last executing test programs:

36.496319417s ago: executing program 0 (id=3071):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x20801, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000021", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$kcm(r2, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x7, 0x43a1bd78, 0x9, 0x9, 0x6, 0xfffd, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x503, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYRES32=0x0, @ANYRES32], 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000100)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="310a10"], 0x31)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010000080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0x40040)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400030000120800040043000000a8001600a400014020000300feffff7fb94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)

35.08263732s ago: executing program 0 (id=3078):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20801, 0x0)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000061114c000000000000b7f04bc8"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311fe1f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x7, 0x43a1bd78, 0x9, 0x9, 0x6, 0xfffd, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fc0300ff0000000000000000850000003600"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x503, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1e00000002000000010000000700000000100000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000004000000030000000c00"], 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="310a10"], 0x31)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x58, &(0x7f0000000240)}, 0x10)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010000080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0x40040)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400030000120800040043000000a8001600a400014020000300feffff7fb94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)

34.340898569s ago: executing program 1 (id=3080):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000300000002000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x85, 0x1, 0x0, 0x0, 0x0, 0x2, 0x20022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)

34.337629129s ago: executing program 2 (id=3081):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x501200, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'team0\x00', 0x100})
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0xb, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0xfffffffffffffec7, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xc0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6}, 0x94)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000500)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x50)
r8 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
recvmsg$unix(r9, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r8, 0x84, 0x17, &(0x7f0000000000)=r10, 0x10)
write$cgroup_freezer_state(r10, &(0x7f00000000c0)='FREEZING\x00', 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x17, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x8}, @tail_call, @map_idx={0x18, 0x1, 0x5, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000380)='GPL\x00', 0x7, 0xad, &(0x7f00000003c0)=""/173, 0x40f00, 0x23, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0x8, 0x8, 0xffffffff}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000580)=[r7], &(0x7f00000005c0)=[{0x3, 0x1, 0x9}, {0x3, 0x4, 0x0, 0x8}, {0x0, 0x1, 0x6, 0x2}, {0x4, 0x1, 0x6, 0x2}, {0x0, 0x1, 0x2, 0xa}, {0x2, 0x5, 0x6, 0x8}], 0x10, 0x7}, 0x94)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="8f00000015006b05c84e21000ab16d8b230675f802000000440002005805530461bc24eeb556a705251e6182149a36c23d1b48dfd8cd81bf9367b098fa51f60a64c9f4080000000000b6c0504bb9189d9193e9bd1c1b7376dc5214168eab57c736b13ae90298536c3aa6b230606b45823c8f8e9616afbb519374c3e3875b0f3252fc5dfbc28369efcd300a95fcfcda", 0x8f}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8094)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x20}, {0x74, 0x0, 0x1, 0x1}, {0xb1, 0x0, 0x28, 0x8001}, {0x16, 0xfc, 0x5, 0xffffffff}]})

34.259426763s ago: executing program 3 (id=3082):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
sendmsg$sock(r3, 0x0, 0xc001)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x8000}, 0x114905, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r6, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa06a6, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0xe}, 0x90, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x18}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1a}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xa, 0x9}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf05", 0x29}], 0x1}, 0x0)

34.198844236s ago: executing program 1 (id=3083):
r0 = perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0x1e002, 0xf, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}, 0x18842, 0x0, 0x7, 0x7, 0x9, 0x3, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1c, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000340)={r2}, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000440)=r2}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffae, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x5}, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x1c, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x4}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x1}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @jmp={0x5, 0x0, 0xb, 0x5, 0x2, 0x2, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffe}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000005c0)='syzkaller\x00', 0xffff, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0xc, 0x7, 0xedd}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r1, r1, r1, r1, r1, r5, r1, r1], 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x71, 0x64, &(0x7f0000000000)="fcb4b6377756f817e35b7b4b4afd0df89b68165a340a87f3204e38d8fda5da6748d5283a0911d43f381d23c1b52a25383cc7882e2c7292e18617003d06c5d57c767434aefe9871b2fa5e702de1be74bc86f4cfccd1350d9111f04cf29e597525bd51737deae7ad6cc15de4b300b8e96355", &(0x7f0000000080)=""/100, 0x3, 0x0, 0xc2, 0x26, &(0x7f0000000100)="51b8faa0d49b1daed728342c8b54ac0ead59c33f7f9496ff991958a4e2a026173df052e683e649671008d3c9205ec7e89c2fa4c554441b70be935123c40060afb7a39e295672a29edcc940e9087aba3241183c207ab0e948375ff591a0e8b71c2ee2d9faec35e0f602bc898f247e87d4a3cb160cd07b38dc48e8a4e6fe9d8f23d8f798e3fd56f1f430e691a70c4c02221078f3924974fe10782879a0c8029e2f15b0b96b3fb1316e2c3cf3ee5560ad999862fbefb05ac3ff166f16c27cbc4cd9d653", &(0x7f0000000200)="89bcf33241c1a0ec9981d61cb798266830cad78c97bff3a75b5fd43fc01aff4e234cd973b08e", 0x6, 0x0, 0x8}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000002c0)={r2, r1}, 0xc)

34.023679045s ago: executing program 0 (id=3085):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000007cc38af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000095"], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$kcm(0x10, 0x2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x30f)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)="1800000068007f089e", 0x59}, {&(0x7f0000000640)="68cabf2dfb58fc021d6b689866f05d480004fbffffffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae24f89a565ee52dcd729cd39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400", 0x57}], 0x2}, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc4220, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x1, 0xffffffffffffffff, 0x9)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0xf}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x6, 0x4, 0x4, 0x3, 0x0, 0x1, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x1f, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x7fff}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0x58, &(0x7f0000000740)}, 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)

33.816904206s ago: executing program 1 (id=3086):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x80, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b718000001ed0a00bfa30000000000002503000028feffff6203f0fff8ffffff61a4f0ff000000001d030200000000007f000000000000005504000017ffffff6604000017ffffffbe400000000000007b0300fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e7449316cc65b5d4796005c2f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da350bcc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e38ba49e3e57fafea83e00006a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bff030000000000000ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622ca231e9e98720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a3997f1cfe8a87e08f87ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c08c3a86bbcd3705432ad3f96a7bbc4a13780cf9f4a5e3a9badca61367b377cc6f77e66febca94c8d9fe6fa1148a0b65c0f1b0d00aad352d7c7b5aea945185022f2c8cae549e77a290ebffb8c9dc99168e06461c70f922231cf567a16cb2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1e}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x40000100)
recvmsg$kcm(r2, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x40)
r3 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x3, 0x0, 0x0, 0x0, 0x4, 0x30598, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r4, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=[@ip_ttl={{0x14}}, @ip_pktinfo={{0x1c, 0x84, 0x6, {0x0, @multicast2}}}], 0x38}, 0x8080)
socket$kcm(0x1e, 0x4, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
close(0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)

33.295543722s ago: executing program 3 (id=3087):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0xfe, 0x2, 0x10, 0x0, 0xa, 0xa848, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x200000000000c8, 0x20802, 0x7, 0xfffffffffffffff7, 0x80008000, 0xfffb, 0x0, 0xfffffffc, 0x0, 0x100000000001000}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x24040014)
sendmsg(r0, &(0x7f0000000f40)={&(0x7f00000001c0)=@rc={0x1f, @none, 0x38}, 0x80, 0x0}, 0x4840)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd631180fc000c2f00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa3a2008"], 0xfdef)

33.133477491s ago: executing program 2 (id=3088):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000140081fb7059ae08060c04000a020011000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x20000000)

33.105629933s ago: executing program 0 (id=3089):
syz_clone(0x45004400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x5000000000000, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1000000000040}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x50, 0x9b, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x100e4a, 0x0, 0x4000, 0x0, 0x17}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0x900, 0x5, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000050000850000001b000000b700000018000000850000005000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r4}, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002640)={r0, 0xe0, &(0x7f0000002540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000002340)=[0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0xa, 0x4, &(0x7f0000002380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002400)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xc9, &(0x7f0000002440)=[{}], 0x8, 0x10, &(0x7f0000002480), &(0x7f00000024c0), 0x8, 0x7c, 0x8, 0x8, &(0x7f0000002500)}}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002680), 0x4)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r10=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x2, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r10, r9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000002780)={0x13, 0x2a, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @alu={0x7, 0x1, 0xd, 0x7, 0x0, 0xfffffffffffffff8, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x5d}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x200}}, @call={0x85, 0x0, 0x0, 0x91}, @map_val={0x18, 0x0, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0xfffffe01}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000940)='GPL\x00', 0xfff, 0x1000, &(0x7f0000001340)=""/4096, 0x41100, 0x0, '\x00', r6, @fallback=0x31, r7, 0x8, &(0x7f00000026c0)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000002700)={0x5, 0x2, 0x80, 0x400}, 0x10, r10, r1, 0x4, 0x0, &(0x7f0000002740)=[{0x5, 0x3, 0x1}, {0x0, 0x1, 0x0, 0x4}, {0x2, 0x1, 0x9, 0xa}, {0x3, 0x3, 0x2, 0x5}], 0x10, 0x6}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00", 0x73}, {&(0x7f0000000080)="83d2ff5f00000080d2898a0cc6d6703b87eb28f77b09bc7e64f918fa3bc7664d327d90424d5503002800"/52, 0x34}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x4)

32.907308073s ago: executing program 3 (id=3090):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x6, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="000000feffffffffffffee94fbdfbaa508a6f34415cf378b4a595251be8e0add3846007fdc2378ea0ac2467d1c16b2ce47fac81c74b9f7c15a7126a9ebd1a25c0025c2209c5961522673d109973fb6d90d3ec20cf2e766f035f58c789cdc26b52b6d5885434a09a6494dbba5796f349d39f7bb003cc4dd0e3b9e6497eac8ac070b850a29bebcd7b2bac8125f5507c51856002024224496d53b55a22813af5820f0183de25e8795895c9fcfa281b429a0862e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x14905, 0x5, 0x7, 0x3, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000340)={'ip_vti0\x00'})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r1, 0x8, 0x0, 0xfffffffc, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f0000000140)=[0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
r4 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5d2d, 0x2a040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffff, 0x8000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000e6ffff030000b7080000000000007b8af8ff00d40000bfa200000000000007020011c451a300f8ffffffb703000008000000b7040000eb0000008500000003839685a236f4ea4a1d306392d51059c6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
sendmsg$kcm(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2566e506bce1e8", 0x14}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0xfa, 0x0, 0x0, 0x0, 0x10001, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_bp={0x0, 0xa}, 0x8000, 0x0, 0x80000, 0x1, 0x4, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r7, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
r10 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r10, 0x1, 0x41, &(0x7f0000000040)=r9, 0x4)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYBLOB="190000001820000000000000", @ANYRES32=r11, @ANYBLOB="7f5a5edee45af14717cfa045ff8b04039632c88f3f6af228a965d3ebf61fa6b6589f5f191d8780c76c1d515ac86450d922b2148a11cb3321368c8ab433c8bd7cfca788c1cd6af3d558af723ae517d3600eb1f0465dea867dd05d16f568ca250ff88e081285b7d509f47eba479085a728aa96cc84d223ab1e9a489963394539689044e9a4b8ad907b2af941f19f4400f92bbe243253ce772745c1dbe27730cd044feedd65a81e209128270fbf30ec5246daa1698753cb69a86a6a531f5ac747a03082a666df64dec3b423ae5f0976c651e48d612c4e9ca0986bb9f765273e", @ANYRES64=r3], 0x20)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r12)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x284402, 0x0)
close(r13)

32.906587873s ago: executing program 2 (id=3091):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000100), 0x120)
r1 = socket$kcm(0xa, 0x2, 0x3a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb35405"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r4, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0xfffffffffffffffd, 0x3fff8000}, 0x8, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x9, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb}, 0x100000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891e, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r6 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r6, 0x6, 0x21, &(0x7f0000001540), 0x20)
close(r0)
socket$kcm(0xa, 0x6, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000029c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="00008000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000e00"/28], 0x50)

32.729068292s ago: executing program 1 (id=3092):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000300000002000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x85, 0x1, 0x0, 0x0, 0x0, 0x2, 0x20022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)

32.471166275s ago: executing program 1 (id=3093):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20800, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20801, 0x0)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000061114c000000000000b7f04bc8"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311fe1f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x7, 0x43a1bd78, 0x9, 0x9, 0x6, 0xfffd, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fc0300ff0000000000000000850000003600"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x503, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1e00000002000000010000000700000000100000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000004000000030000000c00"], 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="310a10"], 0x31)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x58, &(0x7f0000000240)}, 0x10)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010000080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0x40040)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400030000120800040043000000a8001600a400014020000300feffff7fb94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)

32.179799131s ago: executing program 3 (id=3094):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x8000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x3, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000100), 0x120)
r1 = socket$kcm(0xa, 0x2, 0x3a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb35405"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r4, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0xfffffffffffffffd, 0x3fff8000}, 0x8, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x9, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r7, 0x1, 0x41, &(0x7f0000000040), 0x4)
sendmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="2e0000000000000000000000db4cb9cca72e0ef40f00de017544f5587bea090023a3ad25be719028ba8000101201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb}, 0x100000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891e, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r8 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r8, 0x6, 0x21, &(0x7f0000001540), 0x20)
close(r0)
socket$kcm(0xa, 0x6, 0x0)

32.032820898s ago: executing program 0 (id=3095):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
sendmsg$sock(r3, 0x0, 0xc001)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x8000}, 0x114905, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r6, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa06a6, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0xe}, 0x90, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x18}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1a}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xa, 0x9}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf05", 0x29}], 0x1}, 0x0)

31.797023471s ago: executing program 2 (id=3096):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x403d87c21de2ff3f, &(0x7f0000000040)="b90103606989068c3c270040f02f009e0ff008001fffffe1ffff8100632f080686dd00017f020001be", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

31.726035794s ago: executing program 0 (id=3097):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000000a07000000080000000000000b0400000009000000010000130c0000000740"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="dac3a1806d776372"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x38b137f9a619bb39, 0x14, '\x00', 0x0, @fallback=0x2e, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xcc0, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x60000002)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r1}, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000000a07000000080000000000000b0400000009000000010000130c0000000740"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="dac3a1806d776372"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x38b137f9a619bb39, 0x14, '\x00', 0x0, @fallback=0x2e, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xcc0, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x60000002) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r1}, 0x8) (async)

31.692606636s ago: executing program 1 (id=3098):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
sendmsg$sock(r3, 0x0, 0xc001)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x8000}, 0x114905, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r6, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa06a6, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0xe}, 0x90, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x18}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1a}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xa, 0x9}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d0003", 0x23}], 0x1}, 0x0)

31.541972154s ago: executing program 2 (id=3099):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x6, &(0x7f0000000100)=[{&(0x7f0000000380)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00e517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb000011d600a0680d4bbd6df1db6f1078bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40012100)

31.080810818s ago: executing program 3 (id=3100):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'macsec0\x00'})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'macsec0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000140081fb7059ae08060c04000a020011000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x20000000)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080))
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)="d80000001c0081064e81f782db44b904021d08040000000000000aa1180015000600142603600e1208000f0000810401a8001600200001400300fffc07600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a08400e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x8000)
socket$kcm(0x29, 0x6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7fffffff}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x780}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x7, 0xd9, &(0x7f0000000200)=""/217, 0x41000, 0x40, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x1, 0x2}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, &(0x7f0000000380)=[0x1], &(0x7f00000003c0)=[{0x2, 0x1, 0xa, 0xb}, {0x1, 0x5, 0xe, 0x7}, {0x2, 0x2, 0x10, 0x5}, {0x0, 0x2, 0x3}, {0x0, 0x1, 0x0, 0x4}], 0x10, 0x6}, 0x94)

30.943332565s ago: executing program 2 (id=3101):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000030000000200000002"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x85, 0x1, 0x0, 0x0, 0x0, 0x2, 0x20022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)

16.030427149s ago: executing program 32 (id=3097):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000000a07000000080000000000000b0400000009000000010000130c0000000740"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="dac3a1806d776372"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x38b137f9a619bb39, 0x14, '\x00', 0x0, @fallback=0x2e, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xcc0, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x60000002)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r1}, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x4, 0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000a0000000000000a07000000080000000000000b0400000009000000010000130c0000000740"], 0x0, 0x4a, 0x0, 0x1, 0x800, 0x10000}, 0x28) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="dac3a1806d776372"], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x38b137f9a619bb39, 0x14, '\x00', 0x0, @fallback=0x2e, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xcc0, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x60000002) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r1}, 0x8) (async)

15.863403847s ago: executing program 33 (id=3098):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
sendmsg$sock(r3, 0x0, 0xc001)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40000000, 0x8000}, 0x114905, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r6, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa06a6, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0xe}, 0x90, 0xa4, 0x2, 0x5, 0xa1, 0x9b9b, 0x8, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x18}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1a}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xa, 0x9}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b81, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d0003", 0x23}], 0x1}, 0x0)

15.833482929s ago: executing program 3 (id=3104):
r0 = socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x11c002, 0xac5d, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="d4df37ded0da27000900"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f00000000c0)="b3fdf72725e35b5874d484cba1329aed01a40192c61c52330f3bbc01c36b91ed5eadf14a", &(0x7f00000002c0)=""/210, &(0x7f00000003c0)="e721f07ad4aa8724c82fcfd87ac4080ac48474bb40925a58e50d5f72c7f75c4144e2ccef9256244b47f166c412e5a873aaaf", &(0x7f0000000400)="2da1b64392fb1da57480a23e5930d7b57a35773d095d6d00a759194a8d943226a017927780d712ba172e96ae84", 0xb60a, r1}, 0x38)
socketpair(0x1, 0x805, 0x0, &(0x7f0000000000))
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000700)={r1, &(0x7f0000000540)="0cb636caf7e8dd2f92e28a580d7b0d84f5352ad33a1aa7bc3a237132cb711da7fc6ffaf78144ec2f51165a9cdc850b52b8359eedad5ceb762c4b9aa6d34c33c5beda8caba7a3879f9d88671659831191e058382c3020db03496aa8031bec1eded618f08c2c6a5b911425d1a2c01cf6e97bcdff7415646fbbf290e0e12bb5077f1cbfef241c2eda9ca7d30008f6b0332995cab3cc5018d894af47edde83de900500796bc61424bba128c84255d0ae18270f4734ea615f0436697ff0824a6208c5212c970192a7cf75d1acd68b6b5a330d10705ddd7954ea177a4dfdae8770cdf3e3644d3e180062b1dd9e3eca5fd172e0", &(0x7f0000000640)=""/131, 0x4}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000004000000001"], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01"], 0x0, 0xfffffffffffffe3d}, 0x28)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f0000000080))
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89a2, &(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024"], 0x0, 0x42, 0x0, 0x1, 0xe988}, 0x28)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="110000"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r4, &(0x7f0000000200)="c41d"}, 0x20)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89a2, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1400000035000bfbd15a806c8c6f94f90924fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x4008000)

