last executing test programs:

9.253454104s ago: executing program 1 (id=4662):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=@raw=[@func, @map_fd, @exit, @jmp={0x5, 0x0, 0x4}], 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f3, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd2086518000a800000000003600e1208000f0000000406a80016c0080009", 0x37}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
r2 = socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
sendmsg$sock(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="9646c8576d2e8b389bd55df1123ec9475f16e4acebb3dfd46ef1187f8baa9110f5754094cc5096be7cadc4b7466c730bb605856e52de6593a540a7335cad34d7f31061bdf585038fb0d39aef295ba7335092f2624665ad36e62b03332303108249b08d669dad0efc40aec4e0cb95beb1eb3ce57f093fd4c22c36674a16cfb4db48d6dc960a663dadea3addb69942830734297898c39b8f6b65814b19026f5df3d2361e800d5aed676e8f33869e18088bf7e626f70a6b228ac4406c6f046462996ef203751465a884dd942fb9438b293c3c93745882bd21b5621a1cc44e73a9fa754a9a85b843b26a1b7136972122e02837344d0d974a807f2a6c1442d64f19e747ed09bf1f4ca93555be5b61f793297334a607066ac13cef63fe640a646779607a6af465cdb00529b33ee28ac5753cfdc4dbb68295cb960edc7bd4586cc5cd5040b2aaf0492f7f79d73ba7905b617497830f40d4c0b193caba437088df4a56cd24a321acc92882ae57f43af5424f7bf9a90ad19f2726c28e86a4967c66e877dbb92bb156b5fe3722a6d8e06095e994e70edb67445b2dfe499b0beabffd2c006684f7704657c34fd296bbc8ee4f56e1ca37ba76c7228e977baf5f1fc7a69b37ad1c6db2bf1acb17f5ea0c8aa19e51f562689f7473bbb7162ae27b262a5241b5b0f5430c23c31c1170d7d1d6d1bc132b78065c0efcc31f50fb8dfdacee1d31b96068568a58a02102cbf5cf2cdfeb235662044511c9a388e144727eba8a6d69febfcebd723483fd4b7d9747e056b90ec120082793c3c25d8381ca0e9256cf678b8257a69f11578ead5171b6f37d06a8d6cb29004f8b7a78c5e902ab2bf4ce70bb0add4b66ae034be92ea0183582c6a891b5e4084f0c60a8fcf09f6f73c69fd360716fea9e9ef0bee53e3c4b5bdde9daf42ee03f9903341b91dd624e0b3c0dc9c087f770995cc95fbdae1c36fa131aa45f51f97659b7ac04f936fd99eeebf15fd92a7ac4201475308ad82a743fea5c654c22e901ecbcfeef8d432c5156a071522d3e3844357edaf8650165c031bf6dd549e9da6ddbcfbe538777f122ebd9401a06feae24dd1c56b186bf8bc0844a0625bdb1478f4e95c3c2acc70b623f30434dbcc55508bb262e4b0cbed8a238fe1597a53b524216f4f2a5b3ad97b30c2fca6208366aa2ad4b0774c79ef301a6b379b090c2b6a4b4375bd80ed7be86f8cacc20901db933c06fd824ad1ba85e0d2388f7e3efb0e552d16f403b4d2c042299e940080c1fd86e1dbc66d2b02f82fa383cdbd1254c266d336987ccc2ba11a4c8a2b62a34e18b2fe232b394691909de669e816044973845590e5c2978f28cbed95e707284f41a2323df2eb3502a388e313b6c5983354c64473a38bf117cc0f0a6d3d440064d9a57a1ba3611341b0cb2ec8a063a3c1a9f8891acd842010c4f7f2eec6e3ccde04bb333920e251e32ba113a3022e43db824ecffaaee2c361eaa882ae53dd3d91ef94e6861dab796d39603dd8239b02564ca7c76de4576ef3afecd8b3fca489a7e5e65d91004158a7f6e85c942f6da0e93799e716a576f559b9fefc3e43211f81941fc54585ea404a6ea66e4ed23839462cafc63f7b968209a62e87b8c87b6b2ad2219d5cfbabdd2950c5bdca7ab601034b39c307b40e79dbec1d8caa0c75e28cceb37c4c217d83e78ae8eab70788154353117aa5af89d971544feadd7598c3e8ffee648a4f88aca90270f8581f026568d442783ccdc1f53c09eff2d049bdec96dd4ea54052077fc5dd89dd980c7032146e79e8cbc4c1373822749bfb54a8e32adb3fc52f069865e3707639ad34bc035443a025f388c4423b721a5029a094d5e02d938612f35c656aa5e95e4903260bcda0ab54c57ef1ee3e72a367530af77e9699a49566f4447dbb06bbe3b6089b32208592e242d987b07ad6a48c5e448f489337096f522f116fa151fe9f6e9a1e3588867d7c0170425af66e51aa932a9e8d89d1ef12baf047841c2d260fd1231c209f5c3160b7a82685586a13b253eb0e2cbb3e1fea3a442deda9e6474517a318a15cd8023939dd0ee96c471785bcb00953a87f6a0f0cf081346f5226786a4ba493c23e1cf5689e045b6cfb2c0f8c58afc452ffb62e4e99e8c4fd5bbd73b09d5c02aefda0854dbd2e2310d01a03f90abfce5ad75c9d14051b52c7c618de741158e256af20c0bae1ae179ebf6e1c10b46d0b450675ee28eebdd6e5c4652e16ff38c82aa66207399ef4642179b0469b9d038ad5732ac6f8268233af09916c17b6bec9289f22bf62eb145532a2f9aaaa99c57946dbc8dc13253b6adc2bea578e7c986adad1f6f41e34f2735a59e4ace34bc7b0251d6d0389bcf9bf84569c39ce2e3ce4ca31994d07025f4b23f8f5da0c75bcc40675a9d260f900de7c40b6b7e1c19bf7544525269fb14987a7a8e2859848b2aa456cad57bf141d495802a56667f4e95f805835998a93828ada9dd9ef30d5b6df75e3cb79e1147b3dac32b8e68a3269a30f9cb2cdd24d13b4b10ae85780267fe8d16269fca6bb3105be09cac10b712ff3116c42024c9dee8cb717b0e6441ce531e24513bb10338e472a0fa7c63b1319d5df977eb2bbeae3f9d0d5b74567c4dbdfa5795bb269310eba41ab4748530bdf17e94f5bf69bc96dca5613a59cb0c099d994586441b60b50f7c5b8dca6df669d29bcf701bc54d76766ece67c13f8235278986e6809f76aaa5d2933b82da019479550c07232727b9b282237cdff44c5acc38e7ec6f0314b700a41efdcabe2a7b7dd59a967ecabe8a98ba520cd14fc610a2f2e5db47755a110fae9a638412fb68e3b20b2d8aec8017f13a7b9bd4890f67273217f7ae089d2279ea800adbb125cf6462ba75483221799c397cff50cd1885f14e12f76fd12002acdab085ffffa98d7ccc0e39ba3c9b594ad5cd59f778114d4d8627b7b4ef2cdd24ddedd801b21f8b0a7700f3a7c49249efb42461f341edad77cc595b5bd4c94bfd1458e5977d2c3d78acd55fe996f97642f8a5baf405302da29ef45ec6ffba71c35906ef219be19b2f078c5291f236422efb733c4fd5b4c61e22032e52aab02ae5d3b4204931330fb7d2efa75a1a8ebdecbd6d98a43cab3942d088b977a6904af4a31c393e5a5f38ec552a12e29eb5590b2ad4b8a8745b8110ea912757b11d75385a79f785b9184dbe5012551c2bc48246b54ce432b9ce766a3588dc6625bc1b0f37a43e37b76cdeb4ca4cabc71f2d91d4b87adeaba30cf210ccbd579b58c32e616145e77d6ce7d8fb36a064606ae6b87d2668d8df848bd431d397e3b5ab7e70efcb0023bf77c6a646530a81505e27548bcdbb8ccc0f0e8c8269b4b892b80b4523b3dfb3ca976888de709885387fa605960ec3de5d99e42bcb8ed3742a544a09d1239452cbac172f5eb863148390dea23c34d41554636935b95359c704952b1bb4cff6ef9f000651231899ee591158efc8f22f2977c67ff0090f68abceed2b79610772e21dd5f99cb8d7c54722333c6cf056dd76044a64fcd232db6f2e4353c5d666b89e269ede2d1de05baceca52794e307c23b3607ee40d6453693f492d56a54daf0cfbf334d47cc763cab048ddf6e9e33b48332831138179bb7bcafdbd62e35f2b6459dd51e89c7aa623c225ae35be9b36d1637447d89cae111e7dabb7cf5661789edeadbec6f863d0121d036c36faa6a66d4accfdfeed95d4ab98aed81a03f0cd7973df1df72ef3cdefdeab332a87f9fb23080e31d59d6f0670757588252e04694c3de072761f7d9c88eb1c5ae95df9f7c8ccaddfa65b686701804b06d02802a0dd6c774ef74acba47018c97de1bcfd930e9318cae7e1d7d73f5c3235c560421d7c6a6a404f79dde6e5141c7646d7207c266e74d029b3bad358c47dda500c5f746ff12e5e593045e856d62648582c049a30774da65fc50200ead579dd00c6898280b6c6917a613c6ec90ad8350c227c272950b6a6d8f185530b35194d8d412bb6cf2de91bcfe8e42ae9a5a6534e25809ab5ebaf8572f7458d2b9ed3fd01cb663aaf3d050913cdadc362e139e3ec2abb3fbbca6b95156a40f1967478c51d3a64fa99e8b18ae93b9260911d8b87e5559baea823a49e3ef3fac947a55ade29309c587309d68bb18907655c8723d11ff78491f734769db58348ebc7d392f369e60dfc23b03918340b8c008c0762b05f9d03cb6d9e5d60171dd6072d9b997dc02ceae8cfa8099148deeb603ac756929f364c8ff35608bcfcf86705398a68cd1369007598d13ff7d61549fc2b91c2580e2359a0c9a627b1b9fe75d258a028d7f3951b63942087b2b8914ea0f67bfaf8d98ff97c1a0d1ec5a20b57b71bb7ed8fdb2c99aa48f6b05072667de9d53e68e01c92af032713c428e8e316ab1dcddae2a0b4811a8d1fd9825740fcf05be5e14d4b323799ee1fbbe91688111702bc1e808929c9c82bbeff4011ecde1bb1df527fbf0065ad2dc219d51c52f70e2b9edafe6b34810ff875858d3ab9aa1e8b6d53909cc4777dcbf741bf285f9a15d2f83ee3378160237094e33d8619635b08db3fd9fe108c6b46f0ae27f5d9e027993adf7cc4405a8d3f4cbc549f0aebb5d5d8dec405ca280df0ddd9df3ea7d56bd5a05f7bb093af88bdd3c87ecc7a84efe055e5521b1d50d94236a0d6433e8c4b7c6698a28010c4270d40f51efc7592e5eb121e1a84e1282a06acfb7f9490688dfd28b1c0592b9d65d6844d6e3f7ff23cdb383e24670b98b008cdd6da043d39d6ae5308c8fc7c070ef445722d692ecb7d714406231ea54eb191cac629476951d7d5c5c2f213c4c4c840b4b1264a52e6ea21daf11aa30550f318e265d841974fd940db2cefb0eab724db16ede9cdf08dd0b3d1e22913fbdf36eb980af8847046c5bd5f6a555c02ff26aac0f0657cc6230d070cdc1b1df2b12beddc3a0897d71af9cf81a05d04530b2644088b8763883a714524c2b4d26fff02b0d3dafb5889c4335b30b6f804a2129b17c7598b68360d21e309816f73452596bd24717e0205665cc383594f38190984897b5ee4e1cf4f1852ef26e83f93dc31c56aa10c3cc28cc071849fee377fd9f7d2004e344e7ff0935543bb40f6a5ab90bbef314a56a6853bc733f5519d7771319148b5bcff5e29556860bb16ec461cd0b52bf72c1bdef1241daa2bf9c82a18e2e2197d8eba960a4853c0ce9c720d40dec56f7a6331a20a02921f6adc374caf99e9d932e83ebf711507b9bb49725fedde389f3fc6ccd4ababae8eb482dd95165c56c52a6239717092bbaeacb597839ced4666ba16fd8ddd35c9159d6544d7badceaed2c4bf575e2ccd922016f6d6a0038e86ddd97ea6a96660010133df9636ff788366105a4f2985f90bec153bc8c2fde92597671eaf25be01a21ecc8e0e378963ba052079765607f38035d475fc484507537a344cec1f6e", 0xf00}, {&(0x7f0000000180)="051aa6aead85900cf16dcf9433c1d25e73e5b278cc1ef596d17b9cb5be39350485d47cafa95822f3747b2f945cedfd51442c10a4ceb7de5f260032b285a08db0bce296862da3ec73700c83aa3ec74d2e942df03f22284c2a677c62e8f3660d619fc20b4e8262fde11e7820fb6794b2c5687cd53b02f06944d2460686fb6192021d14949019df", 0x86}], 0x2, &(0x7f0000000240)=[@txtime={{0x18, 0x1, 0x3d, 0x2c}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @txtime={{0x18, 0x1, 0x3d, 0xd}}], 0x78}, 0x800)
sendmsg$unix(r4, &(0x7f0000000640)={&(0x7f00000005c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001680)}, 0x24004044)

9.154536834s ago: executing program 1 (id=4655):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000380)=@l2tp6={0xa, 0x0, 0x7f, @mcast1, 0x3}, 0x80, &(0x7f0000000080)=[{&(0x7f00000002c0)="f4003b25fe80000000000000dc8b850f238466cc00007a000000ad6e911b5181847fb40000000000", 0x28}], 0x1}, 0x0)

9.050698025s ago: executing program 1 (id=4657):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x6, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r4}, 0x48)
r6 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0x2f9, 0x6488, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb86dd00017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48)
r9 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r9, 0x1, 0x32, &(0x7f0000000000)=r8, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000700)={r5, &(0x7f0000000580), 0x0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000080000000700000000000000", @ANYRES32, @ANYBLOB='\x00 \x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x60, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b9040a1d08020a000000041296a1180002000000030000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x34}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

