last executing test programs:

4.228149014s ago: executing program 3 (id=3397):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x480}, [@printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.028810805s ago: executing program 3 (id=3402):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800030007000c00040004c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bb", 0x57}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea608641602f36504001a00381931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb3678a40cb53fc8d8faaafe63e09e8b", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
recvmsg$kcm(r1, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x12000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r6, &(0x7f00000006c0)=ANY=[@ANYBLOB="8f03000000000060"], 0xcfa4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a181002e7ffffffe010000000000000e000a000f000000028002", 0x2b}], 0x1}, 0x2004c044)
r7 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r7, &(0x7f00000017c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)='%', 0x1}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000008400000005000000000000000000060020000000000000008400000002"], 0x38}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0x12, &(0x7f0000000680)=ANY=[@ANYBLOB="18000071012f564f43000000000000000000a805", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001a4558000400000018440000fdffffff0000000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', r4, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000140)={0x2, 0x4e22, @empty}, 0x10, &(0x7f0000000340)=[{&(0x7f00000001c0)="5b83dc33a45dd46bcd83b621a9da089a3e93e6c7b57dabd86b7dd457e8b8b760ee4a199315a18858b8d15e50a8f1c2844f18e544beb9628030efe872d7e008a1a58a8c03ebfc5a1099ffbe8cb86eeeebe1673d3021d49aa2460891b64d5349ef0e73", 0x62}], 0x1, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x64010102, @local}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @local, @multicast1}}}], 0x40}, 0x20000010)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x12280, 0x2, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
socket$kcm(0x10, 0x3, 0x10)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf0500050012fe", 0x2e}], 0x1}, 0x0)

3.279324599s ago: executing program 2 (id=3409):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000c40)="02", 0x1}], 0x1}, 0x408c4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000400)="a5", 0x1}], 0x1, 0x0, 0x0, 0x10002000}, 0x52cc)

3.067519021s ago: executing program 2 (id=3411):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000000000000000000000000000085100000010000009500000000000000180000000001000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002885000000b500000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x98, &(0x7f00000001c0)=""/152, 0x41000, 0xa}, 0x23)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x5, 0x0, r0, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x18, &(0x7f0000000840)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000086000000bf090000000000003609010000000000950000000000000018010000786c6c2500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b7030000080000008500000006000000bd0af4ff00000000bf91000000000000b702000003000000850000002a000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100, 0x20}, 0x94)

2.988843096s ago: executing program 2 (id=3413):
socket$kcm(0x10, 0x2, 0x10)
socketpair(0x15, 0x5, 0x0, &(0x7f0000000100))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x2a}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}]}, &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x9, 0x92, 0x3, 0x9, 0x0, 0x100000080001, 0x91239, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x3, 0x1}, 0x102200, 0x1, 0xb, 0x6, 0x3, 0x8, 0x43, 0x0, 0xe18a, 0x0, 0x1000000000000007}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
r2 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xd, 0x9, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
r5 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x10, 0x0}, 0x3000c085)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000004440)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x7, 0x0, 0x0)
recvmsg(r5, &(0x7f0000000300)={&(0x7f0000000180)=@llc, 0x80, 0x0, 0x0, &(0x7f0000000840)=""/4096, 0x1000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000ff00009dc2274561d5a06b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)

2.957122418s ago: executing program 3 (id=3414):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x1f, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x7, 0x8, &(0x7f00000002c0)="b8000005000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x81200, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000004c2c37e1ef2363936dc963db9cc6ac0da48c395e342816596cb708c511af9634188b22f7199be8635341876da6614ae577cc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x4}, {0x65, 0x0, 0x6, 0x9}}, [@printk={@ld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0xa, 0x9}, {0x4, 0x0, 0x3, 0x9}, {}, {}, {0x15}}], {{0x5, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
r5 = socket$kcm(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffc54}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000080), &(0x7f00000001c0)=r5}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xd, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x445d3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000002"], 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x890b, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(r5)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r7 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r7, 0x0, 0x29, 0x0, 0x40000)
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r9, &(0x7f0000000440)="5cadf2b3f1", &(0x7f0000000500)=""/243}, 0x20)
sendmsg$kcm(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20000800)

2.669339934s ago: executing program 3 (id=3417):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000)
r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1ff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffffffffffffc, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000004000000bb7f1a000600feff0000000a95000000000000008000000000000032d005e89d59164cd51b54d9cbe0a73eaf6ded13c76b6ac0585f8fa4437202a8c209cb3685da1a142bfcea4cfec1d2c9c9962d61e12f84be175010f71bb216076fa99a5517f7cc68"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x59d}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000200000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

2.310153595s ago: executing program 2 (id=3418):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @sock_ops=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) (async)
r1 = openat$cgroup_int(r0, &(0x7f0000001180)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f00000000c0), 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[], 0x27)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71}, 0x94)
socket$kcm(0xa, 0x3, 0x3a) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fd1ff7907001175f37538e486dd6317010000213a00db536873f45f08c6feaa70e2aef57b20"], 0xfdef)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
syz_open_procfs$namespace(0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000600)=@hci={0x1f, 0x0, 0x47}, 0x80, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r5, 0x58, &(0x7f0000000340)={0x0, <r6=>0x0}}, 0x10)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r6}, 0xc)
close(r7)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) (async)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x16}, [@call={0x5c}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfe8e}, 0x3f)

2.133796076s ago: executing program 0 (id=3419):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="140000002a000b6c8cff00f90429fc60010f5ddf", 0x14}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='8-N:0/N'], 0x6a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r7, 0x18000000000002a0, 0x1c, 0x0, &(0x7f00000011c0)="b9ff03076844268cb89e14f088a847981d7b1791b2546ffddbc71329", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)

2.098187338s ago: executing program 1 (id=3420):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x33d, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000070a00006a0a00fe0000000c850000005b000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cd"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @random="0100"})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000008c0)={[{0x2d, 'net_cls'}, {0x2d, 'memory'}]}, 0x11)

1.747064169s ago: executing program 0 (id=3421):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x6)
perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xfffffffffffffff8, 0x3}, 0x0, 0x0, 0x2, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r1}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x3, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x68}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x94)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f0000000340)=r6, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0x12, &(0x7f00000008c0)=r9, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0xfffffd83)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x5, 0xd50, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7000000}, 0x48)

1.111500105s ago: executing program 1 (id=3422):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000021c0)=ANY=[@ANYBLOB="b702000f1000b15cbfa300000000000007030000f8ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b252a37ff7e0d45728fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73bf1bca1cbec7614c8c3c76411e61fef6a93da8914490b50bd837d068e9bf8f3348794a44115d163b5ff85629b0a3ad4023448140770de2e5f262b9a50afcc210b8d8ea24b6dd7d068b356f53afaf89acae30935ec92657e37bf0821cbe612ac2aa7baf4d21ab373ea4fea57d0d9ac418862e791df3d1d85bb780fbfa401e09e3745d70174dd9ab52cdcadfd3454916408810090a19fa1cf0df6aa714fbcffbb7d6c7f45237df3296867725fd2bdbcd2f7ab10fea0fe85ce1137e775e4c01a136aed7f1d0d192a95be64bab53144ff3efd87fcb6421483e6a1690408712913dfb10a88201340c96dfd745a84dc177dd7a598ec015daa56eb0924e01df353a9ad69d0a59e40203018c82e74f39f8c4cb8823f0bfdfe170549e305628625f50"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x0, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0xfeff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.111073335s ago: executing program 2 (id=3423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x96, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x200000000000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x2000035e, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000630120000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.073039497s ago: executing program 0 (id=3424):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xd, 0x5a87, 0x4, 0x3, 0x0, r0}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb0100180000000000000028ffff0028000000030000000100000000000098767e98ad0dcc640e08e613b98d15319dd9f6de65bdb00c020000000000090000000000"], 0x0, 0x43}, 0x28)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x42008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x17}, 0x0, 0xc8, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x7, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2607e15e697ab"], 0xfdef)
socketpair(0x1a, 0x800, 0x7, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xe, 0x1f, &(0x7f0000000680)=@raw=[@map_fd={0x18, 0x2, 0x1, 0x0, r1}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8a9e}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], &(0x7f0000000140)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_skb=0x4, r4, 0x8, &(0x7f00000009c0)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000a00)={0x1, 0x950, 0xff, 0x3}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000000a40), 0x0, 0x10, 0x5c6}, 0x94)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0xe2})
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0, 0x2}, 0x104141, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102032908000000000000000000000000ac14140a000000000000000000000000ac1414aa"], 0xfdef)

1.072717798s ago: executing program 3 (id=3425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x1f, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x7, 0x8, &(0x7f00000002c0)="b8000005000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x81200, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000004c2c37e1ef2363936dc963db9cc6ac0da48c395e342816596cb708c511af9634188b22f7199be8635341876da6614ae577cc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1f, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x4}, {0x65, 0x0, 0x6, 0x9}}, [@printk={@ld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0xa, 0x9}, {0x4, 0x0, 0x3, 0x9}, {}, {}, {0x15}}], {{0x5, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
r5 = socket$kcm(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffc54}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000080), &(0x7f00000001c0)=r5}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xd, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x445d3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000002"], 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x890b, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(r5)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r7 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r7, 0x0, 0x29, 0x0, 0x40000)
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r9, &(0x7f0000000440)="5cadf2b3f1", &(0x7f0000000500)=""/243}, 0x20)
sendmsg$kcm(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20000800)

965.749764ms ago: executing program 1 (id=3426):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xd, 0x5a87, 0x4, 0x3, 0x0, r0}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb0100180000000000000028ffff0028000000030000000100000000000098767e98ad0dcc640e08e613b98d15319dd9f6de65bdb00c020000000000090000000000"], 0x0, 0x43}, 0x28)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x42008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x17}, 0x0, 0xc8, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x7, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2607e15e697ab"], 0xfdef)
socketpair(0x1a, 0x800, 0x7, &(0x7f0000000400))
r4 = perf_event_open$cgroup(&(0x7f0000000080)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0xe2})
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0, 0x2}, 0x104141, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102032908000000000000000000000000ac14140a000000000000000000000000ac1414aa"], 0xfdef)

919.337677ms ago: executing program 2 (id=3427):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x152610}], 0x1, 0x0, 0xe00}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)="25fd56fe5dc57bb555", 0x9}], 0x1}, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x4)
close(r3)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x76}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000005c0)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60064160af36508001ac00800020009000c00050004c00364bc24eab556a717251e6182f27f0051f60a84c9f46b5caf2fb5fd90fd6fc513d4938037e786a6d0001000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

843.130281ms ago: executing program 3 (id=3428):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0xc48}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x8982, 0x20000000)
r1 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1ff, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffffffffffffc, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="6112304e004000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07276702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

840.476431ms ago: executing program 0 (id=3429):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="140000002a000b6c8cff00f90429fc60010f5ddf", 0x14}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000440)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='8-N:0/N'], 0x6a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r7, 0x18000000000002a0, 0x1c, 0x0, &(0x7f00000011c0)="b9ff03076844268cb89e14f088a847981d7b1791b2546ffddbc71329", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r6)

646.886733ms ago: executing program 1 (id=3430):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x33d, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000070a00006a0a00fe0000000c850000005b000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cd"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @random="0100"})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000008c0)={[{0x2d, 'net_cls'}, {0x2d, 'memory'}]}, 0x11)

410.571907ms ago: executing program 0 (id=3431):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000003001f0000000000000000008500000097000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000007100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2}, 0x94)
r1 = socket$kcm(0x18, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000340)={r2, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = socket$kcm(0xa, 0x2, 0x0)
close(r3)
socket$kcm(0x2, 0x3, 0x73)
setsockopt$sock_attach_bpf(r3, 0x0, 0x4, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r4)
socket$kcm(0xa, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
sendmsg$inet(r3, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x4e22, @dev}, 0x10, 0x0}, 0x400c080)

329.848601ms ago: executing program 1 (id=3432):
socket$kcm(0x10, 0x5, 0x10)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x6, 0x0, 0x1000000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0xcb84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2000000000000, 0x30084, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000002, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

119.337153ms ago: executing program 0 (id=3433):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
recvmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300a8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x80000001, 0x7, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(0x0, 0xffffffffffffffff, 0x10, r4, 0x0)
r6 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x1, 0x2b4}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x40020005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r5, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f00000002c0)=0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b26, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0xffffffffffffffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000440)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c0001000b080c00bdad20409bbc7a46e39a8285dcdf12176679df069163ce955f070009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0xff0f000000004080)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @empty}, 0x4, 0x2, 0x2}}, 0x80, 0x0, 0x0, &(0x7f0000000680)=[{0xa0, 0x103, 0x8, "7bf2159b36ca9794f722f3a89684c628e94934e634a74437870e23da8f72b490c888a26047bd10b541881fadd25d664f9fb85fcb936fb16cee20f49ccf755d9a65df4bf519038028e27280a671369bac0267686223e2e1e5da133fd4acefae5c6481a5208fde2ab58df50c5c928b9b2857969a33b74b7edfe54316116b02ca24d23782d278ae7e626c1454d48b"}, {0x10, 0x10c, 0x4}, {0x40, 0x29, 0xfffffa1e, "5e04e58985d012092803cdd32df0b28d81c0a1659971964c0c2e2b3f22301667ce5ccf05befdd147b889"}, {0x78, 0xff, 0x5, "e66fed0d439b5e48582673e10c2a9e10d1ed64ff18235e5aa459e84dc255332f405db90f38bde8c3eb584fe049f935c8f555cf7a77b06ccc00eb6bf4cd7bea0be5f085bf005b77dddb51746e7d920f08b47fc074901067179bed2954e66edafd77"}, {0x58, 0x116, 0x3, "69f002f8ed3e320dc311edd7fb90c6364fe4d4555e0ec8188e919c2966791a5deaf6b82af3476788135a711b0fc622bd6e929ad4093b7e50a1c14a1f56ea539d3ac9a536"}], 0x1c0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x2f9, 0x403d87c21de2ff3f, &(0x7f0000000040)="b90103606989068c3c270040f000009e0ff008001fffffe1ffff86dd632f080686dd00017f020001be", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r8 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r8, 0x1, 0x41, &(0x7f0000000040)=r2, 0x4)

0s ago: executing program 1 (id=3434):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x9, 0x5, 0x8000, 0xfff7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000009000080850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x8000000000, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x828, 0x0, 0x0, 0x0, 0x2, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socketpair(0x1, 0x5, 0x0, &(0x7f0000000200))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
sendmsg$inet(r1, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\x00', 0x1}], 0xfd}, 0x3e8)

kernel console output (not intermixed with test programs):