15.730057744s ago: executing program 34 (id=3101):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000030000000200000002"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x85, 0x1, 0x0, 0x0, 0x0, 0x2, 0x20022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)

0s ago: executing program 35 (id=3104):
r0 = socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x11c002, 0xac5d, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="d4df37ded0da27000900"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f00000000c0)="b3fdf72725e35b5874d484cba1329aed01a40192c61c52330f3bbc01c36b91ed5eadf14a", &(0x7f00000002c0)=""/210, &(0x7f00000003c0)="e721f07ad4aa8724c82fcfd87ac4080ac48474bb40925a58e50d5f72c7f75c4144e2ccef9256244b47f166c412e5a873aaaf", &(0x7f0000000400)="2da1b64392fb1da57480a23e5930d7b57a35773d095d6d00a759194a8d943226a017927780d712ba172e96ae84", 0xb60a, r1}, 0x38)
socketpair(0x1, 0x805, 0x0, &(0x7f0000000000))
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000700)={r1, &(0x7f0000000540)="0cb636caf7e8dd2f92e28a580d7b0d84f5352ad33a1aa7bc3a237132cb711da7fc6ffaf78144ec2f51165a9cdc850b52b8359eedad5ceb762c4b9aa6d34c33c5beda8caba7a3879f9d88671659831191e058382c3020db03496aa8031bec1eded618f08c2c6a5b911425d1a2c01cf6e97bcdff7415646fbbf290e0e12bb5077f1cbfef241c2eda9ca7d30008f6b0332995cab3cc5018d894af47edde83de900500796bc61424bba128c84255d0ae18270f4734ea615f0436697ff0824a6208c5212c970192a7cf75d1acd68b6b5a330d10705ddd7954ea177a4dfdae8770cdf3e3644d3e180062b1dd9e3eca5fd172e0", &(0x7f0000000640)=""/131, 0x4}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000004000000001"], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01"], 0x0, 0xfffffffffffffe3d}, 0x28)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f0000000080))
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89a2, &(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024"], 0x0, 0x42, 0x0, 0x1, 0xe988}, 0x28)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="110000"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r4, &(0x7f0000000200)="c41d"}, 0x20)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89a2, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1400000035000bfbd15a806c8c6f94f90924fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x4008000)

kernel console output (not intermixed with test programs):