8.463483379s ago: executing program 1 (id=4659):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e00000004000000ffffffff00010000c0200400", @ANYRES32, @ANYBLOB="06000000000000000000000000000000000000000367eee5f01167dfca1dd6aca9e7466046650c5fb5493842c4fa862778f99cf976d0f1c62f23255f74befaf8b38be7f0db54df123e138a61e1bbec17fbe5b834cfe1fda2405397aa9f61c4a165579a00ea0187b83d35b0f5f1456b2036444544ffa5e2d37ed943faab727b784a6d73013707c0a5993590a60c10b78d6b9e6c01251ebe3f0c3c0817d20eb068959dadd2f9d5400db9140e6513eba60fceb29c5ca1affb2e0e40d06767da3656af88a1cf22d6de67f0ada3ae20713a7160845f9b521b1e0784be03c4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000001000000010000000f00"/28], 0x50)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x13, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
close(r7)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_subtree(r9, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x6)

7.669885373s ago: executing program 1 (id=4665):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xb}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000055000000850000000700000095"], &(0x7f0000000200)='GPL\x00'}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000400)={r1})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000e40), 0x600c01, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_int(r2, &(0x7f0000000240)=0x2, 0x12)

6.149521293s ago: executing program 1 (id=4668):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x6, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r4}, 0x48)
r6 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0x2f9, 0x6488, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb86dd00017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48)
r9 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r9, 0x1, 0x32, &(0x7f0000000000)=r8, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000700)={r5, &(0x7f0000000580), 0x0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000080000000700000000000000", @ANYRES32, @ANYBLOB='\x00 \x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x60, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b9040a1d08020a000000041296a1180002000000030000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x34}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.148680979s ago: executing program 2 (id=4674):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e00000004000000ffffffff00010000c0200400", @ANYRES32, @ANYBLOB="06000000000000000000000000000000000000000367eee5f01167dfca1dd6aca9e7466046650c5fb5493842c4fa862778f99cf976d0f1c62f23255f74befaf8b38be7f0db54df123e138a61e1bbec17fbe5b834cfe1fda2405397aa9f61c4a165579a00ea0187b83d35b0f5f1456b2036444544ffa5e2d37ed943faab727b784a6d73013707c0a5993590a60c10b78d6b9e6c01251ebe3f0c3c0817d20eb068959dadd2f9d5400db9140e6513eba60fceb29c5ca1affb2e0e40d06767da3656af88a1cf22d6de67f0ada3ae20713a7160845f9b521b1e0784be03c4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000001000000010000000f00"/28], 0x50)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x13, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
close(r7)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_type(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r9, &(0x7f0000000280), 0x9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x6)

3.607255018s ago: executing program 2 (id=4678):
r0 = socket$kcm(0xa, 0x3, 0x106)
socket$kcm(0x29, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x3a, 0x16, 0x0, 0x4)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000008000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x3f00, &(0x7f0000000000)=[{&(0x7f0000000040)="0209000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x1d, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59a5a4d33f921921320000005e140602ffffffff0d0013000100000002800000121f", 0x2e}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0a000000050000000300000004"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003001b00850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r8, &(0x7f0000000000)={&(0x7f0000000800)=@in6={0xa, 0x80, 0x0, @private1, 0x3}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000850000000e0000007feccfbb0459aa00"/53], &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r5, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
r11 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, 0x0, &(0x7f0000001d40)}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8946, &(0x7f0000000400)='{\x05T\x82\x89\x98Yi:')
sendmsg$sock(r11, &(0x7f0000000740)={&(0x7f0000000580)=@in6={0xa, 0x4e20, 0x0, @empty, 0x8}, 0x80, &(0x7f0000000700), 0x0, &(0x7f0000000a80)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r13=>0xffffffffffffffff})
recvmsg$unix(r13, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r14=>0xffffffffffffffff]}}], 0x18}, 0x0)
r15 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r11, 0x107, 0x12, &(0x7f00000000c0)=r15, 0x4)
setsockopt$sock_attach_bpf(r11, 0x107, 0x12, &(0x7f00000008c0)=r14, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=r10, @ANYRES32=r14, @ANYBLOB="05000000010000000100000000000000000000480000000000000000"], 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000cc0)={r7}, 0xc)

2.848700363s ago: executing program 0 (id=4683):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x911, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x1, 0x2b4}, 0x0, 0x10000, 0x0, 0x0, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r2, 0x29, 0x1e, &(0x7f00000000c0), 0x4)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0xfda8, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'veth1_to_team\x00', 0x1})
write$cgroup_subtree(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="8fedcb7907031175f37538e486dd630080fc000b2c00db5b686158bbcfe8875a060300001123000000000000000000000000ac1414aa3b200007"], 0xfdef)

2.652693333s ago: executing program 3 (id=4684):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0x15, &(0x7f0000000500), 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008200000018080000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fada00007b8ae0ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2, r2}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r2, r2}, 0x4)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r3, &(0x7f00000000c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000cc0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000341200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.569322174s ago: executing program 2 (id=4685):
r0 = socket$kcm(0x2c, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000037000b63446a", 0xa}], 0x1}, 0x5006)
socket$kcm(0x2c, 0x3, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x4, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x6, 0xfffffff0, 0xfffc, 0x0, 0x0, 0x0, 0x400000000020}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="14a1000016000b63d25a80648c2594f91324fc60", 0x8c0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r5, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10, 0x0}, 0x300060c1)
setsockopt$sock_attach_bpf(r5, 0x6, 0x3, 0x0, 0x0)
sendmsg$inet(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000005c0)='=b', 0x2}], 0x1}, 0x41)
sendmsg(r5, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000500)='%', 0x1}], 0x1}, 0x10000000)

2.457644875s ago: executing program 3 (id=4686):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x104101, 0x4, 0x0, 0x1, 0x9, 0x10000000, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000740)=@l2tp6={0xa, 0x0, 0x7f, @mcast1, 0x3}, 0x80, &(0x7f0000000080)=[{&(0x7f00000002c0)="f4003b25fe80000000000000dc8b850f238466cc00007a000000ad6e911b5181847fb4000000", 0x26}], 0x1}, 0x0)

2.342944526s ago: executing program 0 (id=4687):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='contention_begin\x00', r0}, 0x18)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3d, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9006000, &(0x7f00000030c0)=[{&(0x7f0000000180)="1400000016001963d25a80648c56915a19aa2bfe", 0x14}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d0800fe007c05e8fe55a115000100ff11142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x200}, 0x8)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x2}, 0x110200, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xe}, 0x100904, 0x0, 0x0, 0x5, 0x200000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x6, 0x22, &(0x7f0000000200), 0x4)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)

2.308154786s ago: executing program 3 (id=4688):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e00000004000000ffffffff00010000c0200400", @ANYRES32, @ANYBLOB="06000000000000000000000000000000000000000367eee5f01167dfca1dd6aca9e7466046650c5fb5493842c4fa862778f99cf976d0f1c62f23255f74befaf8b38be7f0db54df123e138a61e1bbec17fbe5b834cfe1fda2405397aa9f61c4a165579a00ea0187b83d35b0f5f1456b2036444544ffa5e2d37ed943faab727b784a6d73013707c0a5993590a60c10b78d6b9e6c01251ebe3f0c3c0817d20eb068959dadd2f9d5400db9140e6513eba60fceb29c5ca1affb2e0e40d06767da3656af88a1cf22d6de67f0ada3ae20713a7160845f9b521b1e0784be03c4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000001000000010000000f00"/28], 0x50)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x13, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
close(r7)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x6)

1.965561788s ago: executing program 0 (id=4689):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0xd040, 0x10000}, 0x0, 0x10000, 0x0, 0x5, 0x582, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x9, 0x1, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x5411, 0x0)

1.62786015s ago: executing program 0 (id=4690):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e00000004000000ffffffff00010000c0200400", @ANYRES32, @ANYBLOB="06000000000000000000000000000000000000000367eee5f01167dfca1dd6aca9e7466046650c5fb5493842c4fa862778f99cf976d0f1c62f23255f74befaf8b38be7f0db54df123e138a61e1bbec17fbe5b834cfe1fda2405397aa9f61c4a165579a00ea0187b83d35b0f5f1456b2036444544ffa5e2d37ed943faab727b784a6d73013707c0a5993590a60c10b78d6b9e6c01251ebe3f0c3c0817d20eb068959dadd2f9d5400db9140e6513eba60fceb29c5ca1affb2e0e40d06767da3656af88a1cf22d6de67f0ada3ae20713a7160845f9b521b1e0784be03c4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000001000000010000000f00"/28], 0x50)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x13, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
close(r7)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_subtree(r9, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x6)

