket$kcm(0x2, 0x5, 0x84) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
gettid() (async)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x7b, &(0x7f0000000000)=r7, 0x8) (async)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000540)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f00160006000400a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x810) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={r7, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000500)=[0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0], 0x0, 0x109, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0xd5, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000ac0)={0x6, 0x15, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xe3}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000440)='GPL\x00', 0x8, 0x3b, &(0x7f0000000480)=""/59, 0x1f00, 0x6c, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000940)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000980)={0x1, 0xf, 0x8, 0x4}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000a40)=[r1, r3, r1], &(0x7f0000000a80)=[{0x4, 0x5, 0xf, 0x7}], 0x10, 0x8001}, 0x94) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8264, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x367b, 0x8000}, 0x10320, 0x0, 0x8, 0x0, 0x1, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0xde, 0x4, 0x7, 0x9, 0x0, 0x4f, 0xc0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xf6a9, 0x2, @perf_bp={&(0x7f00000000c0), 0x1}, 0x8000, 0x8, 0x80000000, 0x4, 0xc00, 0x83af, 0x8, 0x0, 0xffc00000, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r10, 0xc008240a, &(0x7f0000000200)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
bpf$MAP_CREATE(0x100000000000018, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b40000007f00000000000000", @ANYRES32, @ANYBLOB="001ae100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00 \x00'/28], 0x50) (async)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000140), 0x1}, 0xc54)

kernel console output (not intermixed with test programs):

[  292.398441][ T8401] netlink: 199816 bytes leftover after parsing attributes in process `syz.4.714'.
[  292.502177][ T8410] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.513029][ T8410] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.531065][ T8410] bridge0: entered allmulticast mode
[  293.619782][ T8433] netlink: 60 bytes leftover after parsing attributes in process `syz.2.723'.
[  293.748705][ T8438] netlink: 14 bytes leftover after parsing attributes in process `syz.1.724'.
[  294.378421][ T8450] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.727'.
[  295.018369][ T8463] netlink: 'syz.4.728': attribute type 10 has an invalid length.
[  295.329765][ T8463] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  295.695579][ T8462] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.729'.
[  298.062233][ T8463] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.133046][ T8463] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  298.152510][ T8486] netlink: 6 bytes leftover after parsing attributes in process `syz.0.732'.
[  298.169798][ T8486] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  298.250804][ T6020] bridge0: port 3(team0) entered disabled state
[  298.496289][ T8505] netlink: 60 bytes leftover after parsing attributes in process `syz.2.735'.
[  298.771538][ T8508] netlink: 12 bytes leftover after parsing attributes in process `syz.0.736'.
[  298.912177][ T8517] netlink: 60 bytes leftover after parsing attributes in process `syz.2.746'.
[  299.733245][ T8518] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  301.382606][ T8540] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.742'.
[  302.833135][ T8558] FAULT_INJECTION: forcing a failure.
[  302.833135][ T8558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.885938][ T8558] CPU: 0 PID: 8558 Comm: syz.0.745 Not tainted syzkaller #0
[  302.895267][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  302.906505][ T8558] Call Trace:
[  302.909826][ T8558]  <TASK>
[  302.912888][ T8558]  dump_stack_lvl+0x18c/0x250
[  302.917803][ T8558]  ? show_regs_print_info+0x20/0x20
[  302.923424][ T8558]  ? load_image+0x400/0x400
[  302.928101][ T8558]  ? __lock_acquire+0x7d40/0x7d40
[  302.933349][ T8558]  ? snprintf+0xe9/0x140
[  302.937811][ T8558]  should_fail_ex+0x39d/0x4d0
[  302.942630][ T8558]  _copy_to_user+0x2f/0xa0
[  302.947378][ T8558]  simple_read_from_buffer+0xe7/0x150
[  302.952891][ T8558]  proc_fail_nth_read+0x1e8/0x260
[  302.958400][ T8558]  ? proc_fault_inject_write+0x360/0x360
[  302.964159][ T8558]  ? fsnotify_perm+0x271/0x5e0
[  302.969047][ T8558]  ? proc_fault_inject_write+0x360/0x360
[  302.975351][ T8558]  vfs_read+0x28b/0x970
[  302.979741][ T8558]  ? kernel_read+0x1e0/0x1e0
[  302.984372][ T8558]  ? __fget_files+0x28/0x4b0
[  302.989059][ T8558]  ? __fget_files+0x28/0x4b0
[  302.993708][ T8558]  ? __fget_files+0x43d/0x4b0
[  302.998606][ T8558]  ? __fdget_pos+0x2a3/0x330
[  303.003500][ T8558]  ? ksys_read+0x75/0x260
[  303.007872][ T8558]  ksys_read+0x150/0x260
[  303.012431][ T8558]  ? vfs_write+0x990/0x990
[  303.016978][ T8558]  ? lockdep_hardirqs_on+0x98/0x150
[  303.022225][ T8558]  do_syscall_64+0x55/0xa0
[  303.026877][ T8558]  ? clear_bhb_loop+0x40/0x90
[  303.031904][ T8558]  ? clear_bhb_loop+0x40/0x90
[  303.037007][ T8558]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  303.043311][ T8558] RIP: 0033:0x7f0ff515cfce
[  303.048046][ T8558] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  303.068821][ T8558] RSP: 002b:00007f0ff5fe8fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.077652][ T8558] RAX: ffffffffffffffda RBX: 00007f0ff5fe96c0 RCX: 00007f0ff515cfce
[  303.086012][ T8558] RDX: 000000000000000f RSI: 00007f0ff5fe90a0 RDI: 000000000000000a
[  303.094278][ T8558] RBP: 00007f0ff5fe9090 R08: 0000000000000000 R09: 0000000000000000
[  303.102642][ T8558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.111250][ T8558] R13: 00007f0ff5416128 R14: 00007f0ff5416090 R15: 00007ffd34b66268
[  303.119644][ T8558]  </TASK>
[  303.463288][ T8562] netlink: 60 bytes leftover after parsing attributes in process `syz.1.749'.
[  303.489180][ T8560] netlink: 'syz.2.748': attribute type 25 has an invalid length.
[  303.527169][ T8560] netlink: 'syz.2.748': attribute type 9 has an invalid length.
[  303.605067][ T8560] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.748'.
[  303.655874][ T8560] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  304.180829][ T8580] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.752'.
[  304.776321][ T8591] netlink: 'syz.4.755': attribute type 10 has an invalid length.
[  304.868371][ T8591] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.917990][ T8594] netlink: 'syz.4.755': attribute type 1 has an invalid length.
[  304.966455][ T8591] bridge_slave_1: left allmulticast mode
[  305.015007][ T8591] bridge_slave_1: left promiscuous mode
[  305.054166][ T8594] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.755'.
[  305.159298][ T8591] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.196933][ T8594] netlink: 1 bytes leftover after parsing attributes in process `syz.4.755'.
[  305.269470][ T8591] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  305.461984][ T8594] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.500461][ T8594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  306.154762][ T8615] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.758'.
[  306.308621][ T8620] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.762'.
[  306.954560][ T8632] netlink: 14 bytes leftover after parsing attributes in process `syz.1.765'.
[  307.228289][ T8639] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.766'.
[  308.203521][ T8642] netlink: 'syz.0.768': attribute type 9 has an invalid length.
[  308.394228][ T8642] netlink: 161688 bytes leftover after parsing attributes in process `syz.0.768'.
[  308.530514][ T8659] netlink: 64 bytes leftover after parsing attributes in process `syz.1.773'.
[  308.639088][ T8660] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.771'.
[  309.239274][ T8658] netlink: 199824 bytes leftover after parsing attributes in process `syz.4.772'.
[  309.403857][ T8673] netlink: 60 bytes leftover after parsing attributes in process `syz.1.774'.
[  310.467992][ T8683] netlink: 14 bytes leftover after parsing attributes in process `syz.2.777'.
[  311.166767][ T8701] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.782'.
[  311.748593][ T8714] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.784'.
[  312.121433][ T8725] __nla_validate_parse: 1 callbacks suppressed
[  312.121451][ T8725] netlink: 60 bytes leftover after parsing attributes in process `syz.2.786'.
[  312.309947][ T8727] FAULT_INJECTION: forcing a failure.
[  312.309947][ T8727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.351039][ T8727] CPU: 1 PID: 8727 Comm: syz.0.787 Not tainted syzkaller #0
[  312.358624][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  312.368990][ T8727] Call Trace:
[  312.372303][ T8727]  <TASK>
[  312.375524][ T8727]  dump_stack_lvl+0x18c/0x250
[  312.380254][ T8727]  ? show_regs_print_info+0x20/0x20
[  312.385694][ T8727]  ? load_image+0x400/0x400
[  312.390519][ T8727]  ? __might_fault+0xaa/0x120
[  312.395517][ T8727]  ? __lock_acquire+0x7d40/0x7d40
[  312.401037][ T8727]  should_fail_ex+0x39d/0x4d0
[  312.406114][ T8727]  _copy_from_user+0x2f/0xe0
[  312.410845][ T8727]  generic_map_update_batch+0x54b/0x810
[  312.416726][ T8727]  ? rcu_read_unlock+0xa0/0xa0
[  312.422160][ T8727]  ? __fdget+0x180/0x210
[  312.426713][ T8727]  ? rcu_read_unlock+0xa0/0xa0
[  312.432144][ T8727]  bpf_map_do_batch+0x3d7/0x610
[  312.437048][ T8727]  __sys_bpf+0x381/0x890
[  312.441347][ T8727]  ? bpf_link_show_fdinfo+0x390/0x390
[  312.446830][ T8727]  ? lock_chain_count+0x20/0x20
[  312.451841][ T8727]  __x64_sys_bpf+0x7c/0x90
[  312.456570][ T8727]  do_syscall_64+0x55/0xa0
[  312.461164][ T8727]  ? clear_bhb_loop+0x40/0x90
[  312.466330][ T8727]  ? clear_bhb_loop+0x40/0x90
[  312.471676][ T8727]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.478103][ T8727] RIP: 0033:0x7f0ff519c799
[  312.483247][ T8727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  312.506664][ T8727] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  312.516125][ T8727] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  312.524593][ T8727] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  312.533152][ T8727] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  312.541258][ T8727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  312.550244][ T8727] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  312.559210][ T8727]  </TASK>
[  313.649442][ T8746] netlink: 64 bytes leftover after parsing attributes in process `syz.0.792'.
[  313.747440][ T8748] netlink: 14 bytes leftover after parsing attributes in process `syz.1.791'.
[  314.037529][ T8754] FAULT_INJECTION: forcing a failure.
[  314.037529][ T8754] name failslab, interval 1, probability 0, space 0, times 0
[  314.104115][ T8754] CPU: 1 PID: 8754 Comm: syz.4.793 Not tainted syzkaller #0
[  314.112024][ T8754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  314.122656][ T8754] Call Trace:
[  314.126070][ T8754]  <TASK>
[  314.129332][ T8754]  dump_stack_lvl+0x18c/0x250
[  314.134516][ T8754]  ? show_regs_print_info+0x20/0x20
[  314.140308][ T8754]  ? load_image+0x400/0x400
[  314.145165][ T8754]  should_fail_ex+0x39d/0x4d0
[  314.150095][ T8754]  should_failslab+0x9/0x20
[  314.154863][ T8754]  slab_pre_alloc_hook+0x59/0x310
[  314.160296][ T8754]  ? find_exception+0x175/0xa30
[  314.165405][ T8754]  kmem_cache_alloc+0x5a/0x2d0
[  314.170312][ T8754]  ? dst_alloc+0x105/0x170
[  314.175007][ T8754]  dst_alloc+0x105/0x170
[  314.179315][ T8754]  ip_route_output_key_hash_rcu+0x14f6/0x2370
[  314.185999][ T8754]  ? ip_route_output_key_hash+0x13d/0x330
[  314.191958][ T8754]  ip_route_output_key_hash+0x1f3/0x330
[  314.197650][ T8754]  ? ip_route_input_rcu+0x30f0/0x30f0
[  314.203267][ T8754]  ? mark_lock+0x94/0x320
[  314.208107][ T8754]  ip_route_output_flow+0x2a/0x150
[  314.213647][ T8754]  sctp_v4_get_dst+0x400/0x1230
[  314.218831][ T8754]  ? sctp_v4_xmit+0xde0/0xde0
[  314.223640][ T8754]  ? rcu_force_quiescent_state+0x230/0x230
[  314.229501][ T8754]  ? dst_release+0x121/0x1a0
[  314.234221][ T8754]  sctp_transport_pmtu+0x12c/0x580
[  314.239388][ T8754]  sctp_transport_route+0x184/0x2c0
[  314.244623][ T8754]  sctp_assoc_add_peer+0x650/0x1390
[  314.249873][ T8754]  sctp_connect_new_asoc+0x323/0x6a0
[  314.255497][ T8754]  ? __sctp_connect+0xd80/0xd80
[  314.260730][ T8754]  ? __local_bh_enable_ip+0x13a/0x1c0
[  314.266227][ T8754]  ? _local_bh_enable+0xa0/0xa0
[  314.271204][ T8754]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  314.277399][ T8754]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  314.283915][ T8754]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  314.289476][ T8754]  ? security_sctp_bind_connect+0x89/0xb0
[  314.295413][ T8754]  sctp_sendmsg+0x1575/0x28c0
[  314.300381][ T8754]  ? sctp_getsockopt+0xb60/0xb60
[  314.305592][ T8754]  ? aa_sk_perm+0x83c/0x970
[  314.310580][ T8754]  ? aa_af_perm+0x330/0x330
[  314.315296][ T8754]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  314.322098][ T8754]  ? sock_rps_record_flow+0x19/0x3f0
[  314.327666][ T8754]  ? inet_sendmsg+0x7c/0x2f0
[  314.332464][ T8754]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  314.338309][ T8754]  ? security_socket_sendmsg+0x80/0xa0
[  314.343974][ T8754]  ? inet_send_prepare+0x260/0x260
[  314.349538][ T8754]  ____sys_sendmsg+0x5ba/0x960
[  314.354486][ T8754]  ? __lock_acquire+0x7d40/0x7d40
[  314.359614][ T8754]  ? __asan_memset+0x22/0x40
[  314.364767][ T8754]  ? __sys_sendmsg_sock+0x30/0x30
[  314.370000][ T8754]  ? __import_iovec+0x5f2/0x850
[  314.375293][ T8754]  ? import_iovec+0x73/0xa0
[  314.380109][ T8754]  ___sys_sendmsg+0x2a6/0x360
[  314.384993][ T8754]  ? get_pid_task+0x20/0x1e0
[  314.389798][ T8754]  ? __sys_sendmsg+0x2a0/0x2a0
[  314.394955][ T8754]  ? __lock_acquire+0x7d40/0x7d40
[  314.400287][ T8754]  __se_sys_sendmsg+0x1c2/0x2b0
[  314.405421][ T8754]  ? __x64_sys_sendmsg+0x80/0x80
[  314.410818][ T8754]  ? lockdep_hardirqs_on+0x98/0x150
[  314.416304][ T8754]  do_syscall_64+0x55/0xa0
[  314.421008][ T8754]  ? clear_bhb_loop+0x40/0x90
[  314.426056][ T8754]  ? clear_bhb_loop+0x40/0x90
[  314.431185][ T8754]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.437530][ T8754] RIP: 0033:0x7fa2f479c799
[  314.442342][ T8754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.462943][ T8754] RSP: 002b:00007fa2f55bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.471643][ T8754] RAX: ffffffffffffffda RBX: 00007fa2f4a15fa0 RCX: 00007fa2f479c799
[  314.479972][ T8754] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  314.488385][ T8754] RBP: 00007fa2f55bb090 R08: 0000000000000000 R09: 0000000000000000
[  314.496543][ T8754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  314.504886][ T8754] R13: 00007fa2f4a16038 R14: 00007fa2f4a15fa0 R15: 00007fff512a79c8
[  314.513240][ T8754]  </TASK>
[  315.034341][ T8764] netlink: 199824 bytes leftover after parsing attributes in process `syz.0.795'.
[  315.651388][ T8791] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.796'.
[  315.673467][ T8793] netlink: 'syz.4.801': attribute type 10 has an invalid length.
[  315.721618][ T8793] netlink: 40 bytes leftover after parsing attributes in process `syz.4.801'.
[  316.580983][ T8812] netlink: 191376 bytes leftover after parsing attributes in process `syz.2.805'.
[  316.653808][ T8814] netlink: 14 bytes leftover after parsing attributes in process `syz.0.804'.
[  317.559938][ T8833] netlink: 'syz.0.808': attribute type 10 has an invalid length.
[  317.586382][ T8833] netlink: 55 bytes leftover after parsing attributes in process `syz.0.808'.
[  317.609989][ T8833] batman_adv: batadv0: Interface deactivated: veth0_vlan
[  317.884648][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  317.900470][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  318.869810][ T8833] batman_adv: batadv0: Removing interface: veth0_vlan
[  319.065420][ T8864] netlink: 14 bytes leftover after parsing attributes in process `syz.1.817'.
[  319.695256][ T8886] netlink: 60 bytes leftover after parsing attributes in process `syz.2.814'.
[  319.796507][ T8885] netlink: 191376 bytes leftover after parsing attributes in process `syz.0.815'.
[  320.171077][ T8890] netlink: 60 bytes leftover after parsing attributes in process `syz.4.816'.
[  321.058723][ T8908] netlink: 14 bytes leftover after parsing attributes in process `syz.0.821'.
[  321.484381][ T8926] netlink: 191376 bytes leftover after parsing attributes in process `syz.4.827'.
[  321.718695][ T8928] netlink: 60 bytes leftover after parsing attributes in process `syz.1.828'.
[  321.764551][ T8930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.829'.
[  322.635554][ T8948] netlink: 60 bytes leftover after parsing attributes in process `syz.1.832'.
[  322.678800][ T8953] netlink: 'syz.0.835': attribute type 6 has an invalid length.
[  322.708602][ T8953] netlink: 168 bytes leftover after parsing attributes in process `syz.0.835'.
[  322.719167][ T8954] netlink: 14 bytes leftover after parsing attributes in process `syz.2.834'.
[  323.492331][ T8960] netlink: 'syz.4.837': attribute type 10 has an invalid length.
[  323.542127][ T8960] team0: Port device dummy0 added
[  323.992431][ T8967] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.839'.
[  324.202250][ T8969] netlink: 60 bytes leftover after parsing attributes in process `syz.1.841'.
[  324.282882][ T8974] netlink: 'syz.4.842': attribute type 2 has an invalid length.
[  324.307211][ T8975] netlink: 'syz.4.842': attribute type 2 has an invalid length.
[  324.381007][ T8976] netlink: 60 bytes leftover after parsing attributes in process `syz.2.840'.
[  324.833827][ T8985] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.844'.
[  324.892840][   T52] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  325.136336][ T8990] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.847'.
[  325.787364][ T9012] netlink: 60 bytes leftover after parsing attributes in process `syz.2.853'.
[  325.824864][ T9010] netlink: 14 bytes leftover after parsing attributes in process `syz.0.852'.
[  326.247295][ T9021] netlink: 'syz.2.856': attribute type 16 has an invalid length.
[  326.340821][ T9021] veth1_macvtap: entered allmulticast mode
[  326.856816][ T9018] dvmrp1: tun_chr_ioctl cmd 1074812118
[  327.589896][ T9031] netlink: 'syz.4.862': attribute type 10 has an invalid length.
[  327.718789][ T9035] __nla_validate_parse: 3 callbacks suppressed
[  327.718829][ T9035] netlink: 14 bytes leftover after parsing attributes in process `syz.1.860'.
[  328.001005][ T9047] netlink: 60 bytes leftover after parsing attributes in process `syz.2.866'.
[  328.298450][ T9042] netlink: 60 bytes leftover after parsing attributes in process `syz.0.865'.
[  328.622467][ T9055] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  328.685082][ T9057] netlink: 14 bytes leftover after parsing attributes in process `syz.0.868'.
[  329.104776][ T9070] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.874'.
[  329.393375][ T9073] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.876'.
[  329.978646][ T9086] netlink: 60 bytes leftover after parsing attributes in process `syz.1.879'.
[  331.118582][ T9105] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.885'.
[  331.133495][ T9107] netlink: 14 bytes leftover after parsing attributes in process `syz.1.886'.
[  331.783666][ T9118] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.890'.
[  332.604417][ T9125] dvmrp1: tun_chr_ioctl cmd 1074812118
[  332.794182][ T9133] netlink: 60 bytes leftover after parsing attributes in process `syz.4.895'.
[  333.635674][ T9135] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.896'.
[  333.928699][ T9145] syz.1.897[9145] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  333.928844][ T9145] syz.1.897[9145] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  334.474729][ T9139] netlink: 180 bytes leftover after parsing attributes in process `syz.1.897'.
[  334.541190][ T9141] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  334.574681][ T9141] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  335.091012][ T9150] netlink: 'syz.1.900': attribute type 21 has an invalid length.
[  335.140003][ T9150] netlink: 'syz.1.900': attribute type 4 has an invalid length.
[  335.710663][ T9161] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.903'.
[  336.106573][ T9166] FAULT_INJECTION: forcing a failure.
[  336.106573][ T9166] name failslab, interval 1, probability 0, space 0, times 0
[  336.167546][ T9166] CPU: 0 PID: 9166 Comm: syz.1.905 Not tainted syzkaller #0
[  336.175501][ T9166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  336.185864][ T9166] Call Trace:
[  336.189262][ T9166]  <TASK>
[  336.192421][ T9166]  dump_stack_lvl+0x18c/0x250
[  336.197578][ T9166]  ? sctp_sendmsg+0x1575/0x28c0
[  336.202739][ T9166]  ? ___sys_sendmsg+0x2a6/0x360
[  336.207897][ T9166]  ? show_regs_print_info+0x20/0x20
[  336.213149][ T9166]  ? load_image+0x400/0x400
[  336.217749][ T9166]  should_fail_ex+0x39d/0x4d0
[  336.222691][ T9166]  should_failslab+0x9/0x20
[  336.227318][ T9166]  slab_pre_alloc_hook+0x59/0x310
[  336.232693][ T9166]  ? sctp_add_bind_addr+0x8c/0x360
[  336.238138][ T9166]  __kmem_cache_alloc_node+0x53/0x250
[  336.243860][ T9166]  ? sctp_add_bind_addr+0x8c/0x360
[  336.249278][ T9166]  kmalloc_trace+0x2a/0xe0
[  336.253853][ T9166]  sctp_add_bind_addr+0x8c/0x360
[  336.259016][ T9166]  sctp_copy_local_addr_list+0x315/0x4f0
[  336.264804][ T9166]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  336.270948][ T9166]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  336.277601][ T9166]  ? sctp_v4_is_any+0x35/0x60
[  336.282418][ T9166]  ? sctp_copy_one_addr+0x8c/0x350
[  336.287672][ T9166]  sctp_bind_addr_copy+0xb3/0x3c0
[  336.292854][ T9166]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  336.299415][ T9166]  sctp_connect_new_asoc+0x2f9/0x6a0
[  336.304949][ T9166]  ? __sctp_connect+0xd80/0xd80
[  336.309944][ T9166]  ? __local_bh_enable_ip+0x13a/0x1c0
[  336.315460][ T9166]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  336.321490][ T9166]  ? security_sctp_bind_connect+0x89/0xb0
[  336.328062][ T9166]  sctp_sendmsg+0x1575/0x28c0
[  336.332981][ T9166]  ? sctp_getsockopt+0xb60/0xb60
[  336.338588][ T9166]  ? aa_sk_perm+0x83c/0x970
[  336.343424][ T9166]  ? aa_af_perm+0x330/0x330
[  336.348227][ T9166]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  336.355482][ T9166]  ? sock_rps_record_flow+0x19/0x3f0
[  336.361099][ T9166]  ? inet_sendmsg+0xe9/0x2f0
[  336.366528][ T9166]  ? inet_send_prepare+0x260/0x260
[  336.372042][ T9166]  ____sys_sendmsg+0x5ba/0x960
[  336.377332][ T9166]  ? __lock_acquire+0x7d40/0x7d40
[  336.382536][ T9166]  ? __asan_memset+0x22/0x40
[  336.387348][ T9166]  ? __sys_sendmsg_sock+0x30/0x30
[  336.392500][ T9166]  ? __import_iovec+0x5f2/0x850
[  336.397499][ T9166]  ? import_iovec+0x73/0xa0
[  336.402325][ T9166]  ___sys_sendmsg+0x2a6/0x360
[  336.407387][ T9166]  ? __sys_sendmsg+0x2a0/0x2a0
[  336.412910][ T9166]  ? trace_call_bpf+0xc3/0x6c0
[  336.418005][ T9166]  __se_sys_sendmsg+0x1c2/0x2b0
[  336.423067][ T9166]  ? __x64_sys_sendmsg+0x80/0x80
[  336.428314][ T9166]  ? lockdep_hardirqs_on+0x98/0x150
[  336.433751][ T9166]  do_syscall_64+0x55/0xa0
[  336.438598][ T9166]  ? clear_bhb_loop+0x40/0x90
[  336.443547][ T9166]  ? clear_bhb_loop+0x40/0x90
[  336.448559][ T9166]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.454708][ T9166] RIP: 0033:0x7f3ae779c799
[  336.459249][ T9166] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.480030][ T9166] RSP: 002b:00007f3ae860a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.488929][ T9166] RAX: ffffffffffffffda RBX: 00007f3ae7a16090 RCX: 00007f3ae779c799
[  336.497364][ T9166] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000015
[  336.505534][ T9166] RBP: 00007f3ae860a090 R08: 0000000000000000 R09: 0000000000000000
[  336.514335][ T9166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  336.522599][ T9166] R13: 00007f3ae7a16128 R14: 00007f3ae7a16090 R15: 00007ffcf9ffaab8
[  336.530879][ T9166]  </TASK>
[  336.658146][ T9173] netlink: 60 bytes leftover after parsing attributes in process `syz.2.906'.
[  337.053299][ T9175] netlink: 14 bytes leftover after parsing attributes in process `syz.4.907'.
[  337.830961][ T9175] team0: Port device dummy0 removed
[  337.929831][ T9185] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.911'.
[  338.142784][ T9190] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.913'.
[  338.178531][ T9190] bridge_slave_1: default FDB implementation only supports local addresses
[  339.460540][ T9201] netlink: 60 bytes leftover after parsing attributes in process `syz.1.916'.
[  339.569649][ T9206] netlink: 132 bytes leftover after parsing attributes in process `syz.0.917'.
[  339.663495][ T9210] netlink: 'syz.0.917': attribute type 12 has an invalid length.
[  339.694157][ T9210] netlink: 132 bytes leftover after parsing attributes in process `syz.0.917'.
[  340.161547][ T9208] netlink: 14 bytes leftover after parsing attributes in process `syz.2.919'.
[  340.841935][ T9223] netlink: 60 bytes leftover after parsing attributes in process `syz.1.923'.
[  341.138827][ T9229] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.924'.
[  342.316576][ T9245] netlink: 60 bytes leftover after parsing attributes in process `syz.1.935'.
[  342.332108][ T9242] netlink: 180 bytes leftover after parsing attributes in process `syz.2.927'.
[  342.365214][ T9246] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  342.395954][ T9246] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  342.446889][ T9239] syz.2.927[9239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  342.461837][ T9239] syz.2.927[9239] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  343.442369][ T9267] __nla_validate_parse: 1 callbacks suppressed
[  343.442390][ T9267] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.938'.
[  344.815764][ T9281] FAULT_INJECTION: forcing a failure.