0
[  940.661640][T14204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  940.669647][T14204] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  940.677674][T14204]  </TASK>
[  940.953308][T14220] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2744'.
[  941.085885][T14222] netlink: 209840 bytes leftover after parsing attributes in process `syz.0.2745'.
[  941.563125][T14234] FAULT_INJECTION: forcing a failure.
[  941.563125][T14234] name failslab, interval 1, probability 0, space 0, times 0
[  941.576559][T14234] CPU: 1 PID: 14234 Comm: syz.0.2749 Not tainted syzkaller #0
[  941.584071][T14234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  941.594294][T14234] Call Trace:
[  941.597615][T14234]  <TASK>
[  941.600578][T14234]  dump_stack_lvl+0x18c/0x250
[  941.605305][T14234]  ? show_regs_print_info+0x20/0x20
[  941.610554][T14234]  ? load_image+0x400/0x400
[  941.615118][T14234]  ? __might_sleep+0xe0/0xe0
[  941.619771][T14234]  ? __lock_acquire+0x7d40/0x7d40
[  941.624845][T14234]  should_fail_ex+0x39d/0x4d0
[  941.629573][T14234]  should_failslab+0x9/0x20
[  941.634122][T14234]  slab_pre_alloc_hook+0x59/0x310
[  941.639201][T14234]  ? sk_prot_alloc+0xe7/0x210
[  941.643925][T14234]  ? sk_prot_alloc+0xe7/0x210
[  941.648666][T14234]  __kmem_cache_alloc_node+0x53/0x250
[  941.654096][T14234]  ? sk_prot_alloc+0xe7/0x210
[  941.658822][T14234]  __kmalloc+0xa4/0x230
[  941.663040][T14234]  sk_prot_alloc+0xe7/0x210
[  941.667684][T14234]  ? sk_alloc+0x24/0x360
[  941.671972][T14234]  sk_alloc+0x3a/0x360
[  941.676101][T14234]  ? bpf_ctx_init+0x163/0x1a0
[  941.680809][T14234]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  941.686481][T14234]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  941.691877][T14234]  ? __fget_files+0x28/0x4b0
[  941.696496][T14234]  ? __fget_files+0x28/0x4b0
[  941.701116][T14234]  ? __fget_files+0x43d/0x4b0
[  941.705843][T14234]  ? cpu_online+0x60/0x60
[  941.710211][T14234]  bpf_prog_test_run+0x321/0x390
[  941.715182][T14234]  __sys_bpf+0x49d/0x890
[  941.719463][T14234]  ? bpf_link_show_fdinfo+0x390/0x390
[  941.724866][T14234]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  941.731081][T14234]  __x64_sys_bpf+0x7c/0x90
[  941.735529][T14234]  do_syscall_64+0x55/0xa0
[  941.739993][T14234]  ? clear_bhb_loop+0x40/0x90
[  941.744705][T14234]  ? clear_bhb_loop+0x40/0x90
[  941.749407][T14234]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  941.755321][T14234] RIP: 0033:0x7f448139af79
[  941.759766][T14234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  941.779477][T14234] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  941.787908][T14234] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[  941.795914][T14234] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  941.803906][T14234] RBP: 00007f44821a4090 R08: 0000000000000000 R09: 0000000000000000
[  941.811896][T14234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.819886][T14234] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[  941.827988][T14234]  </TASK>
[  941.919371][T14237] validate_nla: 3 callbacks suppressed
[  941.919391][T14237] netlink: 'syz.3.2750': attribute type 9 has an invalid length.
[  941.939370][T14237] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2750'.
[  942.098767][T14239] netlink: 'syz.3.2750': attribute type 9 has an invalid length.
[  942.116488][T14239] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2750'.
[  942.382066][T14247] netlink: 'syz.0.2752': attribute type 8 has an invalid length.
[  942.421235][T14247] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.2752'.
[  942.786575][T14251] netlink: 'syz.2.2754': attribute type 10 has an invalid length.
[  942.807387][T14242] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2751'.
[  942.876827][T14251] team0: Port device geneve1 added
[  942.889238][T14242] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  942.914054][T14242] CPU: 1 PID: 14242 Comm: syz.1.2751 Not tainted syzkaller #0
[  942.921591][T14242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  942.931689][T14242] Call Trace:
[  942.935011][T14242]  <TASK>
[  942.938511][T14242]  dump_stack_lvl+0x18c/0x250
[  942.943282][T14242]  ? show_regs_print_info+0x20/0x20
[  942.948541][T14242]  ? load_image+0x400/0x400
[  942.953137][T14242]  sysfs_warn_dup+0x8e/0xa0
[  942.957707][T14242]  sysfs_do_create_link_sd+0xc0/0x110
[  942.963167][T14242]  device_add_class_symlinks+0x1cf/0x240
[  942.968862][T14242]  device_add+0x507/0xc20
[  942.973257][T14242]  wiphy_register+0x1dad/0x2ae0
[  942.978188][T14242]  ? cfg80211_event_work+0x40/0x40
[  942.983358][T14242]  ? minstrel_ht_alloc+0x88a/0x990
[  942.988529][T14242]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  942.994651][T14242]  ieee80211_register_hw+0x3464/0x4250
[  943.000195][T14242]  ? ieee80211_tasklet_handler+0x20/0x20
[  943.005879][T14242]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  943.011827][T14242]  ? __debug_object_init+0xec/0x450
[  943.017095][T14242]  ? __asan_memset+0x22/0x40
[  943.021736][T14242]  ? __hrtimer_init+0x186/0x270
[  943.026632][T14242]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  943.032426][T14242]  ? mac80211_hwsim_free+0x220/0x220
[  943.037745][T14242]  ? rcu_is_watching+0x15/0xb0
[  943.042554][T14242]  ? kstrndup+0xbd/0x140
[  943.046846][T14242]  hwsim_new_radio_nl+0xdc9/0x1a90
[  943.051996][T14242]  ? __nla_validate+0x50/0x50
[  943.056720][T14242]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  943.063178][T14242]  ? __nla_parse+0x40/0x50
[  943.067652][T14242]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  943.074029][T14242]  genl_family_rcv_msg_doit+0x211/0x310
[  943.079614][T14242]  ? end_current_label_crit_section+0x170/0x170
[  943.085891][T14242]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  943.091842][T14242]  ? bpf_lsm_capable+0x9/0x10
[  943.096593][T14242]  ? security_capable+0x89/0xb0
[  943.101482][T14242]  genl_rcv_msg+0x619/0x7a0
[  943.106035][T14242]  ? genl_bind+0x360/0x360
[  943.110493][T14242]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  943.116992][T14242]  netlink_rcv_skb+0x241/0x4d0
[  943.121791][T14242]  ? genl_bind+0x360/0x360
[  943.126241][T14242]  ? netlink_ack+0x1180/0x1180
[  943.131046][T14242]  ? __lock_acquire+0x7d40/0x7d40
[  943.136095][T14242]  ? net_generic+0x1e/0x240
[  943.140630][T14242]  ? down_read+0x1ac/0x2e0
[  943.145079][T14242]  genl_rcv+0x28/0x40
[  943.149108][T14242]  netlink_unicast+0x751/0x8d0
[  943.153937][T14242]  netlink_sendmsg+0x8d0/0xbf0
[  943.158769][T14242]  ? netlink_getsockopt+0x590/0x590
[  943.164015][T14242]  ? aa_sock_msg_perm+0x94/0x150
[  943.169000][T14242]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  943.174315][T14242]  ? security_socket_sendmsg+0x80/0xa0
[  943.179804][T14242]  ? netlink_getsockopt+0x590/0x590
[  943.185050][T14242]  ____sys_sendmsg+0x5ba/0x960
[  943.189878][T14242]  ? __asan_memset+0x22/0x40
[  943.194505][T14242]  ? __sys_sendmsg_sock+0x30/0x30
[  943.199569][T14242]  ? __import_iovec+0x5f2/0x850
[  943.204461][T14242]  ? import_iovec+0x73/0xa0
[  943.209028][T14242]  ___sys_sendmsg+0x2a6/0x360
[  943.213731][T14242]  ? __sys_sendmsg+0x2a0/0x2a0
[  943.218671][T14242]  __se_sys_sendmsg+0x1c2/0x2b0
[  943.223546][T14242]  ? __x64_sys_sendmsg+0x80/0x80
[  943.228515][T14242]  ? lockdep_hardirqs_on+0x98/0x150
[  943.233744][T14242]  do_syscall_64+0x55/0xa0
[  943.238196][T14242]  ? clear_bhb_loop+0x40/0x90
[  943.242921][T14242]  ? clear_bhb_loop+0x40/0x90
[  943.247623][T14242]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  943.253545][T14242] RIP: 0033:0x7fa77d79af79
[  943.257983][T14242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  943.277700][T14242] RSP: 002b:00007fa77e6e4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  943.286140][T14242] RAX: ffffffffffffffda RBX: 00007fa77da15fa0 RCX: 00007fa77d79af79
[  943.294136][T14242] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  943.302142][T14242] RBP: 00007fa77d8316e0 R08: 0000000000000000 R09: 0000000000000000
[  943.310156][T14242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  943.318175][T14242] R13: 00007fa77da16038 R14: 00007fa77da15fa0 R15: 00007ffc742a7f58
[  943.326195][T14242]  </TASK>
[  943.587572][T14259] netlink: 'syz.2.2757': attribute type 8 has an invalid length.
[  943.663022][T14259] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.2757'.
[  944.777178][T14277] netlink: 'syz.0.2764': attribute type 12 has an invalid length.
[  944.797723][T14277] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2764'.
[  944.998823][T14287] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2767'.
[  945.033617][T14287] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  945.061751][T14287] CPU: 0 PID: 14287 Comm: syz.3.2767 Not tainted syzkaller #0
[  945.069330][T14287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  945.079533][T14287] Call Trace:
[  945.082862][T14287]  <TASK>
[  945.085834][T14287]  dump_stack_lvl+0x18c/0x250
[  945.090578][T14287]  ? show_regs_print_info+0x20/0x20
[  945.095836][T14287]  ? load_image+0x400/0x400
[  945.100438][T14287]  sysfs_warn_dup+0x8e/0xa0
[  945.104997][T14287]  sysfs_do_create_link_sd+0xc0/0x110
[  945.110409][T14287]  device_add_class_symlinks+0x1cf/0x240
[  945.116124][T14287]  device_add+0x507/0xc20
[  945.120508][T14287]  wiphy_register+0x1dad/0x2ae0
[  945.125526][T14287]  ? cfg80211_event_work+0x40/0x40
[  945.130721][T14287]  ? minstrel_ht_alloc+0x88a/0x990
[  945.135920][T14287]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  945.142067][T14287]  ieee80211_register_hw+0x3464/0x4250
[  945.147612][T14287]  ? ieee80211_tasklet_handler+0x20/0x20
[  945.153288][T14287]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  945.159223][T14287]  ? __debug_object_init+0xec/0x450
[  945.164475][T14287]  ? __asan_memset+0x22/0x40
[  945.169121][T14287]  ? __hrtimer_init+0x186/0x270
[  945.174009][T14287]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  945.179798][T14287]  ? mac80211_hwsim_free+0x220/0x220
[  945.185137][T14287]  ? rcu_is_watching+0x15/0xb0
[  945.189944][T14287]  ? kstrndup+0xbd/0x140
[  945.194241][T14287]  hwsim_new_radio_nl+0xdc9/0x1a90
[  945.199408][T14287]  ? __nla_validate+0x50/0x50
[  945.204137][T14287]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  945.210552][T14287]  ? __nla_parse+0x40/0x50
[  945.215022][T14287]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  945.221413][T14287]  genl_family_rcv_msg_doit+0x211/0x310
[  945.227185][T14287]  ? end_current_label_crit_section+0x170/0x170
[  945.233485][T14287]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  945.239438][T14287]  ? bpf_lsm_capable+0x9/0x10
[  945.244154][T14287]  ? security_capable+0x89/0xb0
[  945.249137][T14287]  genl_rcv_msg+0x619/0x7a0
[  945.253698][T14287]  ? genl_bind+0x360/0x360
[  945.258155][T14287]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  945.264546][T14287]  netlink_rcv_skb+0x241/0x4d0
[  945.269346][T14287]  ? genl_bind+0x360/0x360
[  945.273801][T14287]  ? netlink_ack+0x1180/0x1180
[  945.278622][T14287]  ? __lock_acquire+0x7d40/0x7d40
[  945.283700][T14287]  ? net_generic+0x1e/0x240
[  945.288244][T14287]  ? down_read+0x1ac/0x2e0
[  945.292703][T14287]  genl_rcv+0x28/0x40
[  945.296723][T14287]  netlink_unicast+0x751/0x8d0
[  945.301538][T14287]  netlink_sendmsg+0x8d0/0xbf0
[  945.306450][T14287]  ? netlink_getsockopt+0x590/0x590
[  945.311725][T14287]  ? aa_sock_msg_perm+0x94/0x150
[  945.316710][T14287]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  945.322042][T14287]  ? security_socket_sendmsg+0x80/0xa0
[  945.327540][T14287]  ? netlink_getsockopt+0x590/0x590
[  945.332789][T14287]  ____sys_sendmsg+0x5ba/0x960
[  945.337608][T14287]  ? __asan_memset+0x22/0x40
[  945.342249][T14287]  ? __sys_sendmsg_sock+0x30/0x30
[  945.347324][T14287]  ? __import_iovec+0x5f2/0x850
[  945.352277][T14287]  ? import_iovec+0x73/0xa0
[  945.356837][T14287]  ___sys_sendmsg+0x2a6/0x360
[  945.361559][T14287]  ? __sys_sendmsg+0x2a0/0x2a0
[  945.366428][T14287]  __se_sys_sendmsg+0x1c2/0x2b0
[  945.371316][T14287]  ? __x64_sys_sendmsg+0x80/0x80
[  945.376331][T14287]  ? lockdep_hardirqs_on+0x98/0x150
[  945.381568][T14287]  do_syscall_64+0x55/0xa0
[  945.386037][T14287]  ? clear_bhb_loop+0x40/0x90
[  945.390830][T14287]  ? clear_bhb_loop+0x40/0x90
[  945.395557][T14287]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  945.401577][T14287] RIP: 0033:0x7efead39af79
[  945.406041][T14287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  945.425690][T14287] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  945.434146][T14287] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[  945.442156][T14287] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  945.450155][T14287] RBP: 00007efead4316e0 R08: 0000000000000000 R09: 0000000000000000
[  945.458169][T14287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  945.466186][T14287] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  945.474218][T14287]  </TASK>
[  945.517797][T14289] netlink: 'syz.0.2768': attribute type 9 has an invalid length.
[  945.527324][T14289] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2768'.
[  945.756475][T14290] netlink: 'syz.0.2768': attribute type 9 has an invalid length.
[  945.806871][T14290] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2768'.
[  946.659345][T14315] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2774'.
[  946.946666][T14329] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  946.977210][T14329] CPU: 0 PID: 14329 Comm: syz.0.2780 Not tainted syzkaller #0
[  946.984757][T14329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  946.994893][T14329] Call Trace:
[  946.998229][T14329]  <TASK>
[  947.001208][T14329]  dump_stack_lvl+0x18c/0x250
[  947.005955][T14329]  ? show_regs_print_info+0x20/0x20
[  947.011212][T14329]  ? load_image+0x400/0x400
[  947.015778][T14329]  sysfs_warn_dup+0x8e/0xa0
[  947.020332][T14329]  sysfs_do_create_link_sd+0xc0/0x110
[  947.025751][T14329]  device_add_class_symlinks+0x1cf/0x240
[  947.031429][T14329]  device_add+0x507/0xc20
[  947.035917][T14329]  wiphy_register+0x1dad/0x2ae0
[  947.040823][T14329]  ? cfg80211_event_work+0x40/0x40
[  947.045971][T14329]  ? minstrel_ht_alloc+0x88a/0x990
[  947.051150][T14329]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  947.057261][T14329]  ieee80211_register_hw+0x3464/0x4250
[  947.062804][T14329]  ? ieee80211_tasklet_handler+0x20/0x20
[  947.068482][T14329]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  947.074414][T14329]  ? __debug_object_init+0xec/0x450
[  947.079656][T14329]  ? __asan_memset+0x22/0x40
[  947.084289][T14329]  ? __hrtimer_init+0x186/0x270
[  947.089183][T14329]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  947.094970][T14329]  ? mac80211_hwsim_free+0x220/0x220
[  947.100297][T14329]  ? rcu_is_watching+0x15/0xb0
[  947.105094][T14329]  ? kstrndup+0xbd/0x140
[  947.109400][T14329]  hwsim_new_radio_nl+0xdc9/0x1a90
[  947.114571][T14329]  ? __nla_validate+0x50/0x50
[  947.119306][T14329]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  947.125706][T14329]  ? __nla_parse+0x40/0x50
[  947.130186][T14329]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  947.136572][T14329]  genl_family_rcv_msg_doit+0x211/0x310
[  947.142167][T14329]  ? end_current_label_crit_section+0x170/0x170
[  947.148442][T14329]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  947.154376][T14329]  ? bpf_lsm_capable+0x9/0x10
[  947.159094][T14329]  ? security_capable+0x89/0xb0
[  947.164000][T14329]  genl_rcv_msg+0x619/0x7a0
[  947.168644][T14329]  ? genl_bind+0x360/0x360
[  947.173131][T14329]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  947.179521][T14329]  netlink_rcv_skb+0x241/0x4d0
[  947.184330][T14329]  ? genl_bind+0x360/0x360
[  947.188795][T14329]  ? netlink_ack+0x1180/0x1180
[  947.193617][T14329]  ? __lock_acquire+0x7d40/0x7d40
[  947.198676][T14329]  ? net_generic+0x1e/0x240
[  947.203226][T14329]  ? down_read+0x1ac/0x2e0
[  947.207686][T14329]  genl_rcv+0x28/0x40
[  947.211709][T14329]  netlink_unicast+0x751/0x8d0
[  947.216522][T14329]  netlink_sendmsg+0x8d0/0xbf0
[  947.221336][T14329]  ? netlink_getsockopt+0x590/0x590
[  947.226625][T14329]  ? aa_sock_msg_perm+0x94/0x150
[  947.231684][T14329]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  947.236993][T14329]  ? security_socket_sendmsg+0x80/0xa0
[  947.242476][T14329]  ? netlink_getsockopt+0x590/0x590
[  947.247886][T14329]  ____sys_sendmsg+0x5ba/0x960
[  947.252697][T14329]  ? __asan_memset+0x22/0x40
[  947.257323][T14329]  ? __sys_sendmsg_sock+0x30/0x30
[  947.262395][T14329]  ? __import_iovec+0x5f2/0x850
[  947.267294][T14329]  ? import_iovec+0x73/0xa0
[  947.271835][T14329]  ___sys_sendmsg+0x2a6/0x360
[  947.276550][T14329]  ? __sys_sendmsg+0x2a0/0x2a0
[  947.281389][T14329]  __se_sys_sendmsg+0x1c2/0x2b0
[  947.286327][T14329]  ? __x64_sys_sendmsg+0x80/0x80
[  947.291307][T14329]  ? lockdep_hardirqs_on+0x98/0x150
[  947.296542][T14329]  do_syscall_64+0x55/0xa0
[  947.300999][T14329]  ? clear_bhb_loop+0x40/0x90
[  947.305702][T14329]  ? clear_bhb_loop+0x40/0x90
[  947.310421][T14329]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  947.316340][T14329] RIP: 0033:0x7f448139af79
[  947.320787][T14329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  947.340424][T14329] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  947.348869][T14329] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[  947.356886][T14329] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  947.364881][T14329] RBP: 00007f44814316e0 R08: 0000000000000000 R09: 0000000000000000
[  947.372931][T14329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  947.380926][T14329] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[  947.388952][T14329]  </TASK>
[  947.471680][T14331] netlink: 'syz.2.2779': attribute type 10 has an invalid length.
[  948.146487][T14331] team0 (unregistering): Port device team_slave_0 removed
[  948.211474][T14331] team0 (unregistering): Port device team_slave_1 removed
[  948.264302][T14331] team0 (unregistering): Port device geneve1 removed
[  948.392271][T14333] __nla_validate_parse: 1 callbacks suppressed
[  948.392292][T14333] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2778'.
[  948.793083][T14350] netlink: 'syz.2.2786': attribute type 9 has an invalid length.
[  948.816318][T14350] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2786'.
[  948.976539][T14352] netlink: 'syz.2.2786': attribute type 9 has an invalid length.
[  948.997226][T14352] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2786'.
[  949.434893][T14356] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2789'.