_alloc_skb+0x103/0x2c0
[  524.848763][T13586]  __alloc_skb+0x103/0x2c0
[  524.853216][T13586]  netlink_sendmsg+0x66a/0xbf0
[  524.858217][T13586]  ? netlink_getsockopt+0x590/0x590
[  524.863546][T13586]  ? aa_sock_msg_perm+0x94/0x150
[  524.868512][T13586]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  524.873904][T13586]  ? security_socket_sendmsg+0x80/0xa0
[  524.879383][T13586]  ? netlink_getsockopt+0x590/0x590
[  524.884609][T13586]  ____sys_sendmsg+0x5ba/0x960
[  524.889395][T13586]  ? __asan_memset+0x22/0x40
[  524.894113][T13586]  ? __sys_sendmsg_sock+0x30/0x30
[  524.899178][T13586]  ? __import_iovec+0x5f2/0x850
[  524.904150][T13586]  ? import_iovec+0x73/0xa0
[  524.908935][T13586]  ___sys_sendmsg+0x2a6/0x360
[  524.913757][T13586]  ? get_pid_task+0x20/0x1e0
[  524.918369][T13586]  ? __sys_sendmsg+0x2a0/0x2a0
[  524.923165][T13586]  ? __lock_acquire+0x7d40/0x7d40
[  524.928240][T13586]  __se_sys_sendmsg+0x1c2/0x2b0
[  524.933115][T13586]  ? __x64_sys_sendmsg+0x80/0x80
[  524.938090][T13586]  ? lockdep_hardirqs_on+0x98/0x150
[  524.943419][T13586]  do_syscall_64+0x55/0xa0
[  524.947861][T13586]  ? clear_bhb_loop+0x40/0x90
[  524.952643][T13586]  ? clear_bhb_loop+0x40/0x90
[  524.957452][T13586]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  524.963369][T13586] RIP: 0033:0x7fe50a59c819
[  524.967804][T13586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  524.987538][T13586] RSP: 002b:00007fe50b4cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.995983][T13586] RAX: ffffffffffffffda RBX: 00007fe50a815fa0 RCX: 00007fe50a59c819
[  525.004006][T13586] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  525.012048][T13586] RBP: 00007fe50b4cb090 R08: 0000000000000000 R09: 0000000000000000
[  525.020030][T13586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.028191][T13586] R13: 00007fe50a816038 R14: 00007fe50a815fa0 R15: 00007ffff4ca1fa8
[  525.036204][T13586]  </TASK>
[  525.073712][T13442] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  525.090120][T13442] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  525.112474][T13442] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  525.136517][T13442] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  525.351502][T13442] 8021q: adding VLAN 0 to HW filter on device bond0
[  525.379194][T13442] 8021q: adding VLAN 0 to HW filter on device team0
[  525.407351][ T6595] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.414696][ T6595] bridge0: port 1(bridge_slave_0) entered forwarding state
[  525.443209][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.450853][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  525.714423][T13605] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2456'.
[  525.798304][T13605] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  526.461538][T13442] 8021q: adding VLAN 0 to HW filter on device batadv0
[  526.900413][T13627] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2460'.
[  527.083795][T13627] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  527.405700][T13631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  527.413517][T13631] batman_adv: batadv0: Removing interface: batadv_slave_0
[  527.426360][T13631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  527.436699][T13631] batman_adv: batadv0: Removing interface: batadv_slave_1
[  527.698893][T13442] veth0_vlan: entered promiscuous mode
[  527.794655][T13442] veth1_vlan: entered promiscuous mode
[  527.913029][T13442] veth0_macvtap: entered promiscuous mode
[  527.932788][T13442] veth1_macvtap: entered promiscuous mode
[  527.961244][T13442] batman_adv: batadv0: Interface activated: batadv_slave_0
[  527.978132][T13442] batman_adv: batadv0: Interface activated: batadv_slave_1
[  528.017381][T13442] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  528.043680][T13442] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  528.062713][T13442] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  528.079476][T13442] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  528.284563][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.292472][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.462909][ T6591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.502844][ T6591] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.593890][T13661] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2473'.
[  528.678683][T13661] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  529.832695][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  529.842389][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  529.874566][ T5776] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  529.895168][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  529.922349][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  529.934342][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  530.067632][ T6589] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.091534][T13675] netlink: 'syz.1.2470': attribute type 2 has an invalid length.
[  530.159880][ T6589] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.286691][ T6589] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.409471][T13680] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2469'.
[  530.439544][T13680] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  530.868107][ T6589] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.505774][T13672] chnl_net:caif_netlink_parms(): no params data found
[  531.528948][ T6589] tipc: Left network mode
[  532.014574][T13445] Bluetooth: hci1: command tx timeout
[  534.085544][T13445] Bluetooth: hci1: command tx timeout
[  534.608263][T13702] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2478'.
[  534.633015][T13702] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  534.700459][T13672] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.720591][T13672] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.728716][T13672] bridge_slave_0: entered allmulticast mode
[  534.746291][T13672] bridge_slave_0: entered promiscuous mode
[  534.834930][T13672] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.842379][T13672] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.852950][T13672] bridge_slave_1: entered allmulticast mode
[  534.893195][T13672] bridge_slave_1: entered promiscuous mode
[  535.479452][T13672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  535.505173][T13672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  535.518021][T13736] netlink: 'syz.0.2482': attribute type 2 has an invalid length.
[  535.711098][T13672] team0: Port device team_slave_0 added
[  535.734532][T13672] team0: Port device team_slave_1 added
[  536.284693][T13445] Bluetooth: hci1: command tx timeout
[  538.555837][T13445] Bluetooth: hci1: command tx timeout
[  540.606283][T13749] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  540.624083][T13749] batman_adv: batadv0: Removing interface: batadv_slave_0
[  540.638847][T13749] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  540.647196][T13749] batman_adv: batadv0: Removing interface: batadv_slave_1
[  540.744544][T13672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  540.752527][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  540.801742][T13672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  540.846113][T13672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  540.872465][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  540.921693][T13672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  541.215705][T13672] hsr_slave_0: entered promiscuous mode
[  541.274689][T13672] hsr_slave_1: entered promiscuous mode
[  541.410194][T13778] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2489'.
[  541.474338][T13778] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  542.043774][ T6589] hsr_slave_0: left promiscuous mode
[  542.063372][ T6589] hsr_slave_1: left promiscuous mode
[  542.104167][ T6589] bridge0: port 4(dummy0) entered disabled state
[  542.130198][ T6589] bond0: left allmulticast mode
[  542.143824][ T6589] bond_slave_0: left allmulticast mode
[  542.155419][ T6589] bond_slave_1: left allmulticast mode
[  542.181089][ T6589] bridge0: port 3(bond0) entered disabled state
[  542.196275][ T6589] bridge_slave_1: left allmulticast mode
[  542.216029][ T6589] bridge_slave_1: left promiscuous mode
[  542.233967][ T6589] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.267449][ T6589] bridge_slave_0: left allmulticast mode
[  542.284650][ T6589] bridge_slave_0: left promiscuous mode
[  542.296339][ T6589] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.358654][ T6589] veth0_macvtap: left promiscuous mode
[  542.364831][ T6589] veth1_vlan: left promiscuous mode
[  542.370563][ T6589] veth0_vlan: left promiscuous mode
[  543.074086][ T6589] team0 (unregistering): Port device team_slave_1 removed
[  543.122788][ T6589] team0 (unregistering): Port device C removed
[  543.170988][ T6589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  543.180312][ T6589] bond_slave_1 (unregistering): left promiscuous mode
[  543.227903][ T6589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  543.237308][ T6589] bond_slave_0 (unregistering): left promiscuous mode
[  543.541910][ T6589] bond0 (unregistering): Released all slaves
[  543.640164][T13801] netlink: 'syz.2.2494': attribute type 2 has an invalid length.
[  543.675818][T13812] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2501'.
[  543.710597][T13812] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  545.563627][T13824] IPv6: õš: Disabled Multicast RS
[  546.539210][T13672] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  546.673752][T13672] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  546.721339][T13672] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  546.814492][T13672] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  547.024910][T13862] netlink: 'syz.2.2509': attribute type 10 has an invalid length.
[  547.066968][T13862] team0: Port device syz_tun added
[  547.104819][T13672] 8021q: adding VLAN 0 to HW filter on device bond0
[  547.178449][T13672] 8021q: adding VLAN 0 to HW filter on device team0
[  547.208749][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state
[  547.216052][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  547.266155][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.273469][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  548.028701][T13672] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.270315][T13672] veth0_vlan: entered promiscuous mode
[  548.314973][T13672] veth1_vlan: entered promiscuous mode
[  548.566715][T13672] veth0_macvtap: entered promiscuous mode
[  548.848305][T13672] veth1_macvtap: entered promiscuous mode
[  548.956980][T13672] batman_adv: batadv0: Interface activated: batadv_slave_0
[  548.981471][T13672] batman_adv: batadv0: Interface activated: batadv_slave_1
[  549.007041][T13672] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.039467][T13672] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.056276][T13672] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.065624][T13672] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  549.442338][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  549.462069][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  549.515456][T13925] netlink: 'syz.0.2521': attribute type 10 has an invalid length.
[  549.636054][T13925] team0: Port device syz_tun added
[  549.672614][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  549.705149][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.158569][T13943] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2524'.
[  550.263040][T13943] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  552.256713][T13976] netlink: 'syz.0.2530': attribute type 1 has an invalid length.
[  552.293194][T13976] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2530'.
[  556.734932][ T5776] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  556.751180][ T5776] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  556.763924][ T5776] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  556.787140][ T5776] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  556.795088][ T5776] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  556.802576][ T5776] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  557.460131][T14001] chnl_net:caif_netlink_parms(): no params data found
[  557.887512][ T6589] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.386152][ T6589] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.602230][ T6589] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.792305][T14001] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.832094][T14001] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.877596][T14001] bridge_slave_0: entered allmulticast mode
[  558.893792][T13445] Bluetooth: hci0: command tx timeout
[  558.915982][T14001] bridge_slave_0: entered promiscuous mode
[  558.990996][T14039] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2541'.
[  559.098005][T14039] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  559.184638][ T6589] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.202832][T14001] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.211603][T14001] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.219505][T14001] bridge_slave_1: entered allmulticast mode
[  559.228528][T14001] bridge_slave_1: entered promiscuous mode
[  559.332728][T14001] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  559.384922][T14001] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  559.470883][T14001] team0: Port device team_slave_0 added
[  559.518300][T14001] team0: Port device team_slave_1 added
[  559.791375][T14001] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.850782][T14001] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  559.895560][T14001] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  559.934661][T14066] netlink: 'syz.3.2545': attribute type 1 has an invalid length.
[  559.942748][T14066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2545'.
[  560.085975][T14001] batman_adv: batadv0: Adding interface: batadv_slave_1
[  560.093343][T14001] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.121368][T14001] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  560.319765][T14061] IPv6: õš: Disabled Multicast RS
[  560.538735][T14001] hsr_slave_0: entered promiscuous mode
[  560.583361][T14001] hsr_slave_1: entered promiscuous mode
[  560.654426][T14001] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  560.677560][T14001] Cannot create hsr debugfs directory
[  560.964304][T13445] Bluetooth: hci0: command tx timeout
[  561.218412][T14088] can: request_module (can-proto-0) failed.
[  562.420741][T14103] netlink: 'syz.3.2552': attribute type 10 has an invalid length.
[  562.454052][T14103] netlink: 3819 bytes leftover after parsing attributes in process `syz.3.2552'.
[  563.044103][T13445] Bluetooth: hci0: command tx timeout
[  564.101619][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  564.108128][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  564.940685][T14106] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2553'.
[  565.027608][T14106] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  565.127230][T13445] Bluetooth: hci0: command tx timeout
[  566.174780][T14139] netlink: 'syz.2.2556': attribute type 1 has an invalid length.
[  566.188207][T14139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2556'.
[  568.258145][T14145] IPv6: õš: Disabled Multicast RS
[  568.274116][T14148] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2558'.
[  568.440845][T14154] netlink: 'syz.2.2560': attribute type 6 has an invalid length.
[  568.501820][T14154] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2560'.
[  569.069578][T14001] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  569.081441][T14001] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  569.120694][T14001] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  569.150405][T14001] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  569.485123][ T6589] hsr_slave_0: left promiscuous mode
[  569.503004][ T6589] hsr_slave_1: left promiscuous mode
[  569.560140][ T6589] bond0: left allmulticast mode
[  569.582533][ T6589] bond_slave_0: left allmulticast mode
[  569.611039][ T6589] bond_slave_1: left allmulticast mode
[  569.640350][ T6589] bridge0: port 3(bond0) entered disabled state
[  569.695430][ T6589] bridge_slave_1: left allmulticast mode
[  569.709227][ T6589] bridge_slave_1: left promiscuous mode
[  569.730273][ T6589] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.767465][ T6589] bridge_slave_0: left allmulticast mode
[  569.792476][ T6589] bridge_slave_0: left promiscuous mode
[  569.814886][ T6589] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.026338][ T6589] veth1_macvtap: left promiscuous mode
[  570.053822][ T6589] veth0_macvtap: left promiscuous mode
[  570.078367][ T6589] veth1_vlan: left promiscuous mode
[  570.894526][ T6589] team0 (unregistering): Port device geneve1 removed
[  571.658854][ T6589] team0 (unregistering): Port device team_slave_1 removed
[  571.707958][ T6589] team0 (unregistering): Port device team_slave_0 removed
[  571.752424][ T6589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  571.762926][ T6589] bond_slave_1 (unregistering): left promiscuous mode
[  571.817218][ T6589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  571.826420][ T6589] bond_slave_0 (unregistering): left promiscuous mode
[  572.166800][ T6589] bond0 (unregistering): Released all slaves
[  572.289129][T14174] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2563'.
[  572.317638][T14174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  572.339468][T14192] netlink: 'syz.2.2566': attribute type 10 has an invalid length.
[  572.350174][T14192] bridge0: port 2(bridge_slave_1) entered disabled state
[  572.358298][T14192] bridge0: port 1(bridge_slave_0) entered disabled state
[  572.385760][T14192] bridge0: port 2(bridge_slave_1) entered blocking state
[  572.392993][T14192] bridge0: port 2(bridge_slave_1) entered forwarding state
[  572.401342][T14192] bridge0: port 1(bridge_slave_0) entered blocking state
[  572.408690][T14192] bridge0: port 1(bridge_slave_0) entered forwarding state
[  572.438014][T14192] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  572.789950][T14001] 8021q: adding VLAN 0 to HW filter on device bond0
[  572.908535][T14001] 8021q: adding VLAN 0 to HW filter on device team0
[  573.693808][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.701112][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[  573.808839][ T6593] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.816206][ T6593] bridge0: port 2(bridge_slave_1) entered forwarding state
[  574.068727][T14001] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  574.502081][T14240] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2571'.
[  575.151423][T14240] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  575.188131][T14241] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2572'.
[  575.216847][T14241] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  575.388258][T14001] 8021q: adding VLAN 0 to HW filter on device batadv0
[  575.515682][T14001] veth0_vlan: entered promiscuous mode
[  575.580398][T14001] veth1_vlan: entered promiscuous mode
[  575.719728][T14001] veth0_macvtap: entered promiscuous mode
[  575.793230][T14001] veth1_macvtap: entered promiscuous mode
[  575.970861][T14001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  575.985716][T14268] netlink: 'syz.0.2575': attribute type 10 has an invalid length.
[  575.993187][T14001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  575.994655][T14268] netlink: 3819 bytes leftover after parsing attributes in process `syz.0.2575'.
[  576.040314][T14001] batman_adv: batadv0: Interface activated: batadv_slave_0
[  576.128823][T14001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  576.225696][T14001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.240996][T14001] batman_adv: batadv0: Interface activated: batadv_slave_1
[  576.258331][T14273] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2577'.
[  576.280022][T14273] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  576.320733][T14001] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  576.368387][T14001] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  576.414238][T14001] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  576.467775][T14001] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.993146][ T6595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.018164][ T6595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.126150][T13359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.179559][T13359] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  577.552413][T14296] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2582'.