[  344.815764][ T9281] name failslab, interval 1, probability 0, space 0, times 0
[  344.959156][ T9281] CPU: 0 PID: 9281 Comm: syz.1.941 Not tainted syzkaller #0
[  344.966707][ T9281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  344.977132][ T9281] Call Trace:
[  344.980776][ T9281]  <TASK>
[  344.983753][ T9281]  dump_stack_lvl+0x18c/0x250
[  344.988637][ T9281]  ? sctp_sendmsg+0x1575/0x28c0
[  344.993751][ T9281]  ? ___sys_sendmsg+0x2a6/0x360
[  344.999087][ T9281]  ? show_regs_print_info+0x20/0x20
[  345.004336][ T9281]  ? load_image+0x400/0x400
[  345.009275][ T9281]  should_fail_ex+0x39d/0x4d0
[  345.010118][ T9280] netlink: 60 bytes leftover after parsing attributes in process `syz.4.942'.
[  345.014078][ T9281]  should_failslab+0x9/0x20
[  345.014154][ T9281]  slab_pre_alloc_hook+0x59/0x310
[  345.014187][ T9281]  ? sctp_add_bind_addr+0x8c/0x360
[  345.014210][ T9281]  __kmem_cache_alloc_node+0x53/0x250
[  345.014242][ T9281]  ? sctp_add_bind_addr+0x8c/0x360
[  345.014262][ T9281]  kmalloc_trace+0x2a/0xe0
[  345.054060][ T9281]  sctp_add_bind_addr+0x8c/0x360
[  345.060021][ T9281]  sctp_copy_local_addr_list+0x315/0x4f0
[  345.066973][ T9281]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  345.072852][ T9281]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  345.079331][ T9281]  ? sctp_v6_is_any+0x64/0x70
[  345.084488][ T9281]  ? sctp_copy_one_addr+0x8c/0x350
[  345.090212][ T9281]  sctp_bind_addr_copy+0xb3/0x3c0
[  345.095835][ T9281]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  345.102657][ T9281]  sctp_connect_new_asoc+0x2f9/0x6a0
[  345.108173][ T9281]  ? __sctp_connect+0xd80/0xd80
[  345.113245][ T9281]  ? __local_bh_enable_ip+0x13a/0x1c0
[  345.118873][ T9281]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  345.124840][ T9281]  ? security_sctp_bind_connect+0x89/0xb0
[  345.131061][ T9281]  sctp_sendmsg+0x1575/0x28c0
[  345.136336][ T9281]  ? sctp_getsockopt+0xb60/0xb60
[  345.141429][ T9281]  ? aa_sk_perm+0x83c/0x970
[  345.146190][ T9281]  ? aa_af_perm+0x330/0x330
[  345.150914][ T9281]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  345.157786][ T9281]  ? sock_rps_record_flow+0x19/0x3f0
[  345.163127][ T9281]  ? inet_sendmsg+0xe9/0x2f0
[  345.167944][ T9281]  ? inet_send_prepare+0x260/0x260
[  345.173356][ T9281]  ____sys_sendmsg+0x5ba/0x960
[  345.178336][ T9281]  ? __lock_acquire+0x7d40/0x7d40
[  345.183404][ T9281]  ? __asan_memset+0x22/0x40
[  345.188096][ T9281]  ? __sys_sendmsg_sock+0x30/0x30
[  345.193500][ T9281]  ? __import_iovec+0x5f2/0x850
[  345.198675][ T9281]  ? import_iovec+0x73/0xa0
[  345.203234][ T9281]  ___sys_sendmsg+0x2a6/0x360
[  345.207960][ T9281]  ? __sys_sendmsg+0x2a0/0x2a0
[  345.212879][ T9281]  ? __lock_acquire+0x7d40/0x7d40
[  345.218064][ T9281]  __se_sys_sendmsg+0x1c2/0x2b0
[  345.223127][ T9281]  ? __x64_sys_sendmsg+0x80/0x80
[  345.228747][ T9281]  ? lockdep_hardirqs_on+0x98/0x150
[  345.234435][ T9281]  do_syscall_64+0x55/0xa0
[  345.238980][ T9281]  ? clear_bhb_loop+0x40/0x90
[  345.243874][ T9281]  ? clear_bhb_loop+0x40/0x90
[  345.248647][ T9281]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  345.254858][ T9281] RIP: 0033:0x7f3ae779c799
[  345.259582][ T9281] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  345.280286][ T9281] RSP: 002b:00007f3ae862b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  345.288923][ T9281] RAX: ffffffffffffffda RBX: 00007f3ae7a15fa0 RCX: 00007f3ae779c799
[  345.297193][ T9281] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000004
[  345.305296][ T9281] RBP: 00007f3ae862b090 R08: 0000000000000000 R09: 0000000000000000
[  345.313491][ T9281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  345.321685][ T9281] R13: 00007f3ae7a16038 R14: 00007f3ae7a15fa0 R15: 00007ffcf9ffaab8
[  345.329986][ T9281]  </TASK>
[  345.653583][ T9290] netlink: 60 bytes leftover after parsing attributes in process `syz.1.944'.
[  346.135538][ T9294] netlink: 14 bytes leftover after parsing attributes in process `syz.4.947'.
[  346.643754][ T9309] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.951'.
[  346.667543][ T9294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  346.688902][ T9294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  346.713393][ T9294] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  346.737546][ T9294] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  346.756832][ T9294] bond0 (unregistering): Released all slaves
[  347.225087][ T9311] netlink: 'syz.0.952': attribute type 10 has an invalid length.
[  347.268919][ T9311] netlink: 55 bytes leftover after parsing attributes in process `syz.0.952'.
[  347.681002][ T9311] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  347.784435][ T9311] batman_adv: batadv0: Removing interface: virt_wifi0
[  347.836443][ T9321] netlink: 60 bytes leftover after parsing attributes in process `syz.2.954'.
[  347.846842][ T9322] netlink: 14 bytes leftover after parsing attributes in process `syz.1.962'.
[  348.688261][ T9350] netlink: 60931 bytes leftover after parsing attributes in process `syz.1.961'.
[  348.815491][ T9354] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.963'.
[  349.043592][ T9356] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.964'.
[  349.191107][ T9361] netlink: 60 bytes leftover after parsing attributes in process `syz.2.965'.
[  349.345143][ T9364] syz.0.975: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  349.381685][ T9364] CPU: 1 PID: 9364 Comm: syz.0.975 Not tainted syzkaller #0
[  349.389330][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  349.400168][ T9364] Call Trace:
[  349.403748][ T9364]  <TASK>
[  349.406751][ T9364]  dump_stack_lvl+0x18c/0x250
[  349.411756][ T9364]  ? show_regs_print_info+0x20/0x20
[  349.417022][ T9364]  ? load_image+0x400/0x400
[  349.421897][ T9364]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  349.428601][ T9364]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  349.435702][ T9364]  warn_alloc+0x246/0x340
[  349.440264][ T9364]  ? stack_trace_save+0xaa/0x100
[  349.445610][ T9364]  ? zone_watermark_ok_safe+0x230/0x230
[  349.451403][ T9364]  ? kasan_set_track+0x5f/0x70
[  349.456404][ T9364]  ? kasan_set_track+0x4e/0x70
[  349.461388][ T9364]  ? __kasan_kmalloc+0x8f/0xa0
[  349.466279][ T9364]  ? xsk_init_queue+0xad/0x100
[  349.471259][ T9364]  ? xsk_setsockopt+0x4e5/0x760
[  349.476423][ T9364]  ? do_sock_setsockopt+0x175/0x1a0
[  349.481919][ T9364]  ? __x64_sys_setsockopt+0x182/0x200
[  349.487801][ T9364]  __vmalloc_node_range+0x126/0x1330
[  349.493458][ T9364]  ? free_vm_area+0x50/0x50
[  349.498202][ T9364]  vmalloc_user+0x74/0x80
[  349.503027][ T9364]  ? xskq_create+0xbf/0x170
[  349.507904][ T9364]  xskq_create+0xbf/0x170
[  349.512393][ T9364]  xsk_init_queue+0xad/0x100
[  349.517344][ T9364]  xsk_setsockopt+0x4e5/0x760
[  349.522287][ T9364]  ? xsk_poll+0x680/0x680
[  349.526961][ T9364]  ? __fget_files+0x28/0x4b0
[  349.531887][ T9364]  ? __fget_files+0x28/0x4b0
[  349.536744][ T9364]  ? aa_sock_opt_perm+0x74/0x100
[  349.541920][ T9364]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  349.547795][ T9364]  ? security_socket_setsockopt+0x7e/0xa0
[  349.553577][ T9364]  ? xsk_poll+0x680/0x680
[  349.558146][ T9364]  do_sock_setsockopt+0x175/0x1a0
[  349.563490][ T9364]  ? __fdget+0x180/0x210
[  349.567984][ T9364]  __x64_sys_setsockopt+0x182/0x200
[  349.573428][ T9364]  do_syscall_64+0x55/0xa0
[  349.578085][ T9364]  ? clear_bhb_loop+0x40/0x90
[  349.583228][ T9364]  ? clear_bhb_loop+0x40/0x90
[  349.588239][ T9364]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  349.594351][ T9364] RIP: 0033:0x7f0ff519c799
[  349.598971][ T9364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.619981][ T9364] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  349.628949][ T9364] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  349.637239][ T9364] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[  349.645804][ T9364] RBP: 00007f0ff5232c99 R08: 0000000000000004 R09: 0000000000000000
[  349.654196][ T9364] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  349.662775][ T9364] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  349.671468][ T9364]  </TASK>
[  349.682865][ T9364] Mem-Info:
[  349.686167][ T9364] active_anon:6230 inactive_anon:0 isolated_anon:0
[  349.686167][ T9364]  active_file:16781 inactive_file:40040 isolated_file:0
[  349.686167][ T9364]  unevictable:768 dirty:179 writeback:0
[  349.686167][ T9364]  slab_reclaimable:12697 slab_unreclaimable:108301
[  349.686167][ T9364]  mapped:24643 shmem:1373 pagetables:646
[  349.686167][ T9364]  sec_pagetables:0 bounce:0
[  349.686167][ T9364]  kernel_misc_reclaimable:0
[  349.686167][ T9364]  free:1329508 free_pcp:11766 free_cma:0
[  349.754772][ T9364] Node 0 active_anon:24920kB inactive_anon:0kB active_file:67124kB inactive_file:159956kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98572kB dirty:712kB writeback:0kB shmem:3956kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11124kB pagetables:2484kB sec_pagetables:0kB all_unreclaimable? no
[  349.799766][ T9364] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  349.874766][ T9364] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  349.909552][ T9364] lowmem_reserve[]: 0 2521 2522 2522 2522
[  349.928944][ T9364] Node 0 DMA32 free:1402412kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:24880kB inactive_anon:0kB active_file:67124kB inactive_file:159132kB unevictable:1536kB writepending:712kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:28088kB local_pcp:7800kB free_cma:0kB
[  350.021709][ T9364] lowmem_reserve[]: 0 0 0 0 0
[  350.026840][ T9364] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  350.095160][ T9368] netlink: 'syz.1.967': attribute type 10 has an invalid length.
[  350.101408][ T9364] lowmem_reserve[]: 0 0 0 0 0
[  350.108865][ T9364] Node 1 Normal free:3900252kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19104kB local_pcp:8256kB free_cma:0kB
[  350.144038][ T9368] netlink: 55 bytes leftover after parsing attributes in process `syz.1.967'.
[  350.146498][ T9364] lowmem_reserve[]: 0 0 0 0 0
[  350.163338][ T9364] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  350.179620][ T9364] Node 0 DMA32: 1735*4kB (UM) 970*8kB (UM) 818*16kB (UM) 661*32kB (UM) 409*64kB (UM) 138*128kB (UM) 34*256kB (UME) 5*512kB (ME) 2*1024kB (UM) 3*2048kB (UM) 315*4096kB (M) = 1402476kB
[  350.249428][ T9364] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  350.378427][ T9364] Node 1 Normal: 241*4kB (UME) 53*8kB (UME) 39*16kB (UME) 144*32kB (UME) 36*64kB (UME) 7*128kB (UME) 1*256kB (M) 2*512kB (UE) 2*1024kB (UE) 2*2048kB (UE) 948*4096kB (M) = 3900252kB
[  350.397847][ T9364] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  350.413293][ T9364] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  350.426531][ T9364] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  350.456494][ T9364] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  350.467179][ T9364] 58196 total pagecache pages
[  350.479514][ T9364] 0 pages in swap cache
[  350.484242][ T9364] Free swap  = 124996kB
[  350.489214][ T9364] Total swap = 124996kB
[  350.498553][ T9364] 2097051 pages RAM
[  350.502798][ T9364] 0 pages HighMem/MovableOnly
[  350.506802][ T9379] FAULT_INJECTION: forcing a failure.
[  350.506802][ T9379] name failslab, interval 1, probability 0, space 0, times 0
[  350.508224][ T9364] 416924 pages reserved
[  350.524059][ T9379] CPU: 0 PID: 9379 Comm: syz.2.972 Not tainted syzkaller #0
[  350.534226][ T9379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  350.544656][ T9379] Call Trace:
[  350.548046][ T9379]  <TASK>
[  350.551163][ T9379]  dump_stack_lvl+0x18c/0x250
[  350.556307][ T9379]  ? sctp_sendmsg+0x1575/0x28c0
[  350.561259][ T9379]  ? ___sys_sendmsg+0x2a6/0x360
[  350.566469][ T9379]  ? show_regs_print_info+0x20/0x20
[  350.571772][ T9379]  ? load_image+0x400/0x400
[  350.576749][ T9379]  should_fail_ex+0x39d/0x4d0
[  350.581645][ T9379]  should_failslab+0x9/0x20
[  350.586886][ T9379]  slab_pre_alloc_hook+0x59/0x310
[  350.592298][ T9379]  ? sctp_add_bind_addr+0x8c/0x360
[  350.598121][ T9379]  __kmem_cache_alloc_node+0x53/0x250
[  350.604215][ T9379]  ? sctp_add_bind_addr+0x8c/0x360
[  350.610785][ T9379]  kmalloc_trace+0x2a/0xe0
[  350.615604][ T9379]  sctp_add_bind_addr+0x8c/0x360
[  350.621224][ T9379]  sctp_copy_local_addr_list+0x315/0x4f0
[  350.627771][ T9379]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  350.634119][ T9379]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  350.640846][ T9379]  ? sctp_v4_is_any+0x35/0x60
[  350.646073][ T9379]  ? sctp_copy_one_addr+0x8c/0x350
[  350.651298][ T9379]  sctp_bind_addr_copy+0xb3/0x3c0
[  350.656438][ T9379]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  350.663225][ T9379]  sctp_connect_new_asoc+0x2f9/0x6a0
[  350.668790][ T9379]  ? __sctp_connect+0xd80/0xd80
[  350.674007][ T9379]  ? __local_bh_enable_ip+0x13a/0x1c0
[  350.679394][ T9379]  ? _local_bh_enable+0xa0/0xa0
[  350.684259][ T9379]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  350.690178][ T9379]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  350.696091][ T9379]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  350.702014][ T9379]  ? security_sctp_bind_connect+0x89/0xb0
[  350.708104][ T9379]  sctp_sendmsg+0x1575/0x28c0
[  350.712990][ T9379]  ? sctp_getsockopt+0xb60/0xb60
[  350.718027][ T9379]  ? aa_sk_perm+0x83c/0x970
[  350.723032][ T9379]  ? aa_af_perm+0x330/0x330
[  350.727745][ T9379]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  350.734442][ T9379]  ? sock_rps_record_flow+0x19/0x3f0
[  350.740279][ T9379]  ? inet_sendmsg+0x7c/0x2f0
[  350.745058][ T9379]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  350.750591][ T9379]  ? security_socket_sendmsg+0x80/0xa0
[  350.756584][ T9379]  ? inet_send_prepare+0x260/0x260
[  350.761709][ T9379]  ____sys_sendmsg+0x5ba/0x960
[  350.766604][ T9379]  ? __lock_acquire+0x7d40/0x7d40
[  350.772004][ T9379]  ? __asan_memset+0x22/0x40
[  350.776621][ T9379]  ? __sys_sendmsg_sock+0x30/0x30
[  350.782118][ T9379]  ? __import_iovec+0x5f2/0x850
[  350.788058][ T9379]  ? import_iovec+0x73/0xa0
[  350.793685][ T9379]  ___sys_sendmsg+0x2a6/0x360
[  350.799819][ T9379]  ? get_pid_task+0x20/0x1e0
[  350.805698][ T9379]  ? __sys_sendmsg+0x2a0/0x2a0
[  350.811666][ T9379]  ? __lock_acquire+0x7d40/0x7d40
[  350.817270][ T9379]  __se_sys_sendmsg+0x1c2/0x2b0
[  350.822795][ T9379]  ? __x64_sys_sendmsg+0x80/0x80
[  350.828227][ T9379]  ? lockdep_hardirqs_on+0x98/0x150
[  350.834338][ T9379]  do_syscall_64+0x55/0xa0
[  350.839936][ T9379]  ? clear_bhb_loop+0x40/0x90
[  350.844910][ T9379]  ? clear_bhb_loop+0x40/0x90
[  350.850269][ T9379]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  350.857133][ T9379] RIP: 0033:0x7f1d1d59c799
[  350.862213][ T9379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  350.883157][ T9379] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  350.891859][ T9379] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  350.901265][ T9379] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  350.909700][ T9379] RBP: 00007f1d1e50b090 R08: 0000000000000000 R09: 0000000000000000
[  350.918556][ T9379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  350.926851][ T9379] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  350.935127][ T9379]  </TASK>
[  350.938659][ T9364] 0 pages cma reserved
[  350.960882][ T9368] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  351.059083][ T9368] batman_adv: batadv0: Removing interface: virt_wifi0
[  351.375808][ T9388] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.976'.
[  351.819271][ T9395] netlink: 60 bytes leftover after parsing attributes in process `syz.1.979'.
[  352.808218][ T9417] netlink: 'syz.4.985': attribute type 10 has an invalid length.
[  352.886169][ T9417] netlink: 55 bytes leftover after parsing attributes in process `syz.4.985'.
[  353.238445][ T9419] netlink: 199544 bytes leftover after parsing attributes in process `syz.2.987'.
[  353.434416][ T9412] netlink: 60 bytes leftover after parsing attributes in process `syz.0.993'.
[  353.842144][ T9431] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.990'.
[  353.986436][ T9433] netlink: 60 bytes leftover after parsing attributes in process `syz.1.991'.
[  356.063204][ T9459] netlink: 199544 bytes leftover after parsing attributes in process `syz.2.999'.
[  356.519032][ T9461] netlink: 60 bytes leftover after parsing attributes in process `syz.1.998'.
[  357.717995][ T9479] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1005'.
[  358.091050][ T9489] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1008'.
[  358.106854][ T9485] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1007'.
[  358.558552][ T9500] netlink: 199544 bytes leftover after parsing attributes in process `syz.2.1010'.
[  358.776805][ T9505] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1014'.
[  358.779028][ T9507] netlink: 199824 bytes leftover after parsing attributes in process `syz.4.1013'.
[  360.894240][ T9505] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1014'.
[  361.101357][ T9523] FAULT_INJECTION: forcing a failure.
[  361.101357][ T9523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.123069][ T9523] CPU: 0 PID: 9523 Comm: syz.1.1018 Not tainted syzkaller #0
[  361.130620][ T9523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  361.141124][ T9523] Call Trace:
[  361.144447][ T9523]  <TASK>
[  361.147418][ T9523]  dump_stack_lvl+0x18c/0x250
[  361.152247][ T9523]  ? show_regs_print_info+0x20/0x20
[  361.157667][ T9523]  ? load_image+0x400/0x400
[  361.162302][ T9523]  ? __lock_acquire+0x7d40/0x7d40
[  361.167373][ T9523]  ? snprintf+0xe9/0x140
[  361.171824][ T9523]  should_fail_ex+0x39d/0x4d0
[  361.176561][ T9523]  _copy_to_user+0x2f/0xa0
[  361.181107][ T9523]  simple_read_from_buffer+0xe7/0x150
[  361.186786][ T9523]  proc_fail_nth_read+0x1e8/0x260
[  361.191939][ T9523]  ? proc_fault_inject_write+0x360/0x360
[  361.198155][ T9523]  ? fsnotify_perm+0x271/0x5e0
[  361.203130][ T9523]  ? proc_fault_inject_write+0x360/0x360
[  361.209054][ T9523]  vfs_read+0x28b/0x970
[  361.213341][ T9523]  ? kernel_read+0x1e0/0x1e0
[  361.218138][ T9523]  ? __fget_files+0x28/0x4b0
[  361.222756][ T9523]  ? __fget_files+0x28/0x4b0
[  361.227472][ T9523]  ? __fget_files+0x43d/0x4b0
[  361.232366][ T9523]  ? __fdget_pos+0x2a3/0x330
[  361.237080][ T9523]  ? ksys_read+0x75/0x260
[  361.241545][ T9523]  ksys_read+0x150/0x260
[  361.246272][ T9523]  ? vfs_write+0x990/0x990
[  361.250985][ T9523]  ? lockdep_hardirqs_on+0x98/0x150
[  361.256384][ T9523]  do_syscall_64+0x55/0xa0
[  361.260919][ T9523]  ? clear_bhb_loop+0x40/0x90
[  361.265710][ T9523]  ? clear_bhb_loop+0x40/0x90
[  361.270713][ T9523]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  361.276930][ T9523] RIP: 0033:0x7f3ae775cfce
[  361.281640][ T9523] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  361.302231][ T9523] RSP: 002b:00007f3ae8609fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  361.310941][ T9523] RAX: ffffffffffffffda RBX: 00007f3ae860a6c0 RCX: 00007f3ae775cfce
[  361.319028][ T9523] RDX: 000000000000000f RSI: 00007f3ae860a0a0 RDI: 0000000000000005
[  361.327401][ T9523] RBP: 00007f3ae860a090 R08: 0000000000000000 R09: 0000000000000000
[  361.336028][ T9523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.344655][ T9523] R13: 00007f3ae7a16128 R14: 00007f3ae7a16090 R15: 00007ffcf9ffaab8
[  361.353638][ T9523]  </TASK>
[  361.376293][ T9524] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1020'.
[  361.390052][ T9525] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1019'.
[  361.669700][ T9530] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1021'.
[  362.121229][ T9534] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1022'.
[  362.326133][ T9539] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1023'.
[  362.909182][ T9546] netlink: 'syz.4.1027': attribute type 15 has an invalid length.
[  362.921075][ T9546] netlink: 'syz.4.1027': attribute type 5 has an invalid length.
[  362.929459][ T9546] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1027'.
[  363.101040][ T9553] FAULT_INJECTION: forcing a failure.
[  363.101040][ T9553] name failslab, interval 1, probability 0, space 0, times 0
[  363.147256][ T9553] CPU: 1 PID: 9553 Comm: syz.0.1029 Not tainted syzkaller #0
[  363.154803][ T9553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  363.165003][ T9553] Call Trace:
[  363.168413][ T9553]  <TASK>
[  363.171396][ T9553]  dump_stack_lvl+0x18c/0x250
[  363.176317][ T9553]  ? show_regs_print_info+0x20/0x20
[  363.181629][ T9553]  ? load_image+0x400/0x400
[  363.186245][ T9553]  ? __might_sleep+0xe0/0xe0
[  363.191029][ T9553]  ? __lock_acquire+0x7d40/0x7d40
[  363.196360][ T9553]  should_fail_ex+0x39d/0x4d0
[  363.201150][ T9553]  should_failslab+0x9/0x20
[  363.205857][ T9553]  slab_pre_alloc_hook+0x59/0x310
[  363.210995][ T9553]  kmem_cache_alloc_node+0x60/0x320
[  363.216386][ T9553]  ? __alloc_skb+0x103/0x2c0
[  363.221430][ T9553]  __alloc_skb+0x103/0x2c0
[  363.226072][ T9553]  alloc_skb_with_frags+0xca/0x7b0
[  363.231642][ T9553]  ? __lock_acquire+0x7d40/0x7d40
[  363.236857][ T9553]  ? slab_free_freelist_hook+0x130/0x1a0
[  363.242694][ T9553]  sock_alloc_send_pskb+0x883/0x9a0
[  363.248178][ T9553]  ? sock_kzfree_s+0x50/0x50
[  363.252983][ T9553]  ? __lock_acquire+0x7d40/0x7d40
[  363.258397][ T9553]  ? sk_psock_verdict_data_ready+0x13f/0x520
[  363.264571][ T9553]  ? __receive_sock+0x90/0x90
[  363.269382][ T9553]  ? sk_psock_verdict_data_ready+0x13f/0x520
[  363.275589][ T9553]  ? __receive_sock+0x90/0x90
[  363.280766][ T9553]  ? sk_psock_verdict_data_ready+0x39d/0x520
[  363.286883][ T9553]  unix_stream_sendmsg+0x48b/0xbf0
[  363.292391][ T9553]  ? unix_show_fdinfo+0x270/0x270
[  363.297527][ T9553]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  363.303976][ T9553]  ? aa_sock_msg_perm+0x94/0x150
[  363.309199][ T9553]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  363.314727][ T9553]  ? security_socket_sendmsg+0x80/0xa0
[  363.320471][ T9553]  ? unix_show_fdinfo+0x270/0x270
[  363.325965][ T9553]  ____sys_sendmsg+0x5ba/0x960
[  363.331025][ T9553]  ? __asan_memset+0x22/0x40
[  363.335714][ T9553]  ? __sys_sendmsg_sock+0x30/0x30
[  363.341185][ T9553]  ? __import_iovec+0x5f2/0x850
[  363.346342][ T9553]  ? import_iovec+0x73/0xa0
[  363.351212][ T9553]  ___sys_sendmsg+0x2a6/0x360
[  363.355907][ T9553]  ? get_pid_task+0x20/0x1e0
[  363.360614][ T9553]  ? __sys_sendmsg+0x2a0/0x2a0
[  363.365434][ T9553]  ? __lock_acquire+0x7d40/0x7d40
[  363.370765][ T9553]  __se_sys_sendmsg+0x1c2/0x2b0
[  363.376074][ T9553]  ? __x64_sys_sendmsg+0x80/0x80
[  363.381281][ T9553]  ? lockdep_hardirqs_on+0x98/0x150
[  363.386692][ T9553]  do_syscall_64+0x55/0xa0
[  363.391691][ T9553]  ? clear_bhb_loop+0x40/0x90
[  363.396497][ T9553]  ? clear_bhb_loop+0x40/0x90
[  363.401723][ T9553]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  363.408067][ T9553] RIP: 0033:0x7f0ff519c799
[  363.412582][ T9553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  363.432486][ T9553] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.441023][ T9553] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  363.449099][ T9553] RDX: 0000000000000003 RSI: 0000200000000980 RDI: 0000000000000003
[  363.457535][ T9553] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  363.465785][ T9553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  363.473957][ T9553] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  363.482686][ T9553]  </TASK>
[  363.731396][ T9561] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1031'.
[  364.153578][ T9567] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1035'.
[  364.735447][ T9580] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.1039'.
[  367.996338][ T9611] __nla_validate_parse: 1 callbacks suppressed
[  367.996464][ T9611] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1051'.
[  368.808719][ T9620] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1052'.
[  369.378870][ T9628] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1053'.
[  369.899684][ T9625] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1061'.
[  371.097181][ T9651] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1060'.
[  371.108804][ T9648] bond_slave_1: entered promiscuous mode
[  371.126963][ T9648] bond_slave_1: entered allmulticast mode
[  371.140068][ T9652] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1059'.
[  371.861413][ T9672] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1067'.
[  372.154233][ T9671] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1066'.
[  372.766099][ T9685] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1072'.
[  372.781910][ T9687] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1071'.
[  373.189987][ T9697] __nla_validate_parse: 1 callbacks suppressed
[  373.190006][ T9697] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1073'.
[  373.260619][ T9697] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1073'.
[  373.285081][ T9691] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1073'.
[  373.306958][ T9691] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1073'.
[  373.462834][ T9704] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1078'.