[  949.463864][T14356] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  949.472692][T14356] CPU: 1 PID: 14356 Comm: syz.3.2789 Not tainted syzkaller #0
[  949.480211][T14356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  949.490322][T14356] Call Trace:
[  949.493648][T14356]  <TASK>
[  949.496630][T14356]  dump_stack_lvl+0x18c/0x250
[  949.501384][T14356]  ? show_regs_print_info+0x20/0x20
[  949.506652][T14356]  ? load_image+0x400/0x400
[  949.511241][T14356]  sysfs_warn_dup+0x8e/0xa0
[  949.515806][T14356]  sysfs_do_create_link_sd+0xc0/0x110
[  949.521247][T14356]  device_add_class_symlinks+0x1cf/0x240
[  949.526949][T14356]  device_add+0x507/0xc20
[  949.531352][T14356]  wiphy_register+0x1dad/0x2ae0
[  949.536301][T14356]  ? cfg80211_event_work+0x40/0x40
[  949.541478][T14356]  ? minstrel_ht_alloc+0x88a/0x990
[  949.546654][T14356]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  949.552783][T14356]  ieee80211_register_hw+0x3464/0x4250
[  949.558340][T14356]  ? ieee80211_tasklet_handler+0x20/0x20
[  949.564064][T14356]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  949.570029][T14356]  ? __debug_object_init+0xec/0x450
[  949.575303][T14356]  ? __asan_memset+0x22/0x40
[  949.579974][T14356]  ? __hrtimer_init+0x186/0x270
[  949.584890][T14356]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  949.590694][T14356]  ? mac80211_hwsim_free+0x220/0x220
[  949.596029][T14356]  ? rcu_is_watching+0x15/0xb0
[  949.600934][T14356]  ? kstrndup+0xbd/0x140
[  949.605216][T14356]  hwsim_new_radio_nl+0xdc9/0x1a90
[  949.610365][T14356]  ? __nla_validate+0x50/0x50
[  949.615105][T14356]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  949.621517][T14356]  ? __nla_parse+0x40/0x50
[  949.625980][T14356]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  949.632363][T14356]  genl_family_rcv_msg_doit+0x211/0x310
[  949.638004][T14356]  ? end_current_label_crit_section+0x170/0x170
[  949.644286][T14356]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  949.650229][T14356]  ? bpf_lsm_capable+0x9/0x10
[  949.654948][T14356]  ? security_capable+0x89/0xb0
[  949.659835][T14356]  genl_rcv_msg+0x619/0x7a0
[  949.664498][T14356]  ? genl_bind+0x360/0x360
[  949.668955][T14356]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  949.675362][T14356]  netlink_rcv_skb+0x241/0x4d0
[  949.680197][T14356]  ? genl_bind+0x360/0x360
[  949.684663][T14356]  ? netlink_ack+0x1180/0x1180
[  949.689483][T14356]  ? __lock_acquire+0x7d40/0x7d40
[  949.694542][T14356]  ? net_generic+0x1e/0x240
[  949.699083][T14356]  ? down_read+0x1ac/0x2e0
[  949.703538][T14356]  genl_rcv+0x28/0x40
[  949.707563][T14356]  netlink_unicast+0x751/0x8d0
[  949.712379][T14356]  netlink_sendmsg+0x8d0/0xbf0
[  949.717200][T14356]  ? netlink_getsockopt+0x590/0x590
[  949.722463][T14356]  ? aa_sock_msg_perm+0x94/0x150
[  949.727443][T14356]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  949.732772][T14356]  ? security_socket_sendmsg+0x80/0xa0
[  949.738263][T14356]  ? netlink_getsockopt+0x590/0x590
[  949.743508][T14356]  ____sys_sendmsg+0x5ba/0x960
[  949.748321][T14356]  ? __asan_memset+0x22/0x40
[  949.752975][T14356]  ? __sys_sendmsg_sock+0x30/0x30
[  949.758088][T14356]  ? __import_iovec+0x5f2/0x850
[  949.763003][T14356]  ? import_iovec+0x73/0xa0
[  949.767553][T14356]  ___sys_sendmsg+0x2a6/0x360
[  949.772260][T14356]  ? __sys_sendmsg+0x2a0/0x2a0
[  949.777110][T14356]  __se_sys_sendmsg+0x1c2/0x2b0
[  949.781988][T14356]  ? __x64_sys_sendmsg+0x80/0x80
[  949.786958][T14356]  ? lockdep_hardirqs_on+0x98/0x150
[  949.792204][T14356]  do_syscall_64+0x55/0xa0
[  949.796742][T14356]  ? clear_bhb_loop+0x40/0x90
[  949.801444][T14356]  ? clear_bhb_loop+0x40/0x90
[  949.806153][T14356]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  949.812076][T14356] RIP: 0033:0x7efead39af79
[  949.816523][T14356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  949.836214][T14356] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  949.844677][T14356] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[  949.852675][T14356] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  949.860674][T14356] RBP: 00007efead4316e0 R08: 0000000000000000 R09: 0000000000000000
[  949.868682][T14356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  949.876683][T14356] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  949.884712][T14356]  </TASK>
[  951.331831][T14390] netlink: 15487 bytes leftover after parsing attributes in process `syz.2.2808'.
[  952.355284][T14413] netlink: 'syz.1.2803': attribute type 9 has an invalid length.
[  952.379166][T14413] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2803'.
[  952.588359][T14418] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2804'.
[  952.672031][T14418] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  952.693116][T14418] CPU: 0 PID: 14418 Comm: syz.3.2804 Not tainted syzkaller #0
[  952.700696][T14418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  952.710853][T14418] Call Trace:
[  952.714296][T14418]  <TASK>
[  952.717283][T14418]  dump_stack_lvl+0x18c/0x250
[  952.722024][T14418]  ? show_regs_print_info+0x20/0x20
[  952.727298][T14418]  ? load_image+0x400/0x400
[  952.731880][T14418]  sysfs_warn_dup+0x8e/0xa0
[  952.736441][T14418]  sysfs_do_create_link_sd+0xc0/0x110
[  952.741876][T14418]  device_add_class_symlinks+0x1cf/0x240
[  952.747576][T14418]  device_add+0x507/0xc20
[  952.751970][T14418]  wiphy_register+0x1dad/0x2ae0
[  952.756918][T14418]  ? cfg80211_event_work+0x40/0x40
[  952.762085][T14418]  ? minstrel_ht_alloc+0x88a/0x990
[  952.767285][T14418]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  952.773411][T14418]  ieee80211_register_hw+0x3464/0x4250
[  952.778989][T14418]  ? ieee80211_tasklet_handler+0x20/0x20
[  952.784696][T14418]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  952.790758][T14418]  ? __debug_object_init+0xec/0x450
[  952.796037][T14418]  ? __asan_memset+0x22/0x40
[  952.800719][T14418]  ? __hrtimer_init+0x186/0x270
[  952.805813][T14418]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  952.811660][T14418]  ? mac80211_hwsim_free+0x220/0x220
[  952.817038][T14418]  ? rcu_is_watching+0x15/0xb0
[  952.821860][T14418]  ? kstrndup+0xbd/0x140
[  952.826187][T14418]  hwsim_new_radio_nl+0xdc9/0x1a90
[  952.831377][T14418]  ? __nla_validate+0x50/0x50
[  952.836145][T14418]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  952.842563][T14418]  ? __nla_parse+0x40/0x50
[  952.847089][T14418]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  952.853503][T14418]  genl_family_rcv_msg_doit+0x211/0x310
[  952.859132][T14418]  ? end_current_label_crit_section+0x170/0x170
[  952.865441][T14418]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  952.871417][T14418]  ? bpf_lsm_capable+0x9/0x10
[  952.876161][T14418]  ? security_capable+0x89/0xb0
[  952.881117][T14418]  genl_rcv_msg+0x619/0x7a0
[  952.885724][T14418]  ? genl_bind+0x360/0x360
[  952.890240][T14418]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  952.896659][T14418]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  952.903417][T14418]  ? perf_trace_lock+0xfc/0x3b0
[  952.908348][T14418]  netlink_rcv_skb+0x241/0x4d0
[  952.913186][T14418]  ? genl_bind+0x360/0x360
[  952.917665][T14418]  ? netlink_ack+0x1180/0x1180
[  952.922507][T14418]  ? __lock_acquire+0x7d40/0x7d40
[  952.927599][T14418]  ? net_generic+0x1e/0x240
[  952.932169][T14418]  ? down_read+0x1ac/0x2e0
[  952.936740][T14418]  genl_rcv+0x28/0x40
[  952.940793][T14418]  netlink_unicast+0x751/0x8d0
[  952.945646][T14418]  netlink_sendmsg+0x8d0/0xbf0
[  952.950506][T14418]  ? netlink_getsockopt+0x590/0x590
[  952.955765][T14418]  ? aa_sock_msg_perm+0x94/0x150
[  952.960765][T14418]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  952.966121][T14418]  ? security_socket_sendmsg+0x80/0xa0
[  952.971640][T14418]  ? netlink_getsockopt+0x590/0x590
[  952.976909][T14418]  ____sys_sendmsg+0x5ba/0x960
[  952.981755][T14418]  ? __asan_memset+0x22/0x40
[  952.986422][T14418]  ? __sys_sendmsg_sock+0x30/0x30
[  952.991510][T14418]  ? __import_iovec+0x5f2/0x850
[  952.996533][T14418]  ? import_iovec+0x73/0xa0
[  953.001113][T14418]  ___sys_sendmsg+0x2a6/0x360
[  953.005847][T14418]  ? __sys_sendmsg+0x2a0/0x2a0
[  953.010755][T14418]  __se_sys_sendmsg+0x1c2/0x2b0
[  953.015664][T14418]  ? __x64_sys_sendmsg+0x80/0x80
[  953.020665][T14418]  ? lockdep_hardirqs_on+0x98/0x150
[  953.025923][T14418]  do_syscall_64+0x55/0xa0
[  953.030405][T14418]  ? clear_bhb_loop+0x40/0x90
[  953.035162][T14418]  ? clear_bhb_loop+0x40/0x90
[  953.039898][T14418]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  953.045854][T14418] RIP: 0033:0x7efead39af79
[  953.050429][T14418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  953.070104][T14418] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  953.078669][T14418] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[  953.086704][T14418] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  953.094734][T14418] RBP: 00007efead4316e0 R08: 0000000000000000 R09: 0000000000000000
[  953.102765][T14418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  953.110788][T14418] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  953.118844][T14418]  </TASK>
[  953.147247][T14429] FAULT_INJECTION: forcing a failure.
[  953.147247][T14429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  953.166213][T14429] CPU: 0 PID: 14429 Comm: syz.0.2811 Not tainted syzkaller #0
[  953.173806][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  953.183962][T14429] Call Trace:
[  953.187367][T14429]  <TASK>
[  953.190377][T14429]  dump_stack_lvl+0x18c/0x250
[  953.195147][T14429]  ? show_regs_print_info+0x20/0x20
[  953.200430][T14429]  ? load_image+0x400/0x400
[  953.205017][T14429]  ? __might_fault+0xaa/0x120
[  953.209765][T14429]  ? __lock_acquire+0x7d40/0x7d40
[  953.214874][T14429]  should_fail_ex+0x39d/0x4d0
[  953.219634][T14429]  _copy_from_user+0x2f/0xe0
[  953.224286][T14429]  ___bpf_copy_key+0xb0/0x100
[  953.229099][T14429]  map_delete_elem+0x1fb/0x570
[  953.233958][T14429]  ? bpf_lsm_bpf+0x9/0x10
[  953.238374][T14429]  __sys_bpf+0x502/0x890
[  953.242874][T14429]  ? bpf_link_show_fdinfo+0x390/0x390
[  953.248355][T14429]  ? lock_chain_count+0x20/0x20
[  953.253323][T14429]  __x64_sys_bpf+0x7c/0x90
[  953.257823][T14429]  do_syscall_64+0x55/0xa0
[  953.262349][T14429]  ? clear_bhb_loop+0x40/0x90
[  953.267087][T14429]  ? clear_bhb_loop+0x40/0x90
[  953.271848][T14429]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  953.277880][T14429] RIP: 0033:0x7f448139af79
[  953.282352][T14429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  953.302051][T14429] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  953.310548][T14429] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[  953.318578][T14429] RDX: 0000000000000020 RSI: 00002000000007c0 RDI: 0000000000000003
[  953.326692][T14429] RBP: 00007f44821a4090 R08: 0000000000000000 R09: 0000000000000000
[  953.334718][T14429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  953.342734][T14429] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[  953.350825][T14429]  </TASK>
[  953.423506][T14422] netlink: 'syz.1.2803': attribute type 9 has an invalid length.
[  953.452488][T14422] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2803'.
[  953.829137][T14438] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2814'.
[  953.958066][T14443] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2815'.
[  954.071300][T14443] netlink: 'syz.1.2815': attribute type 29 has an invalid length.
[  954.103196][T14443] netlink: 'syz.1.2815': attribute type 29 has an invalid length.
[  954.562631][T14448] netlink: 'syz.0.2818': attribute type 29 has an invalid length.
[  954.657122][T14448] netlink: 'syz.0.2818': attribute type 3 has an invalid length.
[  954.665075][T14448] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2818'.
[  954.937861][T14452] netlink: 'syz.0.2818': attribute type 10 has an invalid length.
[  956.142249][T14479] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2828'.
[  956.660464][T14484] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2830'.
[  956.736341][T14484] netlink: 'syz.2.2830': attribute type 29 has an invalid length.
[  956.826598][T14484] netlink: 'syz.2.2830': attribute type 29 has an invalid length.
[  957.212990][T14493] netlink: 'syz.1.2833': attribute type 29 has an invalid length.
[  957.232517][T14493] netlink: 'syz.1.2833': attribute type 3 has an invalid length.
[  957.290078][T14493] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2833'.
[  958.584258][T14509] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2838'.
[  959.218252][T14525] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2841'.
[  959.828256][T14531] validate_nla: 1 callbacks suppressed
[  959.828278][T14531] netlink: 'syz.3.2844': attribute type 39 has an invalid length.
[  960.091304][T14535] netlink: 'syz.2.2845': attribute type 29 has an invalid length.
[  960.109783][T14535] netlink: 'syz.2.2845': attribute type 3 has an invalid length.
[  960.126211][T14535] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2845'.
[  960.225117][T14531] hsr_slave_1 (unregistering): left promiscuous mode
[  960.440806][T14538] netlink: 'syz.2.2845': attribute type 10 has an invalid length.
[  960.671103][T14543] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2848'.
[  960.697793][T14543] netlink: 'syz.0.2848': attribute type 29 has an invalid length.
[  960.744773][T14543] netlink: 'syz.0.2848': attribute type 29 has an invalid length.
[  960.764797][T14545] netlink: 'syz.1.2849': attribute type 1 has an invalid length.
[  960.798973][T14545] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.2849'.
[  961.220978][T14552] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.2851'.
[  962.287628][T14566] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2855'.
[  962.298335][T14565] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2855'.
[  962.738096][T14576] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2858'.
[  962.776639][T14578] netlink: 'syz.1.2859': attribute type 29 has an invalid length.
[  962.805332][T14578] netlink: 'syz.1.2859': attribute type 3 has an invalid length.
[  962.846364][T14578] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2859'.
[  963.086481][T14579] netlink: 'syz.1.2859': attribute type 10 has an invalid length.
[  963.703017][T14587] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2862'.
[  963.875628][T14583] hsr_slave_1 (unregistering): left promiscuous mode
[  964.058875][T14587] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  964.067422][T14587] CPU: 0 PID: 14587 Comm: syz.1.2862 Not tainted syzkaller #0
[  964.074946][T14587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  964.085064][T14587] Call Trace:
[  964.088395][T14587]  <TASK>
[  964.091454][T14587]  dump_stack_lvl+0x18c/0x250
[  964.096195][T14587]  ? show_regs_print_info+0x20/0x20
[  964.101454][T14587]  ? load_image+0x400/0x400
[  964.106024][T14587]  sysfs_warn_dup+0x8e/0xa0
[  964.110578][T14587]  sysfs_do_create_link_sd+0xc0/0x110
[  964.116002][T14587]  device_add_class_symlinks+0x1cf/0x240
[  964.121725][T14587]  device_add+0x507/0xc20
[  964.126106][T14587]  wiphy_register+0x1dad/0x2ae0
[  964.131059][T14587]  ? cfg80211_event_work+0x40/0x40
[  964.136246][T14587]  ? minstrel_ht_alloc+0x88a/0x990
[  964.141433][T14587]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  964.147551][T14587]  ieee80211_register_hw+0x3464/0x4250
[  964.153102][T14587]  ? ieee80211_tasklet_handler+0x20/0x20
[  964.158797][T14587]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  964.164753][T14587]  ? __debug_object_init+0xec/0x450
[  964.170006][T14587]  ? __asan_memset+0x22/0x40
[  964.174659][T14587]  ? __hrtimer_init+0x186/0x270
[  964.179560][T14587]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  964.185348][T14587]  ? mac80211_hwsim_free+0x220/0x220
[  964.190759][T14587]  ? rcu_is_watching+0x15/0xb0
[  964.195561][T14587]  ? kstrndup+0xbd/0x140
[  964.199843][T14587]  hwsim_new_radio_nl+0xdc9/0x1a90
[  964.204995][T14587]  ? __nla_validate+0x50/0x50
[  964.209726][T14587]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  964.216117][T14587]  ? __nla_parse+0x40/0x50
[  964.220571][T14587]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  964.226944][T14587]  genl_family_rcv_msg_doit+0x211/0x310
[  964.232527][T14587]  ? end_current_label_crit_section+0x170/0x170
[  964.238837][T14587]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  964.244775][T14587]  ? bpf_lsm_capable+0x9/0x10
[  964.249483][T14587]  ? security_capable+0x89/0xb0
[  964.254369][T14587]  genl_rcv_msg+0x619/0x7a0
[  964.258922][T14587]  ? genl_bind+0x360/0x360
[  964.263385][T14587]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  964.269773][T14587]  netlink_rcv_skb+0x241/0x4d0
[  964.274586][T14587]  ? genl_bind+0x360/0x360
[  964.279048][T14587]  ? netlink_ack+0x1180/0x1180
[  964.283867][T14587]  ? __lock_acquire+0x7d40/0x7d40
[  964.288929][T14587]  ? net_generic+0x1e/0x240
[  964.293465][T14587]  ? down_read+0x1ac/0x2e0
[  964.297923][T14587]  genl_rcv+0x28/0x40
[  964.301946][T14587]  netlink_unicast+0x751/0x8d0
[  964.306757][T14587]  netlink_sendmsg+0x8d0/0xbf0
[  964.311733][T14587]  ? netlink_getsockopt+0x590/0x590
[  964.316965][T14587]  ? aa_sock_msg_perm+0x94/0x150
[  964.321950][T14587]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  964.327270][T14587]  ? security_socket_sendmsg+0x80/0xa0
[  964.332763][T14587]  ? netlink_getsockopt+0x590/0x590
[  964.337997][T14587]  ____sys_sendmsg+0x5ba/0x960
[  964.342813][T14587]  ? __asan_memset+0x22/0x40
[  964.347438][T14587]  ? __sys_sendmsg_sock+0x30/0x30
[  964.352498][T14587]  ? __import_iovec+0x5f2/0x850
[  964.357402][T14587]  ? import_iovec+0x73/0xa0
[  964.361950][T14587]  ___sys_sendmsg+0x2a6/0x360
[  964.366666][T14587]  ? __sys_sendmsg+0x2a0/0x2a0
[  964.371513][T14587]  __se_sys_sendmsg+0x1c2/0x2b0
[  964.376406][T14587]  ? __x64_sys_sendmsg+0x80/0x80
[  964.381381][T14587]  ? trace_sys_enter+0x1f/0x80
[  964.386194][T14587]  do_syscall_64+0x55/0xa0
[  964.391088][T14587]  ? clear_bhb_loop+0x40/0x90
[  964.395812][T14587]  ? clear_bhb_loop+0x40/0x90
[  964.400512][T14587]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  964.406429][T14587] RIP: 0033:0x7fa77d79af79
[  964.410872][T14587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  964.430604][T14587] RSP: 002b:00007fa77e6e4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  964.439049][T14587] RAX: ffffffffffffffda RBX: 00007fa77da15fa0 RCX: 00007fa77d79af79
[  964.447048][T14587] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  964.455052][T14587] RBP: 00007fa77d8316e0 R08: 0000000000000000 R09: 0000000000000000