[  577.577658][T14296] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  577.637775][T14295] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2581'.
[  577.660884][T14295] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  578.110257][T14309] FAULT_INJECTION: forcing a failure.
[  578.110257][T14309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  578.131976][T14309] CPU: 1 PID: 14309 Comm: syz.1.2587 Not tainted syzkaller #0
[  578.139610][T14309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  578.149880][T14309] Call Trace:
[  578.153205][T14309]  <TASK>
[  578.156230][T14309]  dump_stack_lvl+0x18c/0x250
[  578.160969][T14309]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  578.167171][T14309]  ? show_regs_print_info+0x20/0x20
[  578.172419][T14309]  ? load_image+0x420/0x420
[  578.176989][T14309]  ? kasan_check_range+0x12/0x290
[  578.182061][T14309]  should_fail_ex+0x39d/0x4d0
[  578.186773][T14309]  _copy_from_iter+0x1d9/0x12e0
[  578.192000][T14309]  ? copyout_mc+0x70/0x70
[  578.196706][T14309]  ? __check_object_size+0x506/0xa20
[  578.202184][T14309]  ? __check_object_size+0x50f/0xa20
[  578.207587][T14309]  netlink_sendmsg+0x76b/0xbf0
[  578.212950][T14309]  ? lockdep_hardirqs_on+0x98/0x150
[  578.218364][T14309]  ? netlink_getsockopt+0x590/0x590
[  578.223599][T14309]  ? security_socket_sendmsg+0x45/0xa0
[  578.229207][T14309]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  578.234550][T14309]  ? security_socket_sendmsg+0x80/0xa0
[  578.240250][T14309]  ? netlink_getsockopt+0x590/0x590
[  578.245476][T14309]  ____sys_sendmsg+0x5ba/0x960
[  578.250270][T14309]  ? __asan_memset+0x22/0x40
[  578.254994][T14309]  ? __sys_sendmsg_sock+0x30/0x30
[  578.260303][T14309]  ? __import_iovec+0x5f2/0x850
[  578.265175][T14309]  ? import_iovec+0x73/0xa0
[  578.269695][T14309]  ___sys_sendmsg+0x2a6/0x360
[  578.274389][T14309]  ? __sys_sendmsg+0x2a0/0x2a0
[  578.279184][T14309]  ? trace_call_bpf+0xc3/0x6c0
[  578.283965][T14309]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  578.290249][T14309]  __se_sys_sendmsg+0x1c2/0x2b0
[  578.295119][T14309]  ? __x64_sys_sendmsg+0x80/0x80
[  578.300085][T14309]  ? lockdep_hardirqs_on+0x98/0x150
[  578.305299][T14309]  do_syscall_64+0x55/0xa0
[  578.309725][T14309]  ? clear_bhb_loop+0x40/0x90
[  578.314594][T14309]  ? clear_bhb_loop+0x40/0x90
[  578.319288][T14309]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  578.325458][T14309] RIP: 0033:0x7f4de999c819
[  578.329886][T14309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  578.349523][T14309] RSP: 002b:00007f4dea8dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  578.357958][T14309] RAX: ffffffffffffffda RBX: 00007f4de9c15fa0 RCX: 00007f4de999c819
[  578.365959][T14309] RDX: 0000000000040000 RSI: 0000200000000140 RDI: 0000000000000008
[  578.373947][T14309] RBP: 00007f4dea8dd090 R08: 0000000000000000 R09: 0000000000000000
[  578.382108][T14309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.390180][T14309] R13: 00007f4de9c16038 R14: 00007f4de9c15fa0 R15: 00007ffe7b125a58
[  578.398283][T14309]  </TASK>
[  578.413061][T14311] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2588'.
[  578.493067][T14311] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  578.995447][T13445] Bluetooth: hci2: ACL packet for unknown connection handle 364
[  579.968100][T14319] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2599'.
[  580.210309][T14319] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  580.331422][T14333] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2594'.
[  580.351596][T14333] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  580.659050][T14348] netlink: 'syz.1.2602': attribute type 1 has an invalid length.
[  580.667624][T14348] netlink: 'syz.1.2602': attribute type 3 has an invalid length.
[  580.676225][T14348] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2602'.
[  581.236765][T14363] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2604'.
[  581.305702][T14363] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  581.527956][T14371] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2609'.
[  581.655468][T14371] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  581.678932][T14373] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2610'.
[  581.708484][T14373] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  582.243380][T14381] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2622'.
[  582.263427][T14381] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  582.703025][T14402] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2624'.
[  585.789756][T14402] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  585.822867][T14405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  585.830582][T14405] IPv6: NLM_F_CREATE should be set when creating new route
[  585.837993][T14405] IPv6: NLM_F_CREATE should be set when creating new route
[  585.845399][T14405] IPv6: NLM_F_CREATE should be set when creating new route
[  585.960153][T14416] netlink: 208064 bytes leftover after parsing attributes in process `syz.1.2630'.
[  586.255717][T14423] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2631'.
[  586.314041][T14423] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  587.165893][T14445] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2642'.
[  587.205512][T14445] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  587.257514][T14447] netlink: 'syz.2.2644': attribute type 10 has an invalid length.
[  587.293005][T14447] bond0: (slave bond_slave_0): Releasing backup interface
[  588.009007][T14457] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  588.020731][T14457] batman_adv: batadv0: Removing interface: batadv_slave_0
[  588.050691][T14457] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  588.084220][T14457] batman_adv: batadv0: Removing interface: batadv_slave_1
[  588.250716][T14471] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2653'.
[  588.270758][T14471] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  588.919596][T14482] FAULT_INJECTION: forcing a failure.
[  588.919596][T14482] name failslab, interval 1, probability 0, space 0, times 0
[  588.945522][T14482] CPU: 1 PID: 14482 Comm: syz.1.2657 Not tainted syzkaller #0
[  588.953155][T14482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  588.961987][T14480] netlink: 'syz.3.2656': attribute type 2 has an invalid length.
[  588.963236][T14482] Call Trace:
[  588.963249][T14482]  <TASK>
[  588.963258][T14482]  dump_stack_lvl+0x18c/0x250
[  588.963300][T14482]  ? show_regs_print_info+0x20/0x20
[  588.963329][T14482]  ? load_image+0x420/0x420
[  588.963359][T14482]  ? __might_sleep+0xe0/0xe0
[  588.996803][T14482]  ? __lock_acquire+0x7d40/0x7d40
[  589.002019][T14482]  should_fail_ex+0x39d/0x4d0
[  589.006823][T14482]  should_failslab+0x9/0x20
[  589.011348][T14482]  slab_pre_alloc_hook+0x59/0x310
[  589.016393][T14482]  ? __fput+0x61c/0x970
[  589.020662][T14482]  kmem_cache_alloc+0x5a/0x2d0
[  589.025535][T14482]  ? getname_flags+0xbb/0x500
[  589.030339][T14482]  getname_flags+0xbb/0x500
[  589.034867][T14482]  do_sys_openat2+0xda/0x1d0
[  589.039487][T14482]  ? do_sys_open+0xe0/0xe0
[  589.044017][T14482]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  589.050045][T14482]  ? lock_chain_count+0x20/0x20
[  589.054932][T14482]  __x64_sys_openat+0x139/0x160
[  589.059806][T14482]  do_syscall_64+0x55/0xa0
[  589.064235][T14482]  ? clear_bhb_loop+0x40/0x90
[  589.068933][T14482]  ? clear_bhb_loop+0x40/0x90
[  589.073647][T14482]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  589.079650][T14482] RIP: 0033:0x7f4de995d04e
[  589.084196][T14482] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  589.104000][T14482] RSP: 002b:00007f4dea8dcec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  589.112456][T14482] RAX: ffffffffffffffda RBX: 00007f4dea8dd6c0 RCX: 00007f4de995d04e
[  589.120455][T14482] RDX: 0000000000000000 RSI: 00007f4dea8dcf90 RDI: ffffffffffffff9c
[  589.128454][T14482] RBP: 00007f4dea8dd090 R08: 0000000000000000 R09: 0000000000000000
[  589.136614][T14482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  589.144602][T14482] R13: 00007f4de9c16038 R14: 00007f4de9c15fa0 R15: 00007ffe7b125a58
[  589.152800][T14482]  </TASK>
[  589.516856][T14496] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2661'.
[  589.609814][T14496] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  589.652089][T14492] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2660'.
[  589.689181][T14492] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  590.250089][T14512] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2667'.
[  590.259809][T14512] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  590.688239][T14520] netlink: 'syz.3.2671': attribute type 2 has an invalid length.
[  590.873215][T14527] bridge_slave_1: left allmulticast mode
[  590.884373][T14527] bridge_slave_1: left promiscuous mode
[  590.900365][T14527] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.207929][T14527] bridge_slave_0: left allmulticast mode
[  591.283988][T14527] bridge_slave_0: left promiscuous mode
[  591.292200][T14527] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.725881][T14527] bond0: (slave bridge0): Releasing backup interface
[  591.871598][T14533] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2673'.
[  592.026233][T14542] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2675'.
[  592.060595][T14542] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  592.545725][T14557] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2682'.
[  592.624324][T14557] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  592.838827][T14566] netlink: 'syz.1.2684': attribute type 2 has an invalid length.
[  593.192401][T14573] netlink: 'syz.1.2689': attribute type 3 has an invalid length.
[  593.201898][T14573] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2689'.
[  593.253063][T14575] bridge_slave_1: left allmulticast mode
[  593.291158][T14575] bridge_slave_1: left promiscuous mode
[  593.323025][T14575] bridge0: port 2(bridge_slave_1) entered disabled state
[  593.987975][T14575] bridge_slave_0: left allmulticast mode
[  594.008292][T14575] bridge_slave_0: left promiscuous mode
[  594.031748][T14575] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.200156][T14576] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2687'.
[  594.222238][T14576] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  594.239663][T14577] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2688'.
[  594.255482][T14586] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2693'.
[  595.258072][T14601] netlink: 'syz.1.2698': attribute type 2 has an invalid length.
[  595.566045][T14607] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2701'.
[  595.860969][T14607] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  596.071289][T14619] bridge_slave_1: left allmulticast mode
[  596.094234][T14619] bridge_slave_1: left promiscuous mode
[  596.111647][T14619] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.193248][T14619] bridge_slave_0: left allmulticast mode
[  596.210942][T14619] bridge_slave_0: left promiscuous mode
[  596.222041][T14619] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.675711][T14620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2703'.
[  596.972757][T14634] FAULT_INJECTION: forcing a failure.
[  596.972757][T14634] name failslab, interval 1, probability 0, space 0, times 0
[  597.029986][T14633] netlink: 'syz.2.2710': attribute type 21 has an invalid length.
[  597.067647][T14634] CPU: 0 PID: 14634 Comm: syz.1.2708 Not tainted syzkaller #0
[  597.075388][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  597.085625][T14634] Call Trace:
[  597.089040][T14634]  <TASK>
[  597.092082][T14634]  dump_stack_lvl+0x18c/0x250
[  597.096870][T14634]  ? show_regs_print_info+0x20/0x20
[  597.102239][T14634]  ? load_image+0x420/0x420
[  597.106835][T14634]  ? __might_sleep+0xe0/0xe0
[  597.111497][T14634]  ? __lock_acquire+0x7d40/0x7d40
[  597.116792][T14634]  should_fail_ex+0x39d/0x4d0
[  597.121567][T14634]  should_failslab+0x9/0x20
[  597.126329][T14634]  slab_pre_alloc_hook+0x59/0x310
[  597.131554][T14634]  ? apparmor_sk_alloc_security+0x77/0x100
[  597.137621][T14634]  __kmem_cache_alloc_node+0x53/0x250
[  597.143168][T14634]  ? apparmor_sk_alloc_security+0x77/0x100
[  597.149059][T14634]  kmalloc_trace+0x2a/0xe0
[  597.153678][T14634]  apparmor_sk_alloc_security+0x77/0x100
[  597.159492][T14634]  security_sk_alloc+0x6e/0xa0
[  597.164365][T14634]  sk_prot_alloc+0x101/0x210
[  597.169025][T14634]  ? sk_alloc+0x24/0x360
[  597.173346][T14634]  sk_alloc+0x3a/0x360
[  597.177588][T14634]  ? bpf_ctx_init+0x163/0x1a0
[  597.182527][T14634]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  597.188206][T14634]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  597.193662][T14634]  ? __fget_files+0x28/0x4b0
[  597.198765][T14634]  ? __fget_files+0x28/0x4b0
[  597.203428][T14634]  ? __fget_files+0x43d/0x4b0
[  597.208313][T14634]  ? cpu_online+0x60/0x60
[  597.212820][T14634]  bpf_prog_test_run+0x321/0x390
[  597.217864][T14634]  __sys_bpf+0x49d/0x890
[  597.222380][T14634]  ? bpf_link_show_fdinfo+0x390/0x390
[  597.227914][T14634]  ? lock_chain_count+0x20/0x20
[  597.232871][T14634]  __x64_sys_bpf+0x7c/0x90
[  597.237354][T14634]  do_syscall_64+0x55/0xa0
[  597.241862][T14634]  ? clear_bhb_loop+0x40/0x90
[  597.246707][T14634]  ? clear_bhb_loop+0x40/0x90
[  597.251621][T14634]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  597.257700][T14634] RIP: 0033:0x7f4de999c819
[  597.262202][T14634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  597.282043][T14634] RSP: 002b:00007f4dea8bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  597.290581][T14634] RAX: ffffffffffffffda RBX: 00007f4de9c16090 RCX: 00007f4de999c819
[  597.298630][T14634] RDX: 0000000000000050 RSI: 0000200000000380 RDI: 000000000000000a
[  597.306847][T14634] RBP: 00007f4dea8bc090 R08: 0000000000000000 R09: 0000000000000000
[  597.314864][T14634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  597.322867][T14634] R13: 00007f4de9c16128 R14: 00007f4de9c16090 R15: 00007ffe7b125a58
[  597.330960][T14634]  </TASK>
[  597.512307][T14641] netlink: 'syz.1.2711': attribute type 10 has an invalid length.
[  597.520574][T14641] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2711'.
[  597.529869][T14641] team0: entered promiscuous mode
[  597.536873][T14641] team_slave_0: entered promiscuous mode
[  597.542994][T14641] team_slave_1: entered promiscuous mode
[  597.549137][T14641] team0: entered allmulticast mode
[  597.557430][T14641] team_slave_0: entered allmulticast mode
[  597.612357][T14641] team_slave_1: entered allmulticast mode
[  597.619050][T14641] bridge0: port 3(team0) entered blocking state
[  597.625781][T14641] bridge0: port 3(team0) entered disabled state
[  597.636201][T14641] bridge0: port 3(team0) entered blocking state
[  597.642740][T14641] bridge0: port 3(team0) entered forwarding state
[  598.064818][T14659] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2716'.
[  598.093238][T14660] netlink: 'syz.0.2720': attribute type 11 has an invalid length.
[  598.137181][T14659] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  598.175694][T14660] netlink: 184116 bytes leftover after parsing attributes in process `syz.0.2720'.
[  598.567748][T14665] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2721'.
[  598.893223][T14675] FAULT_INJECTION: forcing a failure.
[  598.893223][T14675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  598.910707][T14672] netlink: 'syz.0.2724': attribute type 10 has an invalid length.
[  599.003829][T14675] CPU: 0 PID: 14675 Comm: syz.2.2722 Not tainted syzkaller #0
[  599.011579][T14675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  599.021939][T14675] Call Trace:
[  599.025263][T14675]  <TASK>
[  599.028242][T14675]  dump_stack_lvl+0x18c/0x250
[  599.033011][T14675]  ? show_regs_print_info+0x20/0x20
[  599.038501][T14675]  ? load_image+0x420/0x420
[  599.043026][T14675]  ? __lock_acquire+0x7d40/0x7d40
[  599.048162][T14675]  ? snprintf+0xe9/0x140
[  599.052618][T14675]  should_fail_ex+0x39d/0x4d0
[  599.057327][T14675]  _copy_to_user+0x2f/0xa0
[  599.061766][T14675]  simple_read_from_buffer+0xe7/0x150
[  599.067173][T14675]  proc_fail_nth_read+0x1e8/0x260
[  599.072221][T14675]  ? proc_fault_inject_write+0x360/0x360
[  599.078060][T14675]  ? fsnotify_perm+0x271/0x5e0
[  599.083125][T14675]  ? proc_fault_inject_write+0x360/0x360
[  599.088776][T14675]  vfs_read+0x28b/0x970
[  599.093042][T14675]  ? kernel_read+0x1e0/0x1e0
[  599.097952][T14675]  ? __fget_files+0x28/0x4b0
[  599.102676][T14675]  ? __fget_files+0x28/0x4b0
[  599.107389][T14675]  ? __fget_files+0x43d/0x4b0
[  599.112116][T14675]  ? __fdget_pos+0x2a3/0x330
[  599.116747][T14675]  ? ksys_read+0x75/0x260
[  599.121208][T14675]  ksys_read+0x150/0x260
[  599.125480][T14675]  ? vfs_write+0x990/0x990
[  599.130040][T14675]  ? lockdep_hardirqs_on+0x98/0x150
[  599.135271][T14675]  do_syscall_64+0x55/0xa0
[  599.139705][T14675]  ? clear_bhb_loop+0x40/0x90
[  599.144488][T14675]  ? clear_bhb_loop+0x40/0x90
[  599.149274][T14675]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  599.155277][T14675] RIP: 0033:0x7fed3cb5d04e
[  599.159711][T14675] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  599.180208][T14675] RSP: 002b:00007fed3adf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  599.188667][T14675] RAX: ffffffffffffffda RBX: 00007fed3adf66c0 RCX: 00007fed3cb5d04e
[  599.196684][T14675] RDX: 000000000000000f RSI: 00007fed3adf60a0 RDI: 0000000000000006
[  599.204765][T14675] RBP: 00007fed3adf6090 R08: 0000000000000000 R09: 0000000000000000
[  599.212751][T14675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  599.220748][T14675] R13: 00007fed3ce16128 R14: 00007fed3ce16090 R15: 00007fffb214b938
[  599.228867][T14675]  </TASK>
[  599.232350][T14672] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2724'.
[  599.242423][T14672] team0: entered promiscuous mode
[  599.297083][T14672] team_slave_0: entered promiscuous mode
[  599.315900][T14672] team_slave_1: entered promiscuous mode
[  599.321807][T14672] syz_tun: entered promiscuous mode
[  599.349722][T14672] team0: entered allmulticast mode
[  599.361068][T14672] team_slave_0: entered allmulticast mode
[  599.367640][T14672] team_slave_1: entered allmulticast mode
[  599.375692][T14672] syz_tun: entered allmulticast mode
[  599.382934][T14672] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  599.533360][T14687] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2728'.
[  599.643586][T14689] netlink: 121460 bytes leftover after parsing attributes in process `syz.1.2727'.
[  599.663056][T14689] netlink: 21068 bytes leftover after parsing attributes in process `syz.1.2727'.
[  599.717220][T14689] tipc: Started in network mode
[  599.722529][T14689] tipc: Node identity b, cluster identity 73
[  599.752040][T14689] tipc: Node number set to 11
[  600.195498][T14691] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2726'.
[  600.297533][T14691] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  600.437901][T14702] FAULT_INJECTION: forcing a failure.
[  600.437901][T14702] name failslab, interval 1, probability 0, space 0, times 0
[  600.465871][T14702] CPU: 1 PID: 14702 Comm: syz.0.2731 Not tainted syzkaller #0
[  600.473549][T14702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  600.484159][T14702] Call Trace:
[  600.487573][T14702]  <TASK>
[  600.490618][T14702]  dump_stack_lvl+0x18c/0x250
[  600.495339][T14702]  ? show_regs_print_info+0x20/0x20
[  600.500683][T14702]  ? load_image+0x420/0x420
[  600.505258][T14702]  ? perf_trace_lock_acquire+0x34f/0x410
[  600.511132][T14702]  should_fail_ex+0x39d/0x4d0
[  600.516128][T14702]  should_failslab+0x9/0x20
[  600.520757][T14702]  slab_pre_alloc_hook+0x59/0x310
[  600.525921][T14702]  kmem_cache_alloc+0x5a/0x2d0
[  600.530716][T14702]  ? skb_clone+0x1eb/0x370
[  600.535169][T14702]  skb_clone+0x1eb/0x370
[  600.539445][T14702]  __netlink_deliver_tap+0x41c/0x830
[  600.544839][T14702]  ? netlink_deliver_tap+0x2e/0x1b0
[  600.550285][T14702]  netlink_deliver_tap+0x19c/0x1b0
[  600.555478][T14702]  netlink_dump+0x94b/0xe50
[  600.560099][T14702]  ? netlink_lookup+0x200/0x200
[  600.565020][T14702]  ? __kasan_kmalloc+0x8f/0xa0
[  600.569828][T14702]  ? __inet_diag_dump_start+0x886/0x9f0
[  600.575501][T14702]  ? netlink_lookup+0x30/0x200
[  600.580415][T14702]  __netlink_dump_start+0x5f1/0x810