[  374.076156][ T9713] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1081'.
[  374.908521][ T9721] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1083'.
[  375.182679][ T9736] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1087'.
[  375.671509][ T9752] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1094'.
[  376.341845][ T9758] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1095'.
[  376.758619][ T9767] ÿ: renamed from bond_slave_0
[  377.561891][ T9767] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  377.572619][ T9767] CPU: 1 PID: 9767 Comm: syz.2.1099 Not tainted syzkaller #0
[  377.580668][ T9767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  377.591003][ T9767] Call Trace:
[  377.594331][ T9767]  <TASK>
[  377.597392][ T9767]  dump_stack_lvl+0x18c/0x250
[  377.602379][ T9767]  ? show_regs_print_info+0x20/0x20
[  377.608049][ T9767]  ? load_image+0x400/0x400
[  377.612768][ T9767]  sysfs_warn_dup+0x8e/0xa0
[  377.617551][ T9767]  sysfs_do_create_link_sd+0xc0/0x110
[  377.623146][ T9767]  device_add_class_symlinks+0x1cf/0x240
[  377.629009][ T9767]  device_add+0x507/0xc20
[  377.633701][ T9767]  wiphy_register+0x1dad/0x2ae0
[  377.638940][ T9767]  ? cfg80211_event_work+0x40/0x40
[  377.644348][ T9767]  ? minstrel_ht_alloc+0x88a/0x990
[  377.649759][ T9767]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  377.656398][ T9767]  ieee80211_register_hw+0x3464/0x4250
[  377.662418][ T9767]  ? ieee80211_tasklet_handler+0x20/0x20
[  377.668726][ T9767]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  377.675111][ T9767]  ? __debug_object_init+0xec/0x450
[  377.680947][ T9767]  ? __asan_memset+0x22/0x40
[  377.685737][ T9767]  ? __hrtimer_init+0x186/0x270
[  377.690888][ T9767]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  377.696747][ T9767]  ? mac80211_hwsim_free+0x220/0x220
[  377.702260][ T9767]  ? rcu_is_watching+0x15/0xb0
[  377.707630][ T9767]  ? kstrndup+0xbd/0x140
[  377.711987][ T9767]  hwsim_new_radio_nl+0xdc9/0x1a90
[  377.717392][ T9767]  ? __nla_validate+0x50/0x50
[  377.722585][ T9767]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  377.729448][ T9767]  ? __nla_parse+0x40/0x50
[  377.733905][ T9767]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  377.740647][ T9767]  genl_family_rcv_msg_doit+0x211/0x310
[  377.746657][ T9767]  ? end_current_label_crit_section+0x170/0x170
[  377.753194][ T9767]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  377.760084][ T9767]  ? bpf_lsm_capable+0x9/0x10
[  377.765669][ T9767]  ? security_capable+0x89/0xb0
[  377.772732][ T9767]  genl_rcv_msg+0x619/0x7a0
[  377.777555][ T9767]  ? genl_bind+0x360/0x360
[  377.782656][ T9767]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  377.789038][ T9767]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  377.795709][ T9767]  ? ref_tracker_free+0x690/0x840
[  377.801055][ T9767]  netlink_rcv_skb+0x241/0x4d0
[  377.806400][ T9767]  ? genl_bind+0x360/0x360
[  377.811216][ T9767]  ? netlink_ack+0x1180/0x1180
[  377.816289][ T9767]  ? __lock_acquire+0x7d40/0x7d40
[  377.821817][ T9767]  ? down_read+0x1ac/0x2e0
[  377.826990][ T9767]  genl_rcv+0x28/0x40
[  377.831536][ T9767]  netlink_unicast+0x751/0x8d0
[  377.836567][ T9767]  netlink_sendmsg+0x8d0/0xbf0
[  377.841845][ T9767]  ? netlink_getsockopt+0x590/0x590
[  377.849107][ T9767]  ? aa_sock_msg_perm+0x94/0x150
[  377.854629][ T9767]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  377.860519][ T9767]  ? security_socket_sendmsg+0x80/0xa0
[  377.866500][ T9767]  ? netlink_getsockopt+0x590/0x590
[  377.871999][ T9767]  ____sys_sendmsg+0x5ba/0x960
[  377.877162][ T9767]  ? __asan_memset+0x22/0x40
[  377.881892][ T9767]  ? __sys_sendmsg_sock+0x30/0x30
[  377.887066][ T9767]  ? __import_iovec+0x5f2/0x850
[  377.892295][ T9767]  ? import_iovec+0x73/0xa0
[  377.896957][ T9767]  ___sys_sendmsg+0x2a6/0x360
[  377.901871][ T9767]  ? __sys_sendmsg+0x2a0/0x2a0
[  377.906935][ T9767]  ? perf_trace_preemptirq_template+0x269/0x330
[  377.913855][ T9767]  __se_sys_sendmsg+0x1c2/0x2b0
[  377.918909][ T9767]  ? __x64_sys_sendmsg+0x80/0x80
[  377.924172][ T9767]  ? lockdep_hardirqs_on+0x98/0x150
[  377.929417][ T9767]  do_syscall_64+0x55/0xa0
[  377.934037][ T9767]  ? clear_bhb_loop+0x40/0x90
[  377.939163][ T9767]  ? clear_bhb_loop+0x40/0x90
[  377.943860][ T9767]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.950247][ T9767] RIP: 0033:0x7f1d1d59c799
[  377.955173][ T9767] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.976142][ T9767] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.984709][ T9767] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  377.993116][ T9767] RDX: 0000000002000000 RSI: 0000200000000000 RDI: 000000000000000d
[  378.001413][ T9767] RBP: 00007f1d1d632c99 R08: 0000000000000000 R09: 0000000000000000
[  378.009687][ T9767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  378.017773][ T9767] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  378.026051][ T9767]  </TASK>
[  378.194170][ T9783] netlink: 'syz.4.1104': attribute type 21 has an invalid length.
[  378.245233][ T9783] __nla_validate_parse: 2 callbacks suppressed
[  378.245272][ T9783] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1104'.
[  378.298301][ T9784] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1104'.
[  378.388159][ T9786] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1105'.
[  378.586004][ T9793] netlink: 'syz.1.1115': attribute type 5 has an invalid length.
[  378.603234][ T9793] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1115'.
[  378.784653][ T9792] delete_channel: no stack
[  379.349789][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  379.356780][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  379.984191][ T9806] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1110'.
[  380.516411][ T9815] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1113'.
[  380.566736][ T9817] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1114'.
[  381.102626][ T9832] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1121'.
[  381.666541][ T9835] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1130'.
[  382.058061][ T9847] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1124'.
[  382.194915][ T9855] netlink: 'syz.0.1127': attribute type 11 has an invalid length.
[  383.568609][ T9880] __nla_validate_parse: 2 callbacks suppressed
[  383.568633][ T9880] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1133'.
[  384.535646][ T9889] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1138'.
[  385.210853][ T9909] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1143'.
[  385.303555][ T9910] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1152'.
[  386.461678][ T9926] netlink: 'syz.0.1151': attribute type 10 has an invalid length.
[  386.509787][ T5775] Bluetooth: hci4: command 0x0406 tx timeout
[  386.749893][ T9933] netlink: 'syz.4.1154': attribute type 10 has an invalid length.
[  386.758614][ T9933] hsr_slave_0: left promiscuous mode
[  386.778482][ T9933] hsr_slave_1: left promiscuous mode
[  387.146838][ T9941] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1157'.
[  388.137859][ T9946] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1159'.
[  388.371061][ T9953] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1169'.
[  389.380386][ T9967] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1166'.
[  390.254296][ T9976] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1168'.
[  390.698690][ T9986] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1172'.
[  390.735614][ T9989] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1173'.
[  391.490671][T10010] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1179'.
[  391.878189][T10005] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1181'.
[  392.012756][T10000] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1179'.
[  392.229719][T10015] netlink: 199816 bytes leftover after parsing attributes in process `syz.4.1183'.
[  392.375464][T10025] FAULT_INJECTION: forcing a failure.
[  392.375464][T10025] name failslab, interval 1, probability 0, space 0, times 0
[  392.424638][T10025] CPU: 1 PID: 10025 Comm: syz.0.1185 Not tainted syzkaller #0
[  392.432729][T10025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  392.443978][T10025] Call Trace:
[  392.447589][T10025]  <TASK>
[  392.450740][T10025]  dump_stack_lvl+0x18c/0x250
[  392.456006][T10025]  ? show_regs_print_info+0x20/0x20
[  392.461467][T10025]  ? load_image+0x400/0x400
[  392.466825][T10025]  ? __might_sleep+0xe0/0xe0
[  392.471542][T10025]  ? __lock_acquire+0x7d40/0x7d40
[  392.476868][T10025]  ? __se_sys_sendmsg+0x1c2/0x2b0
[  392.481931][T10025]  should_fail_ex+0x39d/0x4d0
[  392.486831][T10025]  should_failslab+0x9/0x20
[  392.491813][T10025]  slab_pre_alloc_hook+0x59/0x310
[  392.495926][T10019] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1184'.
[  392.497062][T10025]  ? sctp_datamsg_from_user+0x88/0xee0
[  392.497141][T10025]  __kmem_cache_alloc_node+0x53/0x250
[  392.497174][T10025]  ? sctp_datamsg_from_user+0x88/0xee0
[  392.497199][T10025]  kmalloc_trace+0x2a/0xe0
[  392.497229][T10025]  sctp_datamsg_from_user+0x88/0xee0
[  392.497255][T10025]  ? __sk_mem_raise_allocated+0xa29/0x1340
[  392.497292][T10025]  ? sctp_primitive_ASSOCIATE+0x95/0xc0
[  392.497326][T10025]  sctp_sendmsg_to_asoc+0x107f/0x1830
[  392.497350][T10025]  ? __asan_memcpy+0x40/0x70
[  392.497384][T10025]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  392.497425][T10025]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  392.497451][T10025]  ? __sctp_connect+0xd80/0xd80
[  392.497477][T10025]  ? __local_bh_enable_ip+0x13a/0x1c0
[  392.497499][T10025]  ? _local_bh_enable+0xa0/0xa0
[  392.497518][T10025]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  392.497538][T10025]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  392.497561][T10025]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  392.497585][T10025]  ? security_sctp_bind_connect+0x89/0xb0
[  392.497615][T10025]  sctp_sendmsg+0x1b83/0x28c0
[  392.497651][T10025]  ? sctp_getsockopt+0xb60/0xb60
[  392.497673][T10025]  ? aa_sk_perm+0x83c/0x970
[  392.497712][T10025]  ? aa_af_perm+0x330/0x330
[  392.497737][T10025]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  392.497763][T10025]  ? sock_rps_record_flow+0x19/0x3f0
[  392.497791][T10025]  ? inet_sendmsg+0x7c/0x2f0
[  392.497811][T10025]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  392.497833][T10025]  ? security_socket_sendmsg+0x80/0xa0
[  392.497853][T10025]  ? inet_send_prepare+0x260/0x260
[  392.497878][T10025]  ____sys_sendmsg+0x5ba/0x960
[  392.497898][T10025]  ? __lock_acquire+0x7d40/0x7d40
[  392.497927][T10025]  ? __asan_memset+0x22/0x40
[  392.497952][T10025]  ? __sys_sendmsg_sock+0x30/0x30
[  392.497970][T10025]  ? __import_iovec+0x5f2/0x850
[  392.498009][T10025]  ? import_iovec+0x73/0xa0
[  392.498034][T10025]  ___sys_sendmsg+0x2a6/0x360
[  392.498052][T10025]  ? get_pid_task+0x20/0x1e0
[  392.498083][T10025]  ? __sys_sendmsg+0x2a0/0x2a0
[  392.498130][T10025]  ? __lock_acquire+0x7d40/0x7d40
[  392.498186][T10025]  __se_sys_sendmsg+0x1c2/0x2b0
[  392.498209][T10025]  ? __x64_sys_sendmsg+0x80/0x80
[  392.498250][T10025]  ? lockdep_hardirqs_on+0x98/0x150
[  392.498278][T10025]  do_syscall_64+0x55/0xa0
[  392.498304][T10025]  ? clear_bhb_loop+0x40/0x90
[  392.498327][T10025]  ? clear_bhb_loop+0x40/0x90
[  392.498350][T10025]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  392.498372][T10025] RIP: 0033:0x7f0ff519c799
[  392.498393][T10025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  392.498409][T10025] RSP: 002b:00007f0ff5fe9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  392.498433][T10025] RAX: ffffffffffffffda RBX: 00007f0ff5416090 RCX: 00007f0ff519c799
[  392.498449][T10025] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000004
[  392.498469][T10025] RBP: 00007f0ff5fe9090 R08: 0000000000000000 R09: 0000000000000000
[  392.498482][T10025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  392.498495][T10025] R13: 00007f0ff5416128 R14: 00007f0ff5416090 R15: 00007ffd34b66268
[  392.498530][T10025]  </TASK>
[  393.611845][T10043] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1196'.
[  393.728838][T10049] FAULT_INJECTION: forcing a failure.
[  393.728838][T10049] name failslab, interval 1, probability 0, space 0, times 0
[  393.742912][T10049] CPU: 0 PID: 10049 Comm: syz.1.1193 Not tainted syzkaller #0
[  393.750610][T10049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  393.761220][T10049] Call Trace:
[  393.764835][T10049]  <TASK>
[  393.768146][T10049]  dump_stack_lvl+0x18c/0x250
[  393.772959][T10049]  ? show_regs_print_info+0x20/0x20
[  393.778988][T10049]  ? load_image+0x400/0x400
[  393.783858][T10049]  ? __might_sleep+0xe0/0xe0
[  393.788575][T10049]  ? __lock_acquire+0x7d40/0x7d40
[  393.793896][T10049]  ? rcu_is_watching+0x15/0xb0
[  393.798857][T10049]  should_fail_ex+0x39d/0x4d0
[  393.803815][T10049]  should_failslab+0x9/0x20
[  393.808600][T10049]  slab_pre_alloc_hook+0x59/0x310
[  393.813647][T10049]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  393.819849][T10049]  __kmem_cache_alloc_node+0x53/0x250
[  393.825476][T10049]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  393.831668][T10049]  kmalloc_trace+0x2a/0xe0
[  393.836538][T10049]  sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  393.842543][T10049]  sctp_association_new+0x15d3/0x25c0
[  393.848726][T10049]  sctp_connect_new_asoc+0x2de/0x6a0
[  393.854464][T10049]  ? __sctp_connect+0xd80/0xd80
[  393.859412][T10049]  ? __local_bh_enable_ip+0x13a/0x1c0
[  393.864805][T10049]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  393.870541][T10049]  ? security_sctp_bind_connect+0x89/0xb0
[  393.876364][T10049]  sctp_sendmsg+0x1575/0x28c0
[  393.881338][T10049]  ? sctp_getsockopt+0xb60/0xb60
[  393.886291][T10049]  ? aa_sk_perm+0x83c/0x970
[  393.890994][T10049]  ? aa_af_perm+0x330/0x330
[  393.896241][T10049]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  393.903062][T10049]  ? sock_rps_record_flow+0x19/0x3f0
[  393.909193][T10049]  ? inet_sendmsg+0xe9/0x2f0
[  393.914111][T10049]  ? inet_send_prepare+0x260/0x260
[  393.919692][T10049]  ____sys_sendmsg+0x5ba/0x960
[  393.924814][T10049]  ? __asan_memset+0x22/0x40
[  393.929710][T10049]  ? __sys_sendmsg_sock+0x30/0x30
[  393.935684][T10049]  ? __import_iovec+0x3fa/0x850
[  393.941023][T10049]  ? import_iovec+0x73/0xa0
[  393.945632][T10049]  ___sys_sendmsg+0x2a6/0x360
[  393.950441][T10049]  ? __sys_sendmsg+0x2a0/0x2a0
[  393.955572][T10049]  ? trace_call_bpf+0xc3/0x6c0
[  393.960554][T10049]  __se_sys_sendmsg+0x1c2/0x2b0
[  393.965596][T10049]  ? __x64_sys_sendmsg+0x80/0x80
[  393.970937][T10049]  ? lockdep_hardirqs_on+0x98/0x150
[  393.976335][T10049]  do_syscall_64+0x55/0xa0
[  393.980803][T10049]  ? clear_bhb_loop+0x40/0x90
[  393.985589][T10049]  ? clear_bhb_loop+0x40/0x90
[  393.990287][T10049]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  393.996460][T10049] RIP: 0033:0x7f3ae779c799
[  394.000890][T10049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  394.021566][T10049] RSP: 002b:00007f3ae862b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  394.030362][T10049] RAX: ffffffffffffffda RBX: 00007f3ae7a15fa0 RCX: 00007f3ae779c799
[  394.039049][T10049] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  394.047662][T10049] RBP: 00007f3ae862b090 R08: 0000000000000000 R09: 0000000000000000
[  394.056037][T10049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.064632][T10049] R13: 00007f3ae7a16038 R14: 00007f3ae7a15fa0 R15: 00007ffcf9ffaab8
[  394.073075][T10049]  </TASK>
[  394.850144][T10060] __nla_validate_parse: 1 callbacks suppressed
[  394.850166][T10060] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.1195'.
[  395.246352][T10066] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1199'.
[  396.737606][T10088] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1207'.
[  397.253230][T10091] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1208'.
[  397.578893][T10106] netlink: 'syz.2.1214': attribute type 11 has an invalid length.
[  397.605119][T10106] netlink: 184116 bytes leftover after parsing attributes in process `syz.2.1214'.
[  397.665407][T10113] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1212'.
[  398.450300][T10127] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1219'.
[  399.077749][T10136] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1221'.
[  399.772977][T10146] netlink: 'syz.1.1227': attribute type 3 has an invalid length.
[  399.789502][T10146] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1227'.
[  400.109118][T10151] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1228'.
[  400.185776][T10151] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1228'.
[  400.235794][T10149] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1228'.
[  400.416836][T10161] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1231'.
[  401.085216][T10174] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1232'.
[  401.210952][T10176] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1234'.
[  401.684744][T10184] netlink: 'syz.2.1237': attribute type 25 has an invalid length.
[  401.711193][T10184] netlink: 'syz.2.1237': attribute type 29 has an invalid length.
[  401.850212][T10187] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1237'.
[  401.964065][T10187] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1237'.
[  402.166470][T10191] netlink: 'syz.0.1239': attribute type 13 has an invalid length.
[  402.186648][T10191] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1239'.
[  402.225003][T10191] syz_tun: refused to change device tx_queue_len
[  402.663113][T10202] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1242'.
[  403.358592][T10222] raw_sendmsg: syz.2.1250 forgot to set AF_INET. Fix it!
[  403.640056][T10224] netlink: 'syz.4.1251': attribute type 10 has an invalid length.
[  403.663803][T10224] batadv_slave_1: entered promiscuous mode
[  405.203966][T10240] __nla_validate_parse: 8 callbacks suppressed
[  405.204011][T10240] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1255'.
[  405.776942][T10265] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1261'.
[  406.018532][T10266] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1263'.
[  406.908715][T10279] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1264'.
[  406.952897][T10278] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1265'.
[  408.030072][T10284] FAULT_INJECTION: forcing a failure.
[  408.030072][T10284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.103568][T10284] CPU: 1 PID: 10284 Comm: syz.0.1267 Not tainted syzkaller #0
[  408.111407][T10284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  408.121875][T10284] Call Trace:
[  408.125208][T10284]  <TASK>
[  408.128347][T10284]  dump_stack_lvl+0x18c/0x250
[  408.133192][T10284]  ? show_regs_print_info+0x20/0x20
[  408.138730][T10284]  ? load_image+0x400/0x400
[  408.143569][T10284]  ? __might_fault+0xaa/0x120
[  408.148578][T10284]  ? __lock_acquire+0x7d40/0x7d40
[  408.153764][T10284]  should_fail_ex+0x39d/0x4d0
[  408.159305][T10284]  _copy_from_user+0x2f/0xe0
[  408.164307][T10284]  csum_and_copy_from_iter+0x1f3/0x14a0
[  408.170126][T10284]  ? iov_iter_get_pages_alloc2+0xc0/0xc0
[  408.175839][T10284]  ? __kmem_cache_alloc_node+0x13a/0x250
[  408.181821][T10284]  ? __alloc_skb+0x138/0x2c0
[  408.187014][T10284]  ? rcu_is_watching+0x15/0xb0
[  408.192028][T10284]  ip_generic_getfrag+0x163/0x2f0
[  408.197594][T10284]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  408.202622][T10284]  ? skb_put+0x11b/0x210
[  408.207006][T10284]  __ip_append_data+0x2f11/0x3d40
[  408.212261][T10284]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  408.217458][T10284]  ? ip_setup_cork+0x860/0x860
[  408.222404][T10284]  ? ip_setup_cork+0x530/0x860
[  408.227410][T10284]  ip_make_skb+0x22b/0x440
[  408.232315][T10284]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  408.237310][T10284]  ? ip_flush_pending_frames+0x250/0x250
[  408.243410][T10284]  udp_sendmsg+0x1ade/0x23b0
[  408.248096][T10284]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  408.253082][T10284]  ? udp_cmsg_send+0x350/0x350
[  408.257901][T10284]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  408.264192][T10284]  ? lock_chain_count+0x20/0x20
[  408.269287][T10284]  ? inet_sendmsg+0x14b/0x2f0
[  408.274309][T10284]  ? __local_bh_enable_ip+0x13a/0x1c0
[  408.280085][T10284]  ? _local_bh_enable+0xa0/0xa0
[  408.284988][T10284]  ? inet_sendmsg+0x14b/0x2f0
[  408.290022][T10284]  ? inet_sendmsg+0x14b/0x2f0
[  408.295571][T10284]  ? inet_send_prepare+0x260/0x260
[  408.301025][T10284]  ____sys_sendmsg+0x5ba/0x960
[  408.305941][T10284]  ? __lock_acquire+0x7d40/0x7d40
[  408.311123][T10284]  ? __sys_sendmsg_sock+0x30/0x30
[  408.316515][T10284]  ? __import_iovec+0x5f2/0x850
[  408.321465][T10284]  ? import_iovec+0x73/0xa0
[  408.326289][T10284]  ___sys_sendmsg+0x2a6/0x360
[  408.331552][T10284]  ? __sys_sendmsg+0x2a0/0x2a0
[  408.336948][T10284]  ? __lock_acquire+0x7d40/0x7d40
[  408.342210][T10284]  __se_sys_sendmsg+0x1c2/0x2b0
[  408.347480][T10284]  ? __x64_sys_sendmsg+0x80/0x80
[  408.352772][T10284]  ? lockdep_hardirqs_on+0x98/0x150
[  408.358107][T10284]  do_syscall_64+0x55/0xa0
[  408.362832][T10284]  ? clear_bhb_loop+0x40/0x90
[  408.367998][T10284]  ? clear_bhb_loop+0x40/0x90
[  408.373616][T10284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  408.380253][T10284] RIP: 0033:0x7f0ff519c799
[  408.385084][T10284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  408.405593][T10284] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  408.414695][T10284] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  408.422910][T10284] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 0000000000000007
[  408.431191][T10284] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  408.439921][T10284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  408.448377][T10284] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  408.456553][T10284]  </TASK>
[  408.518649][T10282] mac80211_hwsim hwsim85 wlan1: entered promiscuous mode
[  408.551265][T10282] mac80211_hwsim hwsim85 wlan1: entered allmulticast mode
[  409.061311][T10307] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1272'.
[  409.089773][T10308] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1271'.
[  409.819011][T10317] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1275'.
[  410.472600][T10323] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1278'.
[  411.548713][T10343] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1284'.
[  411.640538][T10349] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1285'.
[  412.532503][T10359] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1288'.
[  413.006882][T10372] netlink: 'syz.2.1295': attribute type 3 has an invalid length.
[  413.018958][T10372] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1295'.
[  413.117342][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1296'.
[  413.385926][T10373] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1294'.
[  413.489081][T10378] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1297'.
[  414.756488][T10397] FAULT_INJECTION: forcing a failure.
[  414.756488][T10397] name failslab, interval 1, probability 0, space 0, times 0
[  414.777703][T10397] CPU: 0 PID: 10397 Comm: syz.2.1303 Not tainted syzkaller #0
[  414.786551][T10397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  414.797337][T10397] Call Trace:
[  414.800741][T10397]  <TASK>
[  414.804739][T10397]  dump_stack_lvl+0x18c/0x250
[  414.809554][T10397]  ? show_regs_print_info+0x20/0x20
[  414.815155][T10397]  ? load_image+0x400/0x400
[  414.820227][T10397]  ? slab_post_alloc_hook+0x8a/0x4b0
[  414.826180][T10397]  should_fail_ex+0x39d/0x4d0
[  414.831453][T10397]  should_failslab+0x9/0x20
[  414.837138][T10397]  slab_pre_alloc_hook+0x59/0x310
[  414.842562][T10397]  ? __build_skb_around+0x255/0x3d0
[  414.848060][T10397]  kmem_cache_alloc+0x5a/0x2d0
[  414.853163][T10397]  ? _sctp_make_chunk+0x14e/0x420
[  414.859187][T10397]  _sctp_make_chunk+0x14e/0x420
[  414.864283][T10397]  sctp_make_init_ack+0x97f/0x1500
[  414.869884][T10397]  ? sctp_addto_param+0x200/0x200
[  414.875122][T10397]  ? sctp_add_bind_addr+0x203/0x360
[  414.880361][T10397]  ? sctp_tietags_populate+0x84/0x490
[  414.886127][T10397]  sctp_sf_do_unexpected_init+0xc2c/0x10f0
[  414.892159][T10397]  ? sctp_sf_do_5_2_1_siminit+0x40/0x40
[  414.898481][T10397]  ? verify_lock_unused+0x140/0x140
[  414.904994][T10397]  sctp_do_sm+0x23a/0x5a60
[  414.910166][T10397]  ? rht_unlock+0x1d0/0x1d0
[  414.915263][T10397]  ? mark_lock+0x94/0x320
[  414.920103][T10397]  ? sctp_generate_t3_rtx_event+0x340/0x340
[  414.926561][T10397]  ? read_tsc+0x9/0x20
[  414.931398][T10397]  sctp_assoc_bh_rcv+0x3f2/0x630
[  414.936931][T10397]  sctp_backlog_rcv+0x163/0x370
[  414.942217][T10397]  __release_sock+0x1e5/0x460
[  414.947687][T10397]  release_sock+0x5f/0x1c0
[  414.952643][T10397]  sctp_sendmsg+0x1bd7/0x28c0
[  414.957619][T10397]  ? sctp_getsockopt+0xb60/0xb60
[  414.963042][T10397]  ? aa_sk_perm+0x83c/0x970
[  414.967773][T10397]  ? aa_af_perm+0x330/0x330
[  414.972470][T10397]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  414.979067][T10397]  ? sock_rps_record_flow+0x19/0x3f0
[  414.984473][T10397]  ? inet_sendmsg+0x7c/0x2f0
[  414.989183][T10397]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  414.994592][T10397]  ? security_socket_sendmsg+0x80/0xa0
[  415.000348][T10397]  ? inet_send_prepare+0x260/0x260
[  415.006096][T10397]  ____sys_sendmsg+0x5ba/0x960
[  415.010914][T10397]  ? __lock_acquire+0x7d40/0x7d40
[  415.016049][T10397]  ? __asan_memset+0x22/0x40
[  415.020927][T10397]  ? __sys_sendmsg_sock+0x30/0x30
[  415.026154][T10397]  ? __import_iovec+0x5f2/0x850
[  415.031507][T10397]  ? import_iovec+0x73/0xa0
[  415.036529][T10397]  ___sys_sendmsg+0x2a6/0x360
[  415.041370][T10397]  ? get_pid_task+0x20/0x1e0
[  415.046009][T10397]  ? __sys_sendmsg+0x2a0/0x2a0
[  415.051455][T10397]  ? __lock_acquire+0x7d40/0x7d40
[  415.057235][T10397]  __se_sys_sendmsg+0x1c2/0x2b0
[  415.062378][T10397]  ? __x64_sys_sendmsg+0x80/0x80
[  415.067854][T10397]  ? lockdep_hardirqs_on+0x98/0x150
[  415.073437][T10397]  do_syscall_64+0x55/0xa0
[  415.078757][T10397]  ? clear_bhb_loop+0x40/0x90
[  415.084074][T10397]  ? clear_bhb_loop+0x40/0x90
[  415.090076][T10397]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  415.096529][T10397] RIP: 0033:0x7f1d1d59c799
[  415.101718][T10397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  415.121976][T10397] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  415.130902][T10397] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  415.139365][T10397] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  415.148091][T10397] RBP: 00007f1d1e50b090 R08: 0000000000000000 R09: 0000000000000000
[  415.157528][T10397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  415.166714][T10397] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  415.175532][T10397]  </TASK>
[  415.855882][T10415] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1309'.