[  964.463073][T14587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  964.471087][T14587] R13: 00007fa77da16038 R14: 00007fa77da15fa0 R15: 00007ffc742a7f58
[  964.479113][T14587]  </TASK>
[  964.521911][T14591] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  965.219714][T14609] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2869'.
[  965.410174][T14616] validate_nla: 1 callbacks suppressed
[  965.410192][T14616] netlink: 'syz.3.2872': attribute type 29 has an invalid length.
[  965.476572][T14616] netlink: 'syz.3.2872': attribute type 3 has an invalid length.
[  965.511161][T14616] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2872'.
[  965.854031][T14625] netlink: 'syz.3.2872': attribute type 10 has an invalid length.
[  966.104100][T14618] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  966.278431][T14629] netlink: 'syz.2.2875': attribute type 39 has an invalid length.
[  966.296354][T14632] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.2876'.
[  966.444252][T14629] hsr_slave_1 (unregistering): left promiscuous mode
[  967.225249][T14649] FAULT_INJECTION: forcing a failure.
[  967.225249][T14649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  967.264479][T14649] CPU: 1 PID: 14649 Comm: syz.3.2882 Not tainted syzkaller #0
[  967.272031][T14649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  967.282134][T14649] Call Trace:
[  967.285461][T14649]  <TASK>
[  967.288442][T14649]  dump_stack_lvl+0x18c/0x250
[  967.293184][T14649]  ? show_regs_print_info+0x20/0x20
[  967.298442][T14649]  ? load_image+0x400/0x400
[  967.303004][T14649]  ? __might_fault+0xaa/0x120
[  967.307735][T14649]  ? __lock_acquire+0x7d40/0x7d40
[  967.312828][T14649]  should_fail_ex+0x39d/0x4d0
[  967.317580][T14649]  _copy_from_user+0x2f/0xe0
[  967.322286][T14649]  ip_tunnel_siocdevprivate+0xc2/0x1f0
[  967.327808][T14649]  ? dev_ioctl+0x83c/0x1140
[  967.332371][T14649]  ? ip_tunnel_update+0xb10/0xb10
[  967.337485][T14649]  ? dev_ifsioc+0x958/0xc40
[  967.342048][T14649]  dev_ioctl+0x84c/0x1140
[  967.346433][T14649]  sock_ioctl+0x74c/0x7e0
[  967.350820][T14649]  ? sock_poll+0x3e0/0x3e0
[  967.355295][T14649]  ? bpf_lsm_file_ioctl+0x9/0x10
[  967.360279][T14649]  ? security_file_ioctl+0x80/0xa0
[  967.365452][T14649]  ? sock_poll+0x3e0/0x3e0
[  967.369928][T14649]  __se_sys_ioctl+0xfd/0x170
[  967.374570][T14649]  do_syscall_64+0x55/0xa0
[  967.379042][T14649]  ? clear_bhb_loop+0x40/0x90
[  967.383775][T14649]  ? clear_bhb_loop+0x40/0x90
[  967.388507][T14649]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  967.394450][T14649] RIP: 0033:0x7efead39af79
[  967.398912][T14649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  967.418574][T14649] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  967.427047][T14649] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[  967.435068][T14649] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000009
[  967.443081][T14649] RBP: 00007efeae1fb090 R08: 0000000000000000 R09: 0000000000000000
[  967.451097][T14649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  967.459132][T14649] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  967.467178][T14649]  </TASK>
[  967.883445][T14658] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2884'.
[  967.932632][T14664] netlink: 'syz.3.2887': attribute type 29 has an invalid length.
[  967.949102][T14664] netlink: 'syz.3.2887': attribute type 3 has an invalid length.
[  967.976176][T14664] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2887'.
[  968.154411][T14669] netlink: 'syz.3.2887': attribute type 10 has an invalid length.
[  968.322989][T14661] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  968.691275][T14674] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2888'.
[  969.312029][T14683] tap0: tun_chr_ioctl cmd 1074025677
[  969.331715][T14683] tap0: linktype set to 778
[  969.473822][T14688] netlink: 'syz.2.2893': attribute type 2 has an invalid length.
[  969.495115][T14688] netlink: 51 bytes leftover after parsing attributes in process `syz.2.2893'.
[  969.718692][T12553] Bluetooth: hci3: command 0x0406 tx timeout
[  969.727533][T14694] sctp: [Deprecated]: syz.1.2895 (pid 14694) Use of int in maxseg socket option.
[  969.727533][T14694] Use struct sctp_assoc_value instead
[  969.883466][T14694] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2895'.
[  970.102484][T14704] netlink: 'syz.1.2899': attribute type 29 has an invalid length.
[  970.132320][T14704] netlink: 'syz.1.2899': attribute type 3 has an invalid length.
[  970.150860][T14704] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2899'.
[  970.462591][T14697] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  971.208314][T14717] FAULT_INJECTION: forcing a failure.
[  971.208314][T14717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  971.238867][T14717] CPU: 1 PID: 14717 Comm: syz.2.2904 Not tainted syzkaller #0
[  971.246425][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  971.256554][T14717] Call Trace:
[  971.259896][T14717]  <TASK>
[  971.262872][T14717]  dump_stack_lvl+0x18c/0x250
[  971.267624][T14717]  ? show_regs_print_info+0x20/0x20
[  971.272918][T14717]  ? load_image+0x400/0x400
[  971.277486][T14717]  ? __might_fault+0xaa/0x120
[  971.282204][T14717]  ? __lock_acquire+0x7d40/0x7d40
[  971.287309][T14717]  should_fail_ex+0x39d/0x4d0
[  971.292069][T14717]  _copy_from_user+0x2f/0xe0
[  971.296721][T14717]  ip_tunnel_siocdevprivate+0xc2/0x1f0
[  971.302235][T14717]  ? dev_ioctl+0x83c/0x1140
[  971.306790][T14717]  ? ip_tunnel_update+0xb10/0xb10
[  971.311874][T14717]  ? dev_ifsioc+0x958/0xc40
[  971.316431][T14717]  dev_ioctl+0x84c/0x1140
[  971.320866][T14717]  sock_ioctl+0x74c/0x7e0
[  971.325324][T14717]  ? sock_poll+0x3e0/0x3e0
[  971.329807][T14717]  ? bpf_lsm_file_ioctl+0x9/0x10
[  971.334876][T14717]  ? security_file_ioctl+0x80/0xa0
[  971.340058][T14717]  ? sock_poll+0x3e0/0x3e0
[  971.344511][T14717]  __se_sys_ioctl+0xfd/0x170
[  971.349146][T14717]  do_syscall_64+0x55/0xa0
[  971.353603][T14717]  ? clear_bhb_loop+0x40/0x90
[  971.358327][T14717]  ? clear_bhb_loop+0x40/0x90
[  971.363044][T14717]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  971.368981][T14717] RIP: 0033:0x7f7c7ef9af79
[  971.373434][T14717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  971.393167][T14717] RSP: 002b:00007f7c7fdbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  971.401652][T14717] RAX: ffffffffffffffda RBX: 00007f7c7f215fa0 RCX: 00007f7c7ef9af79
[  971.409897][T14717] RDX: 0000200000000080 RSI: 00000000000089f2 RDI: 0000000000000005
[  971.417908][T14717] RBP: 00007f7c7fdbb090 R08: 0000000000000000 R09: 0000000000000000
[  971.425920][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.433944][T14717] R13: 00007f7c7f216038 R14: 00007f7c7f215fa0 R15: 00007fff6a535be8
[  971.441977][T14717]  </TASK>
[  971.482095][T14720] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2903'.
[  971.922836][T14722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  972.128674][T14728] validate_nla: 1 callbacks suppressed
[  972.128693][T14728] netlink: 'syz.1.2907': attribute type 9 has an invalid length.
[  972.148933][T14728] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2907'.
[  972.293640][T14736] netlink: 'syz.3.2910': attribute type 29 has an invalid length.
[  972.306287][T14736] netlink: 'syz.3.2910': attribute type 3 has an invalid length.
[  972.334587][T14736] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2910'.
[  972.398214][T14728] netlink: 'syz.1.2907': attribute type 9 has an invalid length.
[  972.426609][T14728] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2907'.
[  972.562304][T14741] netlink: 'syz.3.2910': attribute type 10 has an invalid length.
[  972.672544][T14731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  973.135809][T14750] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2916'.
[  973.160705][T14750] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2916'.
[  973.187512][T14750] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2916'.
[  974.223184][T14759] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  974.376888][T14772] netlink: 'syz.3.2923': attribute type 9 has an invalid length.
[  974.390984][T14774] netlink: 'syz.1.2925': attribute type 29 has an invalid length.
[  974.415869][T14774] netlink: 'syz.1.2925': attribute type 3 has an invalid length.
[  974.491910][T14775] netlink: 'syz.3.2923': attribute type 9 has an invalid length.
[  974.539050][T14775] __nla_validate_parse: 2 callbacks suppressed
[  974.539102][T14775] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2923'.
[  974.573651][T14778] netlink: 'syz.1.2925': attribute type 10 has an invalid length.
[  974.982031][T14784] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2928'.
[  975.032894][T14785] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  975.040230][T14785] IPv6: NLM_F_CREATE should be set when creating new route
[  975.047573][T14785] IPv6: NLM_F_CREATE should be set when creating new route
[  975.054835][T14785] IPv6: NLM_F_CREATE should be set when creating new route
[  975.696339][T14803] FAULT_INJECTION: forcing a failure.
[  975.696339][T14803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  975.710939][T14803] CPU: 0 PID: 14803 Comm: syz.2.2934 Not tainted syzkaller #0
[  975.718488][T14803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  975.728634][T14803] Call Trace:
[  975.731988][T14803]  <TASK>
[  975.735084][T14803]  dump_stack_lvl+0x18c/0x250
[  975.739875][T14803]  ? show_regs_print_info+0x20/0x20
[  975.745191][T14803]  ? load_image+0x400/0x400
[  975.749797][T14803]  ? __might_fault+0xaa/0x120
[  975.754571][T14803]  should_fail_ex+0x39d/0x4d0
[  975.759346][T14803]  copyin+0x1a/0x90
[  975.763261][T14803]  _copy_from_iter+0x404/0x12e0
[  975.768228][T14803]  ? copyin+0x70/0x90
[  975.772357][T14803]  ? copyout_mc+0x70/0x70
[  975.776805][T14803]  ? copyout_mc+0x70/0x70
[  975.781233][T14803]  ? __virt_addr_valid+0x18c/0x540
[  975.786452][T14803]  ? page_copy_sane+0x16a/0x270
[  975.791420][T14803]  copy_page_from_iter+0x7b/0x100
[  975.796655][T14803]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  975.802584][T14803]  packet_sendmsg+0x3566/0x4d70
[  975.807666][T14803]  ? aa_sk_perm+0x83c/0x970
[  975.812296][T14803]  ? packet_getsockopt+0xad0/0xad0
[  975.817523][T14803]  ? aa_sock_msg_perm+0x94/0x150
[  975.822554][T14803]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  975.827938][T14803]  ? security_socket_sendmsg+0x80/0xa0
[  975.833517][T14803]  ? packet_getsockopt+0xad0/0xad0
[  975.838735][T14803]  ____sys_sendmsg+0x5ba/0x960
[  975.843587][T14803]  ? __lock_acquire+0x7d40/0x7d40
[  975.848713][T14803]  ? __asan_memset+0x22/0x40
[  975.853394][T14803]  ? __sys_sendmsg_sock+0x30/0x30
[  975.858499][T14803]  ? __import_iovec+0x3fa/0x850
[  975.863467][T14803]  ? import_iovec+0x73/0xa0
[  975.868074][T14803]  ___sys_sendmsg+0x2a6/0x360
[  975.872866][T14803]  ? __sys_sendmsg+0x2a0/0x2a0
[  975.877831][T14803]  ? trace_call_bpf+0xc3/0x6c0
[  975.882772][T14803]  __se_sys_sendmsg+0x1c2/0x2b0
[  975.887715][T14803]  ? __x64_sys_sendmsg+0x80/0x80
[  975.892808][T14803]  ? lockdep_hardirqs_on+0x98/0x150
[  975.898109][T14803]  do_syscall_64+0x55/0xa0
[  975.902615][T14803]  ? clear_bhb_loop+0x40/0x90
[  975.907376][T14803]  ? clear_bhb_loop+0x40/0x90
[  975.912146][T14803]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  975.918142][T14803] RIP: 0033:0x7f7c7ef9af79
[  975.922643][T14803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  975.942342][T14803] RSP: 002b:00007f7c7fdbb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  975.950853][T14803] RAX: ffffffffffffffda RBX: 00007f7c7f215fa0 RCX: 00007f7c7ef9af79
[  975.958907][T14803] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  975.966958][T14803] RBP: 00007f7c7fdbb090 R08: 0000000000000000 R09: 0000000000000000
[  975.975013][T14803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  975.983071][T14803] R13: 00007f7c7f216038 R14: 00007f7c7f215fa0 R15: 00007fff6a535be8
[  975.991193][T14803]  </TASK>
[  976.157105][T14794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  976.397649][T14810] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2936'.
[  976.524529][T14815] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2938'.
[  977.328378][T14827] validate_nla: 9 callbacks suppressed
[  977.328397][T14827] netlink: 'syz.0.2941': attribute type 9 has an invalid length.
[  977.356582][T14827] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2941'.
[  977.497441][T14828] netlink: 'syz.0.2941': attribute type 9 has an invalid length.
[  977.505699][T14828] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2941'.
[  978.098080][T14835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  978.147606][T14840] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  978.707578][T14853] netlink: 'syz.3.2950': attribute type 1 has an invalid length.
[  978.739153][T14853] netlink: 'syz.3.2950': attribute type 4 has an invalid length.
[  978.764188][T14853] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2950'.
[  978.884623][T14858] netlink: 'syz.2.2951': attribute type 29 has an invalid length.
[  978.907378][T14858] netlink: 'syz.2.2951': attribute type 3 has an invalid length.
[  978.940431][T14858] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2951'.
[  979.065558][T14858] netlink: 'syz.2.2951': attribute type 10 has an invalid length.
[  979.261891][T14866] FAULT_INJECTION: forcing a failure.
[  979.261891][T14866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  979.285314][T14866] CPU: 1 PID: 14866 Comm: syz.3.2954 Not tainted syzkaller #0
[  979.292864][T14866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  979.303065][T14866] Call Trace:
[  979.306391][T14866]  <TASK>
[  979.309365][T14866]  dump_stack_lvl+0x18c/0x250
[  979.314110][T14866]  ? show_regs_print_info+0x20/0x20
[  979.319364][T14866]  ? load_image+0x400/0x400
[  979.323925][T14866]  ? __might_fault+0xaa/0x120
[  979.328653][T14866]  ? __lock_acquire+0x7d40/0x7d40
[  979.333745][T14866]  should_fail_ex+0x39d/0x4d0
[  979.338480][T14866]  _copy_from_user+0x2f/0xe0
[  979.343120][T14866]  ___sys_sendmsg+0x1c7/0x360
[  979.347947][T14866]  ? get_pid_task+0x20/0x1e0
[  979.352600][T14866]  ? __sys_sendmsg+0x2a0/0x2a0
[  979.357447][T14866]  ? __lock_acquire+0x7d40/0x7d40
[  979.362554][T14866]  __se_sys_sendmsg+0x1c2/0x2b0
[  979.367457][T14866]  ? __x64_sys_sendmsg+0x80/0x80
[  979.372472][T14866]  ? lockdep_hardirqs_on+0x98/0x150
[  979.377752][T14866]  do_syscall_64+0x55/0xa0
[  979.382216][T14866]  ? clear_bhb_loop+0x40/0x90
[  979.386944][T14866]  ? clear_bhb_loop+0x40/0x90
[  979.391699][T14866]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  979.397649][T14866] RIP: 0033:0x7efead39af79
[  979.402146][T14866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  979.421806][T14866] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  979.430265][T14866] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[  979.438286][T14866] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  979.446296][T14866] RBP: 00007efeae1fb090 R08: 0000000000000000 R09: 0000000000000000
[  979.454312][T14866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  979.462362][T14866] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[  979.470394][T14866]  </TASK>
[  979.674988][T14863] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  980.935699][T14892] netlink: 'syz.3.2965': attribute type 29 has an invalid length.
[  980.954246][T14892] netlink: 'syz.3.2965': attribute type 3 has an invalid length.
[  980.965538][T14892] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2965'.
[  981.142847][T14897] netlink: 'syz.3.2965': attribute type 10 has an invalid length.
[  981.371406][T14893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  981.679237][T14898] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  981.921374][T14911] netlink: 63503 bytes leftover after parsing attributes in process `syz.3.2972'.
[  983.069932][T14936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  983.186450][T14934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  983.344289][T14946] netlink: 'syz.2.2981': attribute type 29 has an invalid length.
[  983.369278][T14946] netlink: 'syz.2.2981': attribute type 3 has an invalid length.
[  983.393441][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2981'.
[  983.546652][T14951] netlink: 'syz.2.2981': attribute type 10 has an invalid length.
[  984.147846][T14966] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2989'.
[  984.596324][T14977] syzkaller0: entered promiscuous mode
[  984.607346][T14977] syzkaller0: entered allmulticast mode
[  984.679977][T14967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  984.975000][T14983] netlink: 'syz.1.2996': attribute type 29 has an invalid length.
[  984.984431][T14983] netlink: 'syz.1.2996': attribute type 3 has an invalid length.
[  984.992842][T14983] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2996'.
[  986.875288][T14989] netlink: 'syz.1.2996': attribute type 10 has an invalid length.
[  987.015368][T14998] netlink: 'syz.1.2998': attribute type 5 has an invalid length.
[  987.404079][T15002] netlink: 'syz.2.3001': attribute type 21 has an invalid length.
[  987.517391][T15003] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  987.706162][T15015] sock: sock_set_timeout: `syz.0.3005' (pid 15015) tries to set negative timeout
[  987.881065][T15021] netlink: 'syz.0.3007': attribute type 29 has an invalid length.
[  987.899366][T15021] netlink: 'syz.0.3007': attribute type 3 has an invalid length.
[  987.922678][T15021] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3007'.
[  990.196173][T12553] Bluetooth: hci1: command 0x0406 tx timeout
[  990.813290][T15042] syzkaller0: entered promiscuous mode
[  990.821454][T15042] syzkaller0: entered allmulticast mode
[  990.928834][T15036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  991.384548][T15054] validate_nla: 1 callbacks suppressed
[  991.384569][T15054] netlink: 'syz.0.3018': attribute type 9 has an invalid length.
[  991.405261][T15054] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3018'.
[  993.081073][T15053] netlink: 'syz.3.3017': attribute type 7 has an invalid length.
[  993.093813][T15053] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3017'.
[  993.153027][T15057] netlink: 'syz.0.3018': attribute type 9 has an invalid length.
[  993.161745][T15057] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3018'.
[  993.242404][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  993.249060][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  993.269577][T15059] netlink: 'syz.2.3020': attribute type 29 has an invalid length.