1.62744467s ago: executing program 3 (id=4691):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=@raw=[@func, @map_fd, @exit, @jmp={0x5, 0x0, 0x4}], 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f3, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb9040a1d080006007c095dd2086518000a800000000003600e1208000f0000000406a80016c0080009", 0x37}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
sendmsg$sock(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000680)="9646c8576d2e8b389bd55df1123ec9475f16e4acebb3dfd46ef1187f8baa9110f5754094cc5096be7cadc4b7466c730bb605856e52de6593a540a7335cad34d7f31061bdf585038fb0d39aef295ba7335092f2624665ad36e62b03332303108249b08d669dad0efc40aec4e0cb95beb1eb3ce57f093fd4c22c36674a16cfb4db48d6dc960a663dadea3addb69942830734297898c39b8f6b65814b19026f5df3d2361e800d5aed676e8f33869e18088bf7e626f70a6b228ac4406c6f046462996ef203751465a884dd942fb9438b293c3c93745882bd21b5621a1cc44e73a9fa754a9a85b843b26a1b7136972122e02837344d0d974a807f2a6c1442d64f19e747ed09bf1f4ca93555be5b61f793297334a607066ac13cef63fe640a646779607a6af465cdb00529b33ee28ac5753cfdc4dbb68295cb960edc7bd4586cc5cd5040b2aaf0492f7f79d73ba7905b617497830f40d4c0b193caba437088df4a56cd24a321acc92882ae57f43af5424f7bf9a90ad19f2726c28e86a4967c66e877dbb92bb156b5fe3722a6d8e06095e994e70edb67445b2dfe499b0beabffd2c006684f7704657c34fd296bbc8ee4f56e1ca37ba76c7228e977baf5f1fc7a69b37ad1c6db2bf1acb17f5ea0c8aa19e51f562689f7473bbb7162ae27b262a5241b5b0f5430c23c31c1170d7d1d6d1bc132b78065c0efcc31f50fb8dfdacee1d31b96068568a58a02102cbf5cf2cdfeb235662044511c9a388e144727eba8a6d69febfcebd723483fd4b7d9747e056b90ec120082793c3c25d8381ca0e9256cf678b8257a69f11578ead5171b6f37d06a8d6cb29004f8b7a78c5e902ab2bf4ce70bb0add4b66ae034be92ea0183582c6a891b5e4084f0c60a8fcf09f6f73c69fd360716fea9e9ef0bee53e3c4b5bdde9daf42ee03f9903341b91dd624e0b3c0dc9c087f770995cc95fbdae1c36fa131aa45f51f97659b7ac04f936fd99eeebf15fd92a7ac4201475308ad82a743fea5c654c22e901ecbcfeef8d432c5156a071522d3e3844357edaf8650165c031bf6dd549e9da6ddbcfbe538777f122ebd9401a06feae24dd1c56b186bf8bc0844a0625bdb1478f4e95c3c2acc70b623f30434dbcc55508bb262e4b0cbed8a238fe1597a53b524216f4f2a5b3ad97b30c2fca6208366aa2ad4b0774c79ef301a6b379b090c2b6a4b4375bd80ed7be86f8cacc20901db933c06fd824ad1ba85e0d2388f7e3efb0e552d16f403b4d2c042299e940080c1fd86e1dbc66d2b02f82fa383cdbd1254c266d336987ccc2ba11a4c8a2b62a34e18b2fe232b394691909de669e816044973845590e5c2978f28cbed95e707284f41a2323df2eb3502a388e313b6c5983354c64473a38bf117cc0f0a6d3d440064d9a57a1ba3611341b0cb2ec8a063a3c1a9f8891acd842010c4f7f2eec6e3ccde04bb333920e251e32ba113a3022e43db824ecffaaee2c361eaa882ae53dd3d91ef94e6861dab796d39603dd8239b02564ca7c76de4576ef3afecd8b3fca489a7e5e65d91004158a7f6e85c942f6da0e93799e716a576f559b9fefc3e43211f81941fc54585ea404a6ea66e4ed23839462cafc63f7b968209a62e87b8c87b6b2ad2219d5cfbabdd2950c5bdca7ab601034b39c307b40e79dbec1d8caa0c75e28cceb37c4c217d83e78ae8eab70788154353117aa5af89d971544feadd7598c3e8ffee648a4f88aca90270f8581f026568d442783ccdc1f53c09eff2d049bdec96dd4ea54052077fc5dd89dd980c7032146e79e8cbc4c1373822749bfb54a8e32adb3fc52f069865e3707639ad34bc035443a025f388c4423b721a5029a094d5e02d938612f35c656aa5e95e4903260bcda0ab54c57ef1ee3e72a367530af77e9699a49566f4447dbb06bbe3b6089b32208592e242d987b07ad6a48c5e448f489337096f522f116fa151fe9f6e9a1e3588867d7c0170425af66e51aa932a9e8d89d1ef12baf047841c2d260fd1231c209f5c3160b7a82685586a13b253eb0e2cbb3e1fea3a442deda9e6474517a318a15cd8023939dd0ee96c471785bcb00953a87f6a0f0cf081346f5226786a4ba493c23e1cf5689e045b6cfb2c0f8c58afc452ffb62e4e99e8c4fd5bbd73b09d5c02aefda0854dbd2e2310d01a03f90abfce5ad75c9d14051b52c7c618de741158e256af20c0bae1ae179ebf6e1c10b46d0b450675ee28eebdd6e5c4652e16ff38c82aa66207399ef4642179b0469b9d038ad5732ac6f8268233af09916c17b6bec9289f22bf62eb145532a2f9aaaa99c57946dbc8dc13253b6adc2bea578e7c986adad1f6f41e34f2735a59e4ace34bc7b0251d6d0389bcf9bf84569c39ce2e3ce4ca31994d07025f4b23f8f5da0c75bcc40675a9d260f900de7c40b6b7e1c19bf7544525269fb14987a7a8e2859848b2aa456cad57bf141d495802a56667f4e95f805835998a93828ada9dd9ef30d5b6df75e3cb79e1147b3dac32b8e68a3269a30f9cb2cdd24d13b4b10ae85780267fe8d16269fca6bb3105be09cac10b712ff3116c42024c9dee8cb717b0e6441ce531e24513bb10338e472a0fa7c63b1319d5df977eb2bbeae3f9d0d5b74567c4dbdfa5795bb269310eba41ab4748530bdf17e94f5bf69bc96dca5613a59cb0c099d994586441b60b50f7c5b8dca6df669d29bcf701bc54d76766ece67c13f8235278986e6809f76aaa5d2933b82da019479550c07232727b9b282237cdff44c5acc38e7ec6f0314b700a41efdcabe2a7b7dd59a967ecabe8a98ba520cd14fc610a2f2e5db47755a110fae9a638412fb68e3b20b2d8aec8017f13a7b9bd4890f67273217f7ae089d2279ea800adbb125cf6462ba75483221799c397cff50cd1885f14e12f76fd12002acdab085ffffa98d7ccc0e39ba3c9b594ad5cd59f778114d4d8627b7b4ef2cdd24ddedd801b21f8b0a7700f3a7c49249efb42461f341edad77cc595b5bd4c94bfd1458e5977d2c3d78acd55fe996f97642f8a5baf405302da29ef45ec6ffba71c35906ef219be19b2f078c5291f236422efb733c4fd5b4c61e22032e52aab02ae5d3b4204931330fb7d2efa75a1a8ebdecbd6d98a43cab3942d088b977a6904af4a31c393e5a5f38ec552a12e29eb5590b2ad4b8a8745b8110ea912757b11d75385a79f785b9184dbe5012551c2bc48246b54ce432b9ce766a3588dc6625bc1b0f37a43e37b76cdeb4ca4cabc71f2d91d4b87adeaba30cf210ccbd579b58c32e616145e77d6ce7d8fb36a064606ae6b87d2668d8df848bd431d397e3b5ab7e70efcb0023bf77c6a646530a81505e27548bcdbb8ccc0f0e8c8269b4b892b80b4523b3dfb3ca976888de709885387fa605960ec3de5d99e42bcb8ed3742a544a09d1239452cbac172f5eb863148390dea23c34d41554636935b95359c704952b1bb4cff6ef9f000651231899ee591158efc8f22f2977c67ff0090f68abceed2b79610772e21dd5f99cb8d7c54722333c6cf056dd76044a64fcd232db6f2e4353c5d666b89e269ede2d1de05baceca52794e307c23b3607ee40d6453693f492d56a54daf0cfbf334d47cc763cab048ddf6e9e33b48332831138179bb7bcafdbd62e35f2b6459dd51e89c7aa623c225ae35be9b36d1637447d89cae111e7dabb7cf5661789edeadbec6f863d0121d036c36faa6a66d4accfdfeed95d4ab98aed81a03f0cd7973df1df72ef3cdefdeab332a87f9fb23080e31d59d6f0670757588252e04694c3de072761f7d9c88eb1c5ae95df9f7c8ccaddfa65b686701804b06d02802a0dd6c774ef74acba47018c97de1bcfd930e9318cae7e1d7d73f5c3235c560421d7c6a6a404f79dde6e5141c7646d7207c266e74d029b3bad358c47dda500c5f746ff12e5e593045e856d62648582c049a30774da65fc50200ead579dd00c6898280b6c6917a613c6ec90ad8350c227c272950b6a6d8f185530b35194d8d412bb6cf2de91bcfe8e42ae9a5a6534e25809ab5ebaf8572f7458d2b9ed3fd01cb663aaf3d050913cdadc362e139e3ec2abb3fbbca6b95156a40f1967478c51d3a64fa99e8b18ae93b9260911d8b87e5559baea823a49e3ef3fac947a55ade29309c587309d68bb18907655c8723d11ff78491f734769db58348ebc7d392f369e60dfc23b03918340b8c008c0762b05f9d03cb6d9e5d60171dd6072d9b997dc02ceae8cfa8099148deeb603ac756929f364c8ff35608bcfcf86705398a68cd1369007598d13ff7d61549fc2b91c2580e2359a0c9a627b1b9fe75d258a028d7f3951b63942087b2b8914ea0f67bfaf8d98ff97c1a0d1ec5a20b57b71bb7ed8fdb2c99aa48f6b05072667de9d53e68e01c92af032713c428e8e316ab1dcddae2a0b4811a8d1fd9825740fcf05be5e14d4b323799ee1fbbe91688111702bc1e808929c9c82bbeff4011ecde1bb1df527fbf0065ad2dc219d51c52f70e2b9edafe6b34810ff875858d3ab9aa1e8b6d53909cc4777dcbf741bf285f9a15d2f83ee3378160237094e33d8619635b08db3fd9fe108c6b46f0ae27f5d9e027993adf7cc4405a8d3f4cbc549f0aebb5d5d8dec405ca280df0ddd9df3ea7d56bd5a05f7bb093af88bdd3c87ecc7a84efe055e5521b1d50d94236a0d6433e8c4b7c6698a28010c4270d40f51efc7592e5eb121e1a84e1282a06acfb7f9490688dfd28b1c0592b9d65d6844d6e3f7ff23cdb383e24670b98b008cdd6da043d39d6ae5308c8fc7c070ef445722d692ecb7d714406231ea54eb191cac629476951d7d5c5c2f213c4c4c840b4b1264a52e6ea21daf11aa30550f318e265d841974fd940db2cefb0eab724db16ede9cdf08dd0b3d1e22913fbdf36eb980af8847046c5bd5f6a555c02ff26aac0f0657cc6230d070cdc1b1df2b12beddc3a0897d71af9cf81a05d04530b2644088b8763883a714524c2b4d26fff02b0d3dafb5889c4335b30b6f804a2129b17c7598b68360d21e309816f73452596bd24717e0205665cc383594f38190984897b5ee4e1cf4f1852ef26e83f93dc31c56aa10c3cc28cc071849fee377fd9f7d2004e344e7ff0935543bb40f6a5ab90bbef314a56a6853bc733f5519d7771319148b5bcff5e29556860bb16ec461cd0b52bf72c1bdef1241daa2bf9c82a18e2e2197d8eba960a4853c0ce9c720d40dec56f7a6331a20a02921f6adc374caf99e9d932e83ebf711507b9bb49725fedde389f3fc6ccd4ababae8eb482dd95165c56c52a6239717092bbaeacb597839ced4666ba16fd8ddd35c9159d6544d7badceaed2c4bf575e2ccd922016f6d6a0038e86ddd97ea6a96660010133df9636ff788366105a4f2985f90bec153bc8c2fde92597671eaf25be01a21ecc8e0e378963ba052079765607f38035d475fc484507537a344cec1f6e853225beb388a111b8e71cf3007288862a95048a5a85f8dcac5abef8cec13dbd643a4cf7bd4a62e5974745e0db4db967581bc86006eee40b378422f08fb8b9995bbf1033b27b06d2a11aa4af391beb4ec462bc4b0eaf0541f9fdd99021f13140761058117b81f63275302cdb9d333eee53ad033d1d7d00cb857c0b3471578861f681082a7b5896ed223bacc98e598422cefa4b1c3381c56a8172cee61cb8b5946687e90b08a5c4bed92078cf469d4680f00ca20406aa5cad3cf40c56dd3354f33980601b24a248edb4fc6579b98684b4a37e2392739c8aa5b9f832ee585ebc845af0b041d56bba2caaf92cee3481e0f52fce64cfabba21f667275b8f9dea26f2", 0x1000}, {&(0x7f0000000180)="051aa6aead85900cf16dcf9433c1d25e73e5b278cc1ef596d17b9cb5be39350485d47cafa95822f3747b2f945cedfd51442c10a4ceb7de5f260032b285a08db0bce296862da3ec73700c83aa3ec74d2e942df03f22284c2a677c62e8f3660d619fc20b4e82", 0x65}], 0x2, &(0x7f0000000240)=[@txtime={{0x18, 0x1, 0x3d, 0x2c}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @txtime={{0x18, 0x1, 0x3d, 0xd}}], 0x78}, 0x800)
sendmsg$unix(r3, &(0x7f0000000640)={&(0x7f00000005c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001680)}, 0x24004044)

1.62451914s ago: executing program 2 (id=4692):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x3, 0x3a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='objagg_create\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x28e, @mcast1, 0x9}, 0x80, 0x0}, 0x20000884)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89b0, &(0x7f0000000040)={'vlan0\x00', @random="180700000020"})
sendmsg$kcm(r0, &(0x7f0000003c40)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xfe}, 0x5, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f00000000c0)="885c8a79eed0c7", 0x7}], 0x1}, 0x1)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4, 0x2}, 0x0, 0xa1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8f}, 0x0, 0x2, 0xffffffffffffffff, 0x3)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x4, @perf_config_ext={0x407fff, 0x1}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x6, 0x0, 0xffda, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xd8}, 0x43)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @lsm=0x30}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socketpair(0x1, 0x1, 0x1, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8946, &(0x7f0000000080))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0}, 0x400c0)

1.112945603s ago: executing program 0 (id=4693):
r0 = socket$kcm(0xa, 0x3, 0x106)
socket$kcm(0x29, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x3a, 0x16, 0x0, 0x4)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000008000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x3f00, &(0x7f0000000000)=[{&(0x7f0000000040)="0209000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x1d, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59a5a4d33f921921320000005e140602ffffffff0d0013000100000002800000121f", 0x2e}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0a000000050000000300000004"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003001b00850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r8, &(0x7f0000000000)={&(0x7f0000000800)=@in6={0xa, 0x80, 0x0, @private1, 0x3}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000850000000e0000007feccfbb0459aa00"/53], &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r5, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
r11 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, 0x0, &(0x7f0000001d40)}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8946, &(0x7f0000000400)='{\x05T\x82\x89\x98Yi:')
sendmsg$sock(r11, &(0x7f0000000740)={&(0x7f0000000580)=@in6={0xa, 0x4e20, 0x0, @empty, 0x8}, 0x80, &(0x7f0000000700), 0x0, &(0x7f0000000a80)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r13=>0xffffffffffffffff})
recvmsg$unix(r13, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r14=>0xffffffffffffffff]}}], 0x18}, 0x0)
r15 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r11, 0x107, 0x12, &(0x7f00000000c0)=r15, 0x4)
setsockopt$sock_attach_bpf(r11, 0x107, 0x12, &(0x7f00000008c0)=r14, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=r10, @ANYRES32=r14, @ANYBLOB="05000000010000000100000000000000000000480000000000000000"], 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000cc0)={r7}, 0xc)

1.111976033s ago: executing program 3 (id=4694):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xb}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000055000000850000000700000095"], &(0x7f0000000200)='GPL\x00'}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000400)={r1})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000e40), 0x600c01, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_int(r2, &(0x7f0000000240)=0x2, 0x12)

988.435064ms ago: executing program 2 (id=4695):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x104101, 0x4, 0x0, 0x1, 0x9, 0x10000000, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000740)=@l2tp6={0xa, 0x0, 0x7f, @mcast1, 0x3}, 0x80, &(0x7f0000000080)=[{&(0x7f00000002c0)="f4003b25fe80000000000000dc8b850f238466cc00007a000000ad6e911b5181847fb4000000", 0x26}], 0x1}, 0x0)

498.537637ms ago: executing program 2 (id=4696):
r0 = socket$kcm(0x2c, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="140000003700648c2594f90b24fc600000000000", 0x14}], 0x1}, 0x5006)
socket$kcm(0x2c, 0x3, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x4, 0x0, 0x480000000000000b, 0x954b, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_bp={&(0x7f0000000200), 0x2}, 0x11efa, 0x80000000000004, 0x98, 0x0, 0x6, 0x10001, 0xfffc, 0x0, 0x0, 0x0, 0x400000000020}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91324fc60", 0x8c0}], 0x1}, 0x0)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r6, 0x6, 0x3, &(0x7f00000000c0), 0x4)
sendmsg$inet(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000005c0)='=b', 0x2}], 0x1}, 0x41)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
close(r7)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r7, 0x40047451, &(0x7f0000001a40))
sendmsg(r6, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000500)='%', 0x1}], 0x1}, 0x10000000)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000300)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000900)=""/141, 0x8d}, {&(0x7f0000000a80)=""/169, 0xa9}, {&(0x7f0000000b40)=""/184, 0xb8}, {&(0x7f0000001a80)=""/4096, 0x1000}, {&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f0000000c00)=""/139, 0x8b}, {&(0x7f0000000cc0)=""/218, 0xda}, {&(0x7f0000000dc0)=""/211, 0xd3}], 0x8, &(0x7f0000000ec0)=""/123, 0x7b}, 0x41)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r4, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000003c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0], 0x0, 0x44, &(0x7f00000002c0)=[{}, {}, {}, {}], 0x20, 0xfffffffffffffeed, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x39, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)

58.351909ms ago: executing program 3 (id=4697):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r2, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1e00000004000000ffffffff00010000c0200400", @ANYRES32, @ANYBLOB="06000000000000000000000000000000000000000367eee5f01167dfca1dd6aca9e7466046650c5fb5493842c4fa862778f99cf976d0f1c62f23255f74befaf8b38be7f0db54df123e138a61e1bbec17fbe5b834cfe1fda2405397aa9f61c4a165579a00ea0187b83d35b0f5f1456b2036444544ffa5e2d37ed943faab727b784a6d73013707c0a5993590a60c10b78d6b9e6c01251ebe3f0c3c0817d20eb068959dadd2f9d5400db9140e6513eba60fceb29c5ca1affb2e0e40d06767da3656af88a1cf22d6de67f0ada3ae20713a7160845f9b521b1e0784be03c4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000001000000010000000f00"/28], 0x50)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x13, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
close(r7)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x6)

0s ago: executing program 0 (id=4698):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0xd040, 0x10000}, 0x0, 0x10000, 0x0, 0x5, 0x582, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x5411, 0x0)

kernel console output (not intermixed with test programs):