[  600.585771][T14702]  inet_diag_rcv_msg_compat+0x215/0x440
[  600.591622][T14702]  ? __inet_diag_dump+0x380/0x380
[  600.596694][T14702]  ? sock_diag_rcv_msg+0xd1/0x600
[  600.601836][T14702]  ? inet_diag_rcv_msg_compat+0x440/0x440
[  600.607585][T14702]  ? inet_diag_dump_start_compat+0x20/0x20
[  600.613512][T14702]  ? inet_diag_dump+0x50/0x50
[  600.618340][T14702]  ? __inet_diag_dump+0x380/0x380
[  600.623504][T14702]  sock_diag_rcv_msg+0x3d8/0x600
[  600.628509][T14702]  netlink_rcv_skb+0x241/0x4d0
[  600.633308][T14702]  ? sock_diag_bind+0xb0/0xb0
[  600.638049][T14702]  ? netlink_ack+0x1180/0x1180
[  600.642867][T14702]  ? __lock_acquire+0x7d40/0x7d40
[  600.647940][T14702]  ? __rcu_read_unlock+0x7c/0xd0
[  600.652939][T14702]  ? netlink_deliver_tap+0x2e/0x1b0
[  600.658209][T14702]  sock_diag_rcv+0x2a/0x40
[  600.662673][T14702]  netlink_unicast+0x751/0x8d0
[  600.667596][T14702]  netlink_sendmsg+0x8d0/0xbf0
[  600.672553][T14702]  ? netlink_getsockopt+0x590/0x590
[  600.678175][T14702]  ? aa_sock_msg_perm+0x94/0x150
[  600.683251][T14702]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  600.688570][T14702]  ? security_socket_sendmsg+0x80/0xa0
[  600.694236][T14702]  ? netlink_getsockopt+0x590/0x590
[  600.699480][T14702]  ____sys_sendmsg+0x5ba/0x960
[  600.704291][T14702]  ? __asan_memset+0x22/0x40
[  600.708919][T14702]  ? __sys_sendmsg_sock+0x30/0x30
[  600.713983][T14702]  ? __import_iovec+0x5f2/0x850
[  600.718993][T14702]  ? import_iovec+0x73/0xa0
[  600.723551][T14702]  ___sys_sendmsg+0x2a6/0x360
[  600.728297][T14702]  ? get_pid_task+0x20/0x1e0
[  600.732974][T14702]  ? __sys_sendmsg+0x2a0/0x2a0
[  600.738080][T14702]  ? __lock_acquire+0x7d40/0x7d40
[  600.743233][T14702]  __se_sys_sendmsg+0x1c2/0x2b0
[  600.748130][T14702]  ? __x64_sys_sendmsg+0x80/0x80
[  600.753222][T14702]  ? lockdep_hardirqs_on+0x98/0x150
[  600.758551][T14702]  do_syscall_64+0x55/0xa0
[  600.763180][T14702]  ? clear_bhb_loop+0x40/0x90
[  600.767987][T14702]  ? clear_bhb_loop+0x40/0x90
[  600.772872][T14702]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  600.778791][T14702] RIP: 0033:0x7fc15e19c819
[  600.783330][T14702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.803237][T14702] RSP: 002b:00007fc15f0d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  600.811688][T14702] RAX: ffffffffffffffda RBX: 00007fc15e415fa0 RCX: 00007fc15e19c819
[  600.819860][T14702] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  600.828112][T14702] RBP: 00007fc15f0d5090 R08: 0000000000000000 R09: 0000000000000000
[  600.836203][T14702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.844370][T14702] R13: 00007fc15e416038 R14: 00007fc15e415fa0 R15: 00007ffc026c9e78
[  600.852688][T14702]  </TASK>
[  601.045425][T14706] netlink: 'syz.1.2733': attribute type 10 has an invalid length.
[  601.053419][T14706] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2733'.
[  601.073770][T14706] batadv_slave_1: entered promiscuous mode
[  601.089183][T14706] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  601.108943][T14706] batman_adv: batadv0: Removing interface: batadv_slave_1
[  601.177806][T14713] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2736'.
[  601.205024][T14710] netlink: 'syz.3.2735': attribute type 29 has an invalid length.
[  601.215132][T14710] netlink: 'syz.3.2735': attribute type 29 has an invalid length.
[  601.226281][T14710] netlink: 'syz.3.2735': attribute type 29 has an invalid length.
[  601.278056][T14715] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2737'.
[  601.423440][T14724] FAULT_INJECTION: forcing a failure.
[  601.423440][T14724] name failslab, interval 1, probability 0, space 0, times 0
[  601.442191][T14724] CPU: 0 PID: 14724 Comm: syz.2.2741 Not tainted syzkaller #0
[  601.449820][T14724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  601.460101][T14724] Call Trace:
[  601.463521][T14724]  <TASK>
[  601.466582][T14724]  dump_stack_lvl+0x18c/0x250
[  601.471508][T14724]  ? show_regs_print_info+0x20/0x20
[  601.476852][T14724]  ? load_image+0x420/0x420
[  601.481573][T14724]  ? __might_sleep+0xe0/0xe0
[  601.486230][T14724]  ? __lock_acquire+0x7d40/0x7d40
[  601.491318][T14724]  should_fail_ex+0x39d/0x4d0
[  601.496059][T14724]  should_failslab+0x9/0x20
[  601.500590][T14724]  slab_pre_alloc_hook+0x59/0x310
[  601.505647][T14724]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  601.511208][T14724]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  601.516871][T14724]  __kmem_cache_alloc_node+0x53/0x250
[  601.522359][T14724]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  601.527922][T14724]  __kmalloc+0xa4/0x230
[  601.532114][T14724]  bpf_prog_test_run_skb+0x238/0x12b0
[  601.537595][T14724]  ? __fget_files+0x28/0x4b0
[  601.542293][T14724]  ? __fget_files+0x28/0x4b0
[  601.547087][T14724]  ? __fget_files+0x43d/0x4b0
[  601.552150][T14724]  ? cpu_online+0x60/0x60
[  601.556511][T14724]  bpf_prog_test_run+0x321/0x390
[  601.561472][T14724]  __sys_bpf+0x49d/0x890
[  601.565820][T14724]  ? bpf_link_show_fdinfo+0x390/0x390
[  601.571329][T14724]  ? lock_chain_count+0x20/0x20
[  601.576470][T14724]  __x64_sys_bpf+0x7c/0x90
[  601.580993][T14724]  do_syscall_64+0x55/0xa0
[  601.585605][T14724]  ? clear_bhb_loop+0x40/0x90
[  601.590306][T14724]  ? clear_bhb_loop+0x40/0x90
[  601.595124][T14724]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  601.601040][T14724] RIP: 0033:0x7fed3cb9c819
[  601.605470][T14724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  601.625175][T14724] RSP: 002b:00007fed3d98e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  601.633793][T14724] RAX: ffffffffffffffda RBX: 00007fed3ce15fa0 RCX: 00007fed3cb9c819
[  601.641871][T14724] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  601.649853][T14724] RBP: 00007fed3d98e090 R08: 0000000000000000 R09: 0000000000000000
[  601.657841][T14724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.665824][T14724] R13: 00007fed3ce16038 R14: 00007fed3ce15fa0 R15: 00007fffb214b938
[  601.673823][T14724]  </TASK>
[  601.685066][T14721] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2739'.
[  601.778082][T14729] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2740'.
[  601.854635][T14729] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  602.019828][T14727] netlink: zone id is out of range
[  602.027921][T14727] netlink: zone id is out of range
[  602.036775][T14727] netlink: zone id is out of range
[  602.042910][T14727] netlink: zone id is out of range
[  602.051872][T14727] netlink: zone id is out of range
[  602.058608][T14727] netlink: zone id is out of range
[  602.104328][T14727] netlink: zone id is out of range
[  602.898960][T14749] netlink: 'syz.3.2746': attribute type 2 has an invalid length.
[  603.152833][T14751] net_ratelimit: 61 callbacks suppressed
[  603.152853][T14751] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  603.889421][T14755] pimreg0: tun_chr_ioctl cmd 1074025681
[  603.974386][T14758] pimreg0: tun_chr_ioctl cmd 1074025673
[  604.893626][T14762] netlink: 'syz.2.2752': attribute type 10 has an invalid length.
[  606.237073][T14768] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  606.246035][T14768] batman_adv: batadv0: Removing interface: batadv_slave_0
[  606.644883][T14783] FAULT_INJECTION: forcing a failure.
[  606.644883][T14783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  606.841171][T14783] CPU: 0 PID: 14783 Comm: syz.3.2758 Not tainted syzkaller #0
[  606.848735][T14783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  606.858846][T14783] Call Trace:
[  606.862169][T14783]  <TASK>
[  606.865130][T14783]  dump_stack_lvl+0x18c/0x250
[  606.869862][T14783]  ? show_regs_print_info+0x20/0x20
[  606.875106][T14783]  ? load_image+0x420/0x420
[  606.879830][T14783]  ? __lock_acquire+0x7d40/0x7d40
[  606.884919][T14783]  should_fail_ex+0x39d/0x4d0
[  606.889748][T14783]  _copy_from_user+0x2f/0xe0
[  606.894387][T14783]  __copy_msghdr+0x3bb/0x580
[  606.899115][T14783]  ___sys_sendmsg+0x214/0x360
[  606.903913][T14783]  ? get_pid_task+0x20/0x1e0
[  606.908723][T14783]  ? __sys_sendmsg+0x2a0/0x2a0
[  606.913806][T14783]  ? __lock_acquire+0x7d40/0x7d40
[  606.918942][T14783]  __se_sys_sendmsg+0x1c2/0x2b0
[  606.923831][T14783]  ? __x64_sys_sendmsg+0x80/0x80
[  606.928816][T14783]  ? lockdep_hardirqs_on+0x98/0x150
[  606.934136][T14783]  do_syscall_64+0x55/0xa0
[  606.938666][T14783]  ? clear_bhb_loop+0x40/0x90
[  606.943464][T14783]  ? clear_bhb_loop+0x40/0x90
[  606.948618][T14783]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  606.954634][T14783] RIP: 0033:0x7f174039c819
[  606.959083][T14783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  606.979156][T14783] RSP: 002b:00007f17411f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  606.987607][T14783] RAX: ffffffffffffffda RBX: 00007f1740615fa0 RCX: 00007f174039c819
[  606.995865][T14783] RDX: 0000000007000000 RSI: 0000200000000380 RDI: 0000000000000004
[  607.004207][T14783] RBP: 00007f17411f5090 R08: 0000000000000000 R09: 0000000000000000
[  607.012646][T14783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  607.020656][T14783] R13: 00007f1740616038 R14: 00007f1740615fa0 R15: 00007ffcbf9a8888
[  607.028939][T14783]  </TASK>
[  607.268210][T14781] __nla_validate_parse: 3 callbacks suppressed
[  607.268258][T14781] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2759'.
[  607.796563][T14781] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  608.124757][T14797] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2762'.
[  608.160655][T14797] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  608.209004][T14800] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2763'.
[  608.233745][T14800] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  608.289524][T14801] netlink: 'syz.1.2764': attribute type 21 has an invalid length.
[  608.344809][T14801] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2764'.
[  608.746990][T14808] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2765'.
[  610.782955][T14819] netlink: 'syz.2.2768': attribute type 21 has an invalid length.
[  610.798431][T14819] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2768'.
[  610.812290][T14822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2768'.
[  611.056457][T14852] netlink: 'syz.3.2770': attribute type 29 has an invalid length.
[  611.085314][T14852] netlink: 'syz.3.2770': attribute type 3 has an invalid length.
[  611.111099][T14852] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2770'.
[  613.968345][T14861] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2772'.
[  613.980304][T14861] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  614.394261][T14869] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2775'.
[  614.462673][T14869] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  614.752727][T14879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  615.259977][T14890] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2779'.
[  615.285905][T14872] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2776'.
[  615.319402][T14872] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  615.350513][T14872] CPU: 0 PID: 14872 Comm: syz.0.2776 Not tainted syzkaller #0
[  615.358202][T14872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  615.368432][T14872] Call Trace:
[  615.371857][T14872]  <TASK>
[  615.374867][T14872]  dump_stack_lvl+0x18c/0x250
[  615.379721][T14872]  ? show_regs_print_info+0x20/0x20
[  615.384996][T14872]  ? load_image+0x420/0x420
[  615.389765][T14872]  sysfs_warn_dup+0x8e/0xa0
[  615.394348][T14872]  sysfs_do_create_link_sd+0xc0/0x110
[  615.399821][T14872]  device_add_class_symlinks+0x1cf/0x240
[  615.405536][T14872]  device_add+0x507/0xc20
[  615.410050][T14872]  wiphy_register+0x1dad/0x2ae0
[  615.415117][T14872]  ? cfg80211_event_work+0x40/0x40
[  615.420843][T14872]  ? minstrel_ht_alloc+0x88a/0x990
[  615.426037][T14872]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  615.432596][T14872]  ieee80211_register_hw+0x3464/0x4250
[  615.438238][T14872]  ? ieee80211_tasklet_handler+0x20/0x20
[  615.444460][T14872]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  615.450525][T14872]  ? __debug_object_init+0xec/0x450
[  615.455902][T14872]  ? __asan_memset+0x22/0x40
[  615.461187][T14872]  ? __hrtimer_init+0x186/0x270
[  615.466119][T14872]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  615.472206][T14872]  ? mac80211_hwsim_free+0x220/0x220
[  615.477631][T14872]  ? rcu_is_watching+0x15/0xb0
[  615.482716][T14872]  ? kstrndup+0xbd/0x140
[  615.487220][T14872]  hwsim_new_radio_nl+0xdc9/0x1a90
[  615.492508][T14872]  ? __nla_validate+0x50/0x50
[  615.497374][T14872]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  615.503856][T14872]  ? __nla_parse+0x40/0x50
[  615.508430][T14872]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  615.514990][T14872]  genl_family_rcv_msg_doit+0x211/0x310
[  615.520844][T14872]  ? end_current_label_crit_section+0x170/0x170
[  615.527144][T14872]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  615.533113][T14872]  ? bpf_lsm_capable+0x9/0x10
[  615.537965][T14872]  ? security_capable+0x89/0xb0
[  615.542897][T14872]  genl_rcv_msg+0x619/0x7a0
[  615.547643][T14872]  ? genl_bind+0x360/0x360
[  615.552105][T14872]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  615.558672][T14872]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  615.565613][T14872]  ? ref_tracker_free+0x690/0x840
[  615.570813][T14872]  netlink_rcv_skb+0x241/0x4d0
[  615.575839][T14872]  ? genl_bind+0x360/0x360
[  615.580835][T14872]  ? netlink_ack+0x1180/0x1180
[  615.586298][T14872]  ? __lock_acquire+0x7d40/0x7d40
[  615.591741][T14872]  ? down_read+0x1ac/0x2e0
[  615.596322][T14872]  genl_rcv+0x28/0x40
[  615.600433][T14872]  netlink_unicast+0x751/0x8d0
[  615.605385][T14872]  netlink_sendmsg+0x8d0/0xbf0
[  615.610222][T14872]  ? netlink_getsockopt+0x590/0x590
[  615.615566][T14872]  ? aa_sock_msg_perm+0x94/0x150
[  615.620571][T14872]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  615.626064][T14872]  ? security_socket_sendmsg+0x80/0xa0
[  615.631830][T14872]  ? netlink_getsockopt+0x590/0x590
[  615.637851][T14872]  ____sys_sendmsg+0x5ba/0x960
[  615.642773][T14872]  ? __asan_memset+0x22/0x40
[  615.647443][T14872]  ? __sys_sendmsg_sock+0x30/0x30
[  615.652533][T14872]  ? __import_iovec+0x5f2/0x850
[  615.657453][T14872]  ? import_iovec+0x73/0xa0
[  615.662012][T14872]  ___sys_sendmsg+0x2a6/0x360
[  615.666760][T14872]  ? __sys_sendmsg+0x2a0/0x2a0
[  615.671696][T14872]  __se_sys_sendmsg+0x1c2/0x2b0
[  615.676828][T14872]  ? __x64_sys_sendmsg+0x80/0x80
[  615.682116][T14872]  ? lockdep_hardirqs_on+0x98/0x150
[  615.687659][T14872]  do_syscall_64+0x55/0xa0
[  615.692311][T14872]  ? clear_bhb_loop+0x40/0x90
[  615.697255][T14872]  ? clear_bhb_loop+0x40/0x90
[  615.702183][T14872]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  615.708243][T14872] RIP: 0033:0x7fc15e19c819
[  615.712810][T14872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  615.732939][T14872] RSP: 002b:00007fc15f0d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  615.741708][T14872] RAX: ffffffffffffffda RBX: 00007fc15e415fa0 RCX: 00007fc15e19c819
[  615.750011][T14872] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[  615.758442][T14872] RBP: 00007fc15e232c91 R08: 0000000000000000 R09: 0000000000000000
[  615.766556][T14872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  615.774580][T14872] R13: 00007fc15e416038 R14: 00007fc15e415fa0 R15: 00007ffc026c9e78
[  615.782792][T14872]  </TASK>
[  615.934461][T14889] netlink: 'syz.3.2780': attribute type 21 has an invalid length.
[  616.018262][T14889] netlink: 'syz.3.2780': attribute type 1 has an invalid length.
[  616.674468][T14911] netlink: 'syz.2.2784': attribute type 1 has an invalid length.
[  616.749433][T14911] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.2784'.
[  616.780857][T14909] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2783'.
[  616.864335][T14909] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  618.616396][T14961] netlink: 212424 bytes leftover after parsing attributes in process `syz.3.2789'.
[  618.638345][T14963] netlink: 'syz.0.2791': attribute type 29 has an invalid length.
[  618.674084][T14963] netlink: 'syz.0.2791': attribute type 29 has an invalid length.
[  618.705283][T14964] netlink: 'syz.0.2791': attribute type 29 has an invalid length.
[  618.769780][T14963] netlink: 'syz.0.2791': attribute type 29 has an invalid length.
[  619.186702][T14975] netlink: 212424 bytes leftover after parsing attributes in process `syz.3.2795'.
[  619.225026][T14974] sit0: entered allmulticast mode
[  621.708797][T14984] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2797'.
[  621.734569][T14984] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  621.838070][T14993] FAULT_INJECTION: forcing a failure.
[  621.838070][T14993] name failslab, interval 1, probability 0, space 0, times 0
[  621.858240][T13445] Bluetooth: hci2: command 0x0406 tx timeout
[  621.886392][T14993] CPU: 1 PID: 14993 Comm: syz.3.2799 Not tainted syzkaller #0
[  621.894291][T14993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  621.904394][T14993] Call Trace:
[  621.907714][T14993]  <TASK>
[  621.910767][T14993]  dump_stack_lvl+0x18c/0x250
[  621.915596][T14993]  ? show_regs_print_info+0x20/0x20
[  621.921248][T14993]  ? load_image+0x420/0x420
[  621.925821][T14993]  ? __might_sleep+0xe0/0xe0
[  621.930557][T14993]  ? __lock_acquire+0x7d40/0x7d40
[  621.935817][T14993]  should_fail_ex+0x39d/0x4d0
[  621.940652][T14993]  should_failslab+0x9/0x20
[  621.945324][T14993]  slab_pre_alloc_hook+0x59/0x310
[  621.950486][T14993]  ? finish_task_switch+0x265/0x8f0
[  621.955840][T14993]  ? rtnl_newlink+0x10d/0x20a0
[  621.960647][T14993]  __kmem_cache_alloc_node+0x53/0x250
[  621.966078][T14993]  ? rtnl_newlink+0x10d/0x20a0
[  621.970890][T14993]  kmalloc_trace+0x2a/0xe0
[  621.975447][T14993]  ? rtnl_setlink+0x4e0/0x4e0
[  621.980172][T14993]  rtnl_newlink+0x10d/0x20a0
[  621.984999][T14993]  ? __mutex_lock+0x94c/0xcc0
[  621.989877][T14993]  ? __lock_acquire+0x7d40/0x7d40
[  621.995038][T14993]  ? do_raw_spin_lock+0x11f/0x2c0
[  622.000213][T14993]  ? rtnl_setlink+0x4e0/0x4e0
[  622.004934][T14993]  ? __rwlock_init+0x150/0x150
[  622.009753][T14993]  ? do_raw_spin_unlock+0x121/0x230
[  622.015004][T14993]  ? __mutex_lock+0x956/0xcc0
[  622.019722][T14993]  ? __mutex_lock+0x4f9/0xcc0
[  622.024463][T14993]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  622.029725][T14993]  ? mutex_lock_nested+0x20/0x20
[  622.034830][T14993]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  622.040058][T14993]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  622.045214][T14993]  ? rtnl_setlink+0x4e0/0x4e0
[  622.049932][T14993]  rtnetlink_rcv_msg+0x869/0xfa0
[  622.054917][T14993]  ? lockdep_hardirqs_on+0x98/0x150
[  622.060259][T14993]  ? rtnetlink_bind+0x80/0x80
[  622.065075][T14993]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  622.071273][T14993]  ? lock_chain_count+0x20/0x20
[  622.076171][T14993]  ? __local_bh_enable_ip+0x13a/0x1c0
[  622.081682][T14993]  ? lockdep_hardirqs_on+0x98/0x150
[  622.086923][T14993]  ? __local_bh_enable_ip+0x13a/0x1c0
[  622.092688][T14993]  ? _local_bh_enable+0xa0/0xa0
[  622.097579][T14993]  ? __dev_queue_xmit+0x265/0x3660
[  622.102730][T14993]  ? __dev_queue_xmit+0x265/0x3660
[  622.107881][T14993]  ? __dev_queue_xmit+0x1b2c/0x3660
[  622.113224][T14993]  ? __dev_queue_xmit+0x265/0x3660
[  622.118400][T14993]  ? ref_tracker_free+0x690/0x840
[  622.123650][T14993]  netlink_rcv_skb+0x241/0x4d0
[  622.128546][T14993]  ? rtnetlink_bind+0x80/0x80
[  622.133518][T14993]  ? netlink_ack+0x1180/0x1180
[  622.138630][T14993]  ? __lock_acquire+0x7d40/0x7d40
[  622.143890][T14993]  ? netlink_deliver_tap+0x2e/0x1b0
[  622.149406][T14993]  netlink_unicast+0x751/0x8d0
[  622.154228][T14993]  netlink_sendmsg+0x8d0/0xbf0
[  622.159047][T14993]  ? netlink_getsockopt+0x590/0x590
[  622.164291][T14993]  ? aa_sock_msg_perm+0x94/0x150
[  622.169270][T14993]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  622.174682][T14993]  ? security_socket_sendmsg+0x80/0xa0
[  622.180264][T14993]  ? netlink_getsockopt+0x590/0x590
[  622.185511][T14993]  ____sys_sendmsg+0x5ba/0x960
[  622.190402][T14993]  ? __asan_memset+0x22/0x40
[  622.195210][T14993]  ? __sys_sendmsg_sock+0x30/0x30
[  622.200262][T14993]  ? __import_iovec+0x5f2/0x850
[  622.205243][T14993]  ? import_iovec+0x73/0xa0
[  622.209788][T14993]  ___sys_sendmsg+0x2a6/0x360
[  622.214499][T14993]  ? get_pid_task+0x20/0x1e0
[  622.219133][T14993]  ? __sys_sendmsg+0x2a0/0x2a0
[  622.223959][T14993]  ? __lock_acquire+0x7d40/0x7d40
[  622.229048][T14993]  __se_sys_sendmsg+0x1c2/0x2b0