[  416.122944][T10410] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1308'.
[  416.621483][T10433] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1312'.
[  416.767254][T10428] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1310'.
[  417.210871][T10439] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.1315'.
[  417.321645][T10439] netlink: zone id is out of range
[  417.376630][T10439] netlink: zone id is out of range
[  417.416742][T10439] netlink: zone id is out of range
[  417.449589][T10439] netlink: zone id is out of range
[  417.565267][T10439] netlink: zone id is out of range
[  417.619517][T10439] netlink: zone id is out of range
[  417.671882][T10439] netlink: zone id is out of range
[  417.679157][T10439] netlink: zone id is out of range
[  417.722396][T10439] netlink: zone id is out of range
[  417.781830][T10439] netlink: zone id is out of range
[  417.892055][T10450] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1318'.
[  418.291983][T10456] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1319'.
[  418.929032][T10475] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1323'.
[  419.051261][T10468] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1323'.
[  419.275544][T10480] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1326'.
[  421.671445][T10529] __nla_validate_parse: 3 callbacks suppressed
[  421.671525][T10529] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1343'.
[  421.931981][T10532] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1344'.
[  423.293598][T10570] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1357'.
[  423.635656][T10575] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1358'.
[  424.210299][T10581] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1368'.
[  424.470634][T10584] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.1360'.
[  424.495539][T10584] net_ratelimit: 672 callbacks suppressed
[  424.495558][T10584] netlink: zone id is out of range
[  424.511985][T10584] netlink: zone id is out of range
[  424.517359][T10584] netlink: zone id is out of range
[  424.526630][T10584] netlink: zone id is out of range
[  424.539145][T10584] netlink: zone id is out of range
[  424.557881][T10584] netlink: zone id is out of range
[  424.647245][T10584] netlink: zone id is out of range
[  424.772418][T10584] netlink: zone id is out of range
[  424.778127][T10584] netlink: zone id is out of range
[  424.783587][T10584] netlink: zone id is out of range
[  425.244437][   T52] Bluetooth: hci1: unexpected event 0x10 length: 15 > 1
[  425.245957][   T52] Bluetooth: hci1: hardware error 0x0f
[  426.581597][T10624] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1371'.
[  427.392323][   T52] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  427.691716][T10632] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.1374'.
[  429.219531][T10651] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1379'.
[  429.423226][T10657] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1383'.
[  430.119135][T10663] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1384'.
[  430.764178][T10669] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1385'.
[  431.377552][T10683] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1389'.
[  431.560012][T10680] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1390'.
[  432.192428][T10697] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1395'.
[  432.664635][T10709] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.1399'.
[  435.807103][T10719] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1402'.
[  435.815323][T10722] netlink: 'syz.1.1403': attribute type 3 has an invalid length.
[  435.875035][T10722] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1403'.
[  435.888402][T10714] netlink: 161044 bytes leftover after parsing attributes in process `syz.0.1400'.
[  436.863400][T10733] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1405'.
[  437.412726][T10743] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1410'.
[  437.614232][T10746] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1408'.
[  437.927187][T10754] netlink: 'syz.4.1413': attribute type 10 has an invalid length.
[  438.153720][T10755] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1414'.
[  438.379152][T10761] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1415'.
[  438.758901][T10761] C: renamed from team_slave_0 (while UP)
[  439.032040][T10761] netlink: 'syz.4.1415': attribute type 1 has an invalid length.
[  439.144888][T10761] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1415'.
[  440.028798][T10775] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1419'.
[  440.774913][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  440.784307][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  440.863418][T10786] __nla_validate_parse: 1 callbacks suppressed
[  440.863440][T10786] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1422'.
[  441.106734][T10795] bond_slave_1: entered promiscuous mode
[  441.138602][T10795] bond_slave_1: entered allmulticast mode
[  441.190556][T10796] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1425'.
[  441.480003][T10800] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1426'.
[  442.785715][T10826] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1432'.
[  443.254624][T10829] netlink: 199816 bytes leftover after parsing attributes in process `syz.4.1434'.
[  443.380524][T10837] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1436'.
[  443.400044][T10837] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1436'.
[  443.421858][T10837] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1436'.
[  443.692053][T10843] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1437'.
[  445.171554][T10867] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1446'.
[  445.657805][T10878] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.231509][T10891] __nla_validate_parse: 1 callbacks suppressed
[  446.231531][T10891] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1457'.
[  446.520939][T10894] netdevsim netdevsim0 ÿÿÿÿÿÿ: renamed from netdevsim0 (while UP)
[  447.970303][T10919] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1459'.
[  448.112406][T10915] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1456'.
[  448.125598][T10914] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1458'.
[  448.185362][T10915] net_ratelimit: 331 callbacks suppressed
[  448.185409][T10915] openvswitch: netlink: Key 32 has unexpected len 3064 expected 2
[  448.273437][T10926] netlink: 'syz.4.1461': attribute type 15 has an invalid length.
[  448.282151][T10926] netlink: 'syz.4.1461': attribute type 7 has an invalid length.
[  448.583225][T10929] bond_slave_1: entered promiscuous mode
[  448.620977][T10929] bond_slave_1: entered allmulticast mode
[  448.682116][T10932] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1463'.
[  448.763870][T10934] netlink: 184 bytes leftover after parsing attributes in process `syz.0.1464'.
[  449.004677][T10938] FAULT_INJECTION: forcing a failure.
[  449.004677][T10938] name failslab, interval 1, probability 0, space 0, times 0
[  449.018010][T10938] CPU: 1 PID: 10938 Comm: syz.2.1466 Not tainted syzkaller #0
[  449.025744][T10938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  449.035934][T10938] Call Trace:
[  449.039444][T10938]  <TASK>
[  449.042603][T10938]  dump_stack_lvl+0x18c/0x250
[  449.047450][T10938]  ? sctp_sendmsg+0x1575/0x28c0
[  449.052626][T10938]  ? ___sys_sendmsg+0x2a6/0x360
[  449.057824][T10938]  ? show_regs_print_info+0x20/0x20
[  449.063134][T10938]  ? load_image+0x400/0x400
[  449.067765][T10938]  should_fail_ex+0x39d/0x4d0
[  449.072673][T10938]  should_failslab+0x9/0x20
[  449.077400][T10938]  slab_pre_alloc_hook+0x59/0x310
[  449.082867][T10938]  ? sctp_add_bind_addr+0x8c/0x360
[  449.088199][T10938]  __kmem_cache_alloc_node+0x53/0x250
[  449.093963][T10938]  ? sctp_add_bind_addr+0x8c/0x360
[  449.099720][T10938]  kmalloc_trace+0x2a/0xe0
[  449.104504][T10938]  sctp_add_bind_addr+0x8c/0x360
[  449.109636][T10938]  sctp_copy_local_addr_list+0x315/0x4f0
[  449.115590][T10938]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  449.121545][T10938]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  449.127914][T10938]  ? sctp_v4_is_any+0x35/0x60
[  449.132695][T10938]  ? sctp_copy_one_addr+0x8c/0x350
[  449.138098][T10938]  sctp_bind_addr_copy+0xb3/0x3c0
[  449.143329][T10938]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  449.150034][T10938]  sctp_connect_new_asoc+0x2f9/0x6a0
[  449.155513][T10938]  ? __sctp_connect+0xd80/0xd80
[  449.160382][T10938]  ? __local_bh_enable_ip+0x13a/0x1c0
[  449.166233][T10938]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  449.171883][T10938]  ? security_sctp_bind_connect+0x89/0xb0
[  449.178104][T10938]  sctp_sendmsg+0x1575/0x28c0
[  449.182824][T10938]  ? sctp_getsockopt+0xb60/0xb60
[  449.187896][T10938]  ? aa_sk_perm+0x83c/0x970
[  449.192560][T10938]  ? aa_af_perm+0x330/0x330
[  449.197271][T10938]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  449.203791][T10938]  ? sock_rps_record_flow+0x19/0x3f0
[  449.209210][T10938]  ? inet_sendmsg+0xe9/0x2f0
[  449.214013][T10938]  ? inet_send_prepare+0x260/0x260
[  449.219432][T10938]  ____sys_sendmsg+0x5ba/0x960
[  449.224232][T10938]  ? __lock_acquire+0x7d40/0x7d40
[  449.229404][T10938]  ? __asan_memset+0x22/0x40
[  449.234444][T10938]  ? __sys_sendmsg_sock+0x30/0x30
[  449.239564][T10938]  ? __import_iovec+0x5f2/0x850
[  449.244527][T10938]  ? import_iovec+0x73/0xa0
[  449.249134][T10938]  ___sys_sendmsg+0x2a6/0x360
[  449.254001][T10938]  ? get_pid_task+0x20/0x1e0
[  449.259118][T10938]  ? __sys_sendmsg+0x2a0/0x2a0
[  449.263922][T10938]  ? __lock_acquire+0x7d40/0x7d40
[  449.269416][T10938]  __se_sys_sendmsg+0x1c2/0x2b0
[  449.274446][T10938]  ? __x64_sys_sendmsg+0x80/0x80
[  449.279509][T10938]  ? lockdep_hardirqs_on+0x98/0x150
[  449.284843][T10938]  do_syscall_64+0x55/0xa0
[  449.289715][T10938]  ? clear_bhb_loop+0x40/0x90
[  449.294576][T10938]  ? clear_bhb_loop+0x40/0x90
[  449.299362][T10938]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  449.305616][T10938] RIP: 0033:0x7f1d1d59c799
[  449.310154][T10938] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  449.330568][T10938] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  449.339440][T10938] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  449.348043][T10938] RDX: 000000000004c0e0 RSI: 00002000000006c0 RDI: 0000000000000003
[  449.356579][T10938] RBP: 00007f1d1e50b090 R08: 0000000000000000 R09: 0000000000000000
[  449.365154][T10938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  449.373749][T10938] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  449.382267][T10938]  </TASK>
[  449.579004][T10941] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  449.593458][T10941] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  450.201196][T10960] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1471'.
[  450.961494][T10975] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1473'.
[  451.218407][T10978] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1475'.
[  451.284637][T10978] openvswitch: netlink: Key 32 has unexpected len 3064 expected 2
[  451.509079][T10976] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.630692][T10982] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1477'.
[  452.497577][T10995] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1480'.
[  452.758157][T10999] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1481'.
[  454.071747][T11012] netlink: 199816 bytes leftover after parsing attributes in process `syz.4.1485'.
[  454.162632][T11011] netlink: 'syz.0.1486': attribute type 1 has an invalid length.
[  454.176320][T11011] netlink: 'syz.0.1486': attribute type 4 has an invalid length.
[  454.185272][T11011] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1486'.
[  454.624966][T11015] delete_channel: no stack
[  454.658539][T11021] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1489'.
[  455.002533][T11030] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1498'.
[  455.448063][T11028] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1490'.
[  455.474649][T11028] openvswitch: netlink: Key 32 has unexpected len 3064 expected 2
[  456.136812][T11046] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1494'.
[  456.268090][T11045] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1495'.
[  456.986863][T11057] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1496'.
[  457.549105][T11051] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1496'.
[  457.558897][T11060] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1499'.
[  458.321489][T11075] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1503'.
[  458.684944][T11085] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1505'.
[  458.988590][T11090] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1508'.
[  459.235673][T11092] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1510'.
[  459.279227][T11094] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1509'.
[  459.876555][T11102] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1513'.
[  459.943294][T11105] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1512'.
[  460.505057][T11120] netlink: 'syz.1.1519': attribute type 21 has an invalid length.
[  461.244458][T11127] netlink: 'syz.1.1520': attribute type 1 has an invalid length.
[  461.889632][T11127] FAULT_INJECTION: forcing a failure.
[  461.889632][T11127] name failslab, interval 1, probability 0, space 0, times 0
[  462.029396][T11127] CPU: 1 PID: 11127 Comm: syz.1.1520 Not tainted syzkaller #0
[  462.037216][T11127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  462.048357][T11127] Call Trace:
[  462.051955][T11127]  <TASK>
[  462.055808][T11127]  dump_stack_lvl+0x18c/0x250
[  462.060986][T11127]  ? show_regs_print_info+0x20/0x20
[  462.066594][T11127]  ? load_image+0x400/0x400
[  462.071617][T11127]  ? verify_lock_unused+0x140/0x140
[  462.076975][T11127]  should_fail_ex+0x39d/0x4d0
[  462.082074][T11127]  should_failslab+0x9/0x20
[  462.087064][T11127]  slab_pre_alloc_hook+0x59/0x310
[  462.092214][T11127]  kmem_cache_alloc+0x5a/0x2d0
[  462.097024][T11127]  ? skb_clone+0x1eb/0x370
[  462.101709][T11127]  skb_clone+0x1eb/0x370
[  462.106285][T11127]  __netlink_deliver_tap+0x41c/0x830
[  462.111978][T11127]  ? netlink_deliver_tap+0x2e/0x1b0
[  462.117392][T11127]  netlink_deliver_tap+0x19c/0x1b0
[  462.123111][T11127]  netlink_sendskb+0x68/0x130
[  462.128163][T11127]  netlink_ack+0xce1/0x1180
[  462.132873][T11127]  ? netlink_dump+0xe50/0xe50
[  462.137841][T11127]  ? ref_tracker_free+0x690/0x840
[  462.143331][T11127]  netlink_rcv_skb+0x2c5/0x4d0
[  462.148384][T11127]  ? genl_bind+0x360/0x360
[  462.152912][T11127]  ? netlink_ack+0x1180/0x1180
[  462.157896][T11127]  ? __lock_acquire+0x7d40/0x7d40
[  462.163214][T11127]  ? down_read+0x1ac/0x2e0
[  462.167822][T11127]  genl_rcv+0x28/0x40
[  462.172012][T11127]  netlink_unicast+0x751/0x8d0
[  462.176887][T11127]  netlink_sendmsg+0x8d0/0xbf0
[  462.182385][T11127]  ? netlink_getsockopt+0x590/0x590
[  462.188137][T11127]  ? aa_sock_msg_perm+0x94/0x150
[  462.193396][T11127]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  462.198795][T11127]  ? security_socket_sendmsg+0x80/0xa0
[  462.204528][T11127]  ? netlink_getsockopt+0x590/0x590
[  462.210011][T11127]  ____sys_sendmsg+0x5ba/0x960
[  462.214879][T11127]  ? __asan_memset+0x22/0x40
[  462.219484][T11127]  ? __sys_sendmsg_sock+0x30/0x30
[  462.224723][T11127]  ? __import_iovec+0x3fa/0x850
[  462.229869][T11127]  ? import_iovec+0x73/0xa0
[  462.234650][T11127]  ___sys_sendmsg+0x2a6/0x360
[  462.239432][T11127]  ? __sys_sendmsg+0x2a0/0x2a0
[  462.244409][T11127]  ? trace_call_bpf+0xc3/0x6c0
[  462.249304][T11127]  __se_sys_sendmsg+0x1c2/0x2b0
[  462.254393][T11127]  ? __x64_sys_sendmsg+0x80/0x80
[  462.259484][T11127]  ? lockdep_hardirqs_on+0x98/0x150
[  462.265319][T11127]  do_syscall_64+0x55/0xa0
[  462.270057][T11127]  ? clear_bhb_loop+0x40/0x90
[  462.275011][T11127]  ? clear_bhb_loop+0x40/0x90
[  462.279801][T11127]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  462.285827][T11127] RIP: 0033:0x7f3ae779c799
[  462.290346][T11127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  462.311199][T11127] RSP: 002b:00007f3ae860a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  462.320246][T11127] RAX: ffffffffffffffda RBX: 00007f3ae7a16090 RCX: 00007f3ae779c799
[  462.328872][T11127] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[  462.337994][T11127] RBP: 00007f3ae860a090 R08: 0000000000000000 R09: 0000000000000000
[  462.346532][T11127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  462.354809][T11127] R13: 00007f3ae7a16128 R14: 00007f3ae7a16090 R15: 00007ffcf9ffaab8
[  462.364061][T11127]  </TASK>
[  463.188673][T11188] __nla_validate_parse: 4 callbacks suppressed
[  463.188694][T11188] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1522'.
[  463.635969][T11191] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1523'.
[  463.712785][T11199] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1525'.
[  463.793294][T11201] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1527'.
[  464.139840][   T52] Bluetooth: hci2: unexpected event 0x05 length: 151 > 4
[  464.676670][T11231] FAULT_INJECTION: forcing a failure.
[  464.676670][T11231] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  464.712314][T11231] CPU: 1 PID: 11231 Comm: syz.0.1534 Not tainted syzkaller #0
[  464.720793][T11231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  464.731184][T11231] Call Trace:
[  464.734607][T11231]  <TASK>
[  464.737752][T11231]  dump_stack_lvl+0x18c/0x250
[  464.742779][T11231]  ? show_regs_print_info+0x20/0x20
[  464.748578][T11231]  ? load_image+0x400/0x400
[  464.753969][T11231]  ? __lock_acquire+0x7d40/0x7d40
[  464.759488][T11231]  should_fail_ex+0x39d/0x4d0
[  464.764675][T11231]  prepare_alloc_pages+0x1e2/0x5f0
[  464.770321][T11231]  __alloc_pages+0x134/0x460
[  464.775759][T11231]  ? zone_statistics+0x170/0x170
[  464.781988][T11231]  ? alloc_pages+0x4dc/0x740
[  464.787202][T11231]  ? do_raw_spin_unlock+0x121/0x230
[  464.792731][T11231]  __get_free_pages+0xc/0x30
[  464.797636][T11231]  kasan_populate_vmalloc_pte+0x35/0x100
[  464.803824][T11231]  __apply_to_page_range+0x860/0xdd0
[  464.809448][T11231]  ? kasan_populate_vmalloc+0x70/0x70
[  464.815138][T11231]  ? apply_to_page_range+0x50/0x50
[  464.816458][T11229] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1535'.
[  464.820672][T11231]  ? do_raw_spin_unlock+0x121/0x230
[  464.820715][T11231]  alloc_vmap_area+0x1d0c/0x1e30
[  464.820766][T11231]  ? vm_map_ram+0xcb0/0xcb0
[  464.820796][T11231]  ? rcu_is_watching+0x15/0xb0
[  464.820826][T11231]  __get_vm_area_node+0x162/0x370
[  464.820861][T11231]  __vmalloc_node_range+0x36e/0x1330
[  464.820887][T11231]  ? sock_hash_alloc+0x261/0x4d0
[  464.820949][T11231]  ? free_vm_area+0x50/0x50
[  464.820977][T11231]  ? bpf_map_area_alloc+0x5e/0x110
[  464.821006][T11231]  ? rcu_is_watching+0x15/0xb0
[  464.821032][T11231]  ? bpf_map_area_alloc+0x5e/0x110
[  464.821062][T11231]  bpf_map_area_alloc+0xf1/0x110
[  464.821089][T11231]  ? sock_hash_alloc+0x261/0x4d0
[  464.900891][T11231]  sock_hash_alloc+0x261/0x4d0
[  464.907797][T11231]  map_create+0x877/0x12f0
[  464.913525][T11231]  ? bpf_lsm_bpf+0x9/0x10
[  464.918269][T11231]  __sys_bpf+0x651/0x890
[  464.922672][T11231]  ? bpf_link_show_fdinfo+0x390/0x390
[  464.928334][T11231]  ? lock_chain_count+0x20/0x20
[  464.933457][T11231]  __x64_sys_bpf+0x7c/0x90
[  464.938196][T11231]  do_syscall_64+0x55/0xa0
[  464.943366][T11231]  ? clear_bhb_loop+0x40/0x90
[  464.948449][T11231]  ? clear_bhb_loop+0x40/0x90
[  464.953342][T11231]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.959624][T11231] RIP: 0033:0x7f0ff519c799
[  464.964249][T11231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.985720][T11231] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  464.995486][T11231] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  465.004569][T11231] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 0000000000000000
[  465.012737][T11231] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  465.020910][T11231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  465.029856][T11231] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  465.038391][T11231]  </TASK>
[  465.270987][T11238] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1538'.
[  465.493211][T11241] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1539'.
[  466.203699][T11259] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1545'.
[  466.671535][T11282] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1551'.
[  466.815261][T11281] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1552'.
[  467.517635][T11298] netlink: 'syz.0.1559': attribute type 13 has an invalid length.
[  467.527281][T11298] syz_tun: refused to change device tx_queue_len
[  467.545691][T11298] netlink: 'syz.0.1559': attribute type 11 has an invalid length.
[  467.727836][T11307] FAULT_INJECTION: forcing a failure.
[  467.727836][T11307] name failslab, interval 1, probability 0, space 0, times 0
[  467.748074][T11307] CPU: 1 PID: 11307 Comm: syz.0.1563 Not tainted syzkaller #0
[  467.756481][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  467.767354][T11307] Call Trace:
[  467.771184][T11307]  <TASK>
[  467.774561][T11307]  dump_stack_lvl+0x18c/0x250
[  467.779901][T11307]  ? sctp_sendmsg+0x1575/0x28c0
[  467.785667][T11307]  ? ___sys_sendmsg+0x2a6/0x360
[  467.790817][T11307]  ? show_regs_print_info+0x20/0x20
[  467.796586][T11307]  ? load_image+0x400/0x400
[  467.801682][T11307]  should_fail_ex+0x39d/0x4d0
[  467.806595][T11307]  should_failslab+0x9/0x20
[  467.811364][T11307]  slab_pre_alloc_hook+0x59/0x310
[  467.816498][T11307]  ? sctp_add_bind_addr+0x8c/0x360
[  467.821797][T11307]  __kmem_cache_alloc_node+0x53/0x250
[  467.827542][T11307]  ? sctp_add_bind_addr+0x8c/0x360
[  467.833017][T11307]  kmalloc_trace+0x2a/0xe0
[  467.837736][T11307]  sctp_add_bind_addr+0x8c/0x360
[  467.845791][T11307]  sctp_copy_local_addr_list+0x315/0x4f0
[  467.853483][T11307]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  467.859526][T11307]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  467.866142][T11307]  ? sctp_v4_is_any+0x35/0x60
[  467.871307][T11307]  ? sctp_copy_one_addr+0x8c/0x350
[  467.876475][T11307]  sctp_bind_addr_copy+0xb3/0x3c0
[  467.881911][T11307]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  467.889043][T11307]  sctp_connect_new_asoc+0x2f9/0x6a0
[  467.894787][T11307]  ? __sctp_connect+0xd80/0xd80
[  467.900479][T11307]  ? __local_bh_enable_ip+0x13a/0x1c0
[  467.906619][T11307]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  467.912900][T11307]  ? security_sctp_bind_connect+0x89/0xb0
[  467.920317][T11307]  sctp_sendmsg+0x1575/0x28c0
[  467.925607][T11307]  ? sctp_getsockopt+0xb60/0xb60
[  467.930758][T11307]  ? aa_sk_perm+0x83c/0x970
[  467.935671][T11307]  ? aa_af_perm+0x330/0x330
[  467.940404][T11307]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  467.946926][T11307]  ? sock_rps_record_flow+0x19/0x3f0
[  467.953038][T11307]  ? inet_sendmsg+0xe9/0x2f0
[  467.957828][T11307]  ? inet_send_prepare+0x260/0x260
[  467.963090][T11307]  ____sys_sendmsg+0x5ba/0x960
[  467.968508][T11307]  ? __lock_acquire+0x7d40/0x7d40
[  467.974378][T11307]  ? __asan_memset+0x22/0x40
[  467.979245][T11307]  ? __sys_sendmsg_sock+0x30/0x30
[  467.985301][T11307]  ? __import_iovec+0x5f2/0x850
[  467.990657][T11307]  ? import_iovec+0x73/0xa0
[  467.995288][T11307]  ___sys_sendmsg+0x2a6/0x360
[  468.000860][T11307]  ? get_pid_task+0x20/0x1e0
[  468.006109][T11307]  ? __sys_sendmsg+0x2a0/0x2a0
[  468.011465][T11307]  ? __lock_acquire+0x7d40/0x7d40
[  468.017003][T11307]  __se_sys_sendmsg+0x1c2/0x2b0
[  468.022139][T11307]  ? __x64_sys_sendmsg+0x80/0x80
[  468.027371][T11307]  ? lockdep_hardirqs_on+0x98/0x150
[  468.032966][T11307]  do_syscall_64+0x55/0xa0
[  468.037864][T11307]  ? clear_bhb_loop+0x40/0x90
[  468.042913][T11307]  ? clear_bhb_loop+0x40/0x90
[  468.047962][T11307]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  468.054234][T11307] RIP: 0033:0x7f0ff519c799
[  468.059018][T11307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  468.082214][T11307] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  468.093730][T11307] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  468.102442][T11307] RDX: 000000000400c881 RSI: 0000200000000140 RDI: 0000000000000003
[  468.110877][T11307] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  468.119406][T11307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  468.128131][T11307] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  468.136978][T11307]  </TASK>
[  468.205288][T11309] __nla_validate_parse: 2 callbacks suppressed
[  468.205317][T11309] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1562'.
[  470.763422][T11328] netlink: 'syz.0.1569': attribute type 10 has an invalid length.
[  470.897317][T11328] bridge0: port 3(team0) entered disabled state
[  470.951715][T11328] team0: left allmulticast mode
[  470.962504][T11328] C: left allmulticast mode
[  470.967511][T11328] team_slave_1: left allmulticast mode
[  470.998539][T11328] team0: left promiscuous mode
[  471.029470][T11328] C: left promiscuous mode
[  471.032890][T11334] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1571'.
[  471.049687][T11328] team_slave_1: left promiscuous mode
[  471.072445][T11328] bridge0: port 3(team0) entered disabled state
[  471.921195][T11331] netlink: 199816 bytes leftover after parsing attributes in process `syz.2.1570'.
[  472.341920][T11351] netlink: 'syz.4.1575': attribute type 11 has an invalid length.
[  472.342461][T11348] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1574'.
[  472.354157][T11351] netlink: 212788 bytes leftover after parsing attributes in process `syz.4.1575'.
[  472.415057][T11353] FAULT_INJECTION: forcing a failure.