[  993.288434][T15059] netlink: 'syz.2.3020': attribute type 3 has an invalid length.
[  993.304944][T15059] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3020'.
[  993.465666][T15064] netlink: 'syz.2.3020': attribute type 10 has an invalid length.
[  993.991795][T15069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  995.169459][T15095] netlink: 'syz.2.3031': attribute type 7 has an invalid length.
[  995.255720][T15096] netlink: 'syz.1.3037': attribute type 21 has an invalid length.
[  995.856603][T15098] netlink: 'syz.3.3032': attribute type 9 has an invalid length.
[  995.874880][T15098] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3032'.
[  996.143630][T15098] netlink: 'syz.3.3032': attribute type 9 has an invalid length.
[  996.173497][T15098] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3032'.
[  998.083935][T15106] netlink: 'syz.3.3035': attribute type 29 has an invalid length.
[  998.098623][T15106] netlink: 'syz.3.3035': attribute type 3 has an invalid length.
[  998.109876][T15106] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3035'.
[  998.352562][T15114] netlink: 'syz.3.3035': attribute type 10 has an invalid length.
[  998.474584][T15113] netlink: 'syz.0.3039': attribute type 7 has an invalid length.
[  998.557783][T15111] nr0: port 1(hsr0) entered blocking state
[  998.632399][T15111] nr0: port 1(hsr0) entered disabled state
[  998.696492][T15111] hsr0: entered allmulticast mode
[  998.715204][T15111] hsr_slave_0: entered allmulticast mode
[  998.891205][T15111] hsr0: entered promiscuous mode
[  999.308271][T15134] netlink: 'syz.2.3045': attribute type 9 has an invalid length.
[  999.342632][T15134] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3045'.
[  999.589317][T15135] netlink: 'syz.2.3045': attribute type 9 has an invalid length.
[  999.636307][T15135] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3045'.
[ 1000.451328][ T5826] Bluetooth: hci4: command 0x0406 tx timeout
[ 1002.550410][T15142] netlink: 'syz.3.3046': attribute type 21 has an invalid length.
[ 1002.925126][T15155] netlink: 'syz.1.3052': attribute type 29 has an invalid length.
[ 1002.933735][T15155] netlink: 'syz.1.3052': attribute type 3 has an invalid length.
[ 1002.942090][T15155] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3052'.
[ 1003.097373][T15156] netlink: 'syz.1.3052': attribute type 10 has an invalid length.
[ 1003.201988][T15162] FAULT_INJECTION: forcing a failure.
[ 1003.201988][T15162] name failslab, interval 1, probability 0, space 0, times 0
[ 1003.236194][T15162] CPU: 1 PID: 15162 Comm: syz.0.3054 Not tainted syzkaller #0
[ 1003.243827][T15162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1003.253927][T15162] Call Trace:
[ 1003.257237][T15162]  <TASK>
[ 1003.260231][T15162]  dump_stack_lvl+0x18c/0x250
[ 1003.264958][T15162]  ? sctp_sendmsg+0x1575/0x28c0
[ 1003.269847][T15162]  ? ___sys_sendmsg+0x2a6/0x360
[ 1003.274748][T15162]  ? show_regs_print_info+0x20/0x20
[ 1003.280022][T15162]  ? load_image+0x400/0x400
[ 1003.284593][T15162]  should_fail_ex+0x39d/0x4d0
[ 1003.289334][T15162]  should_failslab+0x9/0x20
[ 1003.293893][T15162]  slab_pre_alloc_hook+0x59/0x310
[ 1003.298981][T15162]  ? sctp_add_bind_addr+0x8c/0x360
[ 1003.304143][T15162]  __kmem_cache_alloc_node+0x53/0x250
[ 1003.307626][T15165] netlink: 'syz.3.3055': attribute type 9 has an invalid length.
[ 1003.309555][T15162]  ? sctp_add_bind_addr+0x8c/0x360
[ 1003.322039][T15165] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3055'.
[ 1003.322411][T15162]  kmalloc_trace+0x2a/0xe0
[ 1003.336181][T15162]  sctp_add_bind_addr+0x8c/0x360
[ 1003.341182][T15162]  sctp_copy_local_addr_list+0x315/0x4f0
[ 1003.346875][T15162]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[ 1003.352655][T15162]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[ 1003.358769][T15162]  ? sctp_v4_is_any+0x35/0x60
[ 1003.363496][T15162]  ? sctp_copy_one_addr+0x8c/0x350
[ 1003.368646][T15162]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1003.373708][T15162]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1003.380064][T15162]  sctp_connect_new_asoc+0x2f9/0x6a0
[ 1003.385389][T15162]  ? __sctp_connect+0xd80/0xd80
[ 1003.390263][T15162]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1003.395671][T15162]  ? _local_bh_enable+0xa0/0xa0
[ 1003.400539][T15162]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1003.406368][T15162]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 1003.412195][T15162]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1003.417762][T15162]  ? security_sctp_bind_connect+0x89/0xb0
[ 1003.423508][T15162]  sctp_sendmsg+0x1575/0x28c0
[ 1003.428229][T15162]  ? sctp_getsockopt+0xb60/0xb60
[ 1003.433193][T15162]  ? aa_sk_perm+0x83c/0x970
[ 1003.437733][T15162]  ? aa_af_perm+0x330/0x330
[ 1003.442267][T15162]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1003.448707][T15162]  ? sock_rps_record_flow+0x19/0x3f0
[ 1003.454017][T15162]  ? inet_sendmsg+0x7c/0x2f0
[ 1003.458994][T15162]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1003.464315][T15162]  ? security_socket_sendmsg+0x80/0xa0
[ 1003.469796][T15162]  ? inet_send_prepare+0x260/0x260
[ 1003.474943][T15162]  ____sys_sendmsg+0x5ba/0x960
[ 1003.479868][T15162]  ? __lock_acquire+0x7d40/0x7d40
[ 1003.484926][T15162]  ? __asan_memset+0x22/0x40
[ 1003.489550][T15162]  ? __sys_sendmsg_sock+0x30/0x30
[ 1003.494605][T15162]  ? __import_iovec+0x5f2/0x850
[ 1003.499517][T15162]  ? import_iovec+0x73/0xa0
[ 1003.504158][T15162]  ___sys_sendmsg+0x2a6/0x360
[ 1003.508862][T15162]  ? get_pid_task+0x20/0x1e0
[ 1003.513491][T15162]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1003.518340][T15162]  ? __lock_acquire+0x7d40/0x7d40
[ 1003.523408][T15162]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1003.528369][T15162]  ? __x64_sys_sendmsg+0x80/0x80
[ 1003.533340][T15162]  ? lockdep_hardirqs_on+0x98/0x150
[ 1003.538580][T15162]  do_syscall_64+0x55/0xa0
[ 1003.543040][T15162]  ? clear_bhb_loop+0x40/0x90
[ 1003.547738][T15162]  ? clear_bhb_loop+0x40/0x90
[ 1003.552444][T15162]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1003.558352][T15162] RIP: 0033:0x7f448139af79
[ 1003.562790][T15162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1003.582430][T15162] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1003.591037][T15162] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[ 1003.599033][T15162] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1003.607026][T15162] RBP: 00007f44821a4090 R08: 0000000000000000 R09: 0000000000000000
[ 1003.615012][T15162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1003.623002][T15162] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[ 1003.631005][T15162]  </TASK>
[ 1003.672463][T15166] netlink: 'syz.3.3055': attribute type 9 has an invalid length.
[ 1003.700772][T15166] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3055'.
[ 1004.083245][T15179] netlink: 26 bytes leftover after parsing attributes in process `syz.1.3059'.
[ 1004.140971][T15177] netlink: 'syz.2.3066': attribute type 29 has an invalid length.
[ 1004.236535][T15177] netlink: 'syz.2.3066': attribute type 3 has an invalid length.
[ 1004.266062][T15177] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3066'.
[ 1004.328263][T15181] nr0: port 1(hsr0) entered blocking state
[ 1004.350459][T15181] nr0: port 1(hsr0) entered disabled state
[ 1004.365682][T15181] hsr0: entered allmulticast mode
[ 1004.381387][T15181] hsr_slave_0: entered allmulticast mode
[ 1004.414923][T15181] hsr0: entered promiscuous mode
[ 1004.503611][T15180] netlink: 'syz.2.3066': attribute type 10 has an invalid length.
[ 1004.598603][T15186] skbuff: bad partial csum: csum=65535/127 headroom=178 headlen=65664
[ 1005.336375][T15207] delete_channel: no stack
[ 1005.792321][T15221] nr0: port 1(hsr0) entered blocking state
[ 1005.833356][T15221] nr0: port 1(hsr0) entered disabled state
[ 1005.843991][T15221] hsr0: entered allmulticast mode
[ 1005.860542][T15221] hsr_slave_0: entered allmulticast mode
[ 1005.886410][T15221] hsr0: entered promiscuous mode
[ 1005.946304][T15224] netlink: 'syz.2.3075': attribute type 29 has an invalid length.
[ 1005.954243][T15224] netlink: 'syz.2.3075': attribute type 3 has an invalid length.
[ 1006.007325][T15224] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3075'.
[ 1006.092140][T15229] netlink: 'syz.1.3077': attribute type 29 has an invalid length.
[ 1006.107406][T15229] netlink: 'syz.1.3077': attribute type 29 has an invalid length.
[ 1007.170281][T15252] FAULT_INJECTION: forcing a failure.
[ 1007.170281][T15252] name failslab, interval 1, probability 0, space 0, times 0
[ 1007.187575][T15252] CPU: 0 PID: 15252 Comm: syz.0.3087 Not tainted syzkaller #0
[ 1007.195131][T15252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1007.205246][T15252] Call Trace:
[ 1007.208569][T15252]  <TASK>
[ 1007.211539][T15252]  dump_stack_lvl+0x18c/0x250
[ 1007.216268][T15252]  ? sctp_sendmsg+0x1575/0x28c0
[ 1007.221301][T15252]  ? ___sys_sendmsg+0x2a6/0x360
[ 1007.226263][T15252]  ? show_regs_print_info+0x20/0x20
[ 1007.231558][T15252]  ? load_image+0x400/0x400
[ 1007.236181][T15252]  should_fail_ex+0x39d/0x4d0
[ 1007.240945][T15252]  should_failslab+0x9/0x20
[ 1007.245512][T15252]  slab_pre_alloc_hook+0x59/0x310
[ 1007.250601][T15252]  ? sctp_add_bind_addr+0x8c/0x360
[ 1007.255814][T15252]  __kmem_cache_alloc_node+0x53/0x250
[ 1007.261253][T15252]  ? sctp_add_bind_addr+0x8c/0x360
[ 1007.266427][T15252]  kmalloc_trace+0x2a/0xe0
[ 1007.270910][T15252]  sctp_add_bind_addr+0x8c/0x360
[ 1007.275958][T15252]  sctp_copy_local_addr_list+0x315/0x4f0
[ 1007.281652][T15252]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[ 1007.287436][T15252]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[ 1007.293573][T15252]  ? sctp_v4_is_any+0x35/0x60
[ 1007.298401][T15252]  ? sctp_copy_one_addr+0x8c/0x350
[ 1007.303576][T15252]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1007.308653][T15252]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1007.315045][T15252]  sctp_connect_new_asoc+0x2f9/0x6a0
[ 1007.320482][T15252]  ? __sctp_connect+0xd80/0xd80
[ 1007.325387][T15252]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1007.330818][T15252]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1007.336414][T15252]  ? security_sctp_bind_connect+0x89/0xb0
[ 1007.342188][T15252]  sctp_sendmsg+0x1575/0x28c0
[ 1007.346923][T15252]  ? sctp_getsockopt+0xb60/0xb60
[ 1007.351907][T15252]  ? aa_sk_perm+0x83c/0x970
[ 1007.356485][T15252]  ? aa_af_perm+0x330/0x330
[ 1007.361051][T15252]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1007.367528][T15252]  ? sock_rps_record_flow+0x19/0x3f0
[ 1007.372876][T15252]  ? inet_sendmsg+0xe9/0x2f0
[ 1007.377520][T15252]  ? inet_send_prepare+0x260/0x260
[ 1007.382687][T15252]  ____sys_sendmsg+0x5ba/0x960
[ 1007.387506][T15252]  ? __asan_memset+0x22/0x40
[ 1007.392139][T15252]  ? __sys_sendmsg_sock+0x30/0x30
[ 1007.397207][T15252]  ? __import_iovec+0x3fa/0x850
[ 1007.402108][T15252]  ? import_iovec+0x73/0xa0
[ 1007.406649][T15252]  ___sys_sendmsg+0x2a6/0x360
[ 1007.411381][T15252]  ? get_pid_task+0x20/0x1e0
[ 1007.416007][T15252]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1007.420829][T15252]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.425897][T15252]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1007.430809][T15252]  ? __x64_sys_sendmsg+0x80/0x80
[ 1007.435790][T15252]  ? lockdep_hardirqs_on+0x98/0x150
[ 1007.441020][T15252]  do_syscall_64+0x55/0xa0
[ 1007.445481][T15252]  ? clear_bhb_loop+0x40/0x90
[ 1007.450194][T15252]  ? clear_bhb_loop+0x40/0x90
[ 1007.454901][T15252]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1007.460825][T15252] RIP: 0033:0x7f448139af79
[ 1007.465263][T15252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1007.484925][T15252] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1007.493379][T15252] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[ 1007.501384][T15252] RDX: 0000000000000080 RSI: 0000200000000380 RDI: 0000000000000003
[ 1007.509379][T15252] RBP: 00007f44821a4090 R08: 0000000000000000 R09: 0000000000000000
[ 1007.517378][T15252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1007.525365][T15252] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[ 1007.533467][T15252]  </TASK>
[ 1007.597328][T15256] FAULT_INJECTION: forcing a failure.
[ 1007.597328][T15256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1007.632274][T15256] CPU: 0 PID: 15256 Comm: syz.3.3095 Not tainted syzkaller #0
[ 1007.639911][T15256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1007.650053][T15256] Call Trace:
[ 1007.653385][T15256]  <TASK>
[ 1007.656359][T15256]  dump_stack_lvl+0x18c/0x250
[ 1007.661098][T15256]  ? show_regs_print_info+0x20/0x20
[ 1007.666360][T15256]  ? load_image+0x400/0x400
[ 1007.670934][T15256]  ? __might_fault+0xaa/0x120
[ 1007.675708][T15256]  should_fail_ex+0x39d/0x4d0
[ 1007.680452][T15256]  copyin+0x1a/0x90
[ 1007.684327][T15256]  _copy_from_iter+0x404/0x12e0
[ 1007.689237][T15256]  ? copyin+0x70/0x90
[ 1007.693295][T15256]  ? copyout_mc+0x70/0x70
[ 1007.697690][T15256]  ? copyout_mc+0x70/0x70
[ 1007.702098][T15256]  ? __virt_addr_valid+0x18c/0x540
[ 1007.707287][T15256]  ? page_copy_sane+0x16a/0x270
[ 1007.712198][T15256]  copy_page_from_iter+0x7b/0x100
[ 1007.717295][T15256]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[ 1007.723172][T15256]  packet_sendmsg+0x3566/0x4d70
[ 1007.728114][T15256]  ? verify_lock_unused+0x140/0x140
[ 1007.733367][T15256]  ? mark_lock+0x94/0x320
[ 1007.737745][T15256]  ? __lock_acquire+0x1273/0x7d40
[ 1007.742822][T15256]  ? aa_sk_perm+0x83c/0x970
[ 1007.747389][T15256]  ? packet_getsockopt+0xad0/0xad0
[ 1007.752565][T15256]  ? aa_sock_msg_perm+0x94/0x150
[ 1007.757565][T15256]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1007.762901][T15256]  ? security_socket_sendmsg+0x80/0xa0
[ 1007.768406][T15256]  ? packet_getsockopt+0xad0/0xad0
[ 1007.773601][T15256]  ____sys_sendmsg+0x5ba/0x960
[ 1007.778472][T15256]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.783577][T15256]  ? __asan_memset+0x22/0x40
[ 1007.788265][T15256]  ? __sys_sendmsg_sock+0x30/0x30
[ 1007.793380][T15256]  ? __import_iovec+0x3fa/0x850
[ 1007.798311][T15256]  ? import_iovec+0x73/0xa0
[ 1007.802873][T15256]  ___sys_sendmsg+0x2a6/0x360
[ 1007.807621][T15256]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1007.812483][T15256]  ? __lock_acquire+0x7d40/0x7d40
[ 1007.817589][T15256]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1007.822492][T15256]  ? __x64_sys_sendmsg+0x80/0x80
[ 1007.827498][T15256]  ? lockdep_hardirqs_on+0x98/0x150
[ 1007.832748][T15256]  do_syscall_64+0x55/0xa0
[ 1007.837229][T15256]  ? clear_bhb_loop+0x40/0x90
[ 1007.841958][T15256]  ? clear_bhb_loop+0x40/0x90
[ 1007.846693][T15256]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1007.852635][T15256] RIP: 0033:0x7efead39af79
[ 1007.857087][T15256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1007.876735][T15256] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1007.885194][T15256] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[ 1007.893207][T15256] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1007.901228][T15256] RBP: 00007efeae1fb090 R08: 0000000000000000 R09: 0000000000000000
[ 1007.909235][T15256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1007.917241][T15256] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[ 1007.925259][T15256]  </TASK>
[ 1008.203954][T15261] nr0: port 1(hsr0) entered blocking state
[ 1008.218285][T15261] nr0: port 1(hsr0) entered disabled state
[ 1008.230228][T15261] hsr0: entered allmulticast mode
[ 1008.245743][T15261] hsr_slave_0: entered allmulticast mode
[ 1008.253904][T15261] hsr_slave_1: entered allmulticast mode
[ 1008.302849][T15261] hsr0: entered promiscuous mode
[ 1008.365418][T15263] validate_nla: 4 callbacks suppressed
[ 1008.365437][T15263] netlink: 'syz.3.3091': attribute type 29 has an invalid length.
[ 1008.381403][T15263] netlink: 'syz.3.3091': attribute type 3 has an invalid length.
[ 1008.400222][T15263] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3091'.
[ 1008.566995][T15267] netlink: 'syz.3.3091': attribute type 10 has an invalid length.
[ 1008.838848][T15273] netlink: 'syz.0.3094': attribute type 9 has an invalid length.
[ 1008.856132][T15273] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3094'.
[ 1010.158842][T15297] netlink: 144488 bytes leftover after parsing attributes in process `syz.3.3101'.
[ 1010.215269][T15297] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3101'.
[ 1010.294689][T15299] netlink: 'syz.2.3104': attribute type 29 has an invalid length.
[ 1010.317945][T15299] netlink: 'syz.2.3104': attribute type 3 has an invalid length.
[ 1010.367770][T15299] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3104'.
[ 1010.597251][T15300] netlink: 'syz.2.3104': attribute type 10 has an invalid length.
[ 1010.660502][T15304] netlink: 'syz.0.3105': attribute type 29 has an invalid length.
[ 1010.702640][T15304] netlink: 'syz.0.3105': attribute type 3 has an invalid length.
[ 1010.732624][T15304] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3105'.
[ 1010.798942][T15308] netlink: 'syz.1.3106': attribute type 29 has an invalid length.
[ 1010.822156][T15308] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3106'.
[ 1011.642263][T15328] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3113'.
[ 1011.795186][T15330] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3115'.
[ 1011.843943][T15331] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3113'.
[ 1013.482567][T15366] validate_nla: 12 callbacks suppressed
[ 1013.482590][T15366] netlink: 'syz.0.3125': attribute type 9 has an invalid length.
[ 1013.501806][T15366] __nla_validate_parse: 5 callbacks suppressed
[ 1013.501825][T15366] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3125'.
[ 1013.761664][T15368] netlink: 'syz.0.3125': attribute type 9 has an invalid length.
[ 1013.783480][T15368] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3125'.
[ 1013.907838][T15374] netlink: 14975 bytes leftover after parsing attributes in process `syz.2.3126'.
[ 1013.983342][T15378] netlink: 'syz.1.3128': attribute type 29 has an invalid length.
[ 1014.896815][T15378] netlink: 'syz.1.3128': attribute type 29 has an invalid length.
[ 1014.909209][T15380] netlink: 'syz.1.3128': attribute type 29 has an invalid length.
[ 1014.947743][T15371] netlink: 'syz.3.3127': attribute type 9 has an invalid length.
[ 1014.962035][T15371] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3127'.
[ 1014.971638][T15381] netlink: 'syz.1.3128': attribute type 29 has an invalid length.