[  622.234024][T14993]  ? __x64_sys_sendmsg+0x80/0x80
[  622.239285][T14993]  ? lockdep_hardirqs_on+0x98/0x150
[  622.244535][T14993]  do_syscall_64+0x55/0xa0
[  622.249420][T14993]  ? clear_bhb_loop+0x40/0x90
[  622.254223][T14993]  ? clear_bhb_loop+0x40/0x90
[  622.259050][T14993]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  622.265035][T14993] RIP: 0033:0x7f174039c819
[  622.269485][T14993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  622.289496][T14993] RSP: 002b:00007f17411f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  622.298145][T14993] RAX: ffffffffffffffda RBX: 00007f1740615fa0 RCX: 00007f174039c819
[  622.306258][T14993] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003
[  622.314436][T14993] RBP: 00007f17411f5090 R08: 0000000000000000 R09: 0000000000000000
[  622.322563][T14993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  622.330667][T14993] R13: 00007f1740616038 R14: 00007f1740615fa0 R15: 00007ffcbf9a8888
[  622.338864][T14993]  </TASK>
[  623.525294][T15011] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2803'.
[  623.733223][T15018] netlink: 'syz.1.2806': attribute type 10 has an invalid length.
[  623.742823][T15018] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2806'.
[  623.752951][T15018] bond0: entered promiscuous mode
[  623.760142][T15018] bond_slave_0: entered promiscuous mode
[  623.767204][T15018] bond_slave_1: entered promiscuous mode
[  623.776228][T15018] bridge0: port 4(bond0) entered blocking state
[  623.806665][T15018] bridge0: port 4(bond0) entered disabled state
[  623.834971][T15018] bond0: entered allmulticast mode
[  623.841035][T15018] bond_slave_0: entered allmulticast mode
[  623.882734][T15019] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2806'.
[  623.913148][T15018] bond_slave_1: entered allmulticast mode
[  623.968601][T15018] bridge0: port 4(bond0) entered blocking state
[  623.975517][T15018] bridge0: port 4(bond0) entered forwarding state
[  624.004126][T15019] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2806'.
[  624.334221][T15031] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2809'.
[  624.421305][T15031] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  624.889069][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  624.895576][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  626.546763][T15049] netlink: 'syz.3.2814': attribute type 1 has an invalid length.
[  628.708786][T15048] netlink: 'syz.3.2814': attribute type 21 has an invalid length.
[  628.730977][T15055] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2815'.
[  628.769598][T15055] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  628.908036][T15057] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2816'.
[  630.995817][T15081] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2821'.
[  631.082943][T15081] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  631.653781][T15084] netlink: 'syz.2.2823': attribute type 3 has an invalid length.
[  631.661713][T15084] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2823'.
[  633.024764][T15092] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2825'.
[  633.601738][T15099] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2827'.
[  633.945902][T15099] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  634.102148][T15072] delete_channel: no stack
[  634.221040][T15109] netlink: 'syz.1.2838': attribute type 3 has an invalid length.
[  634.229467][T15109] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2838'.
[  634.365936][T15118] netlink: 'syz.0.2833': attribute type 2 has an invalid length.
[  634.385375][T15118] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2833'.
[  634.850615][T15132] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2837'.
[  634.872314][T15132] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  635.354632][T15142] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2840'.
[  635.446435][T15142] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  636.302837][T15154] netlink: 212424 bytes leftover after parsing attributes in process `syz.0.2845'.
[  636.367706][T15159] FAULT_INJECTION: forcing a failure.
[  636.367706][T15159] name failslab, interval 1, probability 0, space 0, times 0
[  636.396459][T15159] CPU: 1 PID: 15159 Comm: syz.3.2847 Not tainted syzkaller #0
[  636.404082][T15159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  636.414618][T15159] Call Trace:
[  636.417942][T15159]  <TASK>
[  636.421182][T15159]  dump_stack_lvl+0x18c/0x250
[  636.426015][T15159]  ? show_regs_print_info+0x20/0x20
[  636.431446][T15159]  ? load_image+0x420/0x420
[  636.436116][T15159]  ? __might_sleep+0xe0/0xe0
[  636.440855][T15159]  ? __lock_acquire+0x7d40/0x7d40
[  636.445922][T15159]  should_fail_ex+0x39d/0x4d0
[  636.450924][T15159]  should_failslab+0x9/0x20
[  636.455642][T15159]  slab_pre_alloc_hook+0x59/0x310
[  636.460716][T15159]  ? finish_task_switch+0x265/0x8f0
[  636.465937][T15159]  ? rtnl_newlink+0x10d/0x20a0
[  636.470890][T15159]  __kmem_cache_alloc_node+0x53/0x250
[  636.476375][T15159]  ? rtnl_newlink+0x10d/0x20a0
[  636.481257][T15159]  kmalloc_trace+0x2a/0xe0
[  636.485782][T15159]  ? rtnl_setlink+0x4e0/0x4e0
[  636.490566][T15159]  rtnl_newlink+0x10d/0x20a0
[  636.495410][T15159]  ? __mutex_lock+0x94c/0xcc0
[  636.500280][T15159]  ? __lock_acquire+0x7d40/0x7d40
[  636.505321][T15159]  ? do_raw_spin_lock+0x11f/0x2c0
[  636.510635][T15159]  ? rtnl_setlink+0x4e0/0x4e0
[  636.515462][T15159]  ? __rwlock_init+0x150/0x150
[  636.520797][T15159]  ? do_raw_spin_unlock+0x121/0x230
[  636.526066][T15159]  ? __mutex_lock+0x956/0xcc0
[  636.531014][T15159]  ? __mutex_lock+0x4f9/0xcc0
[  636.535707][T15159]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  636.541097][T15159]  ? mutex_lock_nested+0x20/0x20
[  636.546056][T15159]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  636.551183][T15159]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  636.556314][T15159]  ? rtnl_setlink+0x4e0/0x4e0
[  636.561173][T15159]  rtnetlink_rcv_msg+0x869/0xfa0
[  636.566141][T15159]  ? rtnetlink_bind+0x80/0x80
[  636.571025][T15159]  ? perf_trace_preemptirq_template+0x269/0x330
[  636.578023][T15159]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  636.584491][T15159]  ? lock_chain_count+0x20/0x20
[  636.589484][T15159]  ? __local_bh_enable_ip+0x13a/0x1c0
[  636.594887][T15159]  ? lockdep_hardirqs_on+0x98/0x150
[  636.600210][T15159]  ? __local_bh_enable_ip+0x13a/0x1c0
[  636.605714][T15159]  ? _local_bh_enable+0xa0/0xa0
[  636.610610][T15159]  ? __dev_queue_xmit+0x265/0x3660
[  636.615751][T15159]  ? __dev_queue_xmit+0x265/0x3660
[  636.620886][T15159]  ? __dev_queue_xmit+0x1b2c/0x3660
[  636.626153][T15159]  ? __dev_queue_xmit+0x265/0x3660
[  636.631315][T15159]  ? ref_tracker_free+0x690/0x840
[  636.636378][T15159]  netlink_rcv_skb+0x241/0x4d0
[  636.641177][T15159]  ? rtnetlink_bind+0x80/0x80
[  636.646047][T15159]  ? netlink_ack+0x1180/0x1180
[  636.650904][T15159]  ? __lock_acquire+0x7d40/0x7d40
[  636.655998][T15159]  ? netlink_deliver_tap+0x2e/0x1b0
[  636.661227][T15159]  netlink_unicast+0x751/0x8d0
[  636.666027][T15159]  netlink_sendmsg+0x8d0/0xbf0
[  636.670912][T15159]  ? netlink_getsockopt+0x590/0x590
[  636.676220][T15159]  ? aa_sock_msg_perm+0x94/0x150
[  636.681384][T15159]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  636.686798][T15159]  ? security_socket_sendmsg+0x80/0xa0
[  636.692278][T15159]  ? netlink_getsockopt+0x590/0x590
[  636.697781][T15159]  ____sys_sendmsg+0x5ba/0x960
[  636.702857][T15159]  ? __asan_memset+0x22/0x40
[  636.707591][T15159]  ? __sys_sendmsg_sock+0x30/0x30
[  636.712732][T15159]  ? __import_iovec+0x5f2/0x850
[  636.717703][T15159]  ? import_iovec+0x73/0xa0
[  636.722259][T15159]  ___sys_sendmsg+0x2a6/0x360
[  636.727008][T15159]  ? __sys_sendmsg+0x2a0/0x2a0
[  636.731826][T15159]  ? trace_call_bpf+0xc3/0x6c0
[  636.736665][T15159]  __se_sys_sendmsg+0x1c2/0x2b0
[  636.741651][T15159]  ? __x64_sys_sendmsg+0x80/0x80
[  636.746632][T15159]  ? lockdep_hardirqs_on+0x98/0x150
[  636.751859][T15159]  do_syscall_64+0x55/0xa0
[  636.756378][T15159]  ? clear_bhb_loop+0x40/0x90
[  636.761074][T15159]  ? clear_bhb_loop+0x40/0x90
[  636.765858][T15159]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  636.771773][T15159] RIP: 0033:0x7f174039c819
[  636.776203][T15159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  636.795941][T15159] RSP: 002b:00007f17411f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  636.804569][T15159] RAX: ffffffffffffffda RBX: 00007f1740615fa0 RCX: 00007f174039c819
[  636.812657][T15159] RDX: 0000000000000856 RSI: 0000200000000080 RDI: 0000000000000003
[  636.820736][T15159] RBP: 00007f17411f5090 R08: 0000000000000000 R09: 0000000000000000
[  636.828825][T15159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  636.836896][T15159] R13: 00007f1740616038 R14: 00007f1740615fa0 R15: 00007ffcbf9a8888
[  636.845000][T15159]  </TASK>
[  637.173976][T15161] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2849'.
[  637.286235][T13445] Bluetooth: hci4: command 0x0406 tx timeout
[  639.202437][T15161] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  639.337349][T15139] delete_channel: no stack
[  639.701725][T15192] netlink: 'syz.1.2859': attribute type 21 has an invalid length.
[  640.045696][T15202] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2860'.
[  640.087431][T15202] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  640.384337][T15205] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2862'.
[  640.464526][T15205] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  641.035140][T15212] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.2865'.
[  641.395688][T15209] netlink: 'syz.0.2872': attribute type 3 has an invalid length.
[  641.483927][T15209] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.2872'.
[  641.784526][T15223] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2867'.
[  642.002555][T15223] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  642.584886][T15211] delete_channel: no stack
[  642.676663][ T5776] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  642.983243][T15241] netdevsim netdevsim1 ÿÿÿÿÿÿ: renamed from netdevsim0 (while UP)
[  644.247556][T15262] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2876'.
[  644.471847][T15262] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  644.902413][T15269] netlink: 'syz.2.2879': attribute type 3 has an invalid length.
[  644.929393][T15269] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2879'.
[  645.117887][T15273] FAULT_INJECTION: forcing a failure.
[  645.117887][T15273] name failslab, interval 1, probability 0, space 0, times 0
[  645.131235][T15273] CPU: 0 PID: 15273 Comm: syz.1.2881 Not tainted syzkaller #0
[  645.139181][T15273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  645.149619][T15273] Call Trace:
[  645.152932][T15273]  <TASK>
[  645.155907][T15273]  dump_stack_lvl+0x18c/0x250
[  645.160648][T15273]  ? show_regs_print_info+0x20/0x20
[  645.165995][T15273]  ? load_image+0x420/0x420
[  645.170562][T15273]  should_fail_ex+0x39d/0x4d0
[  645.175315][T15273]  should_failslab+0x9/0x20
[  645.180383][T15273]  slab_pre_alloc_hook+0x59/0x310
[  645.185463][T15273]  kmem_cache_alloc+0x5a/0x2d0
[  645.190350][T15273]  ? sctp_get_port_local+0x6d4/0x1620
[  645.195944][T15273]  sctp_get_port_local+0x6d4/0x1620
[  645.201203][T15273]  ? sctp_do_bind+0x990/0x990
[  645.205915][T15273]  ? sctp_bind_addr_match+0x30/0x2a0
[  645.211421][T15273]  sctp_do_bind+0x555/0x990
[  645.215985][T15273]  sctp_connect_new_asoc+0x26a/0x6a0
[  645.221313][T15273]  ? __sctp_connect+0xd80/0xd80
[  645.226315][T15273]  ? mark_lock+0x94/0x320
[  645.230769][T15273]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  645.236645][T15273]  __sctp_connect+0x5b7/0xd80
[  645.241573][T15273]  ? sctp_send_asconf+0x170/0x170
[  645.246668][T15273]  ? __local_bh_enable_ip+0x13a/0x1c0
[  645.252715][T15273]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  645.258328][T15273]  ? security_sctp_bind_connect+0x89/0xb0
[  645.264259][T15273]  sctp_setsockopt_connectx+0x104/0x1a0
[  645.270055][T15273]  sctp_setsockopt+0x6d8/0x11e0
[  645.274973][T15273]  ? sock_common_recvmsg+0x190/0x190
[  645.280331][T15273]  do_sock_setsockopt+0x175/0x1a0
[  645.285496][T15273]  ? __fdget+0x180/0x210
[  645.289915][T15273]  __x64_sys_setsockopt+0x182/0x200
[  645.295186][T15273]  do_syscall_64+0x55/0xa0
[  645.299666][T15273]  ? clear_bhb_loop+0x40/0x90
[  645.304488][T15273]  ? clear_bhb_loop+0x40/0x90
[  645.309401][T15273]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  645.315429][T15273] RIP: 0033:0x7f4de999c819
[  645.319894][T15273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  645.339554][T15273] RSP: 002b:00007f4dea8dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  645.348024][T15273] RAX: ffffffffffffffda RBX: 00007f4de9c15fa0 RCX: 00007f4de999c819
[  645.356394][T15273] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000003
[  645.364512][T15273] RBP: 00007f4dea8dd090 R08: 0000000000000010 R09: 0000000000000000
[  645.372664][T15273] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  645.380912][T15273] R13: 00007f4de9c16038 R14: 00007f4de9c15fa0 R15: 00007ffe7b125a58
[  645.388967][T15273]  </TASK>
[  647.598069][T15284] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2884'.
[  647.917767][T15284] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  647.979909][T15289] netlink: 'syz.2.2885': attribute type 8 has an invalid length.
[  648.439394][T15286] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2885'.
[  648.580055][ T5776] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  648.633762][T15289] netlink: 199848 bytes leftover after parsing attributes in process `syz.2.2885'.
[  650.366363][T15278] delete_channel: no stack
[  650.489418][T15298] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2887'.
[  650.677043][T15301] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  651.919418][T15312] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2892'.
[  652.453915][T15315] netlink: 'syz.3.2893': attribute type 3 has an invalid length.
[  652.462241][T15315] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2893'.
[  652.566725][T13445] Bluetooth: hci1: command 0x0406 tx timeout
[  653.527290][T15329] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2898'.
[  653.679809][T15337] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2899'.
[  653.786887][T15337] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  654.644683][T15345] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2900'.
[  655.507119][T15355] mac80211_hwsim hwsim17 wlan1: entered allmulticast mode
[  655.942797][T15359] netlink: 'syz.1.2907': attribute type 3 has an invalid length.
[  655.960413][T15359] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2907'.
[  656.034673][T15362] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2908'.
[  658.466589][T15381] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2913'.
[  658.493126][T15381] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  659.324663][T15388] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2917'.
[  659.474469][T15388] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  660.333047][T15404] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2921'.
[  660.616616][T15410] FAULT_INJECTION: forcing a failure.
[  660.616616][T15410] name failslab, interval 1, probability 0, space 0, times 0
[  660.679021][T15410] CPU: 1 PID: 15410 Comm: syz.2.2923 Not tainted syzkaller #0
[  660.686601][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  660.696719][T15410] Call Trace:
[  660.700073][T15410]  <TASK>
[  660.703077][T15410]  dump_stack_lvl+0x18c/0x250
[  660.707833][T15410]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  660.714239][T15410]  ? show_regs_print_info+0x20/0x20
[  660.719515][T15410]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  660.725847][T15410]  ? dump_stack+0x9/0x20
[  660.730201][T15410]  should_fail_ex+0x39d/0x4d0
[  660.735151][T15410]  should_failslab+0x9/0x20
[  660.740176][T15410]  slab_pre_alloc_hook+0x59/0x310
[  660.745486][T15410]  ? sk_prot_alloc+0xe7/0x210
[  660.750531][T15410]  ? sk_prot_alloc+0xe7/0x210
[  660.755570][T15410]  __kmem_cache_alloc_node+0x53/0x250
[  660.761311][T15410]  ? sk_prot_alloc+0xe7/0x210
[  660.766337][T15410]  __kmalloc+0xa4/0x230
[  660.770604][T15410]  sk_prot_alloc+0xe7/0x210
[  660.775322][T15410]  ? sk_alloc+0x24/0x360
[  660.779735][T15410]  sk_alloc+0x3a/0x360
[  660.784227][T15410]  ? bpf_ctx_init+0x163/0x1a0
[  660.789231][T15410]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  660.795390][T15410]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  660.800924][T15410]  ? __fget_files+0x28/0x4b0
[  660.805685][T15410]  ? __fget_files+0x28/0x4b0
[  660.810347][T15410]  ? __fget_files+0x43d/0x4b0
[  660.815136][T15410]  ? cpu_online+0x60/0x60
[  660.819535][T15410]  bpf_prog_test_run+0x321/0x390
[  660.824556][T15410]  __sys_bpf+0x49d/0x890
[  660.829404][T15410]  ? bpf_link_show_fdinfo+0x390/0x390
[  660.835005][T15410]  ? lock_chain_count+0x20/0x20
[  660.839971][T15410]  __x64_sys_bpf+0x7c/0x90
[  660.844629][T15410]  do_syscall_64+0x55/0xa0
[  660.849326][T15410]  ? clear_bhb_loop+0x40/0x90
[  660.855112][T15410]  ? clear_bhb_loop+0x40/0x90
[  660.862427][T15410]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  660.868587][T15410] RIP: 0033:0x7fed3cb9c819
[  660.873167][T15410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  660.893917][T15410] RSP: 002b:00007fed3d98e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  660.902597][T15410] RAX: ffffffffffffffda RBX: 00007fed3ce15fa0 RCX: 00007fed3cb9c819
[  660.910830][T15410] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  660.919138][T15410] RBP: 00007fed3d98e090 R08: 0000000000000000 R09: 0000000000000000
[  660.928082][T15410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.936166][T15410] R13: 00007fed3ce16038 R14: 00007fed3ce15fa0 R15: 00007fffb214b938
[  660.945157][T15410]  </TASK>
[  661.136146][T15411] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2924'.
[  663.495906][T15429] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2936'.
[  664.714677][T15438] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2930'.
[  664.849851][T15438] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  667.650830][T15464] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2942'.
[  667.741056][T15464] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  667.783364][T15470] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[  668.007742][T15468] netlink: 668 bytes leftover after parsing attributes in process `syz.1.2943'.
[  668.043747][T15468] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  668.053362][T15468] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  668.794593][T15484] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2947'.
[  670.958528][T15502] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2953'.
[  671.065014][T15502] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  671.826481][T15512] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2956'.
[  672.028461][T15512] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2956'.
[  672.085408][T15514] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2956'.
[  672.302491][T15519] netlink: 'syz.3.2957': attribute type 3 has an invalid length.
[  672.321445][T15519] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.2957'.
[  672.392574][T15516] netlink: 'syz.3.2957': attribute type 12 has an invalid length.
[  672.428095][T15516] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2957'.
[  672.609266][T15524] veth1_macvtap: left promiscuous mode
[  672.695705][T15526] FAULT_INJECTION: forcing a failure.
[  672.695705][T15526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  672.730517][T15526] CPU: 1 PID: 15526 Comm: syz.2.2960 Not tainted syzkaller #0
[  672.738337][T15526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  672.748541][T15526] Call Trace:
[  672.751918][T15526]  <TASK>
[  672.755004][T15526]  dump_stack_lvl+0x18c/0x250
[  672.759888][T15526]  ? show_regs_print_info+0x20/0x20
[  672.765407][T15526]  ? load_image+0x420/0x420
[  672.769949][T15526]  ? __might_fault+0xaa/0x120
[  672.774647][T15526]  ? __lock_acquire+0x7d40/0x7d40
[  672.779710][T15526]  should_fail_ex+0x39d/0x4d0
[  672.784530][T15526]  _copy_from_user+0x2f/0xe0
[  672.789214][T15526]  bpf_prog_test_run_skb+0x266/0x12b0
[  672.794625][T15526]  ? __fget_files+0x28/0x4b0
[  672.799438][T15526]  ? __fget_files+0x28/0x4b0
[  672.804169][T15526]  ? __fget_files+0x43d/0x4b0
[  672.809366][T15526]  ? cpu_online+0x60/0x60