[  472.415057][T11353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.457307][T11353] CPU: 0 PID: 11353 Comm: syz.1.1576 Not tainted syzkaller #0
[  472.465471][T11353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  472.475840][T11353] Call Trace:
[  472.479507][T11353]  <TASK>
[  472.482672][T11353]  dump_stack_lvl+0x18c/0x250
[  472.487511][T11353]  ? show_regs_print_info+0x20/0x20
[  472.493055][T11353]  ? load_image+0x400/0x400
[  472.497609][T11353]  ? __might_fault+0xaa/0x120
[  472.502343][T11353]  ? __lock_acquire+0x7d40/0x7d40
[  472.507780][T11353]  should_fail_ex+0x39d/0x4d0
[  472.512858][T11353]  _copy_from_iter+0x1d9/0x12e0
[  472.518079][T11353]  ? __virt_addr_valid+0x18c/0x540
[  472.523855][T11353]  ? __lock_acquire+0x7d40/0x7d40
[  472.529705][T11353]  ? __asan_memcpy+0x40/0x70
[  472.534708][T11353]  ? copyout_mc+0x70/0x70
[  472.539578][T11353]  ? __virt_addr_valid+0x18c/0x540
[  472.545054][T11353]  ? __virt_addr_valid+0x18c/0x540
[  472.550631][T11353]  ? __virt_addr_valid+0x469/0x540
[  472.556703][T11353]  ? __phys_addr_symbol+0x2f/0x70
[  472.562283][T11353]  ? __check_object_size+0x506/0xa20
[  472.567962][T11353]  sctp_user_addto_chunk+0x8f/0x220
[  472.573762][T11353]  sctp_datamsg_from_user+0x741/0xee0
[  472.579547][T11353]  sctp_sendmsg_to_asoc+0x107f/0x1830
[  472.585361][T11353]  ? __asan_memcpy+0x40/0x70
[  472.591114][T11353]  ? sctp_assoc_add_peer+0xcf3/0x1390
[  472.597431][T11353]  ? sctp_sendmsg_check_sflags+0x2d0/0x2d0
[  472.604658][T11353]  ? __sctp_connect+0xd80/0xd80
[  472.610245][T11353]  ? __local_bh_enable_ip+0x13a/0x1c0
[  472.616005][T11353]  ? _local_bh_enable+0xa0/0xa0
[  472.621503][T11353]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  472.627863][T11353]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  472.634298][T11353]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  472.640557][T11353]  ? security_sctp_bind_connect+0x89/0xb0
[  472.647383][T11353]  sctp_sendmsg+0x1b83/0x28c0
[  472.652635][T11353]  ? sctp_getsockopt+0xb60/0xb60
[  472.658107][T11353]  ? aa_sk_perm+0x83c/0x970
[  472.663197][T11353]  ? aa_af_perm+0x330/0x330
[  472.668075][T11353]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  472.675267][T11353]  ? sock_rps_record_flow+0x19/0x3f0
[  472.680919][T11353]  ? inet_sendmsg+0x7c/0x2f0
[  472.686134][T11353]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  472.691824][T11353]  ? security_socket_sendmsg+0x80/0xa0
[  472.697720][T11353]  ? inet_send_prepare+0x260/0x260
[  472.702997][T11353]  ____sys_sendmsg+0x5ba/0x960
[  472.707898][T11353]  ? __lock_acquire+0x7d40/0x7d40
[  472.712948][T11353]  ? __asan_memset+0x22/0x40
[  472.717647][T11353]  ? __sys_sendmsg_sock+0x30/0x30
[  472.722942][T11353]  ? __import_iovec+0x5f2/0x850
[  472.728005][T11353]  ? import_iovec+0x73/0xa0
[  472.732613][T11353]  ___sys_sendmsg+0x2a6/0x360
[  472.737571][T11353]  ? get_pid_task+0x20/0x1e0
[  472.742186][T11353]  ? __sys_sendmsg+0x2a0/0x2a0
[  472.747202][T11353]  ? __lock_acquire+0x7d40/0x7d40
[  472.754362][T11353]  __se_sys_sendmsg+0x1c2/0x2b0
[  472.759499][T11353]  ? __x64_sys_sendmsg+0x80/0x80
[  472.764739][T11353]  ? lockdep_hardirqs_on+0x98/0x150
[  472.770313][T11353]  do_syscall_64+0x55/0xa0
[  472.774872][T11353]  ? clear_bhb_loop+0x40/0x90
[  472.779930][T11353]  ? clear_bhb_loop+0x40/0x90
[  472.784900][T11353]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  472.791205][T11353] RIP: 0033:0x7f3ae779c799
[  472.796248][T11353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  472.816721][T11353] RSP: 002b:00007f3ae862b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  472.826330][T11353] RAX: ffffffffffffffda RBX: 00007f3ae7a15fa0 RCX: 00007f3ae779c799
[  472.835467][T11353] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  472.844242][T11353] RBP: 00007f3ae862b090 R08: 0000000000000000 R09: 0000000000000000
[  472.852743][T11353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  472.861073][T11353] R13: 00007f3ae7a16038 R14: 00007f3ae7a15fa0 R15: 00007ffcf9ffaab8
[  472.869365][T11353]  </TASK>
[  473.179413][T11363] netlink: 14719 bytes leftover after parsing attributes in process `syz.0.1579'.
[  473.296137][T11371] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1580'.
[  473.586310][T11374] netlink: 199816 bytes leftover after parsing attributes in process `syz.0.1582'.
[  474.081120][T11388] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1584'.
[  474.405101][T11387] bridge_slave_0: left allmulticast mode
[  474.420020][T11387] bridge_slave_0: left promiscuous mode
[  474.497196][T11387] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.899042][T11399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1586'.
[  475.012697][T11392] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1585'.
[  475.209554][T11399] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1586'.
[  475.245940][T11402] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1586'.
[  475.398808][T11416] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1592'.
[  475.424223][T11407] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1586'.
[  475.540693][T11415] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1589'.
[  477.060974][T11446] netlink: 'syz.0.1610': attribute type 10 has an invalid length.
[  477.541005][T11450] netlink: 'syz.2.1601': attribute type 10 has an invalid length.
[  477.687151][T11452] tap0: tun_chr_ioctl cmd 1074025677
[  477.727856][T11452] tap0: linktype set to 6
[  478.810457][T11485] netlink: 'syz.1.1613': attribute type 5 has an invalid length.
[  479.034149][T11483] veth1_macvtap: left promiscuous mode
[  479.052112][T11483] macsec0: entered allmulticast mode
[  479.260471][T11488] vlan0: entered promiscuous mode
[  479.271481][T11488] vlan0: entered allmulticast mode
[  479.277302][T11488] veth0_vlan: entered allmulticast mode
[  480.107776][T11503] __nla_validate_parse: 7 callbacks suppressed
[  480.107799][T11503] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1617'.
[  480.593538][T11508] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1615'.
[  480.782927][T11507] netlink: 199816 bytes leftover after parsing attributes in process `syz.1.1618'.
[  481.354028][T11533] netlink: 'syz.0.1627': attribute type 33 has an invalid length.
[  481.384826][T11533] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1627'.
[  481.435871][T11531] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1626'.
[  482.098911][T11547] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1630'.
[  482.266819][T11541] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1630'.
[  482.294445][T11545] tap0: tun_chr_ioctl cmd 1074025677
[  482.307503][T11545] tap0: linktype set to 6
[  482.568639][T11543] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1638'.
[  483.441908][T11564] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1634'.
[  484.354643][T11586] netlink: 'syz.2.1643': attribute type 5 has an invalid length.
[  484.664188][T11593] netlink: 199544 bytes leftover after parsing attributes in process `syz.1.1645'.
[  485.309157][T11606] __nla_validate_parse: 1 callbacks suppressed
[  485.309180][T11606] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1649'.
[  485.618224][T11613] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1656'.
[  485.645684][T11612] tap0: tun_chr_ioctl cmd 1074025677
[  485.676533][T11612] tap0: linktype set to 6
[  485.927373][T11602] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1648'.
[  486.494220][T11633] netlink: 199544 bytes leftover after parsing attributes in process `syz.1.1654'.
[  487.093541][T11644] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1655'.
[  487.339520][T11645] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  487.354429][T11645] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  487.441583][T11641] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1659'.
[  487.470826][T11649] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1661'.
[  487.674598][T11645] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  487.729230][T11654] syz.1.1659[11654] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  487.729561][T11654] syz.1.1659[11654] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  487.826096][T11645] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  487.880172][T11656] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1660'.
[  488.211716][T11667] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1671'.
[  488.629586][T11670] tap0: tun_chr_ioctl cmd 1074025677
[  488.669028][T11670] tap0: linktype set to 6
[  488.794407][T11670] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1664'.
[  488.996527][T11676] netlink: 'syz.4.1666': attribute type 10 has an invalid length.
[  490.419814][T11690] netlink: 'syz.1.1670': attribute type 10 has an invalid length.
[  491.007441][T11712] __nla_validate_parse: 4 callbacks suppressed
[  491.007479][T11712] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1678'.
[  492.410079][T11735] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1683'.
[  493.306464][T11744] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1686'.
[  494.372881][T11764] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1691'.
[  495.173294][T11781] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1696'.
[  496.161847][T11791] FAULT_INJECTION: forcing a failure.
[  496.161847][T11791] name failslab, interval 1, probability 0, space 0, times 0
[  496.178482][T11791] CPU: 0 PID: 11791 Comm: syz.0.1700 Not tainted syzkaller #0
[  496.187255][T11791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  496.199325][T11791] Call Trace:
[  496.202982][T11791]  <TASK>
[  496.206359][T11791]  dump_stack_lvl+0x18c/0x250
[  496.211536][T11791]  ? show_regs_print_info+0x20/0x20
[  496.217636][T11791]  ? load_image+0x400/0x400
[  496.223037][T11791]  ? __might_sleep+0xe0/0xe0
[  496.228239][T11791]  ? __lock_acquire+0x7d40/0x7d40
[  496.234228][T11791]  should_fail_ex+0x39d/0x4d0
[  496.239405][T11791]  should_failslab+0x9/0x20
[  496.244231][T11791]  slab_pre_alloc_hook+0x59/0x310
[  496.249643][T11791]  ? trace_probe_init+0x302/0x410
[  496.254966][T11791]  ? create_local_trace_uprobe+0x3e5/0x6e0
[  496.261623][T11791]  ? create_local_trace_uprobe+0x3e5/0x6e0
[  496.269524][T11791]  __kmem_cache_alloc_node+0x53/0x250
[  496.275922][T11791]  ? __asan_memcpy+0x40/0x70
[  496.281170][T11791]  ? create_local_trace_uprobe+0x3e5/0x6e0
[  496.287717][T11791]  __kmalloc_node_track_caller+0xa2/0x230
[  496.294948][T11791]  kstrdup+0x3b/0x80
[  496.299394][T11791]  create_local_trace_uprobe+0x3e5/0x6e0
[  496.307108][T11791]  ? bpf_get_uprobe_info+0x520/0x520
[  496.313041][T11791]  ? __might_fault+0xaa/0x120
[  496.318426][T11791]  ? _copy_from_user+0xa5/0xe0
[  496.324752][T11791]  perf_uprobe_init+0xf3/0x190
[  496.330402][T11791]  perf_uprobe_event_init+0xe6/0x180
[  496.336533][T11791]  perf_try_init_event+0x12b/0x3c0
[  496.344503][T11791]  perf_event_alloc+0xfa4/0x21b0
[  496.351498][T11791]  ? perf_event_alloc+0xc06/0x21b0
[  496.357946][T11791]  ? find_lively_task_by_vpid+0x19/0x290
[  496.365172][T11791]  __se_sys_perf_event_open+0x740/0x1c50
[  496.372656][T11791]  ? mutex_unlock+0x10/0x10
[  496.380595][T11791]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  496.389118][T11791]  ? lock_chain_count+0x20/0x20
[  496.398149][T11791]  ? lockdep_hardirqs_on+0x98/0x150
[  496.407674][T11791]  ? __x64_sys_perf_event_open+0x20/0xc0
[  496.415834][T11791]  do_syscall_64+0x55/0xa0
[  496.422395][T11791]  ? clear_bhb_loop+0x40/0x90
[  496.430492][T11791]  ? clear_bhb_loop+0x40/0x90
[  496.437983][T11791]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  496.445335][T11791] RIP: 0033:0x7f0ff519c799
[  496.450797][T11791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  496.473363][T11791] RSP: 002b:00007f0ff600a028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  496.482192][T11791] RAX: ffffffffffffffda RBX: 00007f0ff5415fa0 RCX: 00007f0ff519c799
[  496.491232][T11791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  496.500026][T11791] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  496.508998][T11791] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  496.518007][T11791] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  496.526834][T11791]  </TASK>
[  497.749170][T11809] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1706'.
[  498.251445][T11816] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1708'.
[  501.879982][T11848] netlink: 'syz.4.1719': attribute type 39 has an invalid length.
[  502.288330][T11857] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1722'.
[  502.328389][T11856] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1721'.
[  502.430591][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  502.450606][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  503.029504][T11862] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1723'.
[  503.211020][T11866] tap0: tun_chr_ioctl cmd 1074025677
[  503.320126][T11866] tap0: linktype set to 6
[  503.354905][T11867] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1724'.
[  503.689638][T11879] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1728'.
[  504.118896][T11889] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1731'.
[  504.520960][T11892] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1732'.
[  504.566480][T11890] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1730'.
[  504.982092][T11899] netlink: 'syz.1.1733': attribute type 39 has an invalid length.
[  505.259579][T11898] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1734'.
[  505.481164][T11910] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1737'.
[  505.812622][T11915] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1738'.
[  506.491748][T11926] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1742'.
[  506.802789][T11935] tap0: tun_chr_ioctl cmd 1074025677
[  506.808544][T11935] tap0: linktype set to 6
[  506.859967][T11934] netlink: 'syz.4.1744': attribute type 21 has an invalid length.
[  508.188096][T11961] __nla_validate_parse: 3 callbacks suppressed
[  508.188136][T11961] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.1752'.
[  508.516971][T11967] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1754'.
[  509.144851][T11983] tap0: tun_chr_ioctl cmd 1074025677
[  509.177820][T11983] tap0: linktype set to 6
[  509.193508][T11979] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1757'.
[  509.194726][T11982] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1758'.
[  509.612883][T11991] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1759'.
[  509.743686][T11993] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1760'.
[  510.065307][T12001] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1761'.
[  511.104393][   T52] Bluetooth: hci0: ISO packet for unknown connection handle 3
[  511.307412][T12014] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1765'.
[  511.901796][T12035] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1778'.
[  512.056791][T12033] tap0: tun_chr_ioctl cmd 1074025677
[  512.077948][T12033] tap0: linktype set to 6
[  512.137355][T12038] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1770'.
[  513.079590][T12052] netlink: 'syz.4.1774': attribute type 10 has an invalid length.
[  513.717977][T12061] __nla_validate_parse: 3 callbacks suppressed
[  513.717998][T12061] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1776'.
[  514.304766][T12076] tap0: tun_chr_ioctl cmd 1074025677
[  514.319871][T12076] tap0: linktype set to 6
[  514.402214][T12075] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1781'.
[  514.433980][T12077] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1780'.
[  514.525645][T12074] tap0: tun_chr_ioctl cmd 1074025677
[  514.532062][T12074] tap0: linktype set to 6
[  514.724402][T12084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1783'.
[  515.603176][T12095] tap0: tun_chr_ioctl cmd 1074025677
[  515.648522][T12095] tap0: linktype set to 6
[  515.669008][T12097] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1784'.
[  515.724409][T12105] netlink: 'syz.0.1789': attribute type 10 has an invalid length.
[  515.736081][T12105] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1789'.
[  516.317948][T12124] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1792'.
[  516.358576][T12118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1793'.
[  516.387531][T12121] tap0: tun_chr_ioctl cmd 1074025677
[  516.395831][T12121] tap0: linktype set to 6
[  516.409694][T12123] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1794'.
[  516.908960][T12136] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1797'.
[  516.921992][T12136] FAULT_INJECTION: forcing a failure.
[  516.921992][T12136] name failslab, interval 1, probability 0, space 0, times 0
[  516.945117][T12136] CPU: 1 PID: 12136 Comm: syz.2.1797 Not tainted syzkaller #0
[  516.952938][T12136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  516.963299][T12136] Call Trace:
[  516.966963][T12136]  <TASK>
[  516.970098][T12136]  dump_stack_lvl+0x18c/0x250
[  516.975148][T12136]  ? show_regs_print_info+0x20/0x20
[  516.980453][T12136]  ? load_image+0x400/0x400
[  516.985235][T12136]  ? mark_lock+0x94/0x320
[  516.989934][T12136]  should_fail_ex+0x39d/0x4d0
[  516.994811][T12136]  should_failslab+0x9/0x20
[  516.999446][T12136]  slab_pre_alloc_hook+0x59/0x310
[  517.004895][T12136]  ? lockdep_hardirqs_on+0x98/0x150
[  517.010296][T12136]  ? sctp_inet6addr_event+0x37f/0x730
[  517.015951][T12136]  __kmem_cache_alloc_node+0x53/0x250
[  517.021476][T12136]  ? sctp_inet6addr_event+0x37f/0x730
[  517.027046][T12136]  kmalloc_trace+0x2a/0xe0
[  517.031774][T12136]  sctp_inet6addr_event+0x37f/0x730
[  517.037385][T12136]  notifier_call_chain+0x197/0x380
[  517.042561][T12136]  ? atomic_notifier_call_chain+0x26/0x180
[  517.048511][T12136]  atomic_notifier_call_chain+0xda/0x180
[  517.054550][T12136]  ipv6_add_addr+0xdde/0x10d0
[  517.059360][T12136]  ? ipv6_count_addresses+0x190/0x190
[  517.065046][T12136]  ? ipv6_mc_config+0x82/0xc0
[  517.069915][T12136]  inet6_addr_add+0x57e/0xb60
[  517.074624][T12136]  inet6_rtm_newaddr+0x76f/0x9d0
[  517.079800][T12136]  ? inet6_dump_ifinfo+0x940/0x940
[  517.085409][T12136]  ? mutex_lock_nested+0x20/0x20
[  517.090500][T12136]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  517.095909][T12136]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  517.101044][T12136]  ? inet6_dump_ifinfo+0x940/0x940
[  517.106438][T12136]  rtnetlink_rcv_msg+0x869/0xfa0
[  517.111842][T12136]  ? rtnetlink_bind+0x80/0x80
[  517.116887][T12136]  ? try_to_wake_up+0x70a/0x1190
[  517.121889][T12136]  ? preempt_schedule+0xc0/0xd0
[  517.126957][T12136]  ? preempt_schedule_common+0x82/0xc0
[  517.132700][T12136]  ? preempt_schedule+0xc0/0xd0
[  517.137581][T12136]  ? schedule_preempt_disabled+0x20/0x20
[  517.143319][T12136]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  517.149594][T12136]  ? lock_chain_count+0x20/0x20
[  517.154592][T12136]  ? preempt_schedule_thunk+0x1a/0x30
[  517.160186][T12136]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  517.166883][T12136]  ? _raw_spin_unlock+0x40/0x40
[  517.171880][T12136]  ? swake_up_one+0x78/0x140
[  517.176572][T12136]  ? rcu_preempt_deferred_qs_irqrestore+0x8bb/0xce0
[  517.183206][T12136]  netlink_rcv_skb+0x241/0x4d0
[  517.188255][T12136]  ? rtnetlink_bind+0x80/0x80
[  517.193129][T12136]  ? netlink_ack+0x1180/0x1180
[  517.198131][T12136]  ? __lock_acquire+0x7d40/0x7d40
[  517.203469][T12136]  ? __rcu_read_unlock+0x7c/0xd0
[  517.208609][T12136]  ? netlink_deliver_tap+0x2e/0x1b0
[  517.214151][T12136]  netlink_unicast+0x751/0x8d0
[  517.219129][T12136]  netlink_sendmsg+0x8d0/0xbf0
[  517.224006][T12136]  ? netlink_getsockopt+0x590/0x590
[  517.229230][T12136]  ? aa_sock_msg_perm+0x94/0x150
[  517.234291][T12136]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  517.239595][T12136]  ? security_socket_sendmsg+0x80/0xa0
[  517.245083][T12136]  ? netlink_getsockopt+0x590/0x590
[  517.250568][T12136]  ____sys_sendmsg+0x5ba/0x960
[  517.255530][T12136]  ? __asan_memset+0x22/0x40
[  517.260229][T12136]  ? __sys_sendmsg_sock+0x30/0x30
[  517.265927][T12136]  ? __import_iovec+0x5f2/0x850
[  517.270981][T12136]  ? import_iovec+0x73/0xa0
[  517.275498][T12136]  ___sys_sendmsg+0x2a6/0x360
[  517.280284][T12136]  ? get_pid_task+0x20/0x1e0
[  517.285071][T12136]  ? __sys_sendmsg+0x2a0/0x2a0
[  517.289877][T12136]  ? __lock_acquire+0x7d40/0x7d40
[  517.295424][T12136]  __se_sys_sendmsg+0x1c2/0x2b0
[  517.300521][T12136]  ? __x64_sys_sendmsg+0x80/0x80
[  517.306019][T12136]  ? lockdep_hardirqs_on+0x98/0x150
[  517.311607][T12136]  do_syscall_64+0x55/0xa0
[  517.316219][T12136]  ? clear_bhb_loop+0x40/0x90
[  517.320935][T12136]  ? clear_bhb_loop+0x40/0x90
[  517.325742][T12136]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  517.331846][T12136] RIP: 0033:0x7f1d1d59c799
[  517.336455][T12136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  517.357301][T12136] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  517.366200][T12136] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  517.374481][T12136] RDX: 0000000020000010 RSI: 0000200000000080 RDI: 0000000000000003
[  517.382662][T12136] RBP: 00007f1d1e50b090 R08: 0000000000000000 R09: 0000000000000000
[  517.391002][T12136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  517.399514][T12136] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  517.407785][T12136]  </TASK>
[  518.141876][T12139] tap0: tun_chr_ioctl cmd 1074025677
[  518.169116][T12139] tap0: linktype set to 6
[  518.272361][T12156] netlink: 'syz.2.1802': attribute type 10 has an invalid length.
[  519.477054][T12171] ÿ: renamed from bond_slave_0
[  519.786212][T12184] FAULT_INJECTION: forcing a failure.
[  519.786212][T12184] name failslab, interval 1, probability 0, space 0, times 0
[  519.799599][T12184] CPU: 0 PID: 12184 Comm: syz.4.1811 Not tainted syzkaller #0
[  519.807463][T12184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  519.817645][T12184] Call Trace:
[  519.821036][T12184]  <TASK>
[  519.824073][T12184]  dump_stack_lvl+0x18c/0x250
[  519.829045][T12184]  ? sctp_sendmsg+0x1575/0x28c0
[  519.834081][T12184]  ? ___sys_sendmsg+0x2a6/0x360
[  519.839206][T12184]  ? show_regs_print_info+0x20/0x20
[  519.844692][T12184]  ? load_image+0x400/0x400
[  519.849513][T12184]  should_fail_ex+0x39d/0x4d0
[  519.854396][T12184]  should_failslab+0x9/0x20
[  519.859088][T12184]  slab_pre_alloc_hook+0x59/0x310
[  519.864392][T12184]  ? sctp_add_bind_addr+0x8c/0x360
[  519.870129][T12184]  __kmem_cache_alloc_node+0x53/0x250
[  519.875523][T12184]  ? sctp_add_bind_addr+0x8c/0x360
[  519.881175][T12184]  kmalloc_trace+0x2a/0xe0
[  519.885610][T12184]  sctp_add_bind_addr+0x8c/0x360
[  519.890665][T12184]  sctp_copy_local_addr_list+0x315/0x4f0
[  519.896674][T12184]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  519.903042][T12184]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  519.909582][T12184]  ? sctp_v4_is_any+0x35/0x60
[  519.914369][T12184]  ? sctp_copy_one_addr+0x8c/0x350
[  519.919958][T12184]  sctp_bind_addr_copy+0xb3/0x3c0
[  519.925521][T12184]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  519.932479][T12184]  sctp_connect_new_asoc+0x2f9/0x6a0
[  519.937867][T12184]  ? __sctp_connect+0xd80/0xd80
[  519.942992][T12184]  ? __local_bh_enable_ip+0x13a/0x1c0
[  519.948474][T12184]  ? _local_bh_enable+0xa0/0xa0
[  519.953594][T12184]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  519.959804][T12184]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  519.965882][T12184]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  519.971819][T12184]  ? security_sctp_bind_connect+0x89/0xb0
[  519.977927][T12184]  sctp_sendmsg+0x1575/0x28c0
[  519.982633][T12184]  ? sctp_getsockopt+0xb60/0xb60
[  519.987674][T12184]  ? aa_sk_perm+0x83c/0x970
[  519.992217][T12184]  ? aa_af_perm+0x330/0x330
[  519.996834][T12184]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  520.003936][T12184]  ? sock_rps_record_flow+0x19/0x3f0
[  520.009591][T12184]  ? inet_sendmsg+0x7c/0x2f0
[  520.014373][T12184]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  520.020017][T12184]  ? security_socket_sendmsg+0x80/0xa0
[  520.025884][T12184]  ? inet_send_prepare+0x260/0x260
[  520.031206][T12184]  ____sys_sendmsg+0x5ba/0x960
[  520.035983][T12184]  ? __lock_acquire+0x7d40/0x7d40
[  520.041119][T12184]  ? __asan_memset+0x22/0x40
[  520.045813][T12184]  ? __sys_sendmsg_sock+0x30/0x30
[  520.050920][T12184]  ? __import_iovec+0x5f2/0x850
[  520.056059][T12184]  ? import_iovec+0x73/0xa0
[  520.061014][T12184]  ___sys_sendmsg+0x2a6/0x360
[  520.065700][T12184]  ? get_pid_task+0x20/0x1e0
[  520.070483][T12184]  ? __sys_sendmsg+0x2a0/0x2a0
[  520.075547][T12184]  ? __lock_acquire+0x7d40/0x7d40
[  520.080875][T12184]  __se_sys_sendmsg+0x1c2/0x2b0
[  520.086103][T12184]  ? __x64_sys_sendmsg+0x80/0x80
[  520.091613][T12184]  ? lockdep_hardirqs_on+0x98/0x150
[  520.096871][T12184]  do_syscall_64+0x55/0xa0
[  520.101413][T12184]  ? clear_bhb_loop+0x40/0x90
[  520.106199][T12184]  ? clear_bhb_loop+0x40/0x90
[  520.111083][T12184]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  520.117455][T12184] RIP: 0033:0x7fa2f479c799
[  520.122275][T12184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  520.142340][T12184] RSP: 002b:00007fa2f559a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  520.151317][T12184] RAX: ffffffffffffffda RBX: 00007fa2f4a16090 RCX: 00007fa2f479c799
[  520.160414][T12184] RDX: 0000000000008054 RSI: 0000200000000300 RDI: 0000000000000003
[  520.169121][T12184] RBP: 00007fa2f559a090 R08: 0000000000000000 R09: 0000000000000000
[  520.177377][T12184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  520.185808][T12184] R13: 00007fa2f4a16128 R14: 00007fa2f4a16090 R15: 00007fff512a79c8
[  520.194074][T12184]  </TASK>
[  520.480755][T12193] __nla_validate_parse: 5 callbacks suppressed
[  520.480895][T12193] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1813'.
[  520.635623][T12196] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1814'.
[  521.218436][T12207] netlink: 'syz.2.1817': attribute type 3 has an invalid length.
[  521.267999][T12207] netlink: 'syz.2.1817': attribute type 1 has an invalid length.
[  521.287096][T12207] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1817'.
[  521.309083][T12210] netlink: 'syz.4.1818': attribute type 2 has an invalid length.
[  521.330253][T12210] netlink: 'syz.4.1818': attribute type 1 has an invalid length.
[  521.344219][T12210] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1818'.
[  521.651699][T12219] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1821'.
[  522.623371][T12237] netlink: 'syz.2.1828': attribute type 7 has an invalid length.
[  523.428151][T12250] netlink: 'syz.0.1831': attribute type 2 has an invalid length.
[  523.436283][T12250] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1831'.
[  523.601169][T12254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1832'.
[  523.806621][T12253] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1833'.
[  524.294716][T12268] netlink: 'syz.2.1838': attribute type 3 has an invalid length.
[  524.304232][T12268] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1838'.
[  524.370654][T12268] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  524.409868][T12270] netlink: 'syz.2.1838': attribute type 3 has an invalid length.