447]  ? show_regs_print_info+0x20/0x20
[  633.494477][T15447]  ? load_image+0x3b0/0x3b0
[  633.499044][T15447]  ? __lock_acquire+0x7c80/0x7c80
[  633.504123][T15447]  should_fail_ex+0x39d/0x4d0
[  633.508866][T15447]  _copy_from_user+0x2f/0xe0
[  633.513508][T15447]  __copy_msghdr+0x3bb/0x580
[  633.518168][T15447]  ___sys_sendmsg+0x1a6/0x290
[  633.522905][T15447]  ? __sys_sendmsg+0x270/0x270
[  633.527760][T15447]  ? __lock_acquire+0x7c80/0x7c80
[  633.532856][T15447]  __se_sys_sendmsg+0x1a5/0x270
[  633.537763][T15447]  ? __x64_sys_sendmsg+0x80/0x80
[  633.542773][T15447]  ? lockdep_hardirqs_on+0x98/0x150
[  633.548023][T15447]  do_syscall_64+0x55/0xb0
[  633.552492][T15447]  ? clear_bhb_loop+0x40/0x90
[  633.557222][T15447]  ? clear_bhb_loop+0x40/0x90
[  633.561950][T15447]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  633.567904][T15447] RIP: 0033:0x7f9cd978efc9
[  633.572360][T15447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.592107][T15447] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  633.600588][T15447] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  633.608609][T15447] RDX: 0000000000000000 RSI: 0000200000001f80 RDI: 0000000000000006
[  633.616626][T15447] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  633.624645][T15447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  633.632661][T15447] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  633.640686][T15447]  </TASK>
[  633.673224][T15453] netlink: 'syz.0.3588': attribute type 10 has an invalid length.
[  634.215971][T15471] netlink: 16211 bytes leftover after parsing attributes in process `syz.2.3597'.
[  634.341722][T15477] netlink: 'syz.1.3600': attribute type 10 has an invalid length.
[  634.731257][T15492] netlink: 'syz.3.3606': attribute type 39 has an invalid length.
[  635.473729][T15501] netlink: 16211 bytes leftover after parsing attributes in process `syz.2.3609'.
[  635.639433][T15510] netlink: 'syz.3.3613': attribute type 10 has an invalid length.
[  636.887392][T15540] netlink: 'syz.3.3626': attribute type 10 has an invalid length.
[  636.984994][T15542] netlink: 16211 bytes leftover after parsing attributes in process `syz.1.3627'.
[  636.998882][T15544] FAULT_INJECTION: forcing a failure.
[  636.998882][T15544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  637.012559][T15544] CPU: 0 PID: 15544 Comm: syz.2.3628 Not tainted syzkaller #0
[  637.020086][T15544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  637.030376][T15544] Call Trace:
[  637.033808][T15544]  <TASK>
[  637.036783][T15544]  dump_stack_lvl+0x16c/0x230
[  637.041536][T15544]  ? show_regs_print_info+0x20/0x20
[  637.046819][T15544]  ? load_image+0x3b0/0x3b0
[  637.052871][T15544]  ? __might_fault+0xaa/0x120
[  637.057599][T15544]  ? __lock_acquire+0x7c80/0x7c80
[  637.062692][T15544]  should_fail_ex+0x39d/0x4d0
[  637.067435][T15544]  _copy_from_user+0x2f/0xe0
[  637.072176][T15544]  ___sys_sendmsg+0x159/0x290
[  637.076930][T15544]  ? __sys_sendmsg+0x270/0x270
[  637.081779][T15544]  ? __lock_acquire+0x7c80/0x7c80
[  637.086861][T15544]  __se_sys_sendmsg+0x1a5/0x270
[  637.091836][T15544]  ? __x64_sys_sendmsg+0x80/0x80
[  637.096994][T15544]  ? lockdep_hardirqs_on+0x98/0x150
[  637.102222][T15544]  do_syscall_64+0x55/0xb0
[  637.106667][T15544]  ? clear_bhb_loop+0x40/0x90
[  637.111369][T15544]  ? clear_bhb_loop+0x40/0x90
[  637.116072][T15544]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  637.121987][T15544] RIP: 0033:0x7ff247d8efc9
[  637.126425][T15544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.146064][T15544] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  637.154682][T15544] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  637.162695][T15544] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  637.170686][T15544] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  637.178681][T15544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.186764][T15544] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  637.194863][T15544]  </TASK>
[  637.370486][T15551] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3631'.
[  637.380043][T15551] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3631'.
[  637.395400][T15551] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3631'.
[  637.405272][T15551] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3631'.
[  637.889505][T15566] netlink: 16187 bytes leftover after parsing attributes in process `syz.2.3638'.
[  637.958956][T15569] FAULT_INJECTION: forcing a failure.
[  637.958956][T15569] name failslab, interval 1, probability 0, space 0, times 0
[  637.959431][T15567] netlink: 'syz.3.3637': attribute type 10 has an invalid length.
[  637.989444][T15569] CPU: 1 PID: 15569 Comm: syz.1.3639 Not tainted syzkaller #0
[  637.997080][T15569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  638.007253][T15569] Call Trace:
[  638.011055][T15569]  <TASK>
[  638.014030][T15569]  dump_stack_lvl+0x16c/0x230
[  638.018752][T15569]  ? show_regs_print_info+0x20/0x20
[  638.024088][T15569]  ? load_image+0x3b0/0x3b0
[  638.028626][T15569]  ? __might_sleep+0xe0/0xe0
[  638.033446][T15569]  ? __lock_acquire+0x7c80/0x7c80
[  638.038585][T15569]  should_fail_ex+0x39d/0x4d0
[  638.043293][T15569]  should_failslab+0x9/0x20
[  638.047820][T15569]  slab_pre_alloc_hook+0x59/0x310
[  638.052876][T15569]  ? apparmor_sk_alloc_security+0x77/0x100
[  638.058708][T15569]  __kmem_cache_alloc_node+0x53/0x260
[  638.064112][T15569]  ? apparmor_sk_alloc_security+0x77/0x100
[  638.069956][T15569]  kmalloc_trace+0x2a/0xe0
[  638.074419][T15569]  apparmor_sk_alloc_security+0x77/0x100
[  638.080072][T15569]  security_sk_alloc+0x6e/0xa0
[  638.084985][T15569]  sk_prot_alloc+0x101/0x210
[  638.089616][T15569]  ? sk_alloc+0x24/0x360
[  638.093917][T15569]  sk_alloc+0x3a/0x360
[  638.098021][T15569]  ? bpf_ctx_init+0x163/0x1a0
[  638.102724][T15569]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  638.108581][T15569]  bpf_prog_test_run_skb+0x39a/0x11c0
[  638.113986][T15569]  ? __fget_files+0x28/0x4d0
[  638.119053][T15569]  ? cpu_online+0x60/0x60
[  638.123409][T15569]  bpf_prog_test_run+0x321/0x390
[  638.128368][T15569]  __sys_bpf+0x440/0x800
[  638.132671][T15569]  ? bpf_link_show_fdinfo+0x350/0x350
[  638.138074][T15569]  ? lock_chain_count+0x20/0x20
[  638.142951][T15569]  __x64_sys_bpf+0x7c/0x90
[  638.147381][T15569]  do_syscall_64+0x55/0xb0
[  638.151818][T15569]  ? clear_bhb_loop+0x40/0x90
[  638.156520][T15569]  ? clear_bhb_loop+0x40/0x90
[  638.161225][T15569]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  638.167256][T15569] RIP: 0033:0x7f9cd978efc9
[  638.171687][T15569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.191319][T15569] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  638.199859][T15569] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  638.207858][T15569] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  638.215934][T15569] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  638.224037][T15569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  638.232079][T15569] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  638.240272][T15569]  </TASK>
[  638.944764][T15591] netlink: 16187 bytes leftover after parsing attributes in process `syz.1.3648'.
[  639.003232][T15593] netlink: 'syz.3.3649': attribute type 10 has an invalid length.
[  639.015573][T15593] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3649'.
[  639.106543][T15597] netlink: 'syz.1.3651': attribute type 10 has an invalid length.
[  639.525389][T15609] syz.1.3656[15609] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  639.525534][T15609] syz.1.3656[15609] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  639.548562][T15609] FAULT_INJECTION: forcing a failure.
[  639.548562][T15609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  639.573841][T15609] CPU: 0 PID: 15609 Comm: syz.1.3656 Not tainted syzkaller #0
[  639.581356][T15609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  639.591559][T15609] Call Trace:
[  639.594950][T15609]  <TASK>
[  639.597934][T15609]  dump_stack_lvl+0x16c/0x230
[  639.602893][T15609]  ? verify_lock_unused+0x140/0x140
[  639.608243][T15609]  ? show_regs_print_info+0x20/0x20
[  639.613511][T15609]  ? load_image+0x3b0/0x3b0
[  639.618081][T15609]  should_fail_ex+0x39d/0x4d0
[  639.622823][T15609]  copy_to_user_nofault+0x85/0x140
[  639.628006][T15609]  bpf_prog_42b0bc03b33f5c41+0x47/0x4d
[  639.633526][T15609]  __bpf_prog_test_run_raw_tp+0x362/0x410
[  639.639310][T15609]  ? __bpf_prog_test_run_raw_tp+0xcb/0x410
[  639.645358][T15609]  ? bpf_prog_test_run_raw_tp+0x640/0x640
[  639.651321][T15609]  ? __lock_acquire+0x7c80/0x7c80
[  639.656681][T15609]  bpf_prog_test_run_raw_tp+0x3eb/0x640
[  639.662311][T15609]  ? trace_bpf_test_finish+0x1a0/0x1a0
[  639.667845][T15609]  ? trace_bpf_test_finish+0x1a0/0x1a0
[  639.673364][T15609]  bpf_prog_test_run+0x321/0x390
[  639.678370][T15609]  __sys_bpf+0x440/0x800
[  639.682788][T15609]  ? bpf_link_show_fdinfo+0x350/0x350
[  639.688685][T15609]  ? lock_chain_count+0x20/0x20
[  639.693803][T15609]  __x64_sys_bpf+0x7c/0x90
[  639.698371][T15609]  do_syscall_64+0x55/0xb0
[  639.702929][T15609]  ? clear_bhb_loop+0x40/0x90
[  639.707654][T15609]  ? clear_bhb_loop+0x40/0x90
[  639.712423][T15609]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  639.718996][T15609] RIP: 0033:0x7f9cd978efc9
[  639.723558][T15609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.743219][T15609] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  639.752213][T15609] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  639.760287][T15609] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[  639.768313][T15609] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  639.777042][T15609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  639.785416][T15609] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  639.793733][T15609]  </TASK>
[  639.973330][T15618] netlink: 16187 bytes leftover after parsing attributes in process `syz.1.3659'.
[  640.015267][T15626] netlink: 'syz.2.3662': attribute type 10 has an invalid length.
[  640.032996][T15625] syz.3.3661[15625] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.033158][T15625] syz.3.3661[15625] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.464806][T15646] netlink: 'syz.1.3664': attribute type 39 has an invalid length.
[  640.565450][T15646] veth0_macvtap: left promiscuous mode
[  640.997753][T15656] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.3672'.
[  641.353208][T15660] netlink: 'syz.3.3674': attribute type 10 has an invalid length.
[  642.101830][T15683] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.3683'.
[  642.272281][T15687] FAULT_INJECTION: forcing a failure.
[  642.272281][T15687] name failslab, interval 1, probability 0, space 0, times 0
[  642.319665][T15687] CPU: 1 PID: 15687 Comm: syz.3.3684 Not tainted syzkaller #0
[  642.327322][T15687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  642.337447][T15687] Call Trace:
[  642.340777][T15687]  <TASK>
[  642.343763][T15687]  dump_stack_lvl+0x16c/0x230
[  642.348514][T15687]  ? show_regs_print_info+0x20/0x20
[  642.353780][T15687]  ? load_image+0x3b0/0x3b0
[  642.358352][T15687]  ? __might_sleep+0xe0/0xe0
[  642.363019][T15687]  ? __lock_acquire+0x7c80/0x7c80
[  642.368124][T15687]  should_fail_ex+0x39d/0x4d0
[  642.372886][T15687]  should_failslab+0x9/0x20
[  642.377464][T15687]  slab_pre_alloc_hook+0x59/0x310
[  642.382564][T15687]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  642.388699][T15687]  kmem_cache_alloc_lru+0x4d/0x2e0
[  642.393877][T15687]  ? __d_alloc+0x31/0x730
[  642.398292][T15687]  __d_alloc+0x31/0x730
[  642.402546][T15687]  ? lockdep_hardirqs_on+0x98/0x150
[  642.407809][T15687]  d_alloc_pseudo+0x1d/0x70
[  642.412409][T15687]  alloc_file_pseudo+0xcc/0x200
[  642.417333][T15687]  ? alloc_empty_backing_file+0xe0/0xe0
[  642.422990][T15687]  anon_inode_getfile+0xc5/0x1a0
[  642.428017][T15687]  __se_sys_perf_event_open+0xeb5/0x1c20
[  642.433742][T15687]  ? __x64_sys_perf_event_open+0xc0/0xc0
[  642.439445][T15687]  ? lock_chain_count+0x20/0x20
[  642.444343][T15687]  ? lockdep_hardirqs_on+0x98/0x150
[  642.449667][T15687]  ? __x64_sys_perf_event_open+0x20/0xc0
[  642.455346][T15687]  do_syscall_64+0x55/0xb0
[  642.459802][T15687]  ? clear_bhb_loop+0x40/0x90
[  642.464560][T15687]  ? clear_bhb_loop+0x40/0x90
[  642.469374][T15687]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  642.475457][T15687] RIP: 0033:0x7f5b5ab8efc9
[  642.479998][T15687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.500097][T15687] RSP: 002b:00007f5b5bb11038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  642.508558][T15687] RAX: ffffffffffffffda RBX: 00007f5b5ade5fa0 RCX: 00007f5b5ab8efc9
[  642.516563][T15687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000800
[  642.524561][T15687] RBP: 00007f5b5bb11090 R08: 0000000000000000 R09: 0000000000000000
[  642.532559][T15687] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  642.540728][T15687] R13: 00007f5b5ade6038 R14: 00007f5b5ade5fa0 R15: 00007ffc4d223338