[ 1015.058390][T15376] netlink: 'syz.3.3127': attribute type 9 has an invalid length.
[ 1015.086392][T15376] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3127'.
[ 1015.811111][ T5826] Bluetooth: hci0: command 0x0406 tx timeout
[ 1016.146298][T15398] netlink: 'syz.1.3135': attribute type 29 has an invalid length.
[ 1016.164182][T15398] netlink: 'syz.1.3135': attribute type 3 has an invalid length.
[ 1016.179489][T15398] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3135'.
[ 1019.510270][T15409] validate_nla: 1 callbacks suppressed
[ 1019.510288][T15409] netlink: 'syz.0.3139': attribute type 9 has an invalid length.
[ 1019.564339][T15409] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3139'.
[ 1019.680589][T15413] netlink: 'syz.0.3139': attribute type 9 has an invalid length.
[ 1019.769746][T15413] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3139'.
[ 1020.418234][T15417] netlink: 'syz.2.3142': attribute type 9 has an invalid length.
[ 1020.427918][T15417] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3142'.
[ 1020.510467][T15418] netlink: 'syz.2.3142': attribute type 9 has an invalid length.
[ 1020.520203][T15418] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3142'.
[ 1020.573627][T15422] netlink: 'syz.1.3143': attribute type 29 has an invalid length.
[ 1020.669078][T15422] netlink: 'syz.1.3143': attribute type 29 has an invalid length.
[ 1020.684180][T15424] netlink: 'syz.1.3143': attribute type 29 has an invalid length.
[ 1020.693556][T15425] netlink: 'syz.0.3144': attribute type 29 has an invalid length.
[ 1020.697755][T15426] netlink: 'syz.1.3143': attribute type 29 has an invalid length.
[ 1020.712777][T15422] netlink: 'syz.1.3143': attribute type 29 has an invalid length.
[ 1021.542375][T15439] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3148'.
[ 1022.248112][T15448] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3150'.
[ 1022.586556][T15455] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3152'.
[ 1022.705327][T15456] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3152'.
[ 1023.768132][T15469] FAULT_INJECTION: forcing a failure.
[ 1023.768132][T15469] name failslab, interval 1, probability 0, space 0, times 0
[ 1023.780892][T15469] CPU: 0 PID: 15469 Comm: syz.1.3156 Not tainted syzkaller #0
[ 1023.788391][T15469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1023.798513][T15469] Call Trace:
[ 1023.801833][T15469]  <TASK>
[ 1023.804805][T15469]  dump_stack_lvl+0x18c/0x250
[ 1023.809534][T15469]  ? show_regs_print_info+0x20/0x20
[ 1023.814806][T15469]  ? load_image+0x400/0x400
[ 1023.819377][T15469]  should_fail_ex+0x39d/0x4d0
[ 1023.824111][T15469]  should_failslab+0x9/0x20
[ 1023.828687][T15469]  slab_pre_alloc_hook+0x59/0x310
[ 1023.833778][T15469]  kmem_cache_alloc+0x5a/0x2d0
[ 1023.838605][T15469]  ? dst_alloc+0x105/0x170
[ 1023.843086][T15469]  dst_alloc+0x105/0x170
[ 1023.847384][T15469]  ip_route_output_key_hash_rcu+0x14f0/0x2360
[ 1023.853515][T15469]  ? ip_route_output_key_hash+0x13d/0x330
[ 1023.859284][T15469]  ip_route_output_key_hash+0x1f3/0x330
[ 1023.864886][T15469]  ? ip_route_input_rcu+0x30e0/0x30e0
[ 1023.870318][T15469]  ? __asan_memset+0x22/0x40
[ 1023.874967][T15469]  ip_route_output_flow+0x2a/0x150
[ 1023.880154][T15469]  ip_tunnel_xmit+0x9b1/0x2410
[ 1023.884990][T15469]  ? ip_tunnel_xmit+0xa0/0x2410
[ 1023.889906][T15469]  ? ip4_dst_hoplimit+0x2d0/0x2d0
[ 1023.894984][T15469]  ? validate_xmit_xfrm+0xbc/0x12c0
[ 1023.900263][T15469]  ? gre_build_header+0x25b/0x990
[ 1023.905337][T15469]  ipgre_xmit+0x7a6/0xb20
[ 1023.909741][T15469]  dev_hard_start_xmit+0x246/0x740
[ 1023.914930][T15469]  __dev_queue_xmit+0x1ac2/0x36b0
[ 1023.920017][T15469]  ? __dev_queue_xmit+0x26b/0x36b0
[ 1023.925274][T15469]  ? __kasan_slab_alloc+0x6c/0x80
[ 1023.930360][T15469]  ? slab_post_alloc_hook+0x8a/0x4b0
[ 1023.935710][T15469]  ? netdev_core_pick_tx+0x340/0x340
[ 1023.941050][T15469]  ? skb_release_data+0x1cf/0x800
[ 1023.946137][T15469]  ? pskb_expand_head+0xbfe/0x1230
[ 1023.951299][T15469]  __bpf_tx_skb+0x189/0x250
[ 1023.955857][T15469]  bpf_clone_redirect+0x30f/0x4a0
[ 1023.960964][T15469]  bpf_prog_1eda3e3d4f38ab1d+0x5e/0x63
[ 1023.966508][T15469]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1023.972582][T15469]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1023.978813][T15469]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1023.984844][T15469]  ? lockdep_softirqs_on+0x580/0x580
[ 1023.990177][T15469]  ? lock_chain_count+0x20/0x20
[ 1023.995074][T15469]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[ 1024.001375][T15469]  ? __local_bh_disable_ip+0x108/0x1a0
[ 1024.006880][T15469]  ? __cant_sleep+0x220/0x220
[ 1024.011619][T15469]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1024.017050][T15469]  ? _local_bh_enable+0xa0/0xa0
[ 1024.021994][T15469]  ? bpf_test_timer_continue+0x135/0x380
[ 1024.027694][T15469]  ? bpf_test_run+0x174/0x870
[ 1024.032426][T15469]  bpf_test_run+0x2df/0x870
[ 1024.037176][T15469]  ? bpf_test_run+0x174/0x870
[ 1024.041923][T15469]  ? convert___skb_to_skb+0x590/0x590
[ 1024.047345][T15469]  ? eth_get_headlen+0x210/0x210
[ 1024.052349][T15469]  ? slab_build_skb+0x25f/0x3f0
[ 1024.057267][T15469]  ? convert___skb_to_skb+0x3d/0x590
[ 1024.062609][T15469]  bpf_prog_test_run_skb+0xad2/0x12b0
[ 1024.068065][T15469]  ? cpu_online+0x60/0x60
[ 1024.072442][T15469]  bpf_prog_test_run+0x321/0x390
[ 1024.077430][T15469]  __sys_bpf+0x49d/0x890
[ 1024.081731][T15469]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1024.087172][T15469]  ? lock_chain_count+0x20/0x20
[ 1024.092154][T15469]  __x64_sys_bpf+0x7c/0x90
[ 1024.096640][T15469]  do_syscall_64+0x55/0xa0
[ 1024.101127][T15469]  ? clear_bhb_loop+0x40/0x90
[ 1024.105856][T15469]  ? clear_bhb_loop+0x40/0x90
[ 1024.110597][T15469]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1024.116541][T15469] RIP: 0033:0x7fa77d79af79
[ 1024.121010][T15469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1024.140794][T15469] RSP: 002b:00007fa77e6e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1024.149286][T15469] RAX: ffffffffffffffda RBX: 00007fa77da15fa0 RCX: 00007fa77d79af79
[ 1024.157322][T15469] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[ 1024.165361][T15469] RBP: 00007fa77e6e4090 R08: 0000000000000000 R09: 0000000000000000
[ 1024.173381][T15469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1024.181401][T15469] R13: 00007fa77da16038 R14: 00007fa77da15fa0 R15: 00007ffc742a7f58
[ 1024.189441][T15469]  </TASK>
[ 1024.376355][T15471] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3157'.
[ 1024.529967][T15478] validate_nla: 8 callbacks suppressed
[ 1024.529988][T15478] netlink: 'syz.3.3161': attribute type 29 has an invalid length.
[ 1024.543767][T15478] netlink: 'syz.3.3161': attribute type 3 has an invalid length.
[ 1024.561033][T15479] netlink: 'syz.2.3160': attribute type 9 has an invalid length.
[ 1024.569288][T15478] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3161'.
[ 1024.582803][T15479] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3160'.
[ 1024.724665][T15484] netlink: 'syz.3.3161': attribute type 10 has an invalid length.
[ 1024.796602][T15479] netlink: 'syz.2.3160': attribute type 9 has an invalid length.
[ 1024.811323][T15479] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3160'.
[ 1025.565493][T15493] netlink: 'syz.0.3174': attribute type 29 has an invalid length.
[ 1025.576165][T15493] netlink: 'syz.0.3174': attribute type 3 has an invalid length.
[ 1025.591992][T15493] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3174'.
[ 1025.692848][T15495] netlink: 'syz.3.3166': attribute type 9 has an invalid length.
[ 1025.706199][T15495] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3166'.
[ 1025.841223][T15500] netlink: 'syz.0.3174': attribute type 10 has an invalid length.
[ 1025.843580][T15499] netlink: 'syz.3.3166': attribute type 9 has an invalid length.
[ 1025.890000][T15499] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3166'.
[ 1026.636132][T15505] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3168'.
[ 1026.705429][T15512] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3171'.
[ 1026.766538][T15508] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3168'.
[ 1027.258731][T15532] FAULT_INJECTION: forcing a failure.
[ 1027.258731][T15532] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.271907][T15532] CPU: 0 PID: 15532 Comm: syz.1.3180 Not tainted syzkaller #0
[ 1027.279381][T15532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1027.289470][T15532] Call Trace:
[ 1027.292786][T15532]  <TASK>
[ 1027.295742][T15532]  dump_stack_lvl+0x18c/0x250
[ 1027.300470][T15532]  ? show_regs_print_info+0x20/0x20
[ 1027.305716][T15532]  ? load_image+0x400/0x400
[ 1027.310264][T15532]  should_fail_ex+0x39d/0x4d0
[ 1027.314982][T15532]  should_failslab+0x9/0x20
[ 1027.319687][T15532]  slab_pre_alloc_hook+0x59/0x310
[ 1027.324749][T15532]  kmem_cache_alloc+0x5a/0x2d0
[ 1027.329552][T15532]  ? skb_clone+0x1eb/0x370
[ 1027.334025][T15532]  skb_clone+0x1eb/0x370
[ 1027.338561][T15532]  ? dev_queue_xmit_nit+0x212/0xbb0
[ 1027.343803][T15532]  dev_queue_xmit_nit+0x24d/0xbb0
[ 1027.348861][T15532]  ? dev_queue_xmit_nit+0x2d/0xbb0
[ 1027.354006][T15532]  ? validate_xmit_skb+0x949/0xf60
[ 1027.359162][T15532]  dev_hard_start_xmit+0x148/0x740
[ 1027.364320][T15532]  __dev_queue_xmit+0x1ac2/0x36b0
[ 1027.369385][T15532]  ? __dev_queue_xmit+0x26b/0x36b0
[ 1027.374545][T15532]  ? netdev_core_pick_tx+0x340/0x340
[ 1027.380032][T15532]  ? skb_release_data+0x1cf/0x800
[ 1027.385093][T15532]  ? pskb_expand_head+0xbfe/0x1230
[ 1027.390262][T15532]  __bpf_tx_skb+0x189/0x250
[ 1027.394795][T15532]  bpf_clone_redirect+0x30f/0x4a0
[ 1027.399861][T15532]  bpf_prog_6893982b85ceadf7+0x5e/0x63
[ 1027.405382][T15532]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1027.411396][T15532]  ? perf_trace_preemptirq_template+0xac/0x330
[ 1027.417581][T15532]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1027.423597][T15532]  ? lockdep_softirqs_on+0x580/0x580
[ 1027.429122][T15532]  ? lock_chain_count+0x20/0x20
[ 1027.434008][T15532]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[ 1027.440298][T15532]  ? __local_bh_disable_ip+0x108/0x1a0
[ 1027.446148][T15532]  ? __cant_sleep+0x220/0x220
[ 1027.450866][T15532]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1027.456294][T15532]  ? _local_bh_enable+0xa0/0xa0
[ 1027.461188][T15532]  ? bpf_test_timer_continue+0x135/0x380
[ 1027.466860][T15532]  ? bpf_test_run+0x174/0x870
[ 1027.471579][T15532]  bpf_test_run+0x2df/0x870
[ 1027.476151][T15532]  ? bpf_test_run+0x174/0x870
[ 1027.480878][T15532]  ? convert___skb_to_skb+0x590/0x590
[ 1027.486301][T15532]  ? eth_get_headlen+0x210/0x210
[ 1027.491376][T15532]  ? slab_build_skb+0x25f/0x3f0
[ 1027.496268][T15532]  ? convert___skb_to_skb+0x3d/0x590
[ 1027.501595][T15532]  bpf_prog_test_run_skb+0xad2/0x12b0
[ 1027.507007][T15532]  ? cpu_online+0x60/0x60
[ 1027.511363][T15532]  bpf_prog_test_run+0x321/0x390
[ 1027.516333][T15532]  __sys_bpf+0x49d/0x890
[ 1027.520602][T15532]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1027.526022][T15532]  ? lock_chain_count+0x20/0x20
[ 1027.530922][T15532]  __x64_sys_bpf+0x7c/0x90
[ 1027.535362][T15532]  do_syscall_64+0x55/0xa0
[ 1027.539822][T15532]  ? clear_bhb_loop+0x40/0x90
[ 1027.544530][T15532]  ? clear_bhb_loop+0x40/0x90
[ 1027.549257][T15532]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1027.555188][T15532] RIP: 0033:0x7fa77d79af79
[ 1027.559637][T15532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1027.579276][T15532] RSP: 002b:00007fa77e6e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1027.587736][T15532] RAX: ffffffffffffffda RBX: 00007fa77da15fa0 RCX: 00007fa77d79af79
[ 1027.595748][T15532] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[ 1027.603750][T15532] RBP: 00007fa77e6e4090 R08: 0000000000000000 R09: 0000000000000000
[ 1027.611755][T15532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1027.619840][T15532] R13: 00007fa77da16038 R14: 00007fa77da15fa0 R15: 00007ffc742a7f58
[ 1027.627860][T15532]  </TASK>
[ 1027.641804][T15530] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3178'.
[ 1029.861088][T15585] validate_nla: 15 callbacks suppressed
[ 1029.861110][T15585] netlink: 'syz.1.3199': attribute type 9 has an invalid length.
[ 1029.932785][T15585] __nla_validate_parse: 3 callbacks suppressed
[ 1029.932803][T15585] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3199'.
[ 1030.161693][T15591] FAULT_INJECTION: forcing a failure.
[ 1030.161693][T15591] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.209526][T15586] netlink: 'syz.1.3199': attribute type 9 has an invalid length.
[ 1030.228217][T15591] CPU: 1 PID: 15591 Comm: syz.3.3201 Not tainted syzkaller #0
[ 1030.235759][T15591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1030.245951][T15591] Call Trace:
[ 1030.249288][T15591]  <TASK>
[ 1030.252263][T15591]  dump_stack_lvl+0x18c/0x250
[ 1030.257017][T15591]  ? show_regs_print_info+0x20/0x20
[ 1030.262317][T15591]  ? load_image+0x400/0x400
[ 1030.266877][T15591]  ? __might_sleep+0xe0/0xe0
[ 1030.271557][T15591]  ? __lock_acquire+0x7d40/0x7d40
[ 1030.276636][T15591]  should_fail_ex+0x39d/0x4d0
[ 1030.281369][T15591]  should_failslab+0x9/0x20
[ 1030.285924][T15591]  slab_pre_alloc_hook+0x59/0x310
[ 1030.291025][T15591]  ? __lock_acquire+0x7d40/0x7d40
[ 1030.296121][T15591]  kmem_cache_alloc_node+0x60/0x320
[ 1030.301377][T15591]  ? __alloc_skb+0x103/0x2c0
[ 1030.306036][T15591]  __alloc_skb+0x103/0x2c0
[ 1030.310513][T15591]  netlink_sendmsg+0x66a/0xbf0
[ 1030.315340][T15591]  ? netlink_getsockopt+0x590/0x590
[ 1030.320605][T15591]  ? aa_sock_msg_perm+0x94/0x150
[ 1030.325597][T15591]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1030.330939][T15591]  ? security_socket_sendmsg+0x80/0xa0
[ 1030.336448][T15591]  ? netlink_getsockopt+0x590/0x590
[ 1030.341689][T15591]  ____sys_sendmsg+0x5ba/0x960
[ 1030.346494][T15591]  ? __asan_memset+0x22/0x40
[ 1030.351112][T15591]  ? __sys_sendmsg_sock+0x30/0x30
[ 1030.356178][T15591]  ? __import_iovec+0x3fa/0x850
[ 1030.361078][T15591]  ? import_iovec+0x73/0xa0
[ 1030.365611][T15591]  ___sys_sendmsg+0x2a6/0x360
[ 1030.370320][T15591]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1030.375228][T15591]  ? __lock_acquire+0x7d40/0x7d40
[ 1030.380312][T15591]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1030.385276][T15591]  ? __x64_sys_sendmsg+0x80/0x80
[ 1030.390267][T15591]  ? lockdep_hardirqs_on+0x98/0x150
[ 1030.395502][T15591]  do_syscall_64+0x55/0xa0
[ 1030.399950][T15591]  ? clear_bhb_loop+0x40/0x90
[ 1030.404654][T15591]  ? clear_bhb_loop+0x40/0x90
[ 1030.409361][T15591]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1030.415291][T15591] RIP: 0033:0x7efead39af79
[ 1030.419727][T15591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1030.439356][T15591] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1030.447787][T15591] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[ 1030.455782][T15591] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003
[ 1030.463790][T15591] RBP: 00007efeae1fb090 R08: 0000000000000000 R09: 0000000000000000
[ 1030.471780][T15591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1030.479771][T15591] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[ 1030.487781][T15591]  </TASK>
[ 1030.492154][T15586] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3199'.
[ 1030.945477][T15597] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3203'.
[ 1031.168567][T15605] netlink: 'syz.3.3206': attribute type 29 has an invalid length.
[ 1031.237142][T15605] netlink: 'syz.3.3206': attribute type 29 has an invalid length.
[ 1031.296766][T15609] netlink: 'syz.3.3206': attribute type 29 has an invalid length.
[ 1031.393196][T15605] netlink: 'syz.3.3206': attribute type 29 has an invalid length.
[ 1031.431631][T15611] netlink: 'syz.1.3209': attribute type 10 has an invalid length.
[ 1031.474414][T15605] netlink: 'syz.3.3206': attribute type 29 has an invalid length.
[ 1034.418901][T15623] netlink: 'syz.2.3210': attribute type 9 has an invalid length.
[ 1034.437840][T15623] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3210'.
[ 1034.727109][T15628] netlink: 'syz.2.3210': attribute type 9 has an invalid length.
[ 1034.759818][T15628] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3210'.
[ 1035.066428][T15637] FAULT_INJECTION: forcing a failure.
[ 1035.066428][T15637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1035.109951][T15637] CPU: 0 PID: 15637 Comm: syz.3.3216 Not tainted syzkaller #0
[ 1035.117550][T15637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1035.127659][T15637] Call Trace:
[ 1035.131006][T15637]  <TASK>
[ 1035.133984][T15637]  dump_stack_lvl+0x18c/0x250
[ 1035.138729][T15637]  ? show_regs_print_info+0x20/0x20
[ 1035.144000][T15637]  ? load_image+0x400/0x400
[ 1035.148561][T15637]  ? __might_fault+0xaa/0x120
[ 1035.153299][T15637]  ? __lock_acquire+0x7d40/0x7d40
[ 1035.158381][T15637]  ? unix_ioctl+0x261/0x670
[ 1035.162947][T15637]  should_fail_ex+0x39d/0x4d0
[ 1035.167690][T15637]  _copy_from_user+0x2f/0xe0
[ 1035.172343][T15637]  sock_do_ioctl+0x190/0x310
[ 1035.177004][T15637]  ? sock_show_fdinfo+0xb0/0xb0
[ 1035.181933][T15637]  sock_ioctl+0x5ba/0x7e0
[ 1035.186319][T15637]  ? sock_poll+0x3e0/0x3e0
[ 1035.190798][T15637]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1035.195793][T15637]  ? security_file_ioctl+0x80/0xa0
[ 1035.200976][T15637]  ? sock_poll+0x3e0/0x3e0
[ 1035.205436][T15637]  __se_sys_ioctl+0xfd/0x170
[ 1035.210062][T15637]  do_syscall_64+0x55/0xa0
[ 1035.214526][T15637]  ? clear_bhb_loop+0x40/0x90
[ 1035.219229][T15637]  ? clear_bhb_loop+0x40/0x90
[ 1035.223941][T15637]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1035.229859][T15637] RIP: 0033:0x7efead39af79
[ 1035.234322][T15637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1035.253955][T15637] RSP: 002b:00007efeae1fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1035.262396][T15637] RAX: ffffffffffffffda RBX: 00007efead615fa0 RCX: 00007efead39af79
[ 1035.270395][T15637] RDX: 00002000000002c0 RSI: 0000000000008949 RDI: 0000000000000003
[ 1035.278393][T15637] RBP: 00007efeae1fb090 R08: 0000000000000000 R09: 0000000000000000
[ 1035.286400][T15637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1035.294404][T15637] R13: 00007efead616038 R14: 00007efead615fa0 R15: 00007fff48d801f8
[ 1035.302422][T15637]  </TASK>
[ 1035.726484][T15651] netlink: 'syz.2.3219': attribute type 10 has an invalid length.
[ 1036.279178][T15670] netlink: 208064 bytes leftover after parsing attributes in process `syz.0.3226'.
[ 1036.367668][T15673] FAULT_INJECTION: forcing a failure.
[ 1036.367668][T15673] name failslab, interval 1, probability 0, space 0, times 0