[  524.422741][T12270] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1838'.
[  524.452237][T12270] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  525.746610][T12281] tap0: tun_chr_ioctl cmd 1074025677
[  525.765865][T12281] tap0: linktype set to 6
[  525.810794][T12290] __nla_validate_parse: 1 callbacks suppressed
[  525.810833][T12290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1843'.
[  526.080025][T12299] netlink: 'syz.1.1844': attribute type 10 has an invalid length.
[  526.089678][T12299] netlink: 212412 bytes leftover after parsing attributes in process `syz.1.1844'.
[  526.099551][T12299] openvswitch: netlink: Flow key attr not present in new flow.
[  526.123286][T12301] sctp: [Deprecated]: syz.2.1845 (pid 12301) Use of struct sctp_assoc_value in delayed_ack socket option.
[  526.123286][T12301] Use struct sctp_sack_info instead
[  526.348853][T12302] netlink: 1057 bytes leftover after parsing attributes in process `syz.0.1846'.
[  527.514063][T12319] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1848'.
[  527.743582][T12326] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1853'.
[  528.152915][T12339] sctp: [Deprecated]: syz.1.1856 (pid 12339) Use of struct sctp_assoc_value in delayed_ack socket option.
[  528.152915][T12339] Use struct sctp_sack_info instead
[  528.259042][T12341] netlink: 'syz.4.1858': attribute type 10 has an invalid length.
[  529.181528][T12351] netlink: 'syz.1.1861': attribute type 10 has an invalid length.
[  529.456189][T12357] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1863'.
[  530.293083][T12367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1866'.
[  530.949805][T12372] netlink: 'syz.4.1868': attribute type 10 has an invalid length.
[  531.012387][T12372] team0: Device ipvlan1 failed to register rx_handler
[  531.309679][T12387] sctp: [Deprecated]: syz.4.1871 (pid 12387) Use of struct sctp_assoc_value in delayed_ack socket option.
[  531.309679][T12387] Use struct sctp_sack_info instead
[  531.646263][T12401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1877'.
[  532.685534][T12415] netlink: 'syz.4.1884': attribute type 2 has an invalid length.
[  532.709817][T12415] netlink: 17267 bytes leftover after parsing attributes in process `syz.4.1884'.
[  532.782687][T12421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1887'.
[  532.853083][T12424] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1885'.
[  535.806497][T12437] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1890'.
[  535.826688][T12442] netlink: 'syz.2.1891': attribute type 12 has an invalid length.
[  535.835582][T12442] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1891'.
[  536.149900][T12447] Â: renamed from pim6reg1
[  536.321472][T12449] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.1894'.
[  536.369464][T12449] netlink: 21068 bytes leftover after parsing attributes in process `syz.1.1894'.
[  536.399379][T12449] tipc: Started in network mode
[  536.404988][T12449] tipc: Node identity b, cluster identity 73
[  536.420022][T12449] tipc: Node number set to 11
[  536.670696][T12456] netlink: 121460 bytes leftover after parsing attributes in process `syz.2.1896'.
[  536.720093][T12456] netlink: 21068 bytes leftover after parsing attributes in process `syz.2.1896'.
[  537.108404][T12460] tap0: tun_chr_ioctl cmd 1074025677
[  537.134818][T12460] tap0: linktype set to 6
[  537.229783][T12471] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1899'.
[  537.711259][T12475] tap0: tun_chr_ioctl cmd 1074025677
[  537.718463][T12475] tap0: linktype set to 6
[  537.884784][T12480] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1903'.
[  538.383067][T12495] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.1908'.
[  538.457683][T12495] netlink: 21068 bytes leftover after parsing attributes in process `syz.0.1908'.
[  538.478774][T12495] tipc: Started in network mode
[  538.487167][T12495] tipc: Node identity b, cluster identity 73
[  538.497411][T12495] tipc: Node number set to 11
[  539.273934][T12512] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1912'.
[  539.497663][T12511] tap0: tun_chr_ioctl cmd 1074025677
[  539.534319][T12511] tap0: linktype set to 6
[  539.619116][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1915'.
[  539.662035][T12508] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1912'.
[  539.746607][T12518] dvmrp1: tun_chr_ioctl cmd 1074812117
[  539.777731][T12522] netlink: 'syz.2.1916': attribute type 4 has an invalid length.
[  539.792668][T12522] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1916'.
[  541.014786][T12537] tipc: Started in network mode
[  541.020427][T12537] tipc: Node identity b, cluster identity 73
[  541.026831][T12537] tipc: Node number set to 11
[  541.763203][T12557] sit0: entered allmulticast mode
[  541.895559][T12556] sit0: entered promiscuous mode
[  542.271499][T12568] __nla_validate_parse: 4 callbacks suppressed
[  542.271524][T12568] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1929'.
[  542.446179][T12565] netlink: 'syz.2.1930': attribute type 39 has an invalid length.
[  543.038714][T12580] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1932'.
[  543.495413][T12591] netlink: 'syz.4.1938': attribute type 1 has an invalid length.
[  543.503659][T12589] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1936'.
[  543.535605][T12591] netlink: 'syz.4.1938': attribute type 3 has an invalid length.
[  543.556355][T12591] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1938'.
[  543.693942][T12595] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1939'.
[  545.157351][T12615] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1947'.
[  545.567158][T12634] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1951'.
[  545.801559][T12632] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1951'.
[  546.423365][T12641] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1952'.
[  546.435008][T12646] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1953'.
[  547.718642][T12664] __nla_validate_parse: 2 callbacks suppressed
[  547.718905][T12664] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1960'.
[  549.334079][T12674] tap0: tun_chr_ioctl cmd 1074025677
[  549.348187][T12674] tap0: linktype set to 6
[  549.592408][T12685] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1963'.
[  549.993885][T12691] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1966'.
[  550.954157][T12707] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1972'.
[  552.203477][T12726] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1978'.
[  552.225927][T12734] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1979'.
[  552.558127][T12738] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1983'.
[  552.888621][T12747] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1984'.
[  553.097317][T12746] netlink: 'syz.1.1985': attribute type 1 has an invalid length.
[  553.112154][T12746] netlink: 191376 bytes leftover after parsing attributes in process `syz.1.1985'.
[  553.935627][T12771] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1993'.
[  554.290566][T12777] netlink: 'syz.4.1995': attribute type 1 has an invalid length.
[  554.309671][T12777] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1995'.
[  555.009086][T12783] netlink: 'syz.0.1998': attribute type 1 has an invalid length.
[  555.022717][T12783] netlink: 191376 bytes leftover after parsing attributes in process `syz.0.1998'.
[  555.060529][T12781] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1997'.
[  555.629783][T12793] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2009'.
[  555.644365][T12803] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2001'.
[  555.961957][T12800] tap0: tun_chr_ioctl cmd 1074025677
[  555.975459][T12800] tap0: linktype set to 6
[  555.995998][T12802] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2003'.
[  556.507328][T12806] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2003'.
[  556.777845][T12824] syzkaller0: tun_chr_ioctl cmd 1074025677
[  556.818709][T12824] syzkaller0: linktype set to 804
[  558.374911][T12853] tap0: tun_chr_ioctl cmd 1074025677
[  558.414217][T12853] tap0: linktype set to 6
[  558.640494][T12866] __nla_validate_parse: 1 callbacks suppressed
[  558.640513][T12866] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2018'.
[  558.892038][T12863] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2018'.
[  559.607705][T12880] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2024'.
[  561.159857][T12910] tap0: tun_chr_ioctl cmd 1074025677
[  561.212350][T12910] tap0: linktype set to 6
[  561.250187][T12915] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2034'.
[  563.134003][T12940] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.2039'.
[  563.708734][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  563.715467][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  563.770317][T12945] netlink: 'syz.4.2040': attribute type 1 has an invalid length.
[  563.779852][T12945] netlink: 191376 bytes leftover after parsing attributes in process `syz.4.2040'.
[  564.676828][T12970] tap0: tun_chr_ioctl cmd 1074025677
[  564.699501][T12970] tap0: linktype set to 6
[  564.728403][T12969] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2047'.
[  565.128911][T12982] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2050'.
[  565.401984][T12977] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2050'.
[  566.522176][T13007] netlink: 'syz.0.2057': attribute type 3 has an invalid length.
[  566.546101][T13007] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2057'.
[  566.779589][T13001] tap0: tun_chr_ioctl cmd 1074025677
[  566.785957][T13001] tap0: linktype set to 6
[  566.837012][T13003] netlink: 14568 bytes leftover after parsing attributes in process `syz.0.2057'.
[  567.282143][T13023] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2060'.
[  568.410589][T13038] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2066'.
[  571.139785][T13065] tap0: tun_chr_ioctl cmd 1074025677
[  571.173858][T13065] tap0: linktype set to 6
[  571.799791][T13066] tap0: tun_chr_ioctl cmd 1074025677
[  571.952973][T13066] tap0: linktype set to 6
[  572.629983][T13075] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2076'.
[  573.694986][T13096] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2082'.
[  574.228477][T13116] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2088'.
[  574.238766][T13120] tap0: tun_chr_ioctl cmd 1074025677
[  574.244858][T13120] tap0: linktype set to 6
[  574.256407][T13119] tap0: tun_chr_ioctl cmd 1074025677
[  574.297458][T13119] tap0: linktype set to 6
[  575.697069][T13158] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2099'.
[  576.018904][T13153] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2099'.
[  576.087721][T13167] tap0: tun_chr_ioctl cmd 1074025677
[  576.096978][T13167] tap0: linktype set to 6
[  576.103456][T13168] tap0: tun_chr_ioctl cmd 1074025677
[  576.111259][T13168] tap0: linktype set to 6
[  576.397313][T13174] FAULT_INJECTION: forcing a failure.
[  576.397313][T13174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  576.411796][T13174] CPU: 0 PID: 13174 Comm: syz.4.2104 Not tainted syzkaller #0
[  576.419671][T13174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  576.430297][T13174] Call Trace:
[  576.433846][T13174]  <TASK>
[  576.437079][T13174]  dump_stack_lvl+0x18c/0x250
[  576.442085][T13174]  ? show_regs_print_info+0x20/0x20
[  576.447517][T13174]  ? load_image+0x400/0x400
[  576.452207][T13174]  ? __might_fault+0xaa/0x120
[  576.457270][T13174]  ? __lock_acquire+0x7d40/0x7d40
[  576.462880][T13174]  should_fail_ex+0x39d/0x4d0
[  576.467907][T13174]  _copy_from_user+0x2f/0xe0
[  576.472720][T13174]  ___sys_recvmsg+0x176/0x590
[  576.477808][T13174]  ? __sys_recvmsg+0x2a0/0x2a0
[  576.482693][T13174]  ? ksys_write+0x1c4/0x260
[  576.487327][T13174]  ? __fget_files+0x43d/0x4b0
[  576.492394][T13174]  __x64_sys_recvmsg+0x20c/0x2e0
[  576.497460][T13174]  ? ___sys_recvmsg+0x590/0x590
[  576.502826][T13174]  ? lockdep_hardirqs_on+0x98/0x150
[  576.508140][T13174]  do_syscall_64+0x55/0xa0
[  576.512755][T13174]  ? clear_bhb_loop+0x40/0x90
[  576.517552][T13174]  ? clear_bhb_loop+0x40/0x90
[  576.522434][T13174]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  576.528370][T13174] RIP: 0033:0x7fa2f479c799
[  576.533095][T13174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  576.553249][T13174] RSP: 002b:00007fa2f55bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  576.561973][T13174] RAX: ffffffffffffffda RBX: 00007fa2f4a15fa0 RCX: 00007fa2f479c799
[  576.570053][T13174] RDX: 0000000000000002 RSI: 0000200000000440 RDI: 0000000000000003
[  576.578308][T13174] RBP: 00007fa2f55bb090 R08: 0000000000000000 R09: 0000000000000000
[  576.586565][T13174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.594849][T13174] R13: 00007fa2f4a16038 R14: 00007fa2f4a15fa0 R15: 00007fff512a79c8
[  576.603552][T13174]  </TASK>
[  576.944900][T13182] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2105'.
[  577.531504][T13202] FAULT_INJECTION: forcing a failure.
[  577.531504][T13202] name failslab, interval 1, probability 0, space 0, times 0
[  577.564158][T13196] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2111'.
[  577.590410][T13202] CPU: 1 PID: 13202 Comm: syz.1.2112 Not tainted syzkaller #0
[  577.590444][T13202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  577.590455][T13202] Call Trace:
[  577.590467][T13202]  <TASK>
[  577.590486][T13202]  dump_stack_lvl+0x18c/0x250
[  577.590526][T13202]  ? show_regs_print_info+0x20/0x20
[  577.590553][T13202]  ? load_image+0x400/0x400
[  577.590582][T13202]  ? __lock_acquire+0x7d40/0x7d40
[  577.590615][T13202]  should_fail_ex+0x39d/0x4d0
[  577.590648][T13202]  should_failslab+0x9/0x20
[  577.590673][T13202]  slab_pre_alloc_hook+0x59/0x310
[  577.590701][T13202]  ? __lock_acquire+0x7d40/0x7d40
[  577.590728][T13202]  kmem_cache_alloc+0x5a/0x2d0
[  577.590754][T13202]  ? security_file_alloc+0x34/0x120
[  577.590787][T13202]  security_file_alloc+0x34/0x120
[  577.590817][T13202]  init_file+0x94/0x1f0
[  577.590849][T13202]  alloc_empty_file+0xb7/0x1d0
[  577.590879][T13202]  alloc_file+0x5c/0x600
[  577.590912][T13202]  alloc_file_pseudo+0x184/0x210
[  577.590945][T13202]  ? alloc_empty_backing_file+0xe0/0xe0
[  577.590978][T13202]  ? init_peercred+0x263/0x2c0
[  577.591013][T13202]  sock_alloc_file+0xb7/0x280
[  577.591045][T13202]  __sys_socketpair+0x376/0x550
[  577.591081][T13202]  __x64_sys_socketpair+0x9b/0xb0
[  577.591112][T13202]  do_syscall_64+0x55/0xa0
[  577.591138][T13202]  ? clear_bhb_loop+0x40/0x90
[  577.591160][T13202]  ? clear_bhb_loop+0x40/0x90
[  577.591185][T13202]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  577.591206][T13202] RIP: 0033:0x7f3ae779c799
[  577.591226][T13202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  577.591243][T13202] RSP: 002b:00007f3ae860a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  577.591266][T13202] RAX: ffffffffffffffda RBX: 00007f3ae7a16090 RCX: 00007f3ae779c799
[  577.591282][T13202] RDX: 0000000000000000 RSI: 0000000000000803 RDI: 0000000000000001
[  577.591294][T13202] RBP: 00007f3ae860a090 R08: 0000000000000000 R09: 0000000000000000
[  577.591307][T13202] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000002
[  577.591320][T13202] R13: 00007f3ae7a16128 R14: 00007f3ae7a16090 R15: 00007ffcf9ffaab8
[  577.591353][T13202]  </TASK>
[  578.367515][T13217] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2116'.
[  578.422020][T13216] tap0: tun_chr_ioctl cmd 1074025677
[  578.429128][T13216] tap0: linktype set to 6
[  578.674520][T13215] tap0: tun_chr_ioctl cmd 1074025677
[  578.680861][T13215] tap0: linktype set to 6
[  578.707272][T13209] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2116'.
[  579.375066][T13227] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2119'.
[  579.805469][T13231] netlink: 'syz.0.2121': attribute type 1 has an invalid length.
[  579.823015][T13231] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2121'.
[  580.712204][T13244] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2132'.
[  581.691827][T13257] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2129'.
[  582.080877][T13268] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2131'.
[  582.735227][T13278] tap0: tun_chr_ioctl cmd 1074025677
[  582.738795][T13286] FAULT_INJECTION: forcing a failure.
[  582.738795][T13286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.760750][T13286] CPU: 0 PID: 13286 Comm: syz.4.2137 Not tainted syzkaller #0
[  582.768735][T13286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  582.780130][T13286] Call Trace:
[  582.783436][T13286]  <TASK>
[  582.786658][T13286]  dump_stack_lvl+0x18c/0x250
[  582.791374][T13286]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  582.797641][T13286]  ? show_regs_print_info+0x20/0x20
[  582.803119][T13286]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  582.809957][T13286]  should_fail_ex+0x39d/0x4d0
[  582.814737][T13286]  _copy_to_user+0x2f/0xa0
[  582.819505][T13286]  simple_read_from_buffer+0xe7/0x150
[  582.825197][T13286]  proc_fail_nth_read+0x1e8/0x260
[  582.830679][T13286]  ? proc_fault_inject_write+0x360/0x360
[  582.836632][T13286]  ? fsnotify_perm+0x271/0x5e0
[  582.841684][T13286]  ? proc_fault_inject_write+0x360/0x360
[  582.847730][T13286]  vfs_read+0x28b/0x970
[  582.852283][T13286]  ? kernel_read+0x1e0/0x1e0
[  582.856986][T13286]  ? __fget_files+0x28/0x4b0
[  582.861791][T13286]  ? __fget_files+0x28/0x4b0
[  582.866517][T13286]  ? __fget_files+0x43d/0x4b0
[  582.871415][T13286]  ? __fdget_pos+0x2a3/0x330
[  582.876409][T13286]  ? ksys_read+0x75/0x260
[  582.881030][T13286]  ksys_read+0x150/0x260
[  582.885590][T13286]  ? vfs_write+0x990/0x990
[  582.890197][T13286]  ? syscall_enter_from_user_mode+0x2e/0x80
[  582.896564][T13286]  do_syscall_64+0x55/0xa0
[  582.901110][T13286]  ? clear_bhb_loop+0x40/0x90
[  582.906080][T13286]  ? clear_bhb_loop+0x40/0x90
[  582.910789][T13286]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  582.917135][T13286] RIP: 0033:0x7fa2f475cfce
[  582.922185][T13286] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  582.943195][T13286] RSP: 002b:00007fa2f55bafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  582.952150][T13286] RAX: ffffffffffffffda RBX: 00007fa2f55bb6c0 RCX: 00007fa2f475cfce
[  582.960588][T13286] RDX: 000000000000000f RSI: 00007fa2f55bb0a0 RDI: 0000000000000007
[  582.968842][T13286] RBP: 00007fa2f55bb090 R08: 0000000000000000 R09: 0000000000000000
[  582.977635][T13286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  582.986354][T13286] R13: 00007fa2f4a16038 R14: 00007fa2f4a15fa0 R15: 00007fff512a79c8
[  582.994614][T13286]  </TASK>
[  583.052039][T13278] tap0: linktype set to 6
[  583.090116][T13277] tap0: tun_chr_ioctl cmd 1074025677
[  583.096058][T13277] tap0: linktype set to 6
[  583.366881][T13293] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2138'.
[  583.666273][T13297] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2141'.
[  584.175292][T13316] FAULT_INJECTION: forcing a failure.
[  584.175292][T13316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  584.215928][T13316] CPU: 0 PID: 13316 Comm: syz.0.2146 Not tainted syzkaller #0
[  584.223939][T13316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  584.234556][T13316] Call Trace:
[  584.237872][T13316]  <TASK>
[  584.241013][T13316]  dump_stack_lvl+0x18c/0x250
[  584.246000][T13316]  ? show_regs_print_info+0x20/0x20
[  584.251336][T13316]  ? load_image+0x400/0x400
[  584.255973][T13316]  ? __lock_acquire+0x7d40/0x7d40
[  584.261204][T13316]  ? snprintf+0xe9/0x140
[  584.265822][T13316]  should_fail_ex+0x39d/0x4d0
[  584.270820][T13316]  _copy_to_user+0x2f/0xa0
[  584.275611][T13316]  simple_read_from_buffer+0xe7/0x150
[  584.281518][T13316]  proc_fail_nth_read+0x1e8/0x260
[  584.286900][T13316]  ? proc_fault_inject_write+0x360/0x360
[  584.292680][T13316]  ? fsnotify_perm+0x271/0x5e0
[  584.297831][T13316]  ? proc_fault_inject_write+0x360/0x360
[  584.303812][T13316]  vfs_read+0x28b/0x970
[  584.308602][T13316]  ? kernel_read+0x1e0/0x1e0
[  584.313591][T13316]  ? __fget_files+0x28/0x4b0
[  584.318399][T13316]  ? __fget_files+0x28/0x4b0
[  584.323196][T13316]  ? __fget_files+0x43d/0x4b0
[  584.328305][T13316]  ? __fdget_pos+0x2a3/0x330
[  584.333084][T13316]  ? ksys_read+0x75/0x260
[  584.337521][T13316]  ksys_read+0x150/0x260
[  584.342082][T13316]  ? vfs_write+0x990/0x990
[  584.347564][T13316]  ? lockdep_hardirqs_on+0x98/0x150
[  584.353232][T13316]  do_syscall_64+0x55/0xa0
[  584.357849][T13316]  ? clear_bhb_loop+0x40/0x90
[  584.362717][T13316]  ? clear_bhb_loop+0x40/0x90
[  584.367865][T13316]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  584.374224][T13316] RIP: 0033:0x7f0ff515cfce
[  584.379186][T13316] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  584.400116][T13316] RSP: 002b:00007f0ff6009fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  584.409000][T13316] RAX: ffffffffffffffda RBX: 00007f0ff600a6c0 RCX: 00007f0ff515cfce
[  584.417425][T13316] RDX: 000000000000000f RSI: 00007f0ff600a0a0 RDI: 000000000000000e
[  584.426211][T13316] RBP: 00007f0ff600a090 R08: 0000000000000000 R09: 0000000000000000
[  584.435028][T13316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.443522][T13316] R13: 00007f0ff5416038 R14: 00007f0ff5415fa0 R15: 00007ffd34b66268
[  584.451883][T13316]  </TASK>
[  584.862728][T13320] tap0: tun_chr_ioctl cmd 1074025677
[  584.885394][T13320] tap0: linktype set to 6
[  585.053467][T13330] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2149'.
[  585.357492][T13326] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2149'.
[  586.152957][T13347] FAULT_INJECTION: forcing a failure.
[  586.152957][T13347] name failslab, interval 1, probability 0, space 0, times 0
[  586.166752][T13347] CPU: 0 PID: 13347 Comm: syz.2.2155 Not tainted syzkaller #0
[  586.174085][T13342] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2153'.
[  586.174671][T13347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  586.174759][T13347] Call Trace:
[  586.174768][T13347]  <TASK>
[  586.174778][T13347]  dump_stack_lvl+0x18c/0x250
[  586.174821][T13347]  ? show_regs_print_info+0x20/0x20
[  586.174850][T13347]  ? load_image+0x400/0x400
[  586.174876][T13347]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  586.174900][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.174924][T13347]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  586.174950][T13347]  should_fail_ex+0x39d/0x4d0
[  586.174987][T13347]  should_failslab+0x9/0x20
[  586.175012][T13347]  slab_pre_alloc_hook+0x59/0x310
[  586.175040][T13347]  ? __mod_timer+0x984/0xdb0
[  586.175072][T13347]  kmem_cache_alloc+0x5a/0x2d0
[  586.258220][T13347]  ? skb_clone+0x1eb/0x370
[  586.262718][T13347]  skb_clone+0x1eb/0x370
[  586.267008][T13347]  ? __neigh_event_send+0xe56/0x1440
[  586.272706][T13347]  __neigh_event_send+0xe63/0x1440
[  586.278151][T13347]  ? ___neigh_create+0x1df6/0x2440
[  586.283509][T13347]  neigh_resolve_output+0x19b/0x730
[  586.289129][T13347]  ? __ipv6_neigh_lookup_noref+0x5b9/0x7d0
[  586.295276][T13347]  ip6_finish_output2+0xe3d/0x1630
[  586.300989][T13347]  ? ip6_finish_output2+0x645/0x1630
[  586.306860][T13347]  ? ip6_mtu+0x7d/0x3f0
[  586.308551][T13349] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2154'.
[  586.311041][T13347]  ? nf_hook+0x390/0x390
[  586.311072][T13347]  ? ip6_finish_output+0x57b/0x820
[  586.311102][T13347]  ? ip6_send_skb+0x10f/0x380
[  586.311127][T13347]  ip6_send_skb+0x1d5/0x380
[  586.340436][T13347]  icmp6_send+0x142a/0x1b40
[  586.345282][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.351110][T13347]  ? icmp6_send+0x233/0x1b40
[  586.351168][T13347]  ? icmpv6_push_pending_frames+0x400/0x400
[  586.351202][T13347]  ? ip6_neigh_lookup+0x14b/0x480
[  586.367915][T13347]  ? ip6_neigh_lookup+0x14b/0x480
[  586.373556][T13347]  ? rt6_uncached_list_del+0x180/0x180
[  586.379606][T13347]  ip6_link_failure+0x3b/0x4c0
[  586.385306][T13347]  ip_tunnel_xmit+0x1728/0x2410
[  586.390328][T13347]  ? lock_chain_count+0x20/0x20
[  586.395547][T13347]  ? ip_tunnel_xmit+0xb0/0x2410
[  586.400632][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.405977][T13347]  ? slab_free_freelist_hook+0x130/0x1a0
[  586.411917][T13347]  ? ip4_dst_hoplimit+0x2d0/0x2d0
[  586.417212][T13347]  ? gre_build_header+0x25b/0x990
[  586.422347][T13347]  gre_tap_xmit+0x4fe/0x6f0
[  586.427013][T13347]  dev_hard_start_xmit+0x246/0x740
[  586.432374][T13347]  sch_direct_xmit+0x25e/0x4c0
[  586.437212][T13347]  ? mrp_pdu_parse_vecattr_event+0x2a0/0x2a0
[  586.443357][T13347]  __dev_queue_xmit+0x165d/0x3660
[  586.448554][T13347]  ? __dev_queue_xmit+0x265/0x3660
[  586.454089][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.459657][T13347]  ? read_seqbegin+0x1c8/0x270
[  586.465186][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.470476][T13347]  ? neigh_event_send+0x110/0x110
[  586.475544][T13347]  ? netdev_core_pick_tx+0x340/0x340
[  586.480956][T13347]  ? __asan_memcpy+0x40/0x70
[  586.485654][T13347]  ? eth_header+0x11b/0x200
[  586.490354][T13347]  ? llc_sysctl_exit+0x70/0x70
[  586.495314][T13347]  ? neigh_resolve_output+0x618/0x730
[  586.501069][T13347]  ip6_finish_output2+0xe3d/0x1630
[  586.506206][T13347]  ? ip6_finish_output2+0x645/0x1630
[  586.511858][T13347]  ? ip6_mtu+0x7d/0x3f0
[  586.516294][T13347]  ? nf_hook+0x390/0x390
[  586.520899][T13347]  ? ip6_finish_output+0x57b/0x820
[  586.526144][T13347]  rawv6_send_hdrinc+0xd9e/0x1640
[  586.531205][T13347]  ? txopt_get+0x3f0/0x3f0
[  586.536000][T13347]  ? txopt_get+0x344/0x3f0
[  586.540522][T13347]  ? rawv6_push_pending_frames+0x8d0/0x8d0
[  586.546688][T13347]  ? fl6_sock_lookup+0xc0/0xc0
[  586.551507][T13347]  rawv6_sendmsg+0x12cc/0x1770
[  586.556303][T13347]  ? compat_rawv6_ioctl+0x70/0x70
[  586.561619][T13347]  ? aa_sk_perm+0x83c/0x970
[  586.566204][T13347]  ? tomoyo_socket_sendmsg_permission+0x216/0x2f0
[  586.572928][T13347]  ? inet_sendmsg+0x7c/0x2f0
[  586.577692][T13347]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  586.583098][T13347]  ? security_socket_sendmsg+0x80/0xa0
[  586.589130][T13347]  ? inet_send_prepare+0x260/0x260
[  586.594707][T13347]  ____sys_sendmsg+0x5ba/0x960
[  586.599921][T13347]  ? __lock_acquire+0x7d40/0x7d40
[  586.604978][T13347]  ? __asan_memset+0x22/0x40
[  586.609933][T13347]  ? __sys_sendmsg_sock+0x30/0x30
[  586.615487][T13347]  ? __import_iovec+0x5f2/0x850
[  586.620466][T13347]  ? import_iovec+0x73/0xa0
[  586.625286][T13347]  ___sys_sendmsg+0x2a6/0x360
[  586.630344][T13347]  ? get_pid_task+0x20/0x1e0
[  586.635572][T13347]  ? __sys_sendmsg+0x2a0/0x2a0
[  586.640370][T13347]  ? __lock_acquire+0x7d40/0x7d40
[  586.645610][T13347]  __se_sys_sendmsg+0x1c2/0x2b0
[  586.650824][T13347]  ? __x64_sys_sendmsg+0x80/0x80
[  586.655967][T13347]  ? lockdep_hardirqs_on+0x98/0x150
[  586.661198][T13347]  do_syscall_64+0x55/0xa0
[  586.666003][T13347]  ? clear_bhb_loop+0x40/0x90
[  586.670795][T13347]  ? clear_bhb_loop+0x40/0x90
[  586.675695][T13347]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  586.681784][T13347] RIP: 0033:0x7f1d1d59c799
[  586.686393][T13347] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  586.706392][T13347] RSP: 002b:00007f1d1e50b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  586.715367][T13347] RAX: ffffffffffffffda RBX: 00007f1d1d815fa0 RCX: 00007f1d1d59c799
[  586.723619][T13347] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  586.732082][T13347] RBP: 00007f1d1e50b090 R08: 0000000000000000 R09: 0000000000000000
[  586.740155][T13347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  586.748134][T13347] R13: 00007f1d1d816038 R14: 00007f1d1d815fa0 R15: 00007ffc75d12e18
[  586.756309][T13347]  </TASK>
[  587.145937][T13354] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2158'.