[  642.548759][T15687]  </TASK>
[  642.621512][T15696] netlink: 'syz.0.3685': attribute type 10 has an invalid length.
[  643.219304][T15716] netlink: 'syz.3.3694': attribute type 10 has an invalid length.
[  643.234999][T15716] macvlan1: entered allmulticast mode
[  643.268945][T15718] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.3695'.
[  643.294793][T15716] veth1_vlan: entered allmulticast mode
[  643.316545][T15716] team0: Port device macvlan1 added
[  643.497335][T15725] netlink: 'syz.3.3699': attribute type 10 has an invalid length.
[  643.685633][T15732] netlink: 188 bytes leftover after parsing attributes in process `syz.0.3701'.
[  644.567052][T15749] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3705'.
[  644.831525][T15758] netlink: 'syz.2.3710': attribute type 10 has an invalid length.
[  645.532396][T15778] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3718'.
[  646.239613][T15789] netlink: 'syz.2.3722': attribute type 10 has an invalid length.
[  647.046369][T15806] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3729'.
[  647.429300][T15820] netlink: 'syz.2.3735': attribute type 10 has an invalid length.
[  647.809090][T15834] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3742'.
[  648.121169][T15846] netlink: 'syz.2.3747': attribute type 10 has an invalid length.
[  648.570494][T15869] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3754'.
[  648.792145][T15877] netlink: 'syz.1.3760': attribute type 10 has an invalid length.
[  649.050929][T15884] FAULT_INJECTION: forcing a failure.
[  649.050929][T15884] name failslab, interval 1, probability 0, space 0, times 0
[  649.064009][T15884] CPU: 0 PID: 15884 Comm: syz.1.3763 Not tainted syzkaller #0
[  649.071518][T15884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  649.081771][T15884] Call Trace:
[  649.085105][T15884]  <TASK>
[  649.088083][T15884]  dump_stack_lvl+0x16c/0x230
[  649.092839][T15884]  ? show_regs_print_info+0x20/0x20
[  649.098106][T15884]  ? load_image+0x3b0/0x3b0
[  649.102671][T15884]  ? skb_network_protocol+0x509/0x760
[  649.108108][T15884]  should_fail_ex+0x39d/0x4d0
[  649.112941][T15884]  should_failslab+0x9/0x20
[  649.117496][T15884]  slab_pre_alloc_hook+0x59/0x310
[  649.122586][T15884]  kmem_cache_alloc+0x5a/0x2e0
[  649.127407][T15884]  ? skb_clone+0x1eb/0x370
[  649.131886][T15884]  skb_clone+0x1eb/0x370
[  649.136174][T15884]  ? dev_queue_xmit_nit+0x212/0xbb0
[  649.141401][T15884]  dev_queue_xmit_nit+0x24d/0xbb0
[  649.146447][T15884]  ? dev_queue_xmit_nit+0x2d/0xbb0
[  649.151583][T15884]  ? validate_xmit_skb+0x953/0xf50
[  649.156723][T15884]  dev_hard_start_xmit+0x148/0x740
[  649.161874][T15884]  __dev_queue_xmit+0x1a64/0x35a0
[  649.166942][T15884]  ? __dev_queue_xmit+0x245/0x35a0
[  649.172080][T15884]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  649.178260][T15884]  ? netdev_core_pick_tx+0x340/0x340
[  649.183660][T15884]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  649.189857][T15884]  ? pskb_expand_head+0xbfe/0x1230
[  649.195012][T15884]  ? __bpf_redirect+0x533/0xe60
[  649.199890][T15884]  __bpf_tx_skb+0x189/0x250
[  649.204414][T15884]  bpf_clone_redirect+0x270/0x3d0
[  649.209468][T15884]  bpf_prog_208b094576c80b22+0x5e/0x63
[  649.214953][T15884]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  649.221391][T15884]  ? lock_chain_count+0x20/0x20
[  649.226264][T15884]  ? seqcount_lockdep_reader_access+0x124/0x1c0
[  649.232565][T15884]  ? lockdep_softirqs_on+0x570/0x570
[  649.237876][T15884]  ? ktime_get+0x7f/0x280
[  649.242243][T15884]  ? seqcount_lockdep_reader_access+0x176/0x1c0
[  649.248505][T15884]  ? ktime_get_real_ts64+0x420/0x420
[  649.253815][T15884]  ? lockdep_hardirqs_on+0x98/0x150
[  649.259058][T15884]  ? __local_bh_disable_ip+0xf2/0x190
[  649.264465][T15884]  ? __cant_sleep+0x210/0x210
[  649.269179][T15884]  ? read_tsc+0x9/0x20
[  649.273416][T15884]  ? ktime_get+0x24b/0x280
[  649.277902][T15884]  ? bpf_test_run+0x15c/0x810
[  649.282725][T15884]  bpf_test_run+0x2c7/0x810
[  649.287276][T15884]  ? bpf_test_run+0x15c/0x810
[  649.291978][T15884]  ? convert___skb_to_skb+0x590/0x590
[  649.297374][T15884]  ? eth_get_headlen+0x200/0x200
[  649.302361][T15884]  ? slab_build_skb+0x25f/0x3f0
[  649.307239][T15884]  ? convert___skb_to_skb+0x3d/0x590
[  649.312553][T15884]  bpf_prog_test_run_skb+0xa67/0x11c0
[  649.318141][T15884]  ? cpu_online+0x60/0x60
[  649.322490][T15884]  bpf_prog_test_run+0x321/0x390
[  649.327452][T15884]  __sys_bpf+0x440/0x800
[  649.331716][T15884]  ? bpf_link_show_fdinfo+0x350/0x350
[  649.337292][T15884]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  649.343498][T15884]  __x64_sys_bpf+0x7c/0x90
[  649.347937][T15884]  do_syscall_64+0x55/0xb0
[  649.352468][T15884]  ? clear_bhb_loop+0x40/0x90
[  649.357187][T15884]  ? clear_bhb_loop+0x40/0x90
[  649.361887][T15884]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  649.367798][T15884] RIP: 0033:0x7f9cd978efc9
[  649.372236][T15884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  649.391866][T15884] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  649.400296][T15884] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  649.408286][T15884] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  649.416276][T15884] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  649.424260][T15884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  649.432248][T15884] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  649.440253][T15884]  </TASK>
[  649.612484][T15893] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3767'.
[  649.915609][T15902] netlink: 'syz.3.3771': attribute type 10 has an invalid length.
[  650.320698][T15921] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3779'.
[  651.407905][T15935] netlink: 'syz.2.3782': attribute type 10 has an invalid length.
[  652.406688][T15956] netlink: 16399 bytes leftover after parsing attributes in process `syz.2.3789'.
[  652.787465][T15967] netlink: 'syz.3.3794': attribute type 10 has an invalid length.
[  653.225574][T15986] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3801'.
[  663.804290][T16001] netlink: 'syz.0.3806': attribute type 10 has an invalid length.
[  664.161542][T16017] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3813'.
[  664.939356][T16035] netlink: zone id is out of range
[  664.950483][T16035] netlink: set zone limit has 8 unknown bytes
[  665.059606][T16040] netlink: 'syz.2.3821': attribute type 10 has an invalid length.
[  665.410356][T16048] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3825'.
[  665.661866][T16064] netlink: 'syz.0.3830': attribute type 17 has an invalid length.
[  665.691228][T16064] netlink: 'syz.0.3830': attribute type 16 has an invalid length.
[  665.699123][T16064] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3830'.
[  666.177470][T16073] netlink: 'syz.1.3834': attribute type 10 has an invalid length.
[  666.369015][T16080] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3838'.
[  666.682099][T16092] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  666.688370][T16096] netlink: 'syz.2.3845': attribute type 3 has an invalid length.
[  666.697695][T16096] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3845'.
[  666.739063][T16094] netlink: 'syz.0.3844': attribute type 21 has an invalid length.
[  666.903190][T16100] netlink: 'syz.0.3847': attribute type 10 has an invalid length.
[  667.252548][T16110] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3852'.
[  667.471533][T16120] FAULT_INJECTION: forcing a failure.
[  667.471533][T16120] name failslab, interval 1, probability 0, space 0, times 0
[  667.485348][T16120] CPU: 1 PID: 16120 Comm: syz.3.3855 Not tainted syzkaller #0
[  667.492872][T16120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  667.502986][T16120] Call Trace:
[  667.506320][T16120]  <TASK>
[  667.509300][T16120]  dump_stack_lvl+0x16c/0x230
[  667.514048][T16120]  ? show_regs_print_info+0x20/0x20
[  667.519299][T16120]  ? load_image+0x3b0/0x3b0
[  667.523861][T16120]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  667.529899][T16120]  ? lock_chain_count+0x20/0x20
[  667.534810][T16120]  should_fail_ex+0x39d/0x4d0
[  667.539556][T16120]  should_failslab+0x9/0x20
[  667.544115][T16120]  slab_pre_alloc_hook+0x59/0x310
[  667.549190][T16120]  ? skb_network_protocol+0x509/0x760
[  667.554618][T16120]  kmem_cache_alloc_node+0x60/0x330
[  667.560092][T16120]  ? __alloc_skb+0x108/0x2c0
[  667.564838][T16120]  __alloc_skb+0x108/0x2c0
[  667.569322][T16120]  skb_segment+0xee0/0x3f50
[  667.573892][T16120]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  667.579968][T16120]  udp6_ufo_fragment+0x9b1/0xf30
[  667.585005][T16120]  ? udpv6_offload_exit+0x20/0x20
[  667.590110][T16120]  ipv6_gso_segment+0xb6f/0x2120
[  667.595109][T16120]  ? inet6_del_offload+0x50/0x50
[  667.600134][T16120]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  667.606174][T16120]  ? inet6_del_offload+0x50/0x50
[  667.611157][T16120]  skb_mac_gso_segment+0x31a/0x630
[  667.616500][T16120]  ? skb_mac_gso_segment+0x17f/0x630
[  667.621807][T16120]  ? skb_eth_gso_segment+0x270/0x270
[  667.627153][T16120]  nsh_gso_segment+0x4c7/0xc60
[  667.631951][T16120]  ? nsh_pop+0x570/0x570
[  667.636217][T16120]  skb_mac_gso_segment+0x31a/0x630
[  667.641357][T16120]  ? skb_mac_gso_segment+0x17f/0x630
[  667.646667][T16120]  ? skb_eth_gso_segment+0x270/0x270
[  667.651987][T16120]  __skb_gso_segment+0x302/0x4a0
[  667.657052][T16120]  validate_xmit_skb+0x565/0xf50
[  667.662034][T16120]  ? up_read+0x20/0x20
[  667.666117][T16120]  ? __up_read+0x280/0x670
[  667.670555][T16120]  ? validate_xmit_skb_list+0x120/0x120
[  667.676143][T16120]  validate_xmit_skb_list+0x84/0x120
[  667.681464][T16120]  sch_direct_xmit+0xd4/0x4a0
[  667.686157][T16120]  ? read_lock_is_recursive+0x20/0x20
[  667.691550][T16120]  ? rcu_read_lock_bh_held+0x7a/0xe0
[  667.696855][T16120]  ? mrp_pdu_parse_vecattr_event+0x2a0/0x2a0
[  667.702853][T16120]  ? __dev_queue_xmit+0x894/0x35a0
[  667.708093][T16120]  __dev_queue_xmit+0x173e/0x35a0
[  667.713150][T16120]  ? __dev_queue_xmit+0x245/0x35a0
[  667.718281][T16120]  ? virtio_net_hdr_to_skb+0x78f/0x14b0
[  667.723857][T16120]  ? netdev_core_pick_tx+0x340/0x340
[  667.729251][T16120]  ? virtio_net_hdr_to_skb+0xa31/0x14b0
[  667.734835][T16120]  ? packet_extra_vlan_len_allowed+0x200/0x200
[  667.741028][T16120]  ? packet_xmit+0x66/0x330
[  667.745556][T16120]  ? packet_sendmsg+0x3a48/0x4d30
[  667.750604][T16120]  packet_sendmsg+0x3b47/0x4d30
[  667.755513][T16120]  ? lock_chain_count+0x20/0x20
[  667.760384][T16120]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  667.766558][T16120]  ? lockdep_hardirqs_on+0x98/0x150
[  667.771773][T16120]  ? packet_getsockopt+0xa20/0xa20
[  667.776906][T16120]  ? cgroup_iter_seq_fini+0x10/0x40
[  667.782127][T16120]  ? __sanitizer_cov_trace_pc+0x8/0x60
[  667.787605][T16120]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  667.792918][T16120]  ? security_socket_sendmsg+0x80/0xa0
[  667.798401][T16120]  ? packet_getsockopt+0xa20/0xa20
[  667.803559][T16120]  ____sys_sendmsg+0x5bf/0x950
[  667.808443][T16120]  ? __asan_memset+0x22/0x40
[  667.813051][T16120]  ? __sys_sendmsg_sock+0x30/0x30
[  667.818107][T16120]  ? __import_iovec+0x3fa/0x860
[  667.823008][T16120]  ? import_iovec+0x73/0xa0
[  667.827558][T16120]  ___sys_sendmsg+0x220/0x290
[  667.832283][T16120]  ? __sys_sendmsg+0x270/0x270
[  667.837102][T16120]  ? seqcount_lockdep_reader_access+0x160/0x1c0
[  667.843398][T16120]  __se_sys_sendmsg+0x1a5/0x270
[  667.848276][T16120]  ? hrtimer_interrupt+0x7bb/0x9c0
[  667.853411][T16120]  ? __x64_sys_sendmsg+0x80/0x80
[  667.858386][T16120]  ? lockdep_hardirqs_on+0x98/0x150
[  667.863691][T16120]  do_syscall_64+0x55/0xb0
[  667.868183][T16120]  ? clear_bhb_loop+0x40/0x90
[  667.872893][T16120]  ? clear_bhb_loop+0x40/0x90
[  667.877604][T16120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  667.883515][T16120] RIP: 0033:0x7f5b5ab8efc9
[  667.887959][T16120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.907612][T16120] RSP: 002b:00007f5b5bb11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  667.916049][T16120] RAX: ffffffffffffffda RBX: 00007f5b5ade5fa0 RCX: 00007f5b5ab8efc9
[  667.924041][T16120] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  667.932117][T16120] RBP: 00007f5b5bb11090 R08: 0000000000000000 R09: 0000000000000000
[  667.940230][T16120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  667.948312][T16120] R13: 00007f5b5ade6038 R14: 00007f5b5ade5fa0 R15: 00007ffc4d223338
[  667.956319][T16120]  </TASK>
[  668.189501][T16132] FAULT_INJECTION: forcing a failure.
[  668.189501][T16132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  668.215874][T16132] CPU: 0 PID: 16132 Comm: syz.1.3860 Not tainted syzkaller #0
[  668.223454][T16132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  668.233750][T16132] Call Trace:
[  668.237096][T16132]  <TASK>
[  668.240094][T16132]  dump_stack_lvl+0x16c/0x230
[  668.244903][T16132]  ? show_regs_print_info+0x20/0x20
[  668.250188][T16132]  ? load_image+0x3b0/0x3b0