[  672.813829][T15526]  bpf_prog_test_run+0x321/0x390
[  672.818979][T15526]  __sys_bpf+0x49d/0x890
[  672.823284][T15526]  ? bpf_link_show_fdinfo+0x390/0x390
[  672.828865][T15526]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  672.835149][T15526]  __x64_sys_bpf+0x7c/0x90
[  672.839875][T15526]  do_syscall_64+0x55/0xa0
[  672.844503][T15526]  ? clear_bhb_loop+0x40/0x90
[  672.849293][T15526]  ? clear_bhb_loop+0x40/0x90
[  672.854128][T15526]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  672.860345][T15526] RIP: 0033:0x7fed3cb9c819
[  672.864886][T15526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  672.884684][T15526] RSP: 002b:00007fed3d98e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  672.893200][T15526] RAX: ffffffffffffffda RBX: 00007fed3ce15fa0 RCX: 00007fed3cb9c819
[  672.901270][T15526] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  672.909260][T15526] RBP: 00007fed3d98e090 R08: 0000000000000000 R09: 0000000000000000
[  672.917331][T15526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  672.925930][T15526] R13: 00007fed3ce16038 R14: 00007fed3ce15fa0 R15: 00007fffb214b938
[  672.933930][T15526]  </TASK>
[  673.372720][T15542] FAULT_INJECTION: forcing a failure.
[  673.372720][T15542] name failslab, interval 1, probability 0, space 0, times 0
[  673.410446][T15542] CPU: 0 PID: 15542 Comm: syz.2.2964 Not tainted syzkaller #0
[  673.418445][T15542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  673.429325][T15542] Call Trace:
[  673.432641][T15542]  <TASK>
[  673.435613][T15542]  dump_stack_lvl+0x18c/0x250
[  673.440448][T15542]  ? show_regs_print_info+0x20/0x20
[  673.445793][T15542]  ? load_image+0x420/0x420
[  673.450353][T15542]  ? __might_sleep+0xe0/0xe0
[  673.455010][T15542]  ? __lock_acquire+0x7d40/0x7d40
[  673.460118][T15542]  should_fail_ex+0x39d/0x4d0
[  673.464865][T15542]  should_failslab+0x9/0x20
[  673.469704][T15542]  slab_pre_alloc_hook+0x59/0x310
[  673.474963][T15542]  ? sock_kmalloc+0x96/0xf0
[  673.479533][T15542]  ? sock_kmalloc+0x96/0xf0
[  673.484092][T15542]  __kmem_cache_alloc_node+0x53/0x250
[  673.489537][T15542]  ? sock_kmalloc+0x96/0xf0
[  673.494287][T15542]  __kmalloc+0xa4/0x230
[  673.498602][T15542]  sock_kmalloc+0x96/0xf0
[  673.503008][T15542]  ____sys_sendmsg+0x1be/0x960
[  673.507916][T15542]  ? __lock_acquire+0x7d40/0x7d40
[  673.513107][T15542]  ? __asan_memset+0x22/0x40
[  673.517849][T15542]  ? __sys_sendmsg_sock+0x30/0x30
[  673.523104][T15542]  ? __import_iovec+0x5f2/0x850
[  673.528016][T15542]  ? import_iovec+0x73/0xa0
[  673.532662][T15542]  ___sys_sendmsg+0x2a6/0x360
[  673.537394][T15542]  ? get_pid_task+0x20/0x1e0
[  673.542300][T15542]  ? __sys_sendmsg+0x2a0/0x2a0
[  673.547136][T15542]  ? __lock_acquire+0x7d40/0x7d40
[  673.552320][T15542]  __se_sys_sendmsg+0x1c2/0x2b0
[  673.557316][T15542]  ? __x64_sys_sendmsg+0x80/0x80
[  673.562312][T15542]  ? lockdep_hardirqs_on+0x98/0x150
[  673.567556][T15542]  do_syscall_64+0x55/0xa0
[  673.572105][T15542]  ? clear_bhb_loop+0x40/0x90
[  673.576935][T15542]  ? clear_bhb_loop+0x40/0x90
[  673.581680][T15542]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  673.587725][T15542] RIP: 0033:0x7fed3cb9c819
[  673.592449][T15542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  673.612454][T15542] RSP: 002b:00007fed3d98e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  673.621092][T15542] RAX: ffffffffffffffda RBX: 00007fed3ce15fa0 RCX: 00007fed3cb9c819
[  673.629232][T15542] RDX: 0000000000000000 RSI: 0000200000007940 RDI: 0000000000000007
[  673.629701][T15550] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2966'.
[  673.637318][T15542] RBP: 00007fed3d98e090 R08: 0000000000000000 R09: 0000000000000000
[  673.637340][T15542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  673.637352][T15542] R13: 00007fed3ce16038 R14: 00007fed3ce15fa0 R15: 00007fffb214b938
[  673.637380][T15542]  </TASK>
[  673.726595][T15550] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  674.481699][T15560] FAULT_INJECTION: forcing a failure.
[  674.481699][T15560] name failslab, interval 1, probability 0, space 0, times 0
[  674.523411][T15560] CPU: 0 PID: 15560 Comm: syz.0.2971 Not tainted syzkaller #0
[  674.530957][T15560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  674.541248][T15560] Call Trace:
[  674.544573][T15560]  <TASK>
[  674.547741][T15560]  dump_stack_lvl+0x18c/0x250
[  674.552676][T15560]  ? sctp_sendmsg+0x1575/0x28c0
[  674.557711][T15560]  ? ___sys_sendmsg+0x2a6/0x360
[  674.562614][T15560]  ? show_regs_print_info+0x20/0x20
[  674.568065][T15560]  ? load_image+0x420/0x420
[  674.572751][T15560]  should_fail_ex+0x39d/0x4d0
[  674.577673][T15560]  should_failslab+0x9/0x20
[  674.582325][T15560]  slab_pre_alloc_hook+0x59/0x310
[  674.587677][T15560]  ? sctp_add_bind_addr+0x8c/0x360
[  674.593012][T15560]  __kmem_cache_alloc_node+0x53/0x250
[  674.598442][T15560]  ? sctp_add_bind_addr+0x8c/0x360
[  674.603779][T15560]  kmalloc_trace+0x2a/0xe0
[  674.608249][T15560]  sctp_add_bind_addr+0x8c/0x360
[  674.613382][T15560]  sctp_copy_local_addr_list+0x315/0x4f0
[  674.619244][T15560]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  674.625051][T15560]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  674.631432][T15560]  ? sctp_v6_is_any+0x64/0x70
[  674.636172][T15560]  ? sctp_copy_one_addr+0x8c/0x350
[  674.641442][T15560]  sctp_bind_addr_copy+0xb3/0x3c0
[  674.646518][T15560]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  674.653010][T15560]  sctp_connect_new_asoc+0x2f9/0x6a0
[  674.658452][T15560]  ? __sctp_connect+0xd80/0xd80
[  674.663369][T15560]  ? __local_bh_enable_ip+0x13a/0x1c0
[  674.668817][T15560]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  674.674518][T15560]  ? security_sctp_bind_connect+0x89/0xb0
[  674.680393][T15560]  sctp_sendmsg+0x1575/0x28c0
[  674.685140][T15560]  ? sctp_getsockopt+0xb60/0xb60
[  674.690139][T15560]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  674.696634][T15560]  ? lockdep_hardirqs_on+0x98/0x150
[  674.702105][T15560]  ? inet_sendmsg+0xc1/0x2f0
[  674.703719][T15558] syzkaller0: entered promiscuous mode
[  674.706822][T15560]  ? inet_sendmsg+0xe9/0x2f0
[  674.712298][T15558] syzkaller0: entered allmulticast mode
[  674.717058][T15560]  ? inet_send_prepare+0x260/0x260
[  674.717158][T15560]  ____sys_sendmsg+0x5ba/0x960
[  674.732941][T15560]  ? __lock_acquire+0x7d40/0x7d40
[  674.738042][T15560]  ? __asan_memset+0x22/0x40
[  674.742791][T15560]  ? __sys_sendmsg_sock+0x30/0x30
[  674.747932][T15560]  ? __import_iovec+0x5f2/0x850
[  674.752826][T15560]  ? import_iovec+0x73/0xa0
[  674.757380][T15560]  ___sys_sendmsg+0x2a6/0x360
[  674.762284][T15560]  ? __sys_sendmsg+0x2a0/0x2a0
[  674.767098][T15560]  ? seqcount_lockdep_reader_access+0x17b/0x1d0
[  674.773389][T15560]  __se_sys_sendmsg+0x1c2/0x2b0
[  674.778451][T15560]  ? __x64_sys_sendmsg+0x80/0x80
[  674.783507][T15560]  ? lockdep_hardirqs_on+0x98/0x150
[  674.788756][T15560]  do_syscall_64+0x55/0xa0
[  674.793275][T15560]  ? clear_bhb_loop+0x40/0x90
[  674.797973][T15560]  ? clear_bhb_loop+0x40/0x90
[  674.802900][T15560]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  674.809072][T15560] RIP: 0033:0x7fc15e19c819
[  674.813500][T15560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  674.833486][T15560] RSP: 002b:00007fc15f0d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  674.843764][T15560] RAX: ffffffffffffffda RBX: 00007fc15e415fa0 RCX: 00007fc15e19c819
[  674.851976][T15560] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000005
[  674.859965][T15560] RBP: 00007fc15f0d5090 R08: 0000000000000000 R09: 0000000000000000
[  674.868307][T15560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  674.876557][T15560] R13: 00007fc15e416038 R14: 00007fc15e415fa0 R15: 00007ffc026c9e78
[  674.884559][T15560]  </TASK>
[  678.334744][T15569] netlink: 'syz.2.2973': attribute type 13 has an invalid length.
[  678.342651][T15569] netlink: 24859 bytes leftover after parsing attributes in process `syz.2.2973'.
[  678.352562][T15586] netlink: 61211 bytes leftover after parsing attributes in process `syz.3.2977'.
[  679.164950][T15607] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2982'.
[  681.385310][T15599] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2980'.
[  681.396301][T15599] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  681.412396][T15607] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2982'.
[  681.422156][T15610] netlink: 'syz.3.2983': attribute type 10 has an invalid length.
[  681.444435][T15610] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2983'.
[  681.557062][T15619] veth1_macvtap: left promiscuous mode
[  682.425069][T15635] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.2989'.
[  682.606806][T15640] FAULT_INJECTION: forcing a failure.
[  682.606806][T15640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.624699][T15640] CPU: 0 PID: 15640 Comm: syz.1.2990 Not tainted syzkaller #0
[  682.632228][T15640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  682.642337][T15640] Call Trace:
[  682.645651][T15640]  <TASK>
[  682.648610][T15640]  dump_stack_lvl+0x18c/0x250
[  682.653423][T15640]  ? show_regs_print_info+0x20/0x20
[  682.658674][T15640]  ? load_image+0x420/0x420
[  682.663238][T15640]  ? __might_fault+0xaa/0x120
[  682.668072][T15640]  ? __lock_acquire+0x7d40/0x7d40
[  682.673156][T15640]  should_fail_ex+0x39d/0x4d0
[  682.678073][T15640]  _copy_from_user+0x2f/0xe0
[  682.682716][T15640]  ___sys_sendmsg+0x1c7/0x360
[  682.687427][T15640]  ? get_pid_task+0x20/0x1e0
[  682.692044][T15640]  ? __sys_sendmsg+0x2a0/0x2a0
[  682.696870][T15640]  ? __lock_acquire+0x7d40/0x7d40
[  682.701955][T15640]  __se_sys_sendmsg+0x1c2/0x2b0
[  682.706825][T15640]  ? __x64_sys_sendmsg+0x80/0x80
[  682.711877][T15640]  ? lockdep_hardirqs_on+0x98/0x150
[  682.717359][T15640]  do_syscall_64+0x55/0xa0
[  682.722330][T15640]  ? clear_bhb_loop+0x40/0x90
[  682.727032][T15640]  ? clear_bhb_loop+0x40/0x90
[  682.731816][T15640]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  682.737734][T15640] RIP: 0033:0x7f4de999c819
[  682.742176][T15640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  682.762062][T15640] RSP: 002b:00007f4dea8dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  682.770710][T15640] RAX: ffffffffffffffda RBX: 00007f4de9c15fa0 RCX: 00007f4de999c819
[  682.778695][T15640] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  682.786703][T15640] RBP: 00007f4dea8dd090 R08: 0000000000000000 R09: 0000000000000000
[  682.794708][T15640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  682.802699][T15640] R13: 00007f4de9c16038 R14: 00007f4de9c15fa0 R15: 00007ffe7b125a58
[  682.810716][T15640]  </TASK>
[  683.145072][T15653] netlink: 14975 bytes leftover after parsing attributes in process `syz.0.2997'.
[  683.367023][ T5776] Bluetooth: hci0: command 0x0406 tx timeout
[  684.970997][T15650] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2996'.
[  684.989730][T15650] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  685.088975][T15661] veth1_macvtap: left promiscuous mode
[  685.226321][T15657] netlink: 668 bytes leftover after parsing attributes in process `syz.3.3000'.
[  685.242072][T15657] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  685.279629][T15657] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  685.323017][T15669] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3001'.
[  685.359612][T15669] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  685.497418][T15676] netlink: 'syz.0.3004': attribute type 10 has an invalid length.
[  685.514315][T15674] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.3003'.
[  685.534439][T15676] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3004'.
[  685.802813][T15689] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.3008'.
[  686.093190][T15697] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3009'.
[  686.126023][T15697] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  686.341226][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  686.347859][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  686.538245][T15702] netlink: 22 bytes leftover after parsing attributes in process `syz.2.3010'.
[  686.636166][T15705] netlink: 10 bytes leftover after parsing attributes in process `syz.1.3012'.
[  686.896008][T15711] FAULT_INJECTION: forcing a failure.
[  686.896008][T15711] name failslab, interval 1, probability 0, space 0, times 0
[  686.942624][T15711] CPU: 0 PID: 15711 Comm: syz.3.3014 Not tainted syzkaller #0
[  686.950177][T15711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  686.960287][T15711] Call Trace:
[  686.963615][T15711]  <TASK>
[  686.966585][T15711]  dump_stack_lvl+0x18c/0x250
[  686.971320][T15711]  ? sctp_sendmsg+0x1575/0x28c0
[  686.976227][T15711]  ? ___sys_sendmsg+0x2a6/0x360
[  686.981139][T15711]  ? show_regs_print_info+0x20/0x20
[  686.986513][T15711]  ? load_image+0x420/0x420
[  686.991194][T15711]  should_fail_ex+0x39d/0x4d0
[  686.996034][T15711]  should_failslab+0x9/0x20
[  687.000683][T15711]  slab_pre_alloc_hook+0x59/0x310
[  687.005770][T15711]  ? sctp_add_bind_addr+0x8c/0x360
[  687.010953][T15711]  __kmem_cache_alloc_node+0x53/0x250
[  687.016617][T15711]  ? sctp_add_bind_addr+0x8c/0x360
[  687.021861][T15711]  kmalloc_trace+0x2a/0xe0
[  687.026412][T15711]  sctp_add_bind_addr+0x8c/0x360
[  687.031472][T15711]  sctp_copy_local_addr_list+0x315/0x4f0
[  687.037154][T15711]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  687.042982][T15711]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  687.049170][T15711]  ? sctp_v6_is_any+0x64/0x70
[  687.053989][T15711]  ? sctp_copy_one_addr+0x8c/0x350
[  687.059158][T15711]  sctp_bind_addr_copy+0xb3/0x3c0
[  687.064328][T15711]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  687.070687][T15711]  sctp_connect_new_asoc+0x2f9/0x6a0
[  687.075992][T15711]  ? __sctp_connect+0xd80/0xd80
[  687.080892][T15711]  ? __local_bh_enable_ip+0x13a/0x1c0
[  687.086290][T15711]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  687.091945][T15711]  ? security_sctp_bind_connect+0x89/0xb0
[  687.097687][T15711]  sctp_sendmsg+0x1575/0x28c0
[  687.102483][T15711]  ? sctp_getsockopt+0xb60/0xb60
[  687.107436][T15711]  ? aa_sk_perm+0x83c/0x970
[  687.111994][T15711]  ? aa_af_perm+0x330/0x330
[  687.116604][T15711]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  687.123122][T15711]  ? sock_rps_record_flow+0x19/0x3f0
[  687.128738][T15711]  ? inet_sendmsg+0xe9/0x2f0
[  687.133341][T15711]  ? inet_send_prepare+0x260/0x260
[  687.138555][T15711]  ____sys_sendmsg+0x5ba/0x960
[  687.143342][T15711]  ? __lock_acquire+0x7d40/0x7d40
[  687.148477][T15711]  ? __sys_sendmsg_sock+0x30/0x30
[  687.153794][T15711]  ? __import_iovec+0x5f2/0x850
[  687.158882][T15711]  ? import_iovec+0x73/0xa0
[  687.163543][T15711]  ___sys_sendmsg+0x2a6/0x360
[  687.168251][T15711]  ? get_pid_task+0x20/0x1e0
[  687.172873][T15711]  ? __sys_sendmsg+0x2a0/0x2a0
[  687.177673][T15711]  ? __lock_acquire+0x7d40/0x7d40
[  687.182831][T15711]  __se_sys_sendmsg+0x1c2/0x2b0
[  687.187702][T15711]  ? __x64_sys_sendmsg+0x80/0x80
[  687.192760][T15711]  ? lockdep_hardirqs_on+0x98/0x150
[  687.198065][T15711]  do_syscall_64+0x55/0xa0
[  687.202593][T15711]  ? clear_bhb_loop+0x40/0x90
[  687.207399][T15711]  ? clear_bhb_loop+0x40/0x90
[  687.212118][T15711]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  687.218044][T15711] RIP: 0033:0x7f174039c819
[  687.222506][T15711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  687.242216][T15711] RSP: 002b:00007f17411f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  687.250911][T15711] RAX: ffffffffffffffda RBX: 00007f1740615fa0 RCX: 00007f174039c819
[  687.258993][T15711] RDX: 00000000000480c4 RSI: 00002000000017c0 RDI: 0000000000000003
[  687.267063][T15711] RBP: 00007f17411f5090 R08: 0000000000000000 R09: 0000000000000000
[  687.275249][T15711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  687.283317][T15711] R13: 00007f1740616038 R14: 00007f1740615fa0 R15: 00007ffcbf9a8888
[  687.291335][T15711]  </TASK>
[  687.590000][T15731] FAULT_INJECTION: forcing a failure.
[  687.590000][T15731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  687.593197][T15732] netlink: 'syz.1.3021': attribute type 33 has an invalid length.
[  687.611467][T15732] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3021'.
[  687.630184][T15731] CPU: 0 PID: 15731 Comm: syz.3.3019 Not tainted syzkaller #0
[  687.637998][T15731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  687.648448][T15731] Call Trace:
[  687.651754][T15731]  <TASK>
[  687.654793][T15731]  dump_stack_lvl+0x18c/0x250
[  687.659610][T15731]  ? show_regs_print_info+0x20/0x20
[  687.664921][T15731]  ? load_image+0x420/0x420
[  687.669506][T15731]  ? __lock_acquire+0x7d40/0x7d40
[  687.674549][T15731]  ? snprintf+0xe9/0x140
[  687.678887][T15731]  should_fail_ex+0x39d/0x4d0
[  687.683694][T15731]  _copy_to_user+0x2f/0xa0
[  687.688159][T15731]  simple_read_from_buffer+0xe7/0x150
[  687.693734][T15731]  proc_fail_nth_read+0x1e8/0x260
[  687.698782][T15731]  ? proc_fault_inject_write+0x360/0x360
[  687.704437][T15731]  ? fsnotify_perm+0x271/0x5e0
[  687.709220][T15731]  ? proc_fault_inject_write+0x360/0x360
[  687.714879][T15731]  vfs_read+0x28b/0x970
[  687.719062][T15731]  ? kernel_read+0x1e0/0x1e0
[  687.723754][T15731]  ? __fget_files+0x28/0x4b0
[  687.728370][T15731]  ? __fget_files+0x28/0x4b0
[  687.733000][T15731]  ? __fget_files+0x43d/0x4b0
[  687.737723][T15731]  ? __fdget_pos+0x2a3/0x330
[  687.742424][T15731]  ? ksys_read+0x75/0x260
[  687.746859][T15731]  ksys_read+0x150/0x260
[  687.751123][T15731]  ? vfs_write+0x990/0x990
[  687.755561][T15731]  ? lockdep_hardirqs_on+0x98/0x150
[  687.760780][T15731]  do_syscall_64+0x55/0xa0
[  687.765217][T15731]  ? clear_bhb_loop+0x40/0x90
[  687.769909][T15731]  ? clear_bhb_loop+0x40/0x90
[  687.774629][T15731]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  687.780569][T15731] RIP: 0033:0x7f174035d04e
[  687.785455][T15731] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  687.805081][T15731] RSP: 002b:00007f17411f4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  687.813687][T15731] RAX: ffffffffffffffda RBX: 00007f17411f56c0 RCX: 00007f174035d04e
[  687.821771][T15731] RDX: 000000000000000f RSI: 00007f17411f50a0 RDI: 0000000000000004
[  687.830282][T15731] RBP: 00007f17411f5090 R08: 0000000000000000 R09: 0000000000000000
[  687.838871][T15731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  687.847120][T15731] R13: 00007f1740616038 R14: 00007f1740615fa0 R15: 00007ffcbf9a8888
[  687.855322][T15731]  </TASK>
[  687.860463][T15729] netlink: 'syz.0.3018': attribute type 10 has an invalid length.
[  688.304025][T15745] netlink: 'syz.3.3023': attribute type 3 has an invalid length.
[  689.042041][T15734] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  689.444566][T15766] FAULT_INJECTION: forcing a failure.
[  689.444566][T15766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  689.471697][T15766] CPU: 1 PID: 15766 Comm: syz.0.3031 Not tainted syzkaller #0
[  689.479350][T15766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  689.489426][T15766] Call Trace:
[  689.492726][T15766]  <TASK>
[  689.495844][T15766]  dump_stack_lvl+0x18c/0x250
[  689.500551][T15766]  ? show_regs_print_info+0x20/0x20
[  689.505775][T15766]  ? load_image+0x420/0x420
[  689.510299][T15766]  ? __might_fault+0xaa/0x120
[  689.514991][T15766]  ? __lock_acquire+0x7d40/0x7d40
[  689.520037][T15766]  should_fail_ex+0x39d/0x4d0
[  689.524751][T15766]  _copy_to_user+0x2f/0xa0
[  689.529198][T15766]  bpf_test_finish+0x25a/0x650
[  689.534172][T15766]  ? convert___skb_to_skb+0x590/0x590
[  689.539754][T15766]  ? convert_skb_to___skb+0x420/0x420
[  689.545287][T15766]  ? slab_build_skb+0x25f/0x3f0
[  689.550176][T15766]  bpf_prog_test_run_skb+0xcc3/0x12b0
[  689.555672][T15766]  ? cpu_online+0x60/0x60
[  689.560106][T15766]  bpf_prog_test_run+0x321/0x390
[  689.565356][T15766]  __sys_bpf+0x49d/0x890
[  689.569658][T15766]  ? bpf_link_show_fdinfo+0x390/0x390
[  689.575082][T15766]  ? lock_chain_count+0x20/0x20
[  689.580138][T15766]  __x64_sys_bpf+0x7c/0x90
[  689.584657][T15766]  do_syscall_64+0x55/0xa0
[  689.589117][T15766]  ? clear_bhb_loop+0x40/0x90
[  689.593816][T15766]  ? clear_bhb_loop+0x40/0x90
[  689.598515][T15766]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  689.604439][T15766] RIP: 0033:0x7fc15e19c819
[  689.608869][T15766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  689.628757][T15766] RSP: 002b:00007fc15f0d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  689.637189][T15766] RAX: ffffffffffffffda RBX: 00007fc15e415fa0 RCX: 00007fc15e19c819