[  587.704030][T13367] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2163'.
[  588.347141][T13364] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2163'.
[  588.711673][T13366] netlink: 'syz.4.2164': attribute type 10 has an invalid length.
[  588.973850][T13366] team0: Device ipvlan1 failed to register rx_handler
[  589.249506][T13384] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2168'.
[  591.672464][T13415] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2175'.
[  591.683689][T13418] tap0: tun_chr_ioctl cmd 1074025677
[  591.697735][T13418] tap0: linktype set to 6
[  592.156604][T13438] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2180'.
[  592.659720][T13440] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2181'.
[  592.917426][T13440] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2181'.
[  593.165929][T13444] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2183'.
[  593.176439][T13441] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2181'.
[  593.285465][T13450] delete_channel: no stack
[  593.291026][T13450] delete_channel: no stack
[  593.297056][T13445] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.2181'.
[  595.656075][T13474] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2191'.
[  595.683215][T13482] tap0: tun_chr_ioctl cmd 1074025677
[  595.689144][T13482] tap0: linktype set to 6
[  596.176521][T13497] tap0: tun_chr_ioctl cmd 1074025677
[  596.206702][T13497] tap0: linktype set to 6
[  596.622418][T13506] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2197'.
[  598.596876][T13528] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.2205'.
[  598.678277][T13528] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.2205'.
[  598.760284][T13529] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.2205'.
[  598.893959][T13528] delete_channel: no stack
[  598.927845][T13532] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.2205'.
[  598.971411][T13528] delete_channel: no stack
[  599.102755][T13530] tap0: tun_chr_ioctl cmd 1074025677
[  599.181737][T13530] tap0: linktype set to 6
[  599.280165][T13535] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2206'.
[  599.776251][T13556] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2209'.
[  600.208108][T13567] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2214'.
[  600.542138][T13570] netlink: 15743 bytes leftover after parsing attributes in process `syz.2.2215'.
[  601.390432][T13578] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2218'.
[  603.482786][T13609] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2225'.
[  604.668605][T13617] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2230'.
[  606.254414][T13650] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2237'.
[  606.741390][T13655] tap0: tun_chr_ioctl cmd 1074025677
[  606.747272][T13655] tap0: linktype set to 6
[  607.155053][T13668] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2240'.
[  607.405434][T13665] netlink: 'syz.0.2242': attribute type 4 has an invalid length.
[  607.419651][T13665] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2242'.
[  607.494768][T13665] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2242'.
[  607.729891][T13677] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2246'.
[  610.928568][T13707] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2253'.
[  611.062530][T13710] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2252'.
[  612.256812][T13729] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2259'.
[  612.292580][T13729] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2259'.
[  613.223107][T13739] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2262'.
[  613.565406][T13750] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2265'.
[  614.298739][T13754] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2266'.
[  614.595499][T13758] veth1_vlan: entered allmulticast mode
[  616.454718][T13775] tap0: tun_chr_ioctl cmd 1074025677
[  616.474972][T13775] tap0: linktype set to 6
[  616.927698][T13790] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2275'.
[  617.301212][T13797] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2277'.
[  617.638906][T13794] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2277'.
[  618.332455][T13809] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  618.345994][T13809] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  618.355875][T13809] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  618.366664][T13809] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  618.379935][T13809] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  618.387536][T13809] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  618.454026][T13804] tap0: tun_chr_ioctl cmd 1074025677
[  618.460348][T13804] tap0: linktype set to 6
[  618.743117][T13806] chnl_net:caif_netlink_parms(): no params data found
[  618.883511][ T2952] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.364610][ T2952] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.988986][ T2952] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.017565][T13806] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.046153][T13806] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.065614][T13806] bridge_slave_0: entered allmulticast mode
[  620.074595][T13806] bridge_slave_0: entered promiscuous mode
[  620.083947][T13806] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.093744][T13806] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.102311][T13806] bridge_slave_1: entered allmulticast mode
[  620.110477][T13806] bridge_slave_1: entered promiscuous mode
[  620.424146][ T2952] netdevsim netdevsim0 ÿÿÿÿÿÿ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.458373][T13809] Bluetooth: hci0: command tx timeout
[  620.574639][T13806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  620.727500][T13806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  620.835474][T13806] team0: Port device team_slave_0 added
[  620.843839][T13836] tap0: tun_chr_ioctl cmd 1074025677
[  620.852844][T13836] tap0: linktype set to 6
[  620.908208][T13806] team0: Port device team_slave_1 added
[  621.067546][T13806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  621.079792][T13806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.108580][T13806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  621.163711][T13806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  621.172433][T13806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.202518][T13806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  621.348937][ T2952] tipc: Left network mode
[  621.410651][T13806] hsr_slave_0: entered promiscuous mode
[  621.439312][T13806] hsr_slave_1: entered promiscuous mode
[  621.445963][T13806] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  621.461784][T13806] Cannot create hsr debugfs directory
[  622.055188][T13859] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2288'.
[  622.309863][T13863] tap0: tun_chr_ioctl cmd 1074025677
[  622.359887][T13863] tap0: linktype set to 6
[  622.540141][T13809] Bluetooth: hci0: command tx timeout
[  624.599321][T13809] Bluetooth: hci0: command tx timeout
[  624.747931][T13806] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  624.809576][T13806] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  624.853264][T13806] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  624.884331][T13806] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  625.079967][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  625.087200][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  625.372524][T13806] 8021q: adding VLAN 0 to HW filter on device bond0
[  625.532722][T13905] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2297'.
[  625.944049][T13806] 8021q: adding VLAN 0 to HW filter on device team0
[  625.995208][T13910] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2298'.
[  626.025812][ T6020] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.033346][ T6020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  626.100617][ T6020] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.108186][ T6020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  626.254211][T13903] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2298'.
[  626.679670][T13809] Bluetooth: hci0: command tx timeout
[  626.894855][T13806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  626.916440][T13928] tap0: tun_chr_ioctl cmd 1074025677
[  626.933032][T13928] tap0: linktype set to 6
[  627.224869][T13806] veth0_vlan: entered promiscuous mode
[  627.272801][T13806] veth1_vlan: entered promiscuous mode
[  627.537549][T13806] veth0_macvtap: entered promiscuous mode
[  627.557368][T13806] veth1_macvtap: entered promiscuous mode
[  627.638849][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  627.658501][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  627.673389][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  627.685379][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  627.696590][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  627.707761][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  627.733698][T13806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  628.249148][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.268737][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.286657][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.298571][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.314177][T13806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.338054][T13806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.361497][T13806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  628.505368][T13953] tap0: tun_chr_ioctl cmd 1074025677
[  628.516909][T13953] tap0: linktype set to 6
[  628.591508][T13806] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  628.601315][T13806] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  628.621970][T13806] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  628.632106][T13806] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  628.925328][ T6020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  628.979822][ T6020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.175585][ T6020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  629.187147][ T6020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.542997][T13978] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2278'.
[  629.553325][T13978] netlink: 6 bytes leftover after parsing attributes in process `syz.0.2278'.
[  629.589369][T13973] tap0: tun_chr_ioctl cmd 1074025677
[  629.608337][T13973] tap0: linktype set to 6
[  629.863659][T13981] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2313'.
[  632.228427][T14001] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2319'.
[  632.780333][T14012] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2323'.
[  633.519379][T14014] tap0: tun_chr_ioctl cmd 1074025677
[  633.558144][T14014] tap0: linktype set to 6
[  633.707659][T14024] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.2324'.
[  633.740514][T14024] netlink: zone id is out of range
[  633.753892][T14024] netlink: zone id is out of range
[  633.769284][T14024] netlink: zone id is out of range
[  633.793634][T14024] netlink: zone id is out of range
[  633.820660][T14024] netlink: zone id is out of range
[  633.839641][T14024] netlink: zone id is out of range
[  633.845505][T14024] netlink: zone id is out of range
[  633.861212][T14024] netlink: zone id is out of range
[  633.881182][T14024] netlink: zone id is out of range
[  633.888605][T14024] netlink: zone id is out of range
[  634.875098][T14031] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2325'.
[  635.822980][   T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  635.841448][   T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  635.857557][   T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  635.926475][   T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  635.936584][   T52] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  635.945371][   T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  636.035724][T14039] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2330'.
[  636.085700][T14044] bridge_slave_1: left allmulticast mode
[  636.109652][T14044] bridge_slave_1: left promiscuous mode
[  636.120600][T14044] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.163332][T14044] bridge_slave_0: left allmulticast mode
[  636.176338][T14044] bridge_slave_0: left promiscuous mode
[  636.337095][T14044] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.039903][   T52] Bluetooth: hci3: command tx timeout
[  639.489758][T14040] chnl_net:caif_netlink_parms(): no params data found
[  640.109329][   T52] Bluetooth: hci3: command tx timeout
[  640.137084][T14085] tap0: tun_chr_ioctl cmd 1074025677
[  640.149398][T14085] tap0: linktype set to 6
[  640.268815][T14040] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.277004][T14040] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.285036][T14040] bridge_slave_0: entered allmulticast mode
[  640.293543][T14040] bridge_slave_0: entered promiscuous mode
[  640.303939][T14040] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.317064][T14040] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.325361][T14040] bridge_slave_1: entered allmulticast mode
[  640.334224][T14040] bridge_slave_1: entered promiscuous mode
[  640.344367][T14091] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2342'.
[  640.423246][ T2952] hsr_slave_0: left promiscuous mode
[  640.444759][ T2952] hsr_slave_1: left promiscuous mode
[  640.456495][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  640.466893][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_0
[  640.476917][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  640.485340][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_1
[  640.520387][ T2952] bridge_slave_1: left allmulticast mode
[  640.526828][ T2952] bridge_slave_1: left promiscuous mode
[  640.549498][ T2952] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.580499][ T2952] bridge_slave_0: left allmulticast mode
[  640.586750][ T2952] bridge_slave_0: left promiscuous mode
[  640.607817][ T2952] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.671405][ T2952] veth1_macvtap: left promiscuous mode
[  640.679931][ T2952] veth0_macvtap: left promiscuous mode
[  641.387699][ T2952] team0 (unregistering): Port device team_slave_1 removed
[  641.448301][ T2952] team0 (unregistering): Port device C removed
[  642.057100][T14040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  642.099966][T14040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  642.189358][   T52] Bluetooth: hci3: command tx timeout
[  642.212704][T14040] team0: Port device team_slave_0 added
[  642.236122][T14040] team0: Port device team_slave_1 added
[  642.435552][T14102] tipc: Failed to clone mcast rcv buffer
[  642.448721][T14040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  642.458053][T14097] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2343'.
[  642.480050][T14040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  642.523925][T14040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  642.569500][T14040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  642.578641][T14040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  642.691550][T14040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  643.482507][T14040] hsr_slave_0: entered promiscuous mode
[  643.500167][T14040] hsr_slave_1: entered promiscuous mode
[  643.518925][T14040] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  643.539387][T14040] Cannot create hsr debugfs directory
[  643.707689][ T2952] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.090602][ T2952] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.269442][   T52] Bluetooth: hci3: command tx timeout
[  644.465804][T14131] tap0: tun_chr_ioctl cmd 1074025677
[  644.486506][T14131] tap0: linktype set to 6
[  644.716030][ T2952] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.890571][ T2952] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.631470][ T2952] tipc: Left network mode
[  646.432171][T14168] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2357'.
[  647.355980][T14179] tap0: tun_chr_ioctl cmd 1074025677
[  647.379629][T14179] tap0: linktype set to 6
[  647.626145][T14181] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2363'.
[  648.078207][T14040] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  648.098755][T14040] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  648.119995][T14040] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  648.255956][T14040] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  648.424220][T14205] syzkaller0: entered promiscuous mode
[  648.438342][T14205] syzkaller0: entered allmulticast mode
[  648.857697][T14040] 8021q: adding VLAN 0 to HW filter on device bond0
[  648.933388][T14040] 8021q: adding VLAN 0 to HW filter on device team0
[  648.954689][T14218] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2368'.
[  649.002503][T11177] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.010210][T11177] bridge0: port 1(bridge_slave_0) entered forwarding state
[  649.031621][T11177] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.039789][T11177] bridge0: port 2(bridge_slave_1) entered forwarding state
[  649.597045][T14228] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2370'.
[  649.797164][T14040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  649.985140][T14235] netlink: 'syz.4.2374': attribute type 13 has an invalid length.
[  649.994465][T14235] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2374'.
[  650.434602][T14233] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2372'.
[  650.571769][T14040] veth0_vlan: entered promiscuous mode
[  650.774923][T14040] veth1_vlan: entered promiscuous mode
[  650.810969][T14247] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2377'.
[  651.159765][T14253] IPv6: Can't replace route, no match found
[  651.199568][T14257] tap0: tun_chr_ioctl cmd 1074025677
[  651.206045][T14257] tap0: linktype set to 6
[  651.637106][T14040] veth0_macvtap: entered promiscuous mode
[  651.697458][T14040] veth1_macvtap: entered promiscuous mode
[  651.737718][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  651.750196][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  651.760826][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  651.899544][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  651.966465][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  651.997371][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  652.010219][T14040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  652.049697][T14268] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2379'.
[  652.194497][T14268] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  652.215415][T14268] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  652.236847][T14268] bond0 (unregistering): Released all slaves
[  652.248101][T14271] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2380'.
[  652.406001][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  652.433360][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  652.451453][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  652.467563][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  652.485434][T14040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  652.497873][T14040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  652.517302][T14040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  652.556726][T14270] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2380'.
[  652.612370][T14040] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  652.646085][T14040] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  652.655762][T14040] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  652.665658][T14040] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  653.109472][T14282] netlink: 'syz.0.2384': attribute type 13 has an invalid length.
[  653.142787][T14282] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2384'.
[  653.176062][T14282] syz_tun: refused to change device tx_queue_len
[  653.199424][T14282] net_ratelimit: 331 callbacks suppressed
[  653.199453][T14282] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  653.725237][T14295] netlink: 'syz.1.2386': attribute type 10 has an invalid length.
[  653.748945][T14295] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2386'.
[  653.771154][T14301] sctp: [Deprecated]: syz.4.2387 (pid 14301) Use of int in max_burst socket option deprecated.
[  653.771154][T14301] Use struct sctp_assoc_value instead
[  654.036533][T14295] netlink: 'syz.1.2386': attribute type 10 has an invalid length.
[  654.048195][T14295] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2386'.
[  654.058677][T14297] netlink: 'syz.1.2386': attribute type 10 has an invalid length.
[  654.068014][T14297] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2386'.
[  654.113070][T11165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  654.138359][T11165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  654.361138][T14300] tap0: tun_chr_ioctl cmd 1074025677
[  654.645789][T14300] tap0: linktype set to 6
[  654.771782][ T6033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  654.790421][ T6033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  654.988798][T14312] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2391'.
[  656.305625][T14325] delete_channel: no stack
[  656.772944][T14337] netlink: 'syz.1.2397': attribute type 1 has an invalid length.
[  656.788716][T14337] netlink: 'syz.1.2397': attribute type 4 has an invalid length.
[  656.800071][T14337] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.2397'.
[  657.438847][T14348] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2401'.
[  657.584745][T14357] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2403'.
[  658.967908][T14355] delete_channel: no stack
[  660.927131][T14400] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2415'.
[  661.422982][T14403] netlink: 'syz.4.2416': attribute type 10 has an invalid length.
[  661.445386][T14403] FAULT_INJECTION: forcing a failure.
[  661.445386][T14403] name failslab, interval 1, probability 0, space 0, times 0
[  661.460527][T14403] CPU: 1 PID: 14403 Comm: syz.4.2416 Not tainted syzkaller #0
[  661.468397][T14403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  661.478826][T14403] Call Trace:
[  661.482296][T14403]  <TASK>
[  661.485323][T14403]  dump_stack_lvl+0x18c/0x250
[  661.490105][T14403]  ? show_regs_print_info+0x20/0x20
[  661.495578][T14403]  ? load_image+0x400/0x400
[  661.500174][T14403]  ? __might_sleep+0xe0/0xe0
[  661.505043][T14403]  ? __lock_acquire+0x7d40/0x7d40
[  661.510446][T14403]  should_fail_ex+0x39d/0x4d0
[  661.515338][T14403]  should_failslab+0x9/0x20
[  661.520070][T14403]  slab_pre_alloc_hook+0x59/0x310
[  661.525251][T14403]  ? __lock_acquire+0x7d40/0x7d40
[  661.530420][T14403]  ? trace_contention_end+0x39/0xe0
[  661.535750][T14403]  ? nf_nat_masq_schedule+0x246/0x560
[  661.541416][T14403]  __kmem_cache_alloc_node+0x53/0x250
[  661.547438][T14403]  ? nf_nat_masq_schedule+0x246/0x560
[  661.553134][T14403]  kmalloc_trace+0x2a/0xe0
[  661.557879][T14403]  nf_nat_masq_schedule+0x246/0x560
[  661.563217][T14403]  ? mutex_unlock+0x10/0x10
[  661.567903][T14403]  ? nf_nat_masq_schedule+0x560/0x560
[  661.573559][T14403]  ? masq_device_event+0xd0/0xd0
[  661.578716][T14403]  ? nfqnl_rcv_dev_event+0xb1/0x770
[  661.584034][T14403]  masq_device_event+0xa2/0xd0
[  661.588820][T14403]  notifier_call_chain+0x197/0x380
[  661.594123][T14403]  __dev_notify_flags+0x16e/0x310
[  661.599517][T14403]  ? __dev_change_flags+0x6a0/0x6a0
[  661.604906][T14403]  ? __dev_change_flags+0x4d4/0x6a0
[  661.610213][T14403]  ? vprintk_emit+0x53d/0x610
[  661.614901][T14403]  ? dev_get_flags+0x1c0/0x1c0
[  661.619775][T14403]  ? printk_sprint+0x460/0x460
[  661.624641][T14403]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  661.630901][T14403]  ? _raw_spin_unlock+0x40/0x40
[  661.635938][T14403]  dev_change_flags+0xe8/0x1a0
[  661.640907][T14403]  do_setlink+0xc58/0x4130
[  661.645515][T14403]  ? arch_stack_walk+0x160/0x190
[  661.650475][T14403]  ? load_image+0x400/0x400
[  661.655348][T14403]  ? nlmsg_parse_deprecated_strict+0x110/0x110
[  661.661685][T14403]  ? stack_trace_save+0xaa/0x100
[  661.666910][T14403]  ? __nla_validate_parse+0x2522/0x2ea0
[  661.672663][T14403]  ? __nla_validate+0x50/0x50
[  661.677384][T14403]  ? validate_linkmsg+0x719/0x910
[  661.682606][T14403]  rtnl_newlink+0x17da/0x20a0
[  661.687536][T14403]  ? rtnl_newlink+0x501/0x20a0
[  661.692584][T14403]  ? rtnl_setlink+0x4e0/0x4e0
[  661.697445][T14403]  ? __rwlock_init+0x150/0x150
[  661.702356][T14403]  ? do_raw_spin_unlock+0x121/0x230
[  661.707926][T14403]  ? __mutex_lock+0x956/0xcc0
[  661.712885][T14403]  ? __mutex_lock+0x4f9/0xcc0
[  661.717789][T14403]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  661.723029][T14403]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  661.728281][T14403]  ? rtnl_setlink+0x4e0/0x4e0
[  661.733055][T14403]  rtnetlink_rcv_msg+0x869/0xfa0
[  661.738135][T14403]  ? rtnetlink_bind+0x80/0x80
[  661.743105][T14403]  ? perf_trace_preemptirq_template+0x269/0x330
[  661.749368][T14403]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  661.755542][T14403]  ? lock_chain_count+0x20/0x20
[  661.760760][T14403]  ? __local_bh_enable_ip+0x13a/0x1c0
[  661.766232][T14403]  ? lockdep_hardirqs_on+0x98/0x150
[  661.771622][T14403]  ? __local_bh_enable_ip+0x13a/0x1c0
[  661.777178][T14403]  ? _local_bh_enable+0xa0/0xa0
[  661.782051][T14403]  ? __dev_queue_xmit+0x265/0x3660
[  661.787500][T14403]  ? __dev_queue_xmit+0x265/0x3660
[  661.792650][T14403]  ? __dev_queue_xmit+0x1b2c/0x3660
[  661.798132][T14403]  ? __dev_queue_xmit+0x265/0x3660
[  661.803357][T14403]  ? ref_tracker_free+0x690/0x840
[  661.808576][T14403]  netlink_rcv_skb+0x241/0x4d0
[  661.813539][T14403]  ? rtnetlink_bind+0x80/0x80
[  661.818430][T14403]  ? netlink_ack+0x1180/0x1180
[  661.823494][T14403]  ? __lock_acquire+0x7d40/0x7d40
[  661.828720][T14403]  ? netlink_deliver_tap+0x2e/0x1b0
[  661.834374][T14403]  netlink_unicast+0x751/0x8d0
[  661.839431][T14403]  netlink_sendmsg+0x8d0/0xbf0
[  661.844396][T14403]  ? netlink_getsockopt+0x590/0x590
[  661.849888][T14403]  ? aa_sock_msg_perm+0x94/0x150
[  661.854958][T14403]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  661.860259][T14403]  ? security_socket_sendmsg+0x80/0xa0
[  661.865901][T14403]  ? netlink_getsockopt+0x590/0x590
[  661.871202][T14403]  ____sys_sendmsg+0x5ba/0x960
[  661.875983][T14403]  ? __asan_memset+0x22/0x40
[  661.880783][T14403]  ? __sys_sendmsg_sock+0x30/0x30
[  661.885938][T14403]  ? __import_iovec+0x3fa/0x850
[  661.891226][T14403]  ? import_iovec+0x73/0xa0
[  661.895761][T14403]  ___sys_sendmsg+0x2a6/0x360
[  661.900730][T14403]  ? __sys_sendmsg+0x2a0/0x2a0
[  661.905786][T14403]  ? trace_call_bpf+0xc3/0x6c0
[  661.910599][T14403]  __se_sys_sendmsg+0x1c2/0x2b0
[  661.916051][T14403]  ? __x64_sys_sendmsg+0x80/0x80
[  661.921308][T14403]  ? lockdep_hardirqs_on+0x98/0x150
[  661.926791][T14403]  do_syscall_64+0x55/0xa0
[  661.931226][T14403]  ? clear_bhb_loop+0x40/0x90
[  661.936097][T14403]  ? clear_bhb_loop+0x40/0x90
[  661.941258][T14403]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  661.947453][T14403] RIP: 0033:0x7fa2f479c799
[  661.951973][T14403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  661.971946][T14403] RSP: 002b:00007fa2f55bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  661.980640][T14403] RAX: ffffffffffffffda RBX: 00007fa2f4a15fa0 RCX: 00007fa2f479c799
[  661.989243][T14403] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  661.997504][T14403] RBP: 00007fa2f55bb090 R08: 0000000000000000 R09: 0000000000000000
[  662.005847][T14403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  662.014265][T14403] R13: 00007fa2f4a16038 R14: 00007fa2f4a15fa0 R15: 00007fff512a79c8
[  662.022789][T14403]  </TASK>
[  662.910334][T14411] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2425'.
[  662.945873][T14404] delete_channel: no stack
[  663.105321][T14411] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  663.146211][T14411] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  663.179007][T14411] bond0 (unregistering): Released all slaves
[  663.354759][T14427] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2421'.
[  664.715900][T14433] netlink: 'syz.4.2422': attribute type 1 has an invalid length.
[  664.729664][T14433] netlink: 'syz.4.2422': attribute type 4 has an invalid length.
[  664.754396][T14433] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.2422'.
[  665.035821][T14434] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2423'.
[  665.666194][T14451] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2428'.
[  666.096658][T14463] tap0: tun_chr_ioctl cmd 1074025677
[  666.122167][T14463] tap0: linktype set to 6
[  666.563546][T14467] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2432'.
[  667.141433][T14480] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2434'.
[  667.351301][T14477] tap0: tun_chr_ioctl cmd 1074025677
[  667.357550][T14477] tap0: linktype set to 6
[  668.168674][T14492] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2437'.
[  668.545742][T14501] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2438'.
[  669.728713][T14512] tap0: tun_chr_ioctl cmd 1074025677
[  669.732272][T14520] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2444'.
[  669.769812][T14512] tap0: linktype set to 6
[  670.080684][T14514] netlink: 'syz.4.2443': attribute type 11 has an invalid length.
[  670.594340][   T52] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  670.691098][T14530] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2446'.
[  671.119503][ T2952] hsr_slave_0: left promiscuous mode
[  671.136617][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  671.150948][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_0
[  671.178654][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  671.195633][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_1
[  671.205740][ T2952] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  671.226443][ T2952] batman_adv: batadv0: Removing interface: virt_wifi0
[  671.254361][ T2952] batman_adv: batadv0: Interface deactivated: veth0_vlan
[  671.335584][ T2952] batman_adv: batadv0: Removing interface: veth0_vlan
[  671.354509][ T2952] bridge_slave_1: left allmulticast mode
[  671.362178][ T2952] bridge_slave_1: left promiscuous mode
[  671.370170][T13809] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  671.381418][T13809] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  671.393280][ T2952] bridge0: port 2(bridge_slave_1) entered disabled state
[  671.401654][T13809] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  671.416105][T13809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  671.425601][ T2952] bridge_slave_0: left allmulticast mode
[  671.431032][T13809] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  671.441248][T13809] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  671.450334][ T2952] bridge_slave_0: left promiscuous mode
[  671.466978][ T2952] bridge0: port 1(bridge_slave_0) entered disabled state
[  671.496750][ T2952] veth0_macvtap: left promiscuous mode
[  671.502522][ T2952] veth0_vlan: left promiscuous mode
[  672.237033][ T2952] team0 (unregistering): Port device team_slave_1 removed
[  672.294739][ T2952] team0 (unregistering): Port device C removed
[  672.947777][T14539] lo: entered allmulticast mode
[  672.969549][T14540] lo: entered promiscuous mode
[  672.974686][T14540] lo: left allmulticast mode
[  672.999390][T14541] tap0: tun_chr_ioctl cmd 1074025677
[  673.005529][T14541] tap0: linktype set to 6
[  673.044192][T14536] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2449'.