[  668.254767][T16132]  ? __might_fault+0xaa/0x120
[  668.259522][T16132]  ? __lock_acquire+0x7c80/0x7c80
[  668.264889][T16132]  should_fail_ex+0x39d/0x4d0
[  668.269666][T16132]  _copy_from_user+0x2f/0xe0
[  668.274332][T16132]  sctp_setsockopt+0x19e/0x11e0
[  668.279392][T16132]  ? sock_common_recvmsg+0x1b0/0x1b0
[  668.284783][T16132]  do_sock_setsockopt+0x175/0x1a0
[  668.290037][T16132]  ? __fdget+0x180/0x210
[  668.294371][T16132]  __x64_sys_setsockopt+0x184/0x200
[  668.299664][T16132]  do_syscall_64+0x55/0xb0
[  668.304159][T16132]  ? clear_bhb_loop+0x40/0x90
[  668.309021][T16132]  ? clear_bhb_loop+0x40/0x90
[  668.313858][T16132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  668.319840][T16132] RIP: 0033:0x7f9cd978efc9
[  668.324397][T16132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.344306][T16132] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  668.353403][T16132] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  668.361433][T16132] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000004
[  668.369647][T16132] RBP: 00007f9cda5b8090 R08: 0000000000000010 R09: 0000000000000000
[  668.377745][T16132] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  668.385920][T16132] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  668.393957][T16132]  </TASK>
[  668.415584][T16128] netlink: 'syz.0.3858': attribute type 10 has an invalid length.
[  668.778273][T16140] netlink: 16399 bytes leftover after parsing attributes in process `syz.0.3863'.
[  669.809396][T16159] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.3868'.
[  670.181743][T16164] netlink: 'syz.0.3871': attribute type 10 has an invalid length.
[  670.321321][T16172] netlink: 16399 bytes leftover after parsing attributes in process `syz.2.3873'.
[  670.924195][T16190] netlink: 'syz.0.3881': attribute type 1 has an invalid length.
[  671.161990][T16197] netlink: 'syz.0.3884': attribute type 10 has an invalid length.
[  671.308116][T16205] netlink: 16399 bytes leftover after parsing attributes in process `syz.1.3886'.
[  671.625814][T16212] FAULT_INJECTION: forcing a failure.
[  671.625814][T16212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  671.731551][T16212] CPU: 1 PID: 16212 Comm: syz.2.3889 Not tainted syzkaller #0
[  671.739110][T16212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  671.749217][T16212] Call Trace:
[  671.752542][T16212]  <TASK>
[  671.755519][T16212]  dump_stack_lvl+0x16c/0x230
[  671.760267][T16212]  ? show_regs_print_info+0x20/0x20
[  671.765613][T16212]  ? load_image+0x3b0/0x3b0
[  671.770185][T16212]  ? __might_fault+0xaa/0x120
[  671.775010][T16212]  ? __lock_acquire+0x7c80/0x7c80
[  671.780118][T16212]  should_fail_ex+0x39d/0x4d0
[  671.784877][T16212]  _copy_from_user+0x2f/0xe0
[  671.789535][T16212]  sctp_setsockopt+0x19e/0x11e0
[  671.794447][T16212]  ? sock_common_recvmsg+0x1b0/0x1b0
[  671.799798][T16212]  do_sock_setsockopt+0x175/0x1a0
[  671.804881][T16212]  ? __fdget+0x180/0x210
[  671.809193][T16212]  __x64_sys_setsockopt+0x184/0x200
[  671.814463][T16212]  do_syscall_64+0x55/0xb0
[  671.818931][T16212]  ? clear_bhb_loop+0x40/0x90
[  671.823674][T16212]  ? clear_bhb_loop+0x40/0x90
[  671.828429][T16212]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  671.834387][T16212] RIP: 0033:0x7ff247d8efc9
[  671.838900][T16212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.858574][T16212] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  671.867057][T16212] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  671.875090][T16212] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000004
[  671.883112][T16212] RBP: 00007ff248c9d090 R08: 0000000000000010 R09: 0000000000000000
[  671.891134][T16212] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  671.899150][T16212] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  671.907206][T16212]  </TASK>
[  672.183718][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.231235][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.264423][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.306700][T16229] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.311797][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.352990][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.379035][T16225] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.3894'.
[  672.387083][T16235] netlink: 'syz.1.3898': attribute type 10 has an invalid length.
[  672.660253][T16239] tap0: tun_chr_ioctl cmd 2148553947
[  673.311595][T16248] FAULT_INJECTION: forcing a failure.
[  673.311595][T16248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  673.341483][T16248] CPU: 0 PID: 16248 Comm: syz.1.3904 Not tainted syzkaller #0
[  673.349223][T16248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  673.359362][T16248] Call Trace:
[  673.362748][T16248]  <TASK>
[  673.365757][T16248]  dump_stack_lvl+0x16c/0x230
[  673.370556][T16248]  ? show_regs_print_info+0x20/0x20
[  673.375859][T16248]  ? load_image+0x3b0/0x3b0
[  673.380470][T16248]  ? __might_fault+0xaa/0x120
[  673.385349][T16248]  ? __lock_acquire+0x7c80/0x7c80
[  673.390757][T16248]  should_fail_ex+0x39d/0x4d0
[  673.396000][T16248]  _copy_from_user+0x2f/0xe0
[  673.400715][T16248]  __sys_bpf+0x1e9/0x800
[  673.405246][T16248]  ? bpf_link_show_fdinfo+0x350/0x350
[  673.410830][T16248]  ? lock_chain_count+0x20/0x20
[  673.415823][T16248]  __x64_sys_bpf+0x7c/0x90
[  673.420315][T16248]  do_syscall_64+0x55/0xb0
[  673.424964][T16248]  ? clear_bhb_loop+0x40/0x90
[  673.429695][T16248]  ? clear_bhb_loop+0x40/0x90
[  673.434522][T16248]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  673.441515][T16248] RIP: 0033:0x7f9cd978efc9
[  673.445984][T16248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  673.466436][T16248] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  673.476064][T16248] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  673.484277][T16248] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  673.492396][T16248] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  673.500439][T16248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  673.508456][T16248] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  673.517745][T16248]  </TASK>
[  674.133551][T16264] netlink: 'syz.1.3909': attribute type 10 has an invalid length.
[  674.856891][T16273] __nla_validate_parse: 61 callbacks suppressed
[  674.856933][T16273] netlink: 16399 bytes leftover after parsing attributes in process `syz.3.3912'.
[  675.414311][T16294] FAULT_INJECTION: forcing a failure.
[  675.414311][T16294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  675.428230][T16294] CPU: 0 PID: 16294 Comm: syz.0.3920 Not tainted syzkaller #0
[  675.435750][T16294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  675.445939][T16294] Call Trace:
[  675.449264][T16294]  <TASK>
[  675.452240][T16294]  dump_stack_lvl+0x16c/0x230
[  675.457062][T16294]  ? show_regs_print_info+0x20/0x20
[  675.462678][T16294]  ? load_image+0x3b0/0x3b0
[  675.467344][T16294]  ? __might_fault+0xaa/0x120
[  675.472166][T16294]  ? __lock_acquire+0x7c80/0x7c80
[  675.477241][T16294]  should_fail_ex+0x39d/0x4d0
[  675.482156][T16294]  _copy_from_user+0x2f/0xe0
[  675.486961][T16294]  __sys_bpf+0x1e9/0x800
[  675.491233][T16294]  ? bpf_link_show_fdinfo+0x350/0x350
[  675.496720][T16294]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  675.502920][T16294]  __x64_sys_bpf+0x7c/0x90
[  675.507379][T16294]  do_syscall_64+0x55/0xb0
[  675.511822][T16294]  ? clear_bhb_loop+0x40/0x90
[  675.516532][T16294]  ? clear_bhb_loop+0x40/0x90
[  675.521244][T16294]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  675.527155][T16294] RIP: 0033:0x7f455018efc9
[  675.531595][T16294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  675.551250][T16294] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  675.559694][T16294] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  675.567691][T16294] RDX: 0000000000000050 RSI: 0000200000002300 RDI: 000000000000000a
[  675.575684][T16294] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  675.583679][T16294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  675.591757][T16294] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  675.599785][T16294]  </TASK>
[  676.133191][T16303] netlink: 16375 bytes leftover after parsing attributes in process `syz.2.3923'.
[  676.488647][T16300] netlink: 'syz.0.3922': attribute type 10 has an invalid length.
[  677.020305][T16322] netlink: 'syz.2.3931': attribute type 29 has an invalid length.
[  677.049741][T16322] netlink: 'syz.2.3931': attribute type 29 has an invalid length.
[  677.065495][T16322] netlink: 'syz.2.3931': attribute type 29 has an invalid length.
[  677.093767][T16328] FAULT_INJECTION: forcing a failure.
[  677.093767][T16328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  677.111062][T16328] CPU: 0 PID: 16328 Comm: syz.1.3932 Not tainted syzkaller #0
[  677.118784][T16328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  677.128956][T16328] Call Trace:
[  677.132259][T16328]  <TASK>
[  677.135310][T16328]  dump_stack_lvl+0x16c/0x230
[  677.140023][T16328]  ? show_regs_print_info+0x20/0x20
[  677.145269][T16328]  ? load_image+0x3b0/0x3b0
[  677.150015][T16328]  ? __might_fault+0xaa/0x120
[  677.154760][T16328]  ? __lock_acquire+0x7c80/0x7c80
[  677.159814][T16328]  should_fail_ex+0x39d/0x4d0
[  677.164525][T16328]  _copy_from_user+0x2f/0xe0
[  677.169140][T16328]  __sys_bpf+0x1e9/0x800
[  677.173414][T16328]  ? bpf_link_show_fdinfo+0x350/0x350
[  677.178851][T16328]  ? lock_chain_count+0x20/0x20
[  677.183735][T16328]  __x64_sys_bpf+0x7c/0x90
[  677.188177][T16328]  do_syscall_64+0x55/0xb0
[  677.192621][T16328]  ? clear_bhb_loop+0x40/0x90
[  677.197321][T16328]  ? clear_bhb_loop+0x40/0x90
[  677.202029][T16328]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  677.207957][T16328] RIP: 0033:0x7f9cd978efc9
[  677.212408][T16328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.232055][T16328] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  677.240531][T16328] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  677.248644][T16328] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[  677.256647][T16328] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  677.264653][T16328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  677.272664][T16328] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  677.280690][T16328]  </TASK>
[  677.486540][T16330] netlink: 16375 bytes leftover after parsing attributes in process `syz.2.3934'.
[  677.563744][T16334] netlink: 'syz.3.3935': attribute type 10 has an invalid length.
[  678.075524][T16353] FAULT_INJECTION: forcing a failure.
[  678.075524][T16353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.137087][T16353] CPU: 1 PID: 16353 Comm: syz.2.3943 Not tainted syzkaller #0
[  678.144916][T16353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  678.155019][T16353] Call Trace:
[  678.158320][T16353]  <TASK>
[  678.161268][T16353]  dump_stack_lvl+0x16c/0x230
[  678.166000][T16353]  ? show_regs_print_info+0x20/0x20
[  678.171319][T16353]  ? load_image+0x3b0/0x3b0
[  678.175847][T16353]  ? __might_fault+0xaa/0x120
[  678.180542][T16353]  ? __lock_acquire+0x7c80/0x7c80
[  678.185674][T16353]  should_fail_ex+0x39d/0x4d0
[  678.190395][T16353]  _copy_from_user+0x2f/0xe0
[  678.195005][T16353]  __sys_bpf+0x1e9/0x800
[  678.199309][T16353]  ? bpf_link_show_fdinfo+0x350/0x350
[  678.204729][T16353]  ? lock_chain_count+0x20/0x20
[  678.209617][T16353]  __x64_sys_bpf+0x7c/0x90
[  678.214049][T16353]  do_syscall_64+0x55/0xb0
[  678.218509][T16353]  ? clear_bhb_loop+0x40/0x90
[  678.223211][T16353]  ? clear_bhb_loop+0x40/0x90
[  678.227931][T16353]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  678.233954][T16353] RIP: 0033:0x7ff247d8efc9
[  678.238394][T16353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.258140][T16353] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  678.266798][T16353] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  678.274890][T16353] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  678.282900][T16353] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  678.290894][T16353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.298943][T16353] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  678.306952][T16353]  </TASK>
[  678.317655][T16363] FAULT_INJECTION: forcing a failure.
[  678.317655][T16363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.335224][T16363] CPU: 1 PID: 16363 Comm: syz.1.3946 Not tainted syzkaller #0
[  678.342853][T16363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  678.353127][T16363] Call Trace:
[  678.356449][T16363]  <TASK>
[  678.359418][T16363]  dump_stack_lvl+0x16c/0x230
[  678.364152][T16363]  ? show_regs_print_info+0x20/0x20
[  678.369415][T16363]  ? load_image+0x3b0/0x3b0
[  678.373981][T16363]  ? __lock_acquire+0x7c80/0x7c80
[  678.379077][T16363]  ? snprintf+0xdb/0x120
[  678.383379][T16363]  should_fail_ex+0x39d/0x4d0
[  678.388119][T16363]  _copy_to_user+0x2f/0xa0
[  678.392591][T16363]  simple_read_from_buffer+0xe7/0x150