[ 1036.380991][T15673] CPU: 1 PID: 15673 Comm: syz.2.3227 Not tainted syzkaller #0
[ 1036.388503][T15673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1036.398606][T15673] Call Trace:
[ 1036.401927][T15673]  <TASK>
[ 1036.404903][T15673]  dump_stack_lvl+0x18c/0x250
[ 1036.409684][T15673]  ? sctp_sendmsg+0x1575/0x28c0
[ 1036.414559][T15673]  ? ___sys_sendmsg+0x2a6/0x360
[ 1036.419481][T15673]  ? show_regs_print_info+0x20/0x20
[ 1036.424711][T15673]  ? load_image+0x400/0x400
[ 1036.429301][T15673]  should_fail_ex+0x39d/0x4d0
[ 1036.434038][T15673]  should_failslab+0x9/0x20
[ 1036.438584][T15673]  slab_pre_alloc_hook+0x59/0x310
[ 1036.443686][T15673]  ? sctp_add_bind_addr+0x8c/0x360
[ 1036.448853][T15673]  __kmem_cache_alloc_node+0x53/0x250
[ 1036.454274][T15673]  ? sctp_add_bind_addr+0x8c/0x360
[ 1036.459513][T15673]  kmalloc_trace+0x2a/0xe0
[ 1036.463978][T15673]  sctp_add_bind_addr+0x8c/0x360
[ 1036.468974][T15673]  sctp_copy_local_addr_list+0x315/0x4f0
[ 1036.474678][T15673]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[ 1036.480442][T15673]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[ 1036.486568][T15673]  ? sctp_v4_is_any+0x35/0x60
[ 1036.491292][T15673]  ? sctp_copy_one_addr+0x8c/0x350
[ 1036.496475][T15673]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1036.501543][T15673]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1036.507934][T15673]  sctp_connect_new_asoc+0x2f9/0x6a0
[ 1036.513261][T15673]  ? __sctp_connect+0xd80/0xd80
[ 1036.518145][T15673]  ? __local_bh_enable_ip+0x13a/0x1c0
[ 1036.523575][T15673]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1036.529161][T15673]  ? security_sctp_bind_connect+0x89/0xb0
[ 1036.535014][T15673]  sctp_sendmsg+0x1575/0x28c0
[ 1036.539746][T15673]  ? sctp_getsockopt+0xb60/0xb60
[ 1036.544726][T15673]  ? aa_sk_perm+0x83c/0x970
[ 1036.549299][T15673]  ? aa_af_perm+0x330/0x330
[ 1036.553843][T15673]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1036.560299][T15673]  ? sock_rps_record_flow+0x19/0x3f0
[ 1036.565733][T15673]  ? inet_sendmsg+0xe9/0x2f0
[ 1036.570379][T15673]  ? inet_send_prepare+0x260/0x260
[ 1036.575555][T15673]  ____sys_sendmsg+0x5ba/0x960
[ 1036.580378][T15673]  ? __lock_acquire+0x7d40/0x7d40
[ 1036.585441][T15673]  ? __asan_memset+0x22/0x40
[ 1036.590096][T15673]  ? __sys_sendmsg_sock+0x30/0x30
[ 1036.595160][T15673]  ? __import_iovec+0x5f2/0x850
[ 1036.600069][T15673]  ? import_iovec+0x73/0xa0
[ 1036.604624][T15673]  ___sys_sendmsg+0x2a6/0x360
[ 1036.609364][T15673]  ? get_pid_task+0x20/0x1e0
[ 1036.614007][T15673]  ? __sys_sendmsg+0x2a0/0x2a0
[ 1036.618848][T15673]  ? __lock_acquire+0x7d40/0x7d40
[ 1036.623950][T15673]  __se_sys_sendmsg+0x1c2/0x2b0
[ 1036.628840][T15673]  ? __x64_sys_sendmsg+0x80/0x80
[ 1036.633843][T15673]  ? lockdep_hardirqs_on+0x98/0x150
[ 1036.639093][T15673]  do_syscall_64+0x55/0xa0
[ 1036.643552][T15673]  ? clear_bhb_loop+0x40/0x90
[ 1036.648266][T15673]  ? clear_bhb_loop+0x40/0x90
[ 1036.652982][T15673]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1036.658909][T15673] RIP: 0033:0x7f7c7ef9af79
[ 1036.663363][T15673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1036.683014][T15673] RSP: 002b:00007f7c7fdbb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1036.691478][T15673] RAX: ffffffffffffffda RBX: 00007f7c7f215fa0 RCX: 00007f7c7ef9af79
[ 1036.699505][T15673] RDX: 00000000000003e8 RSI: 00002000000004c0 RDI: 0000000000000016
[ 1036.707509][T15673] RBP: 00007f7c7fdbb090 R08: 0000000000000000 R09: 0000000000000000
[ 1036.715531][T15673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1036.723529][T15673] R13: 00007f7c7f216038 R14: 00007f7c7f215fa0 R15: 00007fff6a535be8
[ 1036.731558][T15673]  </TASK>
[ 1036.918503][T15679] netlink: 'syz.0.3228': attribute type 9 has an invalid length.
[ 1036.926588][T15679] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3228'.
[ 1037.032726][T15679] netlink: 'syz.0.3228': attribute type 9 has an invalid length.
[ 1037.044528][T15679] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3228'.
[ 1037.386212][T15691] netlink: 'syz.2.3232': attribute type 10 has an invalid length.
[ 1037.902637][T15698] netlink: 'syz.0.3235': attribute type 9 has an invalid length.
[ 1037.914418][T15698] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3235'.
[ 1038.155579][T15698] netlink: 'syz.0.3235': attribute type 9 has an invalid length.
[ 1038.180695][T15698] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3235'.
[ 1038.382574][T15710] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.3237'.
[ 1038.408534][T15710] bridge_slave_1: default FDB implementation only supports local addresses
[ 1038.672447][T15717] FAULT_INJECTION: forcing a failure.
[ 1038.672447][T15717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1038.699156][T15717] CPU: 0 PID: 15717 Comm: syz.2.3242 Not tainted syzkaller #0
[ 1038.706711][T15717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1038.716806][T15717] Call Trace:
[ 1038.720119][T15717]  <TASK>
[ 1038.723079][T15717]  dump_stack_lvl+0x18c/0x250
[ 1038.727806][T15717]  ? show_regs_print_info+0x20/0x20
[ 1038.733037][T15717]  ? load_image+0x400/0x400
[ 1038.737576][T15717]  ? __might_fault+0xaa/0x120
[ 1038.742277][T15717]  ? __lock_acquire+0x7d40/0x7d40
[ 1038.747333][T15717]  should_fail_ex+0x39d/0x4d0
[ 1038.752050][T15717]  _copy_from_user+0x2f/0xe0
[ 1038.756676][T15717]  __sys_bpf+0x23e/0x890
[ 1038.760950][T15717]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1038.766385][T15717]  ? lock_chain_count+0x20/0x20
[ 1038.771276][T15717]  __x64_sys_bpf+0x7c/0x90
[ 1038.775735][T15717]  do_syscall_64+0x55/0xa0
[ 1038.780186][T15717]  ? clear_bhb_loop+0x40/0x90
[ 1038.784893][T15717]  ? clear_bhb_loop+0x40/0x90
[ 1038.789601][T15717]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1038.795524][T15717] RIP: 0033:0x7f7c7ef9af79
[ 1038.799979][T15717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1038.819617][T15717] RSP: 002b:00007f7c7fdbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1038.828094][T15717] RAX: ffffffffffffffda RBX: 00007f7c7f215fa0 RCX: 00007f7c7ef9af79
[ 1038.836100][T15717] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1038.844110][T15717] RBP: 00007f7c7fdbb090 R08: 0000000000000000 R09: 0000000000000000
[ 1038.852106][T15717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1038.860100][T15717] R13: 00007f7c7f216038 R14: 00007f7c7f215fa0 R15: 00007fff6a535be8
[ 1038.868114][T15717]  </TASK>
[ 1039.083417][T15729] netlink: 'syz.3.3244': attribute type 10 has an invalid length.
[ 1040.012292][T15745] netlink: 'syz.2.3249': attribute type 10 has an invalid length.
[ 1040.705122][T15754] netlink: 'syz.3.3252': attribute type 9 has an invalid length.
[ 1040.726193][T15754] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3252'.
[ 1040.919603][T15754] netlink: 'syz.3.3252': attribute type 9 has an invalid length.
[ 1040.932944][T15754] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3252'.
[ 1042.587815][T15768] netlink: 'syz.0.3266': attribute type 9 has an invalid length.
[ 1042.602886][T15768] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3266'.
[ 1042.647617][T15774] netlink: 'syz.2.3260': attribute type 29 has an invalid length.
[ 1042.655666][T15774] netlink: 'syz.2.3260': attribute type 3 has an invalid length.
[ 1042.666073][T15774] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3260'.
[ 1042.838022][T15773] netlink: 'syz.0.3266': attribute type 9 has an invalid length.
[ 1042.867958][T15773] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3266'.
[ 1042.935944][T15774] netlink: 'syz.2.3260': attribute type 10 has an invalid length.
[ 1043.884954][T15787] netlink: 'syz.2.3261': attribute type 10 has an invalid length.
[ 1044.344810][T15797] FAULT_INJECTION: forcing a failure.
[ 1044.344810][T15797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1044.394219][T15797] CPU: 1 PID: 15797 Comm: syz.2.3267 Not tainted syzkaller #0
[ 1044.401762][T15797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1044.411878][T15797] Call Trace:
[ 1044.415192][T15797]  <TASK>
[ 1044.418144][T15797]  dump_stack_lvl+0x18c/0x250
[ 1044.422844][T15797]  ? show_regs_print_info+0x20/0x20
[ 1044.428066][T15797]  ? load_image+0x400/0x400
[ 1044.432590][T15797]  ? __might_fault+0xaa/0x120
[ 1044.437315][T15797]  ? __lock_acquire+0x7d40/0x7d40
[ 1044.442402][T15797]  should_fail_ex+0x39d/0x4d0
[ 1044.447149][T15797]  _copy_to_user+0x2f/0xa0
[ 1044.451641][T15797]  bpf_test_finish+0x25a/0x650
[ 1044.456436][T15797]  ? convert_skb_to___skb+0x420/0x420
[ 1044.461849][T15797]  ? _copy_from_user+0xa5/0xe0
[ 1044.466673][T15797]  ? bpf_test_init+0x119/0x140
[ 1044.471502][T15797]  bpf_prog_test_run_xdp+0x8a9/0x10e0
[ 1044.476944][T15797]  ? dev_put+0x80/0x80
[ 1044.481161][T15797]  ? dev_put+0x80/0x80
[ 1044.485271][T15797]  bpf_prog_test_run+0x321/0x390
[ 1044.490252][T15797]  __sys_bpf+0x49d/0x890
[ 1044.494551][T15797]  ? bpf_link_show_fdinfo+0x390/0x390
[ 1044.500027][T15797]  ? lock_chain_count+0x20/0x20
[ 1044.504951][T15797]  __x64_sys_bpf+0x7c/0x90
[ 1044.509433][T15797]  do_syscall_64+0x55/0xa0
[ 1044.513912][T15797]  ? clear_bhb_loop+0x40/0x90
[ 1044.518658][T15797]  ? clear_bhb_loop+0x40/0x90
[ 1044.523378][T15797]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1044.529313][T15797] RIP: 0033:0x7f7c7ef9af79
[ 1044.533764][T15797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1044.553411][T15797] RSP: 002b:00007f7c7fdbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1044.561839][T15797] RAX: ffffffffffffffda RBX: 00007f7c7f215fa0 RCX: 00007f7c7ef9af79
[ 1044.569824][T15797] RDX: 0000000000000050 RSI: 0000200000000280 RDI: 000000000000000a
[ 1044.577820][T15797] RBP: 00007f7c7fdbb090 R08: 0000000000000000 R09: 0000000000000000
[ 1044.585816][T15797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1044.593802][T15797] R13: 00007f7c7f216038 R14: 00007f7c7f215fa0 R15: 00007fff6a535be8
[ 1044.601803][T15797]  </TASK>
[ 1045.087085][T15809] netlink: 'syz.0.3271': attribute type 29 has an invalid length.
[ 1045.130092][T15809] netlink: 'syz.0.3271': attribute type 3 has an invalid length.
[ 1045.186120][T15809] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3271'.
[ 1045.443165][T15813] netlink: 'syz.0.3271': attribute type 10 has an invalid length.
[ 1045.631766][T15820] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3275'.
[ 1045.867120][T15822] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3275'.
[ 1046.397010][T15833] validate_nla: 2 callbacks suppressed
[ 1046.397030][T15833] netlink: 'syz.0.3276': attribute type 10 has an invalid length.
[ 1047.181605][T15853] netlink: 'syz.0.3286': attribute type 9 has an invalid length.
[ 1047.210541][T15853] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3286'.
[ 1047.377862][T15855] netlink: 'syz.0.3286': attribute type 9 has an invalid length.
[ 1047.396391][T15855] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3286'.
[ 1047.999594][T15866] netlink: 'syz.3.3290': attribute type 29 has an invalid length.
[ 1048.008553][T15866] netlink: 'syz.3.3290': attribute type 3 has an invalid length.
[ 1048.022280][T15866] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3290'.
[ 1049.920113][T15874] netlink: 'syz.3.3290': attribute type 10 has an invalid length.
[ 1050.097505][T15885] netlink: 'syz.2.3296': attribute type 10 has an invalid length.
[ 1050.105512][T15885] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3296'.
[ 1050.361298][T15889] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.3298'.
[ 1050.380441][T15889] netlink: zone id is out of range
[ 1050.385331][T15891] netlink: 'syz.0.3298': attribute type 21 has an invalid length.
[ 1050.416426][T15889] netlink: zone id is out of range
[ 1050.421987][T15889] netlink: zone id is out of range
[ 1050.503857][T15896] netlink: 'syz.1.3300': attribute type 29 has an invalid length.
[ 1050.516233][T15896] netlink: 'syz.1.3300': attribute type 3 has an invalid length.
[ 1050.530461][T15896] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3300'.
[ 1050.741081][T15901] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3301'.
[ 1050.933267][T15906] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3303'.
[ 1050.953388][T15904] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3301'.
[ 1051.245423][T15908] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3304'.
[ 1051.304344][T15909] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3304'.
[ 1051.420177][T15916] validate_nla: 8 callbacks suppressed
[ 1051.420197][T15916] netlink: 'syz.3.3306': attribute type 29 has an invalid length.
[ 1051.435927][T15916] netlink: 'syz.3.3306': attribute type 3 has an invalid length.
[ 1051.449965][T15916] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3306'.
[ 1051.635572][T15918] netlink: 'syz.3.3306': attribute type 10 has an invalid length.
[ 1051.650069][T15913] netlink: 'syz.1.3305': attribute type 9 has an invalid length.
[ 1051.718198][T15914] netlink: 'syz.1.3305': attribute type 9 has an invalid length.
[ 1052.648023][T15938] netlink: 'syz.1.3314': attribute type 29 has an invalid length.
[ 1052.655945][T15938] netlink: 'syz.1.3314': attribute type 3 has an invalid length.
[ 1052.746392][T15943] netlink: 'syz.3.3316': attribute type 9 has an invalid length.
[ 1052.865679][T15942] netlink: 'syz.1.3314': attribute type 10 has an invalid length.
[ 1052.980435][T15943] netlink: 'syz.3.3316': attribute type 9 has an invalid length.
[ 1053.408280][T15952] __nla_validate_parse: 5 callbacks suppressed
[ 1053.408301][T15952] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3318'.
[ 1053.432594][T15953] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3319'.
[ 1053.586639][T15956] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3318'.
[ 1054.123227][T15965] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3322'.
[ 1054.273929][T15970] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3325'.
[ 1054.399251][T15970] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3325'.
[ 1054.701612][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.710583][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.124434][T15990] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3332'.
[ 1055.237155][T15995] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3333'.
[ 1055.311485][T15997] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.3335'.
[ 1055.421486][T15990] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3332'.
[ 1056.583621][T16024] tipc: Started in network mode
[ 1056.599766][T16024] tipc: Node identity b, cluster identity 73
[ 1056.619461][T16024] tipc: Node number set to 11
[ 1056.628069][T16019] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1056.805296][T16028] validate_nla: 19 callbacks suppressed
[ 1056.805348][T16028] netlink: 'syz.2.3347': attribute type 9 has an invalid length.
[ 1056.959103][T16037] netlink: 'syz.1.3349': attribute type 29 has an invalid length.
[ 1056.983576][T16037] netlink: 'syz.1.3349': attribute type 3 has an invalid length.
[ 1057.276402][T16044] netlink: 'syz.1.3349': attribute type 10 has an invalid length.
[ 1057.434834][T16048] netlink: 'syz.3.3353': attribute type 9 has an invalid length.
[ 1057.583528][T16048] netlink: 'syz.3.3353': attribute type 9 has an invalid length.
[ 1057.636066][T16057] FAULT_INJECTION: forcing a failure.
[ 1057.636066][T16057] name failslab, interval 1, probability 0, space 0, times 0
[ 1057.663569][T16057] CPU: 1 PID: 16057 Comm: syz.1.3356 Not tainted syzkaller #0
[ 1057.671094][T16057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1057.681191][T16057] Call Trace:
[ 1057.684495][T16057]  <TASK>
[ 1057.687453][T16057]  dump_stack_lvl+0x18c/0x250
[ 1057.692172][T16057]  ? show_regs_print_info+0x20/0x20
[ 1057.697406][T16057]  ? load_image+0x400/0x400
[ 1057.701944][T16057]  ? __might_sleep+0xe0/0xe0
[ 1057.706572][T16057]  ? __lock_acquire+0x7d40/0x7d40
[ 1057.711723][T16057]  should_fail_ex+0x39d/0x4d0
[ 1057.716452][T16057]  should_failslab+0x9/0x20
[ 1057.720992][T16057]  slab_pre_alloc_hook+0x59/0x310
[ 1057.726080][T16057]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1057.731840][T16057]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1057.737711][T16057]  __kmem_cache_alloc_node+0x53/0x250
[ 1057.743128][T16057]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1057.748888][T16057]  __kmalloc+0xa4/0x230
[ 1057.753106][T16057]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1057.758715][T16057]  tomoyo_path_number_perm+0x248/0x620
[ 1057.764242][T16057]  ? tomoyo_path_number_perm+0x217/0x620
[ 1057.769921][T16057]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1057.775452][T16057]  ? ksys_write+0x1c4/0x260
[ 1057.780035][T16057]  ? __fget_files+0x28/0x4b0
[ 1057.784680][T16057]  ? __fget_files+0x28/0x4b0
[ 1057.789326][T16057]  security_file_ioctl+0x70/0xa0
[ 1057.794310][T16057]  __se_sys_ioctl+0x48/0x170
[ 1057.798954][T16057]  do_syscall_64+0x55/0xa0
[ 1057.803404][T16057]  ? clear_bhb_loop+0x40/0x90
[ 1057.808116][T16057]  ? clear_bhb_loop+0x40/0x90
[ 1057.812840][T16057]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1057.818768][T16057] RIP: 0033:0x7fa77d79af79
[ 1057.823220][T16057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1057.842859][T16057] RSP: 002b:00007fa77e6e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1057.851400][T16057] RAX: ffffffffffffffda RBX: 00007fa77da15fa0 RCX: 00007fa77d79af79
[ 1057.859423][T16057] RDX: 0000200000000100 RSI: 000000000000890c RDI: 0000000000000004
[ 1057.867432][T16057] RBP: 00007fa77e6e4090 R08: 0000000000000000 R09: 0000000000000000
[ 1057.875463][T16057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1057.883553][T16057] R13: 00007fa77da16038 R14: 00007fa77da15fa0 R15: 00007ffc742a7f58
[ 1057.891574][T16057]  </TASK>
[ 1057.909726][T16057] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1057.923405][T16049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1058.218427][T16061] netlink: 'syz.2.3358': attribute type 9 has an invalid length.
[ 1059.027146][T16078] netlink: 'syz.1.3364': attribute type 29 has an invalid length.
[ 1059.055236][T16078] netlink: 'syz.1.3364': attribute type 3 has an invalid length.
[ 1059.063761][T16078] __nla_validate_parse: 10 callbacks suppressed
[ 1059.063777][T16078] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3364'.
[ 1059.192367][T16080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1059.217757][T16084] netlink: 'syz.1.3364': attribute type 10 has an invalid length.
[ 1059.617239][T16093] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.3369'.
[ 1060.177273][T16114] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3379'.