[  673.481110][T13809] Bluetooth: hci1: command tx timeout
[  674.524867][T14542] chnl_net:caif_netlink_parms(): no params data found
[  675.286292][T14583] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2458'.
[  675.340446][T14542] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.377612][T14542] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.386451][T14542] bridge_slave_0: entered allmulticast mode
[  675.395687][T14542] bridge_slave_0: entered promiscuous mode
[  675.418329][T14542] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.426538][T14542] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.434626][T14542] bridge_slave_1: entered allmulticast mode
[  675.444135][T14542] bridge_slave_1: entered promiscuous mode
[  675.550804][T13809] Bluetooth: hci1: command tx timeout
[  675.607877][T14542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.755990][T14542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.936435][T14542] team0: Port device team_slave_0 added
[  675.981156][T14542] team0: Port device team_slave_1 added
[  676.211211][T14542] batman_adv: batadv0: Adding interface: batadv_slave_0
[  676.218929][T14542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.332137][T14599] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2461'.
[  676.356986][T14542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.634791][T14542] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.663672][T14542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.702243][T14542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  677.119838][T14610] tap0: tun_chr_ioctl cmd 1074025677
[  677.125850][T14610] tap0: linktype set to 6
[  677.326286][T14542] hsr_slave_0: entered promiscuous mode
[  677.343507][T14542] hsr_slave_1: entered promiscuous mode
[  677.437726][ T2952] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.631696][T13809] Bluetooth: hci1: command tx timeout
[  677.719121][ T2952] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.878751][ T2952] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.052100][ T2952] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.931152][ T2952] tipc: Left network mode
[  679.748850][T13809] Bluetooth: hci1: command tx timeout
[  679.834684][T14635] netlink: 'syz.4.2471': attribute type 21 has an invalid length.
[  679.894252][T14635] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2471'.
[  680.026127][T14635] netlink: 'syz.4.2471': attribute type 5 has an invalid length.
[  680.064241][T14635] netlink: 'syz.4.2471': attribute type 6 has an invalid length.
[  680.114761][T14635] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2471'.
[  680.486082][T14542] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  680.574750][T14542] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  680.715856][T14542] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  680.778057][T14643] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2472'.
[  680.800847][T14542] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  681.233661][T14659] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.2474'.
[  682.462201][T14662] netlink: 'syz.2.2475': attribute type 2 has an invalid length.
[  682.476776][T14662] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2475'.
[  685.366625][T14542] 8021q: adding VLAN 0 to HW filter on device bond0
[  685.548748][T14542] 8021q: adding VLAN 0 to HW filter on device team0
[  685.837728][ T6020] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.845595][ T6020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.903732][T14712] netlink: 'syz.0.2486': attribute type 4 has an invalid length.
[  685.912956][T14712] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2486'.
[  685.994772][T14542] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  686.005921][T14542] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  686.121081][T11165] bridge0: port 2(bridge_slave_1) entered blocking state
[  686.129327][T11165] bridge0: port 2(bridge_slave_1) entered forwarding state
[  686.517572][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  686.530173][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  686.814139][T14542] 8021q: adding VLAN 0 to HW filter on device batadv0
[  686.977687][T14726] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.2489'.
[  687.147602][T14724] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2490'.
[  687.241368][T14542] veth0_vlan: entered promiscuous mode
[  687.257775][T14542] veth1_vlan: entered promiscuous mode
[  687.378522][T14542] veth0_macvtap: entered promiscuous mode
[  687.432680][T14542] veth1_macvtap: entered promiscuous mode
[  687.505187][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.586459][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.604966][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.626131][T14735] FAULT_INJECTION: forcing a failure.
[  687.626131][T14735] name failslab, interval 1, probability 0, space 0, times 0
[  687.646044][T14735] CPU: 0 PID: 14735 Comm: syz.2.2493 Not tainted syzkaller #0
[  687.653759][T14735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  687.664175][T14735] Call Trace:
[  687.668117][T14735]  <TASK>
[  687.671233][T14735]  dump_stack_lvl+0x18c/0x250
[  687.676226][T14735]  ? sctp_sendmsg+0x1575/0x28c0
[  687.681352][T14735]  ? ___sys_sendmsg+0x2a6/0x360
[  687.686305][T14735]  ? show_regs_print_info+0x20/0x20
[  687.691609][T14735]  ? load_image+0x400/0x400
[  687.696319][T14735]  should_fail_ex+0x39d/0x4d0
[  687.701109][T14735]  should_failslab+0x9/0x20
[  687.705802][T14735]  slab_pre_alloc_hook+0x59/0x310
[  687.711455][T14735]  ? sctp_add_bind_addr+0x8c/0x360
[  687.716665][T14735]  __kmem_cache_alloc_node+0x53/0x250
[  687.722154][T14735]  ? sctp_add_bind_addr+0x8c/0x360
[  687.727550][T14735]  kmalloc_trace+0x2a/0xe0
[  687.732160][T14735]  sctp_add_bind_addr+0x8c/0x360
[  687.737697][T14735]  sctp_copy_local_addr_list+0x315/0x4f0
[  687.743921][T14735]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  687.749941][T14735]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  687.756563][T14735]  ? sctp_v4_is_any+0x35/0x60
[  687.761778][T14735]  ? sctp_copy_one_addr+0x8c/0x350
[  687.767350][T14735]  sctp_bind_addr_copy+0xb3/0x3c0
[  687.773005][T14735]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  687.780486][T14735]  sctp_connect_new_asoc+0x2f9/0x6a0
[  687.786400][T14735]  ? __sctp_connect+0xd80/0xd80
[  687.791537][T14735]  ? __local_bh_enable_ip+0x13a/0x1c0
[  687.797107][T14735]  ? _local_bh_enable+0xa0/0xa0
[  687.802334][T14735]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  687.808327][T14735]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  687.814668][T14735]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  687.820332][T14735]  ? security_sctp_bind_connect+0x89/0xb0
[  687.826426][T14735]  sctp_sendmsg+0x1575/0x28c0
[  687.831302][T14735]  ? sctp_getsockopt+0xb60/0xb60
[  687.836364][T14735]  ? aa_sk_perm+0x83c/0x970
[  687.840896][T14735]  ? aa_af_perm+0x330/0x330
[  687.845938][T14735]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  687.852816][T14735]  ? sock_rps_record_flow+0x19/0x3f0
[  687.858298][T14735]  ? inet_sendmsg+0x7c/0x2f0
[  687.862986][T14735]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  687.868285][T14735]  ? security_socket_sendmsg+0x80/0xa0
[  687.873893][T14735]  ? inet_send_prepare+0x260/0x260
[  687.879475][T14735]  ____sys_sendmsg+0x5ba/0x960
[  687.884727][T14735]  ? __lock_acquire+0x7d40/0x7d40
[  687.890380][T14735]  ? __asan_memset+0x22/0x40
[  687.896029][T14735]  ? __sys_sendmsg_sock+0x30/0x30
[  687.901628][T14735]  ? __import_iovec+0x5f2/0x850
[  687.907335][T14735]  ? import_iovec+0x73/0xa0
[  687.912213][T14735]  ___sys_sendmsg+0x2a6/0x360
[  687.917074][T14735]  ? get_pid_task+0x20/0x1e0
[  687.921770][T14735]  ? __sys_sendmsg+0x2a0/0x2a0
[  687.926853][T14735]  ? __lock_acquire+0x7d40/0x7d40
[  687.932352][T14735]  __se_sys_sendmsg+0x1c2/0x2b0
[  687.937393][T14735]  ? __x64_sys_sendmsg+0x80/0x80
[  687.943005][T14735]  ? lockdep_hardirqs_on+0x98/0x150
[  687.948591][T14735]  do_syscall_64+0x55/0xa0
[  687.953124][T14735]  ? clear_bhb_loop+0x40/0x90
[  687.957959][T14735]  ? clear_bhb_loop+0x40/0x90
[  687.962826][T14735]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  687.968830][T14735] RIP: 0033:0x7f72aeb9c799
[  687.973357][T14735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  687.993327][T14735] RSP: 002b:00007f72afb31028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  688.001933][T14735] RAX: ffffffffffffffda RBX: 00007f72aee15fa0 RCX: 00007f72aeb9c799
[  688.010145][T14735] RDX: 00000000000080d1 RSI: 0000200000000140 RDI: 0000000000000003
[  688.018219][T14735] RBP: 00007f72afb31090 R08: 0000000000000000 R09: 0000000000000000
[  688.026724][T14735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  688.035401][T14735] R13: 00007f72aee16038 R14: 00007f72aee15fa0 R15: 00007ffde4bf1548
[  688.043661][T14735]  </TASK>
[  688.049439][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.067426][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  688.088766][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.114987][T14542] batman_adv: batadv0: Interface activated: batadv_slave_0
[  688.133465][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.148094][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.176843][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.198423][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.215586][T14542] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.227000][T14542] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.253481][T14542] batman_adv: batadv0: Interface activated: batadv_slave_1
[  688.330282][T14542] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  688.361837][T14542] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  688.372090][T14542] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  688.384371][T14542] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  688.786478][ T6033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.816523][ T6033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.971925][T11165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.987703][T14756] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2498'.
[  688.999697][T11165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  689.197713][T14755] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2498'.
[  689.689065][T14759] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2445'.
[  689.826702][T14766] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2499'.
[  690.314078][T14776] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2501'.
[  691.327237][T14775] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2502'.
[  692.481380][T14801] FAULT_INJECTION: forcing a failure.
[  692.481380][T14801] name failslab, interval 1, probability 0, space 0, times 0
[  692.516425][T14801] CPU: 0 PID: 14801 Comm: syz.4.2510 Not tainted syzkaller #0
[  692.524447][T14801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  692.534730][T14801] Call Trace:
[  692.538252][T14801]  <TASK>
[  692.541399][T14801]  dump_stack_lvl+0x18c/0x250
[  692.546137][T14801]  ? show_regs_print_info+0x20/0x20
[  692.551823][T14801]  ? load_image+0x400/0x400
[  692.556650][T14801]  ? __might_sleep+0xe0/0xe0
[  692.561793][T14801]  ? __lock_acquire+0x7d40/0x7d40
[  692.567145][T14801]  should_fail_ex+0x39d/0x4d0
[  692.572874][T14801]  should_failslab+0x9/0x20
[  692.578222][T14801]  slab_pre_alloc_hook+0x59/0x310
[  692.583658][T14801]  ? kvmalloc_node+0x70/0x180
[  692.589110][T14801]  ? kvmalloc_node+0x70/0x180
[  692.594253][T14801]  __kmem_cache_alloc_node+0x53/0x250
[  692.599961][T14801]  ? kvmalloc_node+0x70/0x180
[  692.605112][T14801]  __kmalloc_node+0xa4/0x230
[  692.609957][T14801]  kvmalloc_node+0x70/0x180
[  692.615093][T14801]  alloc_netdev_mqs+0x8cd/0x1040
[  692.620262][T14801]  __ip_tunnel_create+0x303/0x4d0
[  692.625952][T14801]  ? ip_tunnel_init_net+0x790/0x790
[  692.631475][T14801]  ? security_capable+0x89/0xb0
[  692.636933][T14801]  ip_tunnel_ctl+0x98c/0x1970
[  692.642101][T14801]  vti_tunnel_ctl+0x1f9/0x390
[  692.647469][T14801]  ip_tunnel_siocdevprivate+0x138/0x1f0
[  692.653773][T14801]  ? dev_ioctl+0x83c/0x1140
[  692.658762][T14801]  ? ip_tunnel_update+0xb10/0xb10
[  692.664116][T14801]  ? dev_ifsioc+0x958/0xc40
[  692.669020][T14801]  dev_ioctl+0x84c/0x1140
[  692.673400][T14801]  sock_ioctl+0x74c/0x7e0
[  692.678025][T14801]  ? sock_poll+0x3e0/0x3e0
[  692.682665][T14801]  ? bpf_lsm_file_ioctl+0x9/0x10
[  692.688059][T14801]  ? security_file_ioctl+0x80/0xa0
[  692.693475][T14801]  ? sock_poll+0x3e0/0x3e0
[  692.698192][T14801]  __se_sys_ioctl+0xfd/0x170
[  692.702830][T14801]  do_syscall_64+0x55/0xa0
[  692.707473][T14801]  ? clear_bhb_loop+0x40/0x90
[  692.712282][T14801]  ? clear_bhb_loop+0x40/0x90
[  692.717084][T14801]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  692.723191][T14801] RIP: 0033:0x7fa2f479c799
[  692.727742][T14801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  692.748505][T14801] RSP: 002b:00007fa2f55bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  692.757411][T14801] RAX: ffffffffffffffda RBX: 00007fa2f4a15fa0 RCX: 00007fa2f479c799
[  692.765795][T14801] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000005
[  692.775042][T14801] RBP: 00007fa2f55bb090 R08: 0000000000000000 R09: 0000000000000000
[  692.783510][T14801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  692.792358][T14801] R13: 00007fa2f4a16038 R14: 00007fa2f4a15fa0 R15: 00007fff512a79c8
[  692.801652][T14801]  </TASK>
[  693.375891][T14812] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2512'.
[  693.678743][T14813] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2513'.
[  694.318215][T14824] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2515'.
[  695.206246][T14828] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.2519'.
[  695.591570][T14830] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2518'.
[  697.544319][T14855] tap0: tun_chr_ioctl cmd 1074025677
[  697.554779][T14855] tap0: linktype set to 6
[  697.595044][T14859] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2525'.
[  698.162930][T14869] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2527'.
[  698.407466][T14880] netlink: 'syz.0.2531': attribute type 3 has an invalid length.
[  698.426436][T14880] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2531'.
[  698.531536][T14882] netlink: 'syz.2.2532': attribute type 15 has an invalid length.
[  699.308198][T14890] tap0: tun_chr_ioctl cmd 1074025677
[  699.332522][T14890] tap0: linktype set to 6
[  700.518710][T14910] netlink: 'syz.4.2541': attribute type 13 has an invalid length.
[  700.557629][T14910] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2541'.
[  700.595982][T14915] netlink: 'syz.2.2543': attribute type 3 has an invalid length.
[  700.604638][T14915] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2543'.
[  700.918691][T14910] erspan0: refused to change device tx_queue_len
[  700.951290][T14910] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  701.014036][T14917] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2542'.
[  702.768075][T14949] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2550'.
[  703.704929][T14949] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  703.724064][T14949] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  703.743095][T14949] bond0 (unregistering): Released all slaves
[  703.954992][T14964] netlink: 'syz.0.2554': attribute type 10 has an invalid length.
[  704.027231][T14964] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2554'.
[  704.039581][T14964] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  704.113350][T14969] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.2555'.
[  704.282841][T14966] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2556'.
[  704.705529][T14987] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2559'.
[  705.413354][T14985] mac80211_hwsim hwsim252 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  705.431370][T14997] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2564'.
[  705.435928][T14979] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2559'.
[  706.845723][T15014] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2569'.
[  707.367832][T15025] netlink: 'syz.1.2572': attribute type 10 has an invalid length.
[  707.629888][ T6020] wlan1: Trigger new scan to find an IBSS to join
[  707.791445][T15025] team0: Port device dummy0 added
[  707.932388][T15033] tap0: tun_chr_ioctl cmd 1074025677
[  707.938407][T15033] tap0: linktype set to 6
[  708.011085][T15025] syz.1.2572 (15025) used greatest stack depth: 17768 bytes left
[  708.296150][T15041] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2576'.
[  708.577726][T15046] netlink: 'syz.1.2577': attribute type 10 has an invalid length.
[  709.257281][T15055] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2580'.
[  710.580738][T15063] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2581'.
[  711.400929][T15086] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2587'.
[  711.412842][T15076] mac80211_hwsim hwsim85 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  712.198614][T15091] tap0: tun_chr_ioctl cmd 1074025677
[  712.213872][T15091] tap0: linktype set to 6
[  712.606959][T15109] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2592'.
[  712.621031][T11165] wlan1: Trigger new scan to find an IBSS to join
[  713.561001][ T6020] wlan1: Trigger new scan to find an IBSS to join
[  713.913825][T15131] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2599'.
[  713.976540][ T6033] wlan1: Creating new IBSS network, BSSID 6a:8d:8e:7f:2c:59
[  714.002566][T15126] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2598'.
[  714.336522][ T2952] hsr_slave_0: left promiscuous mode
[  714.357591][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  714.375859][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_0
[  714.420550][ T2952] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  714.438603][ T2952] batman_adv: batadv0: Removing interface: batadv_slave_1
[  714.455513][ T2952] batman_adv: batadv0: Interface deactivated: veth0_vlan
[  714.464861][ T2952] batman_adv: batadv0: Removing interface: veth0_vlan
[  714.482123][ T2952] bridge_slave_1: left allmulticast mode
[  714.488287][ T2952] bridge_slave_1: left promiscuous mode
[  714.529422][ T2952] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.547404][ T2952] bridge_slave_0: left allmulticast mode
[  714.562858][ T2952] bridge_slave_0: left promiscuous mode
[  714.577586][ T2952] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.623414][ T2952] veth1_macvtap: left promiscuous mode
[  714.639674][ T2952] veth0_macvtap: left promiscuous mode
[  714.645595][ T2952] veth1_vlan: left promiscuous mode
[  715.446128][T15150] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2604'.
[  716.592233][ T6020] wlan1: Trigger new scan to find an IBSS to join
[  716.739725][T15151] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2603'.
[  717.048629][T15158] tap0: tun_chr_ioctl cmd 1074025677
[  717.187405][T15158] tap0: linktype set to 6
[  717.530385][T15175] netlink: 'syz.0.2611': attribute type 9 has an invalid length.
[  717.538629][T15175] netlink: 399 bytes leftover after parsing attributes in process `syz.0.2611'.
[  718.575319][T15196] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2616'.
[  718.873761][T15205] netlink: 199824 bytes leftover after parsing attributes in process `syz.1.2620'.
[  719.281806][T15209] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2621'.
[  719.380398][T15209] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2621'.
[  719.403897][T15208] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2621'.
[  719.425947][T15214] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2621'.
[  719.563790][ T6033] wlan1: Trigger new scan to find an IBSS to join
[  719.808140][T15238] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2626'.
[  720.043573][T15224] tap0: tun_chr_ioctl cmd 1074025677
[  720.050592][T15224] tap0: linktype set to 6
[  720.063903][T15238] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2626'.
[  720.088805][T15242] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2626'.
[  720.462113][T15256] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.2632'.
[  720.799042][T15235] wlan1: Creating new IBSS network, BSSID 4a:3e:19:f6:11:ab
[  720.994625][T15262] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  721.055898][T15255] netlink: 'syz.1.2631': attribute type 10 has an invalid length.
[  721.119877][T15255] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2631'.
[  721.227588][T15255] batman_adv: batadv0: Adding interface: veth0_vlan
[  721.235114][T15255] batman_adv: batadv0: The MTU of interface veth0_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  721.264322][T15255] batman_adv: batadv0: Interface activated: veth0_vlan
[  721.284995][T15271] netlink: 'syz.0.2636': attribute type 3 has an invalid length.
[  721.355730][T15271] netlink: 7874 bytes leftover after parsing attributes in process `syz.0.2636'.
[  721.498640][T15279] FAULT_INJECTION: forcing a failure.
[  721.498640][T15279] name failslab, interval 1, probability 0, space 0, times 0
[  721.512731][T15279] CPU: 1 PID: 15279 Comm: syz.2.2639 Not tainted syzkaller #0
[  721.520410][T15279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  721.530978][T15279] Call Trace:
[  721.534396][T15279]  <TASK>
[  721.537456][T15279]  dump_stack_lvl+0x18c/0x250
[  721.542549][T15279]  ? show_regs_print_info+0x20/0x20
[  721.548087][T15279]  ? load_image+0x400/0x400
[  721.552759][T15279]  should_fail_ex+0x39d/0x4d0
[  721.557969][T15279]  should_failslab+0x9/0x20
[  721.562701][T15279]  slab_pre_alloc_hook+0x59/0x310
[  721.568292][T15279]  kmem_cache_alloc_node+0x60/0x320
[  721.573870][T15279]  ? __alloc_skb+0x103/0x2c0
[  721.578489][T15279]  __alloc_skb+0x103/0x2c0
[  721.583001][T15279]  skb_copy+0x13d/0x7a0
[  721.587517][T15279]  ? __rwlock_init+0x150/0x150
[  721.592943][T15279]  ? read_tsc+0x9/0x20
[  721.597211][T15279]  mac80211_hwsim_tx_frame_no_nl+0xca9/0x11a0
[  721.603641][T15279]  ? mac80211_hwsim_tx_frame_nl+0xbd0/0xbd0
[  721.610028][T15279]  mac80211_hwsim_tx+0x1808/0x2720
[  721.616023][T15279]  ieee80211_handle_wake_tx_queue+0x199/0x2b0
[  721.622326][T15279]  ? ieee80211_ctstoself_duration+0x460/0x460
[  721.628966][T15279]  ? __local_bh_enable_ip+0x13a/0x1c0
[  721.634875][T15279]  ? _local_bh_enable+0xa0/0xa0
[  721.640185][T15279]  ? do_raw_spin_unlock+0x121/0x230
[  721.646264][T15279]  ieee80211_queue_skb+0x1a3e/0x21c0
[  721.652388][T15279]  ieee80211_tx+0x2c3/0x460
[  721.657250][T15279]  ? ieee80211_skb_resize+0x630/0x630
[  721.662813][T15279]  ? ieee80211_xmit+0x310/0x3f0
[  721.668134][T15279]  __ieee80211_subif_start_xmit+0xe10/0x1500
[  721.674646][T15279]  ? __ieee80211_subif_start_xmit+0x2ae/0x1500
[  721.681433][T15279]  ? ieee80211_txq_schedule_start+0x310/0x310
[  721.687964][T15279]  ? ieee80211_multicast_to_unicast+0x19c/0x310
[  721.695172][T15279]  ieee80211_subif_start_xmit+0xf4/0x560
[  721.701347][T15279]  ? ieee80211_build_hdr+0x2710/0x2710
[  721.707378][T15279]  dev_hard_start_xmit+0x246/0x740
[  721.712804][T15279]  __dev_queue_xmit+0x19a3/0x3660
[  721.718140][T15279]  ? __dev_queue_xmit+0x265/0x3660
[  721.723478][T15279]  ? __kasan_slab_alloc+0x6c/0x80
[  721.728604][T15279]  ? slab_post_alloc_hook+0x8a/0x4b0
[  721.734252][T15279]  ? netdev_core_pick_tx+0x340/0x340
[  721.739840][T15279]  ? skb_release_data+0x1cf/0x800
[  721.745164][T15279]  ? pskb_expand_head+0xbfe/0x1230
[  721.750748][T15279]  __bpf_tx_skb+0x189/0x250
[  721.755384][T15279]  bpf_clone_redirect+0x30f/0x4a0
[  721.760723][T15279]  bpf_prog_c6f54bbad6dab1ee+0x5e/0x63
[  721.766653][T15279]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.773288][T15279]  ? preempt_schedule+0xc0/0xd0
[  721.778581][T15279]  ? perf_trace_preemptirq_template+0xac/0x330
[  721.785036][T15279]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  721.791641][T15279]  ? lockdep_softirqs_on+0x580/0x580
[  721.796955][T15279]  ? lock_chain_count+0x20/0x20
[  721.802361][T15279]  ? __local_bh_disable_ip+0x108/0x1a0
[  721.808738][T15279]  ? __cant_sleep+0x220/0x220
[  721.813526][T15279]  ? __local_bh_enable_ip+0x13a/0x1c0
[  721.819224][T15279]  ? _local_bh_enable+0xa0/0xa0
[  721.824677][T15279]  ? bpf_test_timer_continue+0x135/0x380
[  721.830973][T15279]  ? bpf_test_run+0x174/0x870
[  721.836069][T15279]  bpf_test_run+0x2df/0x870
[  721.841433][T15279]  ? bpf_test_run+0x174/0x870
[  721.847057][T15279]  ? convert___skb_to_skb+0x590/0x590
[  721.852645][T15279]  ? eth_get_headlen+0x210/0x210
[  721.857671][T15279]  ? slab_build_skb+0x25f/0x3f0
[  721.862839][T15279]  ? convert___skb_to_skb+0x3d/0x590
[  721.868479][T15279]  bpf_prog_test_run_skb+0xad2/0x12b0
[  721.873943][T15279]  ? cpu_online+0x60/0x60
[  721.878625][T15279]  bpf_prog_test_run+0x321/0x390
[  721.884159][T15279]  __sys_bpf+0x49d/0x890
[  721.888863][T15279]  ? bpf_link_show_fdinfo+0x390/0x390
[  721.894958][T15279]  ? lock_chain_count+0x20/0x20
[  721.900120][T15279]  __x64_sys_bpf+0x7c/0x90
[  721.904727][T15279]  do_syscall_64+0x55/0xa0
[  721.909817][T15279]  ? clear_bhb_loop+0x40/0x90
[  721.915059][T15279]  ? clear_bhb_loop+0x40/0x90
[  721.920316][T15279]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  721.927144][T15279] RIP: 0033:0x7f72aeb9c799
[  721.932100][T15279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  721.953665][T15279] RSP: 002b:00007f72afb31028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  721.962541][T15279] RAX: ffffffffffffffda RBX: 00007f72aee15fa0 RCX: 00007f72aeb9c799
[  721.971099][T15279] RDX: 0000000000000050 RSI: 0000200000001a00 RDI: 000000000000000a
[  721.979976][T15279] RBP: 00007f72afb31090 R08: 0000000000000000 R09: 0000000000000000
[  721.988713][T15279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  721.997248][T15279] R13: 00007f72aee16038 R14: 00007f72aee15fa0 R15: 00007ffde4bf1548
[  722.005787][T15279]  </TASK>
[  723.324253][T15292] tap0: tun_chr_ioctl cmd 1074025677
[  723.414682][T15292] tap0: linktype set to 6
[  724.157514][T15309] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  725.897294][T15337] __nla_validate_parse: 1 callbacks suppressed
[  725.897314][T15337] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2653'.
[  728.046827][T15370] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2661'.
[  729.147000][T15382] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2662'.
[  730.125838][T15414] sctp: [Deprecated]: syz.4.2673 (pid 15414) Use of struct sctp_assoc_value in delayed_ack socket option.
[  730.125838][T15414] Use struct sctp_sack_info instead
[  730.953941][T15419] netlink: 'syz.4.2674': attribute type 10 has an invalid length.
[  730.989360][T15419] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2674'.
[  731.032389][T15423] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2675'.
[  733.323974][T15459] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2684'.
[  733.478595][T15454] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2686'.
[  734.515145][T15482] tap0: tun_chr_ioctl cmd 1074025677
[  734.554653][T15482] tap0: linktype set to 6
[  735.573260][T15491] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2693'.
[  735.618959][T15502] delete_channel: no stack
[  735.823641][T15491] bridge0: port 1(bridge_slave_0) entered disabled state
[  735.971723][T15509] delete_channel: no stack
[  735.990900][T15509] delete_channel: no stack
[  736.061584][T15491] bridge_slave_0 (unregistering): left allmulticast mode
[  736.071768][T15491] bridge_slave_0 (unregistering): left promiscuous mode
[  736.087806][T15491] bridge0: port 1(bridge_slave_0) entered disabled state
[  736.156848][T15505] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2698'.
[  736.179360][T15514] netlink: 'syz.0.2702': attribute type 1 has an invalid length.
[  736.187514][T15514] netlink: 'syz.0.2702': attribute type 4 has an invalid length.
[serialport: Connection terminated to allow system upgrade. Please reconnect at your convenience.