[  678.398045][T16363]  proc_fail_nth_read+0x1e3/0x250
[  678.403156][T16363]  ? proc_fault_inject_write+0x340/0x340
[  678.409372][T16363]  ? fsnotify_perm+0x271/0x5e0
[  678.414191][T16363]  ? proc_fault_inject_write+0x340/0x340
[  678.419882][T16363]  vfs_read+0x27e/0x920
[  678.424106][T16363]  ? kernel_read+0x1e0/0x1e0
[  678.428761][T16363]  ? __fget_files+0x28/0x4d0
[  678.433405][T16363]  ? __fget_files+0x44a/0x4d0
[  678.438140][T16363]  ? __fdget_pos+0x2a3/0x330
[  678.442760][T16363]  ? ksys_read+0x75/0x250
[  678.447126][T16363]  ksys_read+0x147/0x250
[  678.451583][T16363]  ? vfs_write+0x940/0x940
[  678.456137][T16363]  ? lockdep_hardirqs_on+0x98/0x150
[  678.461455][T16363]  do_syscall_64+0x55/0xb0
[  678.465949][T16363]  ? clear_bhb_loop+0x40/0x90
[  678.470677][T16363]  ? clear_bhb_loop+0x40/0x90
[  678.475408][T16363]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  678.481331][T16363] RIP: 0033:0x7f9cd978d9dc
[  678.485770][T16363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  678.505489][T16363] RSP: 002b:00007f9cda597030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  678.513925][T16363] RAX: ffffffffffffffda RBX: 00007f9cd99e6090 RCX: 00007f9cd978d9dc
[  678.521916][T16363] RDX: 000000000000000f RSI: 00007f9cda5970a0 RDI: 0000000000000004
[  678.529906][T16363] RBP: 00007f9cda597090 R08: 0000000000000000 R09: 0000000000000000
[  678.537921][T16363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.545932][T16363] R13: 00007f9cd99e6128 R14: 00007f9cd99e6090 R15: 00007fff93f8d3e8
[  678.554032][T16363]  </TASK>
[  678.600351][T16365] netlink: 16375 bytes leftover after parsing attributes in process `syz.3.3947'.
[  678.741160][T16369] netlink: 'syz.0.3948': attribute type 10 has an invalid length.
[  679.539819][T16400] netlink: 16375 bytes leftover after parsing attributes in process `syz.3.3961'.
[  679.712969][T16404] netlink: 'syz.2.3963': attribute type 10 has an invalid length.
[  680.325196][T16414] FAULT_INJECTION: forcing a failure.
[  680.325196][T16414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  680.353425][T16414] CPU: 1 PID: 16414 Comm: syz.2.3967 Not tainted syzkaller #0
[  680.360998][T16414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  680.371132][T16414] Call Trace:
[  680.374483][T16414]  <TASK>
[  680.377457][T16414]  dump_stack_lvl+0x16c/0x230
[  680.382199][T16414]  ? show_regs_print_info+0x20/0x20
[  680.387427][T16414]  ? load_image+0x3b0/0x3b0
[  680.391960][T16414]  ? __might_fault+0xaa/0x120
[  680.396659][T16414]  ? __lock_acquire+0x7c80/0x7c80
[  680.401744][T16414]  ? seqcount_lockdep_reader_access+0x160/0x1c0
[  680.408039][T16414]  should_fail_ex+0x39d/0x4d0
[  680.412785][T16414]  _copy_from_user+0x2f/0xe0
[  680.417407][T16414]  __sys_bpf+0x1e9/0x800
[  680.421688][T16414]  ? bpf_link_show_fdinfo+0x350/0x350
[  680.427102][T16414]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  680.433301][T16414]  __x64_sys_bpf+0x7c/0x90
[  680.437752][T16414]  do_syscall_64+0x55/0xb0
[  680.442195][T16414]  ? clear_bhb_loop+0x40/0x90
[  680.446928][T16414]  ? clear_bhb_loop+0x40/0x90
[  680.451636][T16414]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  680.457563][T16414] RIP: 0033:0x7ff247d8efc9
[  680.462012][T16414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.481662][T16414] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  680.490111][T16414] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  680.498107][T16414] RDX: 0000000000000080 RSI: 0000200000000300 RDI: 0000000000000005
[  680.506107][T16414] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  680.514106][T16414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.522100][T16414] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  680.530110][T16414]  </TASK>
[  680.722723][T16421] FAULT_INJECTION: forcing a failure.
[  680.722723][T16421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  680.741124][T16421] CPU: 0 PID: 16421 Comm: syz.3.3971 Not tainted syzkaller #0
[  680.748677][T16421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  680.758809][T16421] Call Trace:
[  680.762149][T16421]  <TASK>
[  680.765145][T16421]  dump_stack_lvl+0x16c/0x230
[  680.769981][T16421]  ? show_regs_print_info+0x20/0x20
[  680.775335][T16421]  ? load_image+0x3b0/0x3b0
[  680.779935][T16421]  ? __might_fault+0xaa/0x120
[  680.784662][T16421]  ? __lock_acquire+0x7c80/0x7c80
[  680.789743][T16421]  should_fail_ex+0x39d/0x4d0
[  680.794486][T16421]  _copy_from_user+0x2f/0xe0
[  680.799131][T16421]  ___sys_sendmsg+0x159/0x290
[  680.803878][T16421]  ? __sys_sendmsg+0x270/0x270
[  680.809157][T16421]  ? __lock_acquire+0x7c80/0x7c80
[  680.814259][T16421]  __se_sys_sendmsg+0x1a5/0x270
[  680.819179][T16421]  ? __x64_sys_sendmsg+0x80/0x80
[  680.824919][T16421]  ? lockdep_hardirqs_on+0x98/0x150
[  680.830180][T16421]  do_syscall_64+0x55/0xb0
[  680.834658][T16421]  ? clear_bhb_loop+0x40/0x90
[  680.839415][T16421]  ? clear_bhb_loop+0x40/0x90
[  680.844152][T16421]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  680.850100][T16421] RIP: 0033:0x7f5b5ab8efc9
[  680.854564][T16421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.874235][T16421] RSP: 002b:00007f5b5bb11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  680.882713][T16421] RAX: ffffffffffffffda RBX: 00007f5b5ade5fa0 RCX: 00007f5b5ab8efc9
[  680.890749][T16421] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000003
[  680.898789][T16421] RBP: 00007f5b5bb11090 R08: 0000000000000000 R09: 0000000000000000
[  680.906823][T16421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.914852][T16421] R13: 00007f5b5ade6038 R14: 00007f5b5ade5fa0 R15: 00007ffc4d223338
[  680.922888][T16421]  </TASK>
[  680.979171][T16424] netlink: 16375 bytes leftover after parsing attributes in process `syz.0.3972'.
[  681.107446][T16415] delete_channel: no stack
[  681.268800][T16436] netlink: 'syz.2.3975': attribute type 10 has an invalid length.
[  681.846649][T16453] netlink: 16375 bytes leftover after parsing attributes in process `syz.2.3982'.
[  682.075965][T16462] FAULT_INJECTION: forcing a failure.
[  682.075965][T16462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.097347][T16464] netlink: 'syz.2.3987': attribute type 10 has an invalid length.
[  682.107746][T16462] CPU: 1 PID: 16462 Comm: syz.0.3986 Not tainted syzkaller #0
[  682.115296][T16462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  682.125417][T16462] Call Trace:
[  682.128748][T16462]  <TASK>
[  682.131730][T16462]  dump_stack_lvl+0x16c/0x230
[  682.136485][T16462]  ? show_regs_print_info+0x20/0x20
[  682.141775][T16462]  ? load_image+0x3b0/0x3b0
[  682.146353][T16462]  ? __might_fault+0xaa/0x120
[  682.151097][T16462]  ? __lock_acquire+0x7c80/0x7c80
[  682.156227][T16462]  should_fail_ex+0x39d/0x4d0
[  682.160999][T16462]  _copy_from_user+0x2f/0xe0
[  682.165756][T16462]  __sys_bpf+0x1e9/0x800
[  682.170067][T16462]  ? bpf_link_show_fdinfo+0x350/0x350
[  682.175535][T16462]  ? lock_chain_count+0x20/0x20
[  682.180468][T16462]  __x64_sys_bpf+0x7c/0x90
[  682.184966][T16462]  do_syscall_64+0x55/0xb0
[  682.189473][T16462]  ? clear_bhb_loop+0x40/0x90
[  682.194194][T16462]  ? clear_bhb_loop+0x40/0x90
[  682.198934][T16462]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  682.204882][T16462] RIP: 0033:0x7f455018efc9
[  682.209324][T16462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  682.228978][T16462] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  682.237523][T16462] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  682.245545][T16462] RDX: 0000000000000010 RSI: 0000200000000800 RDI: 000000000000000f
[  682.253679][T16462] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  682.261818][T16462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  682.269864][T16462] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  682.277936][T16462]  </TASK>
[  682.785773][T16489] netlink: 16375 bytes leftover after parsing attributes in process `syz.0.3995'.
[  682.941148][T16495] netlink: 'syz.3.3998': attribute type 10 has an invalid length.
[  682.973670][T16497] FAULT_INJECTION: forcing a failure.
[  682.973670][T16497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.987250][T16497] CPU: 0 PID: 16497 Comm: syz.0.4000 Not tainted syzkaller #0
[  682.994769][T16497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  683.004864][T16497] Call Trace:
[  683.008165][T16497]  <TASK>
[  683.011109][T16497]  dump_stack_lvl+0x16c/0x230
[  683.015817][T16497]  ? show_regs_print_info+0x20/0x20
[  683.021041][T16497]  ? load_image+0x3b0/0x3b0
[  683.025586][T16497]  ? __might_fault+0xaa/0x120
[  683.030287][T16497]  ? __lock_acquire+0x7c80/0x7c80
[  683.035340][T16497]  should_fail_ex+0x39d/0x4d0
[  683.040047][T16497]  _copy_from_user+0x2f/0xe0
[  683.044657][T16497]  ___sys_sendmsg+0x159/0x290
[  683.049368][T16497]  ? __sys_sendmsg+0x270/0x270
[  683.054170][T16497]  ? __lock_acquire+0x7c80/0x7c80
[  683.059240][T16497]  __se_sys_sendmsg+0x1a5/0x270
[  683.064153][T16497]  ? __x64_sys_sendmsg+0x80/0x80
[  683.069152][T16497]  ? lockdep_hardirqs_on+0x98/0x150
[  683.074387][T16497]  do_syscall_64+0x55/0xb0
[  683.078832][T16497]  ? clear_bhb_loop+0x40/0x90
[  683.083532][T16497]  ? clear_bhb_loop+0x40/0x90
[  683.088228][T16497]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  683.094141][T16497] RIP: 0033:0x7f455018efc9
[  683.098593][T16497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.118245][T16497] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  683.126685][T16497] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  683.134675][T16497] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000003
[  683.142671][T16497] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  683.150690][T16497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.158679][T16497] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  683.166689][T16497]  </TASK>
[  684.147483][T16519] netlink: 16211 bytes leftover after parsing attributes in process `syz.2.4006'.
[  684.313884][T16528] netlink: 'syz.2.4010': attribute type 10 has an invalid length.
[  684.501558][T16530] netlink: 16375 bytes leftover after parsing attributes in process `syz.1.4011'.
[  685.246514][T16550] netlink: 'syz.2.4021': attribute type 10 has an invalid length.
[  685.469198][T16558] netlink: 16375 bytes leftover after parsing attributes in process `syz.1.4023'.
[  685.490513][T16559] netlink: 'syz.2.4024': attribute type 33 has an invalid length.
[  685.499437][T16559] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4024'.
[  685.984853][T16578] netlink: 'syz.0.4032': attribute type 10 has an invalid length.
[  686.124823][T16580] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.4034'.
[  686.236301][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  686.256301][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  686.267736][T16586] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4036'.
[  686.759045][T16604] netlink: 'syz.1.4044': attribute type 10 has an invalid length.
[  686.834146][T16606] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.4045'.
[  687.129943][T16620] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.4051'.
[  687.449945][T16631] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.4056'.
[  687.477451][T16630] netlink: 'syz.3.4055': attribute type 10 has an invalid length.
[  687.640152][T16636] netlink: 'syz.2.4058': attribute type 33 has an invalid length.
[  687.657629][T16636] netlink: 144 bytes leftover after parsing attributes in process `syz.2.4058'.
[  687.681787][T16636] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  687.756051][T16642] geneve0: entered promiscuous mode
[  687.774267][T16642] geneve0: entered allmulticast mode
[  687.845645][T16645] syz.3.4061[16645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  687.845801][T16645] syz.3.4061[16645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  688.390809][T16645] netlink: 144316 bytes leftover after parsing attributes in process `syz.3.4061'.
[  688.428781][T16645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4061'.
[  688.749318][T16656] netlink: 'syz.3.4066': attribute type 33 has an invalid length.
[  688.802864][T16658] netlink: 'syz.0.4067': attribute type 10 has an invalid length.
[  689.034114][T16668] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.4071'.
[  689.613678][T16687] netlink: 'syz.0.4079': attribute type 10 has an invalid length.
[  689.954453][T16701] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.4082'.
[  690.226975][T16710] tap0: tun_chr_ioctl cmd 2148553947
[  690.374430][T16714] netlink: 'syz.0.4092': attribute type 10 has an invalid length.
[  691.937822][T16737] pim6reg1: entered promiscuous mode
[  691.947846][T16737] pim6reg1: entered allmulticast mode
[  692.007237][T16741] __nla_validate_parse: 1 callbacks suppressed
[  692.007257][T16741] netlink: 22 bytes leftover after parsing attributes in process `syz.2.4100'.
[  692.119684][T16743] netlink: 'syz.1.4103': attribute type 10 has an invalid length.
[  692.565177][T16756] netlink: 16399 bytes leftover after parsing attributes in process `syz.1.4109'.