[  689.645215][T15766] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  689.653211][T15766] RBP: 00007fc15f0d5090 R08: 0000000000000000 R09: 0000000000000000
[  689.661215][T15766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  689.669197][T15766] R13: 00007fc15e416038 R14: 00007fc15e415fa0 R15: 00007ffc026c9e78
[  689.677211][T15766]  </TASK>
[  690.202900][T15777] netlink: 'syz.1.3035': attribute type 9 has an invalid length.
[  690.227419][T15777] __nla_validate_parse: 3 callbacks suppressed
[  690.227439][T15777] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.3035'.
[  690.468746][T15785] netlink: 'syz.2.3036': attribute type 10 has an invalid length.
[  690.482755][T15785] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3036'.
[  690.493478][T15785] dummy0: entered promiscuous mode
[  690.500155][T15785] dummy0: entered allmulticast mode
[  690.523370][T15785] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  690.708481][T15792] netlink: 'syz.2.3037': attribute type 10 has an invalid length.
[  690.733737][T15792] netlink: 168 bytes leftover after parsing attributes in process `syz.2.3037'.
[  690.900576][T15800] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3043'.
[  690.946050][T15800] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.3043'.
[  692.442629][T15845] netlink: 'syz.0.3057': attribute type 5 has an invalid length.
[  693.319828][T15865] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3063'.
[  693.357098][T15865] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  693.699793][T15887] netpci0: tun_chr_ioctl cmd 1074025677
[  693.727020][T15887] netpci0: linktype set to 769
[  694.174846][T15897] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3071'.
[  694.290410][T15897] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  695.965190][T15915] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3078'.
[  696.002591][T15915] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  696.187610][T15931] netlink: 'syz.2.3081': attribute type 2 has an invalid length.
[  696.214854][T15931] netlink: 51 bytes leftover after parsing attributes in process `syz.2.3081'.
[  697.739956][T15952] netlink: 'syz.0.3089': attribute type 29 has an invalid length.
[  697.800218][T15952] netlink: 'syz.0.3089': attribute type 29 has an invalid length.
[  697.854638][T15957] netlink: 'syz.3.3090': attribute type 10 has an invalid length.
[  697.862672][T15957] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3090'.
[  697.888959][T15957] bond0: entered promiscuous mode
[  697.895087][T15957] bond_slave_0: entered promiscuous mode
[  697.901279][T15957] bond_slave_1: entered promiscuous mode
[  698.177292][T15970] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3093'.
[  698.328665][T15970] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  698.810443][T15988] netlink: 'syz.2.3099': attribute type 29 has an invalid length.
[  699.168587][T15988] netlink: 'syz.2.3099': attribute type 29 has an invalid length.
[  699.190693][T15992] netlink: 'syz.2.3099': attribute type 29 has an invalid length.
[  714.936695][T16012] Ÿë
: port 1(gretap0) entered blocking state
[  714.943037][T16012] Ÿë
: port 1(gretap0) entered disabled state
[  715.099652][T16012] gretap0: entered allmulticast mode
[  715.145520][T16012] gretap0: entered promiscuous mode
[  715.754025][T13445] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  715.769664][T13445] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  715.787264][T13445] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  715.801165][T13445] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  715.809427][T13445] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  715.817306][T13445] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  716.090297][T13445] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  716.108906][T13445] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  716.117614][T13445] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  716.134253][T13445] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  716.142238][T13445] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  716.150407][T13445] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  716.261443][ T5776] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  716.272033][ T5776] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  716.281184][ T5776] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  716.289982][ T5776] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  716.298182][ T5776] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  716.306479][ T5776] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  716.625186][T16013] chnl_net:caif_netlink_parms(): no params data found
[  716.923368][T16013] bridge0: port 1(bridge_slave_0) entered blocking state
[  716.955943][T16013] bridge0: port 1(bridge_slave_0) entered disabled state
[  716.963321][T16013] bridge_slave_0: entered allmulticast mode
[  716.982496][T16013] bridge_slave_0: entered promiscuous mode
[  717.015592][T16019] chnl_net:caif_netlink_parms(): no params data found
[  717.038004][T16013] bridge0: port 2(bridge_slave_1) entered blocking state
[  717.048954][T16013] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.058536][T16013] bridge_slave_1: entered allmulticast mode
[  717.066585][T16013] bridge_slave_1: entered promiscuous mode
[  717.128658][T16017] chnl_net:caif_netlink_parms(): no params data found
[  717.202779][T16013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  717.233189][T16013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.394934][T16013] team0: Port device team_slave_0 added
[  717.418321][T16013] team0: Port device team_slave_1 added
[  717.425621][T16019] bridge0: port 1(bridge_slave_0) entered blocking state
[  717.433031][T16019] bridge0: port 1(bridge_slave_0) entered disabled state
[  717.446089][T16019] bridge_slave_0: entered allmulticast mode
[  717.462998][T16019] bridge_slave_0: entered promiscuous mode
[  717.519954][T16019] bridge0: port 2(bridge_slave_1) entered blocking state
[  717.527847][T16019] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.535815][T16019] bridge_slave_1: entered allmulticast mode
[  717.548527][T16019] bridge_slave_1: entered promiscuous mode
[  717.853975][ T5776] Bluetooth: hci3: command tx timeout
[  718.254085][ T5776] Bluetooth: hci5: command tx timeout
[  718.414717][ T5776] Bluetooth: hci6: command tx timeout
[  719.923781][ T5776] Bluetooth: hci3: command tx timeout
[  720.323679][ T5776] Bluetooth: hci5: command tx timeout
[  720.484029][ T5776] Bluetooth: hci6: command tx timeout
[  722.013874][ T5776] Bluetooth: hci3: command tx timeout
[  722.403753][ T5776] Bluetooth: hci5: command tx timeout
[  722.574231][ T5776] Bluetooth: hci6: command tx timeout
[  724.083747][ T5776] Bluetooth: hci3: command tx timeout
[  724.493966][ T5776] Bluetooth: hci5: command tx timeout
[  724.644207][ T5776] Bluetooth: hci6: command tx timeout
[  730.794628][T13445] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  730.805394][T13445] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  730.817407][T13445] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  730.827014][T13445] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  730.835634][T13445] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  730.852334][T13445] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  732.898655][T13445] Bluetooth: hci7: command tx timeout
[  734.963891][T13445] Bluetooth: hci7: command tx timeout
[  737.044056][T13445] Bluetooth: hci7: command tx timeout
[  739.124250][T13445] Bluetooth: hci7: command tx timeout
[  776.185655][ T5776] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  776.195785][ T5776] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  776.204206][ T5776] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  776.212623][ T5776] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  776.222185][ T5776] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  776.229799][ T5776] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  776.375261][T13445] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  776.386977][T13445] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  776.395771][T13445] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  776.405522][T13445] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  776.415030][T13445] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  776.422925][T13445] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  776.526749][ T5776] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  776.540698][ T5776] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  776.554002][ T5776] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  776.562434][ T5776] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  776.574110][ T5776] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  776.582249][ T5776] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  778.323882][ T5776] Bluetooth: hci8: command tx timeout
[  778.495950][ T5776] Bluetooth: hci9: command tx timeout
[  778.644143][ T5776] Bluetooth: hci10: command tx timeout
[  780.403742][ T5776] Bluetooth: hci8: command tx timeout
[  780.563790][ T5776] Bluetooth: hci9: command tx timeout
[  780.724072][ T5776] Bluetooth: hci10: command tx timeout
[  782.483890][ T5776] Bluetooth: hci8: command tx timeout
[  782.643641][ T5776] Bluetooth: hci9: command tx timeout
[  782.814221][ T5776] Bluetooth: hci10: command tx timeout
[  784.563672][ T5776] Bluetooth: hci8: command tx timeout
[  784.723812][ T5776] Bluetooth: hci9: command tx timeout
[  784.883910][ T5776] Bluetooth: hci10: command tx timeout
[  791.360273][T13445] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  791.372412][T13445] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  791.386749][T13445] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  791.396027][T13445] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  791.404298][T13445] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  791.412434][T13445] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  793.453803][T13445] Bluetooth: hci11: command tx timeout
[  795.533849][T13445] Bluetooth: hci11: command tx timeout
[  797.603908][T13445] Bluetooth: hci11: command tx timeout
[  799.683739][T13445] Bluetooth: hci11: command tx timeout
[  804.413505][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  804.420347][    C0] rcu: 	0-....: (10494 ticks this GP) idle=7794/1/0x4000000000000000 softirq=58194/58194 fqs=4590
[  804.431927][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  804.438345][    C0] rcu: 	 number:  1344668          0            0
[  804.444771][    C0] rcu: 	cputime:    17890      34589           43   ==> 52480(ms)
[  804.452580][    C0] rcu: 	(t=10500 jiffies g=77173 q=2935 ncpus=2)
[  804.458992][    C0] CPU: 0 PID: 15983 Comm: syz.0.3097 Not tainted syzkaller #0
[  804.466640][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  804.476832][    C0] RIP: 0010:__sanitizer_cov_trace_cmp8+0x0/0x80
[  804.483121][    C0] Code: c0 4c 89 01 48 c7 44 11 08 04 00 00 00 48 89 7c 11 10 48 89 74 11 18 48 89 44 11 20 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0d a0 91 7c 7e 65 8b 15 a1 91 7c
[  804.502781][    C0] RSP: 0018:ffffc90000007468 EFLAGS: 00000202
[  804.508868][    C0] RAX: ffffffff813b3986 RBX: ffffffff81000000 RCX: ffff88806832da00
[  804.516935][    C0] RDX: 0000000000000100 RSI: ffffffff8ac00000 RDI: ffffffff813b6901
[  804.525255][    C0] RBP: ffffc90000007500 R08: ffffc90000007600 R09: 0000000000000000
[  804.533398][    C0] R10: ffffc900000075a8 R11: fffff52000000ec1 R12: ffffc900000075a8
[  804.541368][    C0] R13: dffffc0000000000 R14: ffffc900000075dd R15: ffffffff813b6901
[  804.549630][    C0] FS:  00007fc15f0d56c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  804.558639][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  804.565220][    C0] CR2: 0000562fa48ca4b0 CR3: 000000005ee87000 CR4: 00000000003506f0
[  804.573364][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  804.581421][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  804.589493][    C0] Call Trace:
[  804.592794][    C0]  <IRQ>
[  804.595694][    C0]  unwind_next_frame+0x1e0/0x2970
[  804.600906][    C0]  ? __unwind_start+0x2d2/0x7e0
[  804.605983][    C0]  __unwind_start+0x66a/0x7e0
[  804.610702][    C0]  ? stack_trace_save+0x100/0x100
[  804.615830][    C0]  arch_stack_walk+0xf8/0x190
[  804.620809][    C0]  ? __unwind_start+0x2d2/0x7e0
[  804.625743][    C0]  stack_trace_save+0xaa/0x100
[  804.630525][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  804.635831][    C0]  ? memset_orig+0x36/0xac
[  804.640262][    C0]  kasan_set_track+0x4e/0x70
[  804.644976][    C0]  ? kasan_save_alloc_info+0xb/0x30
[  804.650198][    C0]  __kasan_slab_alloc+0x6c/0x80
[  804.655133][    C0]  slab_post_alloc_hook+0x6e/0x4b0
[  804.660282][    C0]  kmem_cache_alloc_node+0x14c/0x320
[  804.665584][    C0]  ? __alloc_skb+0x103/0x2c0
[  804.670205][    C0]  __alloc_skb+0x103/0x2c0
[  804.674666][    C0]  ndisc_alloc_skb+0xa6/0x450
[  804.679382][    C0]  ndisc_send_rs+0x2a6/0x610
[  804.684063][    C0]  addrconf_rs_timer+0x2d5/0x630
[  804.689003][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  804.695152][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  804.701227][    C0]  call_timer_fn+0x189/0x540
[  804.705922][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  804.712017][    C0]  ? call_timer_fn+0xd2/0x540
[  804.716812][    C0]  ? __run_timers+0x800/0x800
[  804.721650][    C0]  ? addrconf_disable_policy_idev+0x480/0x480
[  804.727754][    C0]  __run_timers+0x542/0x800
[  804.732288][    C0]  ? detach_timer+0x2b0/0x2b0
[  804.737050][    C0]  run_timer_softirq+0x67/0xf0
[  804.741876][    C0]  handle_softirqs+0x280/0x820
[  804.746780][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  804.751590][    C0]  ? do_softirq+0x1a0/0x1a0
[  804.756113][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  804.761338][    C0]  __irq_exit_rcu+0xd3/0x190
[  804.765928][    C0]  ? irq_exit_rcu+0x20/0x20
[  804.770435][    C0]  irq_exit_rcu+0x9/0x20
[  804.774676][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  804.780468][    C0]  </IRQ>
[  804.783412][    C0]  <TASK>
[  804.786347][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  804.792341][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xc0/0x120
[  804.798855][    C0] Code: c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 41 c6 04 07 f8 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 0b 94 cc f6 65 8b 05 4c c1 73 75 85 c0 74 3c 48 c7 04 24 0e 36
[  804.818918][    C0] RSP: 0018:ffffc9000d42ee80 EFLAGS: 00000206
[  804.825129][    C0] RAX: dffffc0000000004 RBX: 0000000000000a02 RCX: b791fec4972eb800
[  804.833149][    C0] RDX: dffffc0000000000 RSI: ffffffff8acac9e0 RDI: 0000000000000001
[  804.841428][    C0] RBP: ffffc9000d42ef08 R08: ffffffff911c553f R09: 1ffffffff2238aa7
[  804.849762][    C0] R10: dffffc0000000000 R11: fffffbfff2238aa8 R12: dffffc0000000000
[  804.857738][    C0] R13: dffffc0000000000 R14: ffff88802fd940c0 R15: 1ffff92001a85dd0
[  804.865849][    C0]  ? _raw_spin_unlock+0x40/0x40
[  804.870900][    C0]  ? task_dead_fair+0x79/0x1a0
[  804.875690][    C0]  finish_task_switch+0x436/0x8f0
[  804.881254][    C0]  __schedule+0x155b/0x45a0
[  804.885821][    C0]  ? perf_trace_run_bpf_submit+0xf4/0x1c0
[  804.891681][    C0]  ? asan.module_dtor+0x20/0x20
[  804.896655][    C0]  ? mark_lock+0x94/0x320
[  804.901202][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  804.907232][    C0]  ? preempt_schedule_irq+0xb4/0x150
[  804.912638][    C0]  preempt_schedule_irq+0xbf/0x150
[  804.917855][    C0]  ? preempt_schedule_notrace+0x110/0x110
[  804.923612][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  804.929553][    C0]  irqentry_exit+0x67/0x70
[  804.934169][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  804.940186][    C0] RIP: 0010:number+0x1fa/0xf60
[  804.945054][    C0] Code: f7 48 8b 5c 24 18 ff cb b0 2b eb 0e e8 7f 2a 10 f7 48 8b 5c 24 18 ff cb b0 20 89 44 24 28 c7 44 24 2c 00 00 00 00 49 c1 fc 30 <80> 7c 24 07 00 4c 89 64 24 38 48 89 5c 24 18 74 3d 48 bb 00 00 00
[  804.964898][    C0] RSP: 0018:ffffc9000d42f300 EFLAGS: 00000286
[  804.971081][    C0] RAX: ffffffff8a76f601 RBX: 00ffffffffffffff RCX: ffff88806832da00
[  804.979170][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  804.987322][    C0] RBP: ffffc9000d42f408 R08: ffff88806832da00 R09: 0000000000000012
[  804.995306][    C0] R10: 0000000000000012 R11: 0000000000000000 R12: ffffffffffffffff
[  805.003566][    C0] R13: 00000000f00003ce R14: ffffc9000d42f545 R15: ffff0a00ffffff09
[  805.011665][    C0]  ? number+0x61/0xf60
[  805.015935][    C0]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  805.022554][    C0]  ? pointer+0x1160/0x1160
[  805.027082][    C0]  ? format_decode+0xc07/0x1400
[  805.032044][    C0]  vsnprintf+0x14c6/0x1ba0
[  805.036586][    C0]  dynamic_dname+0x120/0x1f0
[  805.041181][    C0]  ? rcu_read_unlock+0xa0/0xa0
[  805.045952][    C0]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  805.051667][    C0]  ? rcu_is_watching+0x15/0xb0
[  805.056456][    C0]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  805.062184][    C0]  ? __kmalloc+0xe2/0x230
[  805.066514][    C0]  ? ns_prune_dentry+0xa0/0xa0
[  805.071291][    C0]  tomoyo_realpath_from_path+0x16a/0x5d0
[  805.076960][    C0]  tomoyo_check_open_permission+0x224/0x460
[  805.082961][    C0]  ? tomoyo_check_open_permission+0x1cf/0x460
[  805.089247][    C0]  ? tomoyo_check_path_number_acl+0x280/0x280
[  805.095343][    C0]  ? __asan_memset+0x22/0x40
[  805.099957][    C0]  ? __rwlock_init+0x150/0x150
[  805.104784][    C0]  ? do_raw_spin_lock+0x11f/0x2c0
[  805.109836][    C0]  ? tomoyo_file_open+0xed/0x180
[  805.114949][    C0]  security_file_open+0x62/0xa0
[  805.119806][    C0]  do_dentry_open+0x380/0x1500
[  805.124594][    C0]  path_openat+0x27f1/0x3230
[  805.129213][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  805.135222][    C0]  ? lock_chain_count+0x20/0x20
[  805.140307][    C0]  ? do_filp_open+0x430/0x430
[  805.145010][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  805.151261][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  805.156468][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  805.162733][    C0]  do_filp_open+0x1f5/0x430
[  805.167346][    C0]  ? vfs_tmpfile+0x490/0x490
[  805.171951][    C0]  ? _raw_spin_unlock+0x28/0x40
[  805.176983][    C0]  ? alloc_fd+0x58f/0x630
[  805.181320][    C0]  do_sys_openat2+0x134/0x1d0
[  805.185999][    C0]  ? perf_trace_preemptirq_template+0x269/0x330
[  805.192360][    C0]  ? do_sys_open+0xe0/0xe0
[  805.196794][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  805.202798][    C0]  ? lock_chain_count+0x20/0x20
[  805.207822][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  805.213861][    C0]  __x64_sys_openat+0x139/0x160
[  805.218736][    C0]  do_syscall_64+0x55/0xa0
[  805.223176][    C0]  ? clear_bhb_loop+0x40/0x90
[  805.227872][    C0]  ? clear_bhb_loop+0x40/0x90
[  805.232643][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  805.238562][    C0] RIP: 0033:0x7fc15e15d04e
[  805.243016][    C0] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  805.262634][    C0] RSP: 002b:00007fc15f0d4ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  805.271201][    C0] RAX: ffffffffffffffda RBX: 00007fc15f0d56c0 RCX: 00007fc15e15d04e
[  805.279203][    C0] RDX: 0000000000000000 RSI: 00007fc15f0d4f90 RDI: ffffffffffffff9c
[  805.287198][    C0] RBP: 00007fc15e232c91 R08: 0000000000000000 R09: 0000000000000000
[  805.295289][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  805.303376][    C0] R13: 00007fc15e416038 R14: 00007fc15e415fa0 R15: 00007ffc026c9e78
[  805.311368][    C0]  </TASK>
[  807.443898][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.454820][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.464548][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.474226][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.483910][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.494018][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.503891][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.513613][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  807.523531][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  810.644012][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  813.773803][    C1] net_ratelimit: 2 callbacks suppressed
[  813.773823][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  813.789565][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163
[  813.799272][    C1] icmp: detected local route for 10.128.0.177 during ICMP sending, src 10.128.0.163