[ 1062.217001][T16152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1062.549299][T16172] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3402'.
[ 1062.576323][T16172] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3402'.
[ 1062.606202][T16172] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3402'.
[ 1062.695683][T16176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1062.704861][T16176] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1062.748958][T16176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1062.776290][T16176] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1062.902857][T16182] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3405'.
[ 1062.922345][T16183] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3405'.
[ 1062.994085][T16182] validate_nla: 4 callbacks suppressed
[ 1062.994102][T16182] netlink: 'syz.1.3405': attribute type 29 has an invalid length.
[ 1063.052104][T16180] netlink: 'syz.2.3406': attribute type 58 has an invalid length.
[ 1063.063085][T16180] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3406'.
[ 1063.105384][T16182] netlink: 'syz.1.3405': attribute type 29 has an invalid length.
[ 1063.248831][T16188] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1063.559722][T16201] netlink: 121460 bytes leftover after parsing attributes in process `syz.0.3412'.
[ 1063.625143][T16208] netlink: 'syz.1.3415': attribute type 29 has an invalid length.
[ 1063.657487][T16208] netlink: 'syz.1.3415': attribute type 3 has an invalid length.
[ 1064.096934][T16208] netlink: 'syz.1.3415': attribute type 10 has an invalid length.
[ 1064.685228][T16224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1065.982094][T16249] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1081.797539][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1081.810827][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1081.820501][ T5826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1081.832782][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1081.840936][ T5826] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1081.852979][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1082.203012][T16285] chnl_net:caif_netlink_parms(): no params data found
[ 1082.385112][T16285] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1082.409569][T16285] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1082.418548][T16285] bridge_slave_0: entered allmulticast mode
[ 1082.428932][T16285] bridge_slave_0: entered promiscuous mode
[ 1082.449033][T16285] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1082.459801][T16285] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1082.468675][T16285] bridge_slave_1: entered allmulticast mode
[ 1082.480033][T16285] bridge_slave_1: entered promiscuous mode
[ 1082.523018][T16285] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1082.543897][T16285] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1082.605627][T16285] team0: Port device team_slave_0 added
[ 1082.614863][T16285] team0: Port device team_slave_1 added
[ 1082.659959][T16285] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1082.696069][T16285] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1082.748452][T16285] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1082.783934][T16285] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1082.810444][T16285] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1082.870559][T16285] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1083.966296][ T5826] Bluetooth: hci2: command tx timeout
[ 1084.147531][ T5826] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1084.158109][ T5826] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1084.166893][ T5826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1084.176487][ T5826] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1084.184406][ T5826] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1084.192391][ T5826] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1084.388296][T16303] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1084.398945][T16303] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1084.407088][T16303] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1084.415423][T16303] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1084.424190][T16303] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1084.431823][T16303] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1084.517302][T16303] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1084.532232][T16303] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1084.540522][T16303] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1084.554881][T16303] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1084.562842][T16303] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1084.576222][T16303] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1086.046534][T12553] Bluetooth: hci2: command tx timeout
[ 1086.276856][T12553] Bluetooth: hci5: command tx timeout
[ 1086.516506][T12553] Bluetooth: hci6: command tx timeout
[ 1086.686520][T12553] Bluetooth: hci7: command tx timeout
[ 1088.126300][T12553] Bluetooth: hci2: command tx timeout
[ 1088.356365][T12553] Bluetooth: hci5: command tx timeout
[ 1088.606279][T12553] Bluetooth: hci6: command tx timeout
[ 1088.766324][T12553] Bluetooth: hci7: command tx timeout
[ 1090.206333][T12553] Bluetooth: hci2: command tx timeout
[ 1090.436687][T12553] Bluetooth: hci5: command tx timeout
[ 1090.693727][T12553] Bluetooth: hci6: command tx timeout
[ 1090.836361][T12553] Bluetooth: hci7: command tx timeout
[ 1092.516472][T12553] Bluetooth: hci5: command tx timeout
[ 1092.766290][T12553] Bluetooth: hci6: command tx timeout
[ 1092.926354][T12553] Bluetooth: hci7: command tx timeout
[ 1141.858427][T16303] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1141.873073][T16303] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1141.881719][T16303] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1141.891705][T16303] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1141.899608][T16303] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1141.908552][T16303] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1143.956446][T12553] Bluetooth: hci8: command tx timeout
[ 1144.311758][ T5826] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1144.321551][ T5826] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1144.335035][ T5826] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1144.344564][ T5826] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1144.357319][ T5826] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[ 1144.365750][ T5826] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1144.447242][ T5826] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1144.461721][ T5826] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1144.469929][ T5826] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1144.484340][ T5826] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1144.492292][ T5826] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 1144.500392][ T5826] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1145.138241][ T5826] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1145.153121][ T5826] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1145.162735][ T5826] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1145.176194][ T5826] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1145.184212][ T5826] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[ 1145.192674][ T5826] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1145.240733][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[ 1145.252825][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[ 1146.036317][ T5826] Bluetooth: hci8: command tx timeout
[ 1146.446325][ T5826] Bluetooth: hci10: command tx timeout
[ 1146.600924][ T5826] Bluetooth: hci9: command tx timeout
[ 1147.236422][ T5826] Bluetooth: hci11: command tx timeout
[ 1148.133365][ T5826] Bluetooth: hci8: command tx timeout
[ 1148.516276][ T5826] Bluetooth: hci10: command tx timeout
[ 1148.676268][ T5826] Bluetooth: hci9: command tx timeout
[ 1149.324262][ T5826] Bluetooth: hci11: command tx timeout
[ 1150.196392][ T5826] Bluetooth: hci8: command tx timeout
[ 1150.606310][ T5826] Bluetooth: hci10: command tx timeout
[ 1150.756292][ T5826] Bluetooth: hci9: command tx timeout
[ 1151.396314][ T5826] Bluetooth: hci11: command tx timeout
[ 1152.676067][ T5826] Bluetooth: hci10: command tx timeout
[ 1152.836411][ T5826] Bluetooth: hci9: command tx timeout
[ 1153.477287][ T5826] Bluetooth: hci11: command tx timeout
[ 1171.525996][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1171.532901][    C0] rcu: 	0-....: (1 GPs behind) idle=a924/1/0x4000000000000000 softirq=61225/61228 fqs=4002
[ 1171.543873][    C0] rcu: 	         hardirqs   softirqs   csw/system
[ 1171.550289][    C0] rcu: 	 number:  1291939          0            0
[ 1171.556705][    C0] rcu: 	cputime:    18063      34426           68   ==> 52490(ms)
[ 1171.564535][    C0] rcu: 	(t=10500 jiffies g=75869 q=1951 ncpus=2)
[ 1171.570865][    C0] CPU: 0 PID: 16263 Comm: syz.0.3433 Not tainted syzkaller #0
[ 1171.578323][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1171.588390][    C0] RIP: 0010:check_preemption_disabled+0x18/0x110
[ 1171.594749][    C0] Code: c0 81 1c 8b eb 0c 66 2e 0f 1f 84 00 00 00 00 00 66 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 <65> 8b 05 1d 54 7f 75 65 8b 0d 12 54 7f 75 f7 c1 ff ff ff 7f 74 1f
[ 1171.614364][    C0] RSP: 0018:ffffc90000006e68 EFLAGS: 00000282
[ 1171.620438][    C0] RAX: c374e4fc9e78ad00 RBX: 0000000000000000 RCX: ffffffff8168a4b6
[ 1171.628434][    C0] RDX: 0000000000000000 RSI: ffffffff8b1c81c0 RDI: ffffffff8b1c8180
[ 1171.636410][    C0] RBP: ffffc90000006fd8 R08: ffffffff8e8add2f R09: 1ffffffff1d15ba5
[ 1171.644385][    C0] R10: dffffc0000000000 R11: fffffbfff1d15ba6 R12: ffffffff819467b6
[ 1171.652359][    C0] R13: dffffc0000000000 R14: 00007f448139af79 R15: 1ffff92000000de4
[ 1171.660358][    C0] FS:  00007f44821a46c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1171.669288][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1171.675959][    C0] CR2: 0000000000000000 CR3: 000000006b7af000 CR4: 00000000003506f0
[ 1171.684026][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300
[ 1171.692006][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1171.699987][    C0] Call Trace:
[ 1171.703364][    C0]  <IRQ>
[ 1171.706237][    C0]  rcu_is_watching+0x15/0xb0
[ 1171.710859][    C0]  lock_release+0xb5/0x8c0
[ 1171.715299][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 1171.720338][    C0]  ? deref_stack_reg+0x1bd/0x240
[ 1171.725386][    C0]  is_bpf_text_address+0x28f/0x2a0
[ 1171.730507][    C0]  ? is_bpf_text_address+0x26/0x2a0
[ 1171.735714][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1171.741791][    C0]  kernel_text_address+0xa0/0xd0
[ 1171.746751][    C0]  __kernel_text_address+0xd/0x30
[ 1171.751786][    C0]  unwind_get_return_address+0x5d/0xc0
[ 1171.757254][    C0]  ? stack_trace_save+0x100/0x100
[ 1171.762298][    C0]  arch_stack_walk+0x11d/0x190
[ 1171.767120][    C0]  stack_trace_save+0xaa/0x100
[ 1171.771905][    C0]  ? stack_trace_snprint+0xf0/0xf0
[ 1171.777031][    C0]  ? memset_orig+0x4e/0xac
[ 1171.781462][    C0]  kasan_save_stack+0x3e/0x60
[ 1171.786148][    C0]  ? kasan_save_stack+0x3e/0x60
[ 1171.791007][    C0]  ? __kasan_record_aux_stack+0xaf/0xc0
[ 1171.796566][    C0]  ? call_rcu+0x153/0x950
[ 1171.800917][    C0]  ? __dev_queue_xmit+0x983/0x36b0
[ 1171.806033][    C0]  ? ip6_finish_output2+0xe3d/0x1630
[ 1171.811324][    C0]  ? ndisc_send_skb+0xc26/0x14f0
[ 1171.816264][    C0]  ? addrconf_rs_timer+0x2d5/0x630
[ 1171.821385][    C0]  ? call_timer_fn+0x189/0x540
[ 1171.826161][    C0]  ? __run_timers+0x542/0x800
[ 1171.830842][    C0]  ? run_timer_softirq+0x67/0xf0
[ 1171.835793][    C0]  ? handle_softirqs+0x280/0x820
[ 1171.840732][    C0]  ? __irq_exit_rcu+0xd3/0x190
[ 1171.845499][    C0]  ? irq_exit_rcu+0x9/0x20
[ 1171.849920][    C0]  ? sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1171.855735][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1171.861896][    C0]  ? generic_exec_single+0x481/0x4f0
[ 1171.867185][    C0]  ? smp_call_function_single+0x36d/0x5a0
[ 1171.872922][    C0]  ? event_function_call+0x359/0x650
[ 1171.878219][    C0]  ? perf_ioctl+0x1fdc/0x24a0
[ 1171.882909][    C0]  ? __se_sys_ioctl+0xfd/0x170
[ 1171.887680][    C0]  ? do_syscall_64+0x55/0xa0
[ 1171.892288][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1171.898389][    C0]  ? __phys_addr+0xba/0x170
[ 1171.902905][    C0]  __kasan_record_aux_stack+0xaf/0xc0
[ 1171.908286][    C0]  ? rcuref_put+0x220/0x220
[ 1171.912793][    C0]  call_rcu+0x153/0x950
[ 1171.916960][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1171.923118][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1171.928362][    C0]  ? rcu_force_quiescent_state+0x230/0x230
[ 1171.934186][    C0]  ? rcuref_put+0x220/0x220
[ 1171.938700][    C0]  __dev_queue_xmit+0x983/0x36b0
[ 1171.943650][    C0]  ? __dev_queue_xmit+0x26b/0x36b0
[ 1171.948798][    C0]  ? read_seqbegin+0x19a/0x270
[ 1171.953660][    C0]  ? read_seqbegin+0x1c8/0x270
[ 1171.958434][    C0]  ? neigh_event_send+0x110/0x110
[ 1171.963465][    C0]  ? netdev_core_pick_tx+0x340/0x340
[ 1171.968773][    C0]  ? __asan_memcpy+0x40/0x70
[ 1171.973377][    C0]  ? eth_header+0x11b/0x200
[ 1171.977908][    C0]  ? llc_sysctl_exit+0x70/0x70
[ 1171.982689][    C0]  ? neigh_resolve_output+0x618/0x730
[ 1171.988088][    C0]  ip6_finish_output2+0xe3d/0x1630
[ 1171.993220][    C0]  ? ip6_finish_output2+0x645/0x1630
[ 1171.998539][    C0]  ? ip6_mtu+0x7d/0x3f0
[ 1172.002703][    C0]  ? nf_hook+0x390/0x390
[ 1172.006956][    C0]  ? ip6_finish_output+0x57b/0x820
[ 1172.012090][    C0]  ndisc_send_skb+0xc26/0x14f0
[ 1172.016865][    C0]  ? ndisc_send_skb+0x1f5/0x14f0
[ 1172.021846][    C0]  ? ndisc_mc_map+0x680/0x680
[ 1172.026529][    C0]  ? skb_dst+0xd0/0xd0
[ 1172.030600][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1172.036782][    C0]  addrconf_rs_timer+0x2d5/0x630
[ 1172.041741][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1172.047840][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1172.053836][    C0]  call_timer_fn+0x189/0x540
[ 1172.058439][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1172.064521][    C0]  ? call_timer_fn+0xd2/0x540
[ 1172.069291][    C0]  ? __run_timers+0x800/0x800
[ 1172.073980][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[ 1172.080059][    C0]  __run_timers+0x542/0x800
[ 1172.084579][    C0]  ? detach_timer+0x2b0/0x2b0
[ 1172.089275][    C0]  run_timer_softirq+0x67/0xf0
[ 1172.094064][    C0]  handle_softirqs+0x280/0x820
[ 1172.098855][    C0]  ? __irq_exit_rcu+0xd3/0x190
[ 1172.103629][    C0]  ? do_softirq+0x1a0/0x1a0
[ 1172.108146][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[ 1172.113374][    C0]  __irq_exit_rcu+0xd3/0x190
[ 1172.117991][    C0]  ? irq_exit_rcu+0x20/0x20
[ 1172.122522][    C0]  irq_exit_rcu+0x9/0x20
[ 1172.126789][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1172.132457][    C0]  </IRQ>
[ 1172.135411][    C0]  <TASK>
[ 1172.138370][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1172.144367][    C0] RIP: 0010:generic_exec_single+0x481/0x4f0
[ 1172.150275][    C0] Code: 75 11 e8 02 02 0b 00 48 85 db 75 16 e8 f8 01 0b 00 eb 15 e8 f1 01 0b 00 e8 bc 39 08 09 48 85 db 74 ea e8 e2 01 0b 00 fb 31 c0 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 2c 00 00 00 00 43 c7 44 2c 08
[ 1172.169897][    C0] RSP: 0018:ffffc90003577860 EFLAGS: 00000246
[ 1172.175979][    C0] RAX: 0000000000000000 RBX: 0000000000000200 RCX: 0000000000080000
[ 1172.183955][    C0] RDX: ffffc90014400000 RSI: 00000000000016db RDI: 00000000000016dc
[ 1172.191968][    C0] RBP: ffffc90003577930 R08: ffffffff911bf5ff R09: 1ffffffff2237ebf
[ 1172.199947][    C0] R10: dffffc0000000000 R11: fffffbfff2237ec0 R12: 1ffff920006aef10
[ 1172.207939][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920006aef31
[ 1172.215933][    C0]  ? event_function+0x300/0x300
[ 1172.220820][    C0]  ? smp_call_function_single+0x5a0/0x5a0
[ 1172.226557][    C0]  ? preempt_count_add+0x84/0x1a0
[ 1172.231604][    C0]  smp_call_function_single+0x36d/0x5a0
[ 1172.237205][    C0]  ? event_function+0x300/0x300
[ 1172.242088][    C0]  ? flush_smp_call_function_queue+0x250/0x250
[ 1172.248279][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1172.253063][    C0]  ? event_function+0x300/0x300
[ 1172.257939][    C0]  event_function_call+0x359/0x650
[ 1172.263062][    C0]  ? __perf_event_read+0xb90/0xb90
[ 1172.268200][    C0]  ? perf_event_ctx_lock_nested+0x490/0x490
[ 1172.274108][    C0]  ? event_function_call+0x650/0x650
[ 1172.279421][    C0]  ? __might_fault+0xaa/0x120
[ 1172.284109][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 1172.289151][    C0]  ? __perf_event_read+0xb90/0xb90
[ 1172.294267][    C0]  ? __might_fault+0xaa/0x120
[ 1172.298967][    C0]  ? __might_fault+0xc6/0x120
[ 1172.303649][    C0]  ? __might_fault+0xaa/0x120
[ 1172.308337][    C0]  perf_ioctl+0x1fdc/0x24a0
[ 1172.312855][    C0]  ? tomoyo_path_number_perm+0x217/0x620
[ 1172.318502][    C0]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[ 1172.324225][    C0]  ? perf_poll+0x1b0/0x1b0
[ 1172.328660][    C0]  ? perf_trace_preemptirq_template+0x269/0x330
[ 1172.334925][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1172.340928][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1172.347093][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1172.352316][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1172.358478][    C0]  ? security_file_ioctl+0x45/0xa0
[ 1172.363601][    C0]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1172.368537][    C0]  ? security_file_ioctl+0x80/0xa0
[ 1172.373655][    C0]  ? perf_poll+0x1b0/0x1b0
[ 1172.378083][    C0]  __se_sys_ioctl+0xfd/0x170
[ 1172.382694][    C0]  do_syscall_64+0x55/0xa0
[ 1172.387128][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1172.391831][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1172.396513][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1172.402408][    C0] RIP: 0033:0x7f448139af79
[ 1172.406829][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1172.426441][    C0] RSP: 002b:00007f44821a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1172.434864][    C0] RAX: ffffffffffffffda RBX: 00007f4481615fa0 RCX: 00007f448139af79
[ 1172.442843][    C0] RDX: 00002000000002c0 RSI: 0000000040082404 RDI: 0000000000000009
[ 1172.450836][    C0] RBP: 00007f44814316e0 R08: 0000000000000000 R09: 0000000000000000
[ 1172.458810][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1172.466784][    C0] R13: 00007f4481616038 R14: 00007f4481615fa0 R15: 00007ffc4d4c40f8
[ 1172.474772][    C0]  </TASK>