[  692.595342][T16758] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.4117'.
[  693.431497][T16778] netlink: 'syz.0.4114': attribute type 10 has an invalid length.
[  694.248656][T16793] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.4121'.
[  694.607747][T16805] netlink: 'syz.1.4126': attribute type 10 has an invalid length.
[  694.793278][T16809] netlink: 'syz.3.4128': attribute type 33 has an invalid length.
[  695.940129][T16844] netlink: 'syz.3.4139': attribute type 10 has an invalid length.
[  696.084401][T16847] FAULT_INJECTION: forcing a failure.
[  696.084401][T16847] name failslab, interval 1, probability 0, space 0, times 0
[  696.133101][T16847] CPU: 0 PID: 16847 Comm: syz.1.4141 Not tainted syzkaller #0
[  696.140692][T16847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  696.150837][T16847] Call Trace:
[  696.154194][T16847]  <TASK>
[  696.157197][T16847]  dump_stack_lvl+0x16c/0x230
[  696.161976][T16847]  ? show_regs_print_info+0x20/0x20
[  696.167263][T16847]  ? load_image+0x3b0/0x3b0
[  696.171941][T16847]  ? perf_trace_lock+0x2ed/0x380
[  696.176978][T16847]  should_fail_ex+0x39d/0x4d0
[  696.181759][T16847]  should_failslab+0x9/0x20
[  696.186346][T16847]  slab_pre_alloc_hook+0x59/0x310
[  696.191437][T16847]  kmem_cache_alloc+0x5a/0x2e0
[  696.196272][T16847]  ? skb_clone+0x1eb/0x370
[  696.200772][T16847]  skb_clone+0x1eb/0x370
[  696.205095][T16847]  __netlink_deliver_tap+0x41c/0x830
[  696.210493][T16847]  ? netlink_deliver_tap+0x2e/0x1b0
[  696.215753][T16847]  netlink_deliver_tap+0x19c/0x1b0
[  696.220925][T16847]  netlink_dump+0x8df/0xde0
[  696.225521][T16847]  ? netlink_lookup+0x200/0x200
[  696.230458][T16847]  ? netlink_autobind+0x300/0x300
[  696.235532][T16847]  ? trace_event_raw_event_lock+0x230/0x230
[  696.241485][T16847]  ? netlink_lookup+0x30/0x200
[  696.246321][T16847]  ? netlink_lookup+0x30/0x200
[  696.251265][T16847]  __netlink_dump_start+0x5f1/0x810
[  696.256550][T16847]  packet_diag_handler_dump+0x1bd/0x270
[  696.262157][T16847]  ? __lock_acquire+0x7c80/0x7c80
[  696.267234][T16847]  ? packet_sendmsg_spkt+0x1120/0x1120
[  696.272829][T16847]  ? packet_diag_handler_dump+0x270/0x270
[  696.278604][T16847]  ? sock_diag_lock_handler+0x19/0x280
[  696.284111][T16847]  ? sock_diag_lock_handler+0x19/0x280
[  696.289648][T16847]  ? packet_sendmsg_spkt+0x1120/0x1120
[  696.295161][T16847]  sock_diag_rcv_msg+0x3d8/0x600
[  696.300163][T16847]  netlink_rcv_skb+0x216/0x480
[  696.304977][T16847]  ? sock_diag_bind+0xb0/0xb0
[  696.309739][T16847]  ? netlink_ack+0x1110/0x1110
[  696.314609][T16847]  ? __lock_acquire+0x7c80/0x7c80
[  696.319710][T16847]  ? netlink_deliver_tap+0x2e/0x1b0
[  696.324974][T16847]  sock_diag_rcv+0x2a/0x40
[  696.329438][T16847]  netlink_unicast+0x751/0x8d0
[  696.334293][T16847]  netlink_sendmsg+0x8c1/0xbe0
[  696.339141][T16847]  ? netlink_getsockopt+0x580/0x580
[  696.344484][T16847]  ? aa_sock_msg_perm+0x94/0x150
[  696.349472][T16847]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  696.354800][T16847]  ? security_socket_sendmsg+0x80/0xa0
[  696.360302][T16847]  ? netlink_getsockopt+0x580/0x580
[  696.366077][T16847]  ____sys_sendmsg+0x5bf/0x950
[  696.370930][T16847]  ? __asan_memset+0x22/0x40
[  696.375586][T16847]  ? __sys_sendmsg_sock+0x30/0x30
[  696.380656][T16847]  ? __import_iovec+0x5f2/0x860
[  696.385590][T16847]  ? import_iovec+0x73/0xa0
[  696.390150][T16847]  ___sys_sendmsg+0x220/0x290
[  696.394889][T16847]  ? __sys_sendmsg+0x270/0x270
[  696.399761][T16847]  ? __lock_acquire+0x7c80/0x7c80
[  696.404931][T16847]  __se_sys_sendmsg+0x1a5/0x270
[  696.409850][T16847]  ? __x64_sys_sendmsg+0x80/0x80
[  696.414889][T16847]  ? lockdep_hardirqs_on+0x98/0x150
[  696.420138][T16847]  do_syscall_64+0x55/0xb0
[  696.424625][T16847]  ? clear_bhb_loop+0x40/0x90
[  696.429360][T16847]  ? clear_bhb_loop+0x40/0x90
[  696.434554][T16847]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  696.440504][T16847] RIP: 0033:0x7f9cd978efc9
[  696.444963][T16847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  696.464623][T16847] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  696.473090][T16847] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  696.481113][T16847] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[  696.489127][T16847] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  696.497154][T16847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  696.505253][T16847] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  696.513310][T16847]  </TASK>
[  696.915069][T16860] netlink: 'syz.3.4148': attribute type 3 has an invalid length.
[  696.932146][T16860] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.4148'.
[  697.566406][T16875] netlink: 'syz.1.4152': attribute type 10 has an invalid length.
[  697.786234][T16885] syzkaller0: entered promiscuous mode
[  697.816063][T16885] syzkaller0: entered allmulticast mode
[  699.820931][T16894] netlink: 160 bytes leftover after parsing attributes in process `syz.0.4158'.
[  700.022486][T16902] netlink: 'syz.0.4161': attribute type 6 has an invalid length.
[  700.140724][T16909] netlink: 'syz.2.4164': attribute type 10 has an invalid length.
[  700.362786][T16905] netlink: 'syz.1.4163': attribute type 10 has an invalid length.
[  700.388831][T16905] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4163'.
[  700.434129][T16905] team_slave_0: entered promiscuous mode
[  700.440477][T16905] team_slave_1: entered promiscuous mode
[  700.446697][T16905] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  700.501188][T16905] team0: entered promiscuous mode
[  700.506901][T16905] vlan0: entered promiscuous mode
[  700.551974][T16905] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  700.592877][T16905] team0: entered allmulticast mode
[  700.601900][T16905] team_slave_0: entered allmulticast mode
[  700.621318][T16905] team_slave_1: entered allmulticast mode
[  700.632085][T16905] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  700.653613][T16905] 8021q: adding VLAN 0 to HW filter on device team0
[  700.673815][T16905] bond0: (slave team0): Releasing backup interface
[  700.806508][T16905] bridge0: port 3(team0) entered blocking state
[  700.813304][T16905] bridge0: port 3(team0) entered disabled state
[  701.199081][T16918] netlink: 'syz.0.4167': attribute type 2 has an invalid length.
[  701.214101][T16918] netlink: 51 bytes leftover after parsing attributes in process `syz.0.4167'.
[  701.345956][T16924] netlink: 160 bytes leftover after parsing attributes in process `syz.2.4169'.
[  701.402540][T16918] netlink: 16394 bytes leftover after parsing attributes in process `syz.0.4167'.
[  702.018789][T16930] netlink: 'syz.2.4173': attribute type 10 has an invalid length.
[  702.527210][T16942] FAULT_INJECTION: forcing a failure.
[  702.527210][T16942] name failslab, interval 1, probability 0, space 0, times 0
[  702.566516][T16942] CPU: 0 PID: 16942 Comm: syz.1.4177 Not tainted syzkaller #0
[  702.574098][T16942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  702.584187][T16942] Call Trace:
[  702.587568][T16942]  <TASK>
[  702.590524][T16942]  dump_stack_lvl+0x16c/0x230
[  702.595254][T16942]  ? show_regs_print_info+0x20/0x20
[  702.600843][T16942]  ? load_image+0x3b0/0x3b0
[  702.605381][T16942]  ? __might_sleep+0xe0/0xe0
[  702.610034][T16942]  ? __lock_acquire+0x7c80/0x7c80
[  702.615169][T16942]  should_fail_ex+0x39d/0x4d0
[  702.619887][T16942]  should_failslab+0x9/0x20
[  702.624425][T16942]  slab_pre_alloc_hook+0x59/0x310
[  702.629540][T16942]  ? __rwlock_init+0x150/0x150
[  702.634347][T16942]  kmem_cache_alloc_lru+0x4d/0x2e0
[  702.639511][T16942]  ? iget_locked+0x20a/0x840
[  702.644139][T16942]  iget_locked+0x20a/0x840
[  702.648594][T16942]  kernfs_get_inode+0x4f/0x700
[  702.653399][T16942]  kernfs_iop_lookup+0x263/0x380
[  702.658377][T16942]  ? kernfs_dop_revalidate+0x570/0x570
[  702.663861][T16942]  path_openat+0x10b8/0x3190
[  702.668510][T16942]  ? do_filp_open+0x3d0/0x3d0
[  702.673221][T16942]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  702.679496][T16942]  do_filp_open+0x1c5/0x3d0
[  702.684065][T16942]  ? vfs_tmpfile+0x490/0x490
[  702.688823][T16942]  ? _raw_spin_unlock+0x28/0x40
[  702.693704][T16942]  ? alloc_fd+0x58f/0x630
[  702.698187][T16942]  do_sys_openat2+0x12c/0x1c0
[  702.702918][T16942]  ? do_sys_open+0xe0/0xe0
[  702.707518][T16942]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  702.713877][T16942]  __x64_sys_openat+0x139/0x160
[  702.718771][T16942]  do_syscall_64+0x55/0xb0
[  702.723244][T16942]  ? clear_bhb_loop+0x40/0x90
[  702.728025][T16942]  ? clear_bhb_loop+0x40/0x90
[  702.732721][T16942]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  702.738635][T16942] RIP: 0033:0x7f9cd978efc9
[  702.743097][T16942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.762743][T16942] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  702.771218][T16942] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  702.779298][T16942] RDX: 0000000000000002 RSI: 0000200000000240 RDI: 000000000000000b
[  702.787287][T16942] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  702.795360][T16942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  702.803343][T16942] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  702.811457][T16942]  </TASK>
[  703.171075][T16943] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  703.180135][T16943] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  703.397997][T16953] netlink: 160 bytes leftover after parsing attributes in process `syz.0.4181'.
[  703.633067][T16963] netlink: 'syz.1.4184': attribute type 10 has an invalid length.
[  703.674723][T16963] team0: left allmulticast mode
[  703.680569][T16963] team_slave_0: left allmulticast mode
[  703.700992][T16963] team_slave_1: left allmulticast mode
[  703.736386][T16963] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  703.751105][T16963] team0: left promiscuous mode
[  703.756300][T16963] team_slave_0: left promiscuous mode
[  703.765675][T16963] team_slave_1: left promiscuous mode
[  703.773711][T16963] vlan0: left promiscuous mode
[  703.779045][T16963] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  703.793239][T16963] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  703.801194][T16963] bridge0: port 3(team0) entered disabled state
[  703.815021][T16963] 8021q: adding VLAN 0 to HW filter on device team0
[  703.825165][T16963] team_slave_0: entered promiscuous mode
[  703.831607][T16963] team_slave_1: entered promiscuous mode
[  703.837401][T16963] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  703.861887][T16963] bond0: (slave team0): Enslaving as an active interface with an up link
[  704.326085][T16981] netlink: 'syz.3.4191': attribute type 10 has an invalid length.
[  704.405945][T16985] netlink: 160 bytes leftover after parsing attributes in process `syz.2.4193'.
[  704.475637][T16988] FAULT_INJECTION: forcing a failure.
[  704.475637][T16988] name failslab, interval 1, probability 0, space 0, times 0
[  704.539460][T16988] CPU: 1 PID: 16988 Comm: syz.0.4195 Not tainted syzkaller #0
[  704.547020][T16988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  704.557125][T16988] Call Trace:
[  704.560445][T16988]  <TASK>
[  704.563410][T16988]  dump_stack_lvl+0x16c/0x230
[  704.568141][T16988]  ? show_regs_print_info+0x20/0x20
[  704.573385][T16988]  ? load_image+0x3b0/0x3b0
[  704.577940][T16988]  ? __might_sleep+0xe0/0xe0
[  704.582571][T16988]  ? __lock_acquire+0x7c80/0x7c80
[  704.587655][T16988]  should_fail_ex+0x39d/0x4d0
[  704.592390][T16988]  should_failslab+0x9/0x20
[  704.596947][T16988]  slab_pre_alloc_hook+0x59/0x310
[  704.602054][T16988]  kmem_cache_alloc+0x5a/0x2e0
[  704.606866][T16988]  ? security_inode_alloc+0x34/0x110
[  704.612189][T16988]  security_inode_alloc+0x34/0x110
[  704.617351][T16988]  inode_init_always+0x8fc/0xc90
[  704.622335][T16988]  ? __asan_memset+0x22/0x40
[  704.626950][T16988]  new_inode_pseudo+0x95/0x1d0
[  704.631750][T16988]  new_inode+0x22/0x1b0
[  704.635927][T16988]  proc_pid_make_inode+0x24/0x190
[  704.640970][T16988]  proc_pid_instantiate+0x53/0x2b0
[  704.646125][T16988]  ? proc_pid_lookup+0xa4/0x440
[  704.650995][T16988]  ? proc_pid_lookup+0xa4/0x440
[  704.655874][T16988]  proc_pid_lookup+0x2fd/0x440
[  704.660665][T16988]  proc_root_lookup+0x20/0x50
[  704.665364][T16988]  __lookup_slow+0x281/0x3b0
[  704.670072][T16988]  ? lookup_one_len+0x2c0/0x2c0
[  704.674958][T16988]  ? try_to_unlazy+0x34c/0x5a0
[  704.679752][T16988]  ? down_read+0x1ac/0x2e0
[  704.684196][T16988]  lookup_slow+0x53/0x70
[  704.688654][T16988]  walk_component+0x2be/0x3f0
[  704.693354][T16988]  path_lookupat+0x169/0x440
[  704.697976][T16988]  filename_lookup+0x1f4/0x510
[  704.702778][T16988]  ? __virt_addr_valid+0x18c/0x540
[  704.708005][T16988]  ? hashlen_string+0x110/0x110
[  704.712987][T16988]  ? strncpy_from_user+0x10d/0x2e0
[  704.718118][T16988]  ? strncpy_from_user+0x197/0x2e0
[  704.723251][T16988]  ? getname_flags+0x20a/0x500
[  704.728045][T16988]  user_path_at_empty+0x42/0x60
[  704.732928][T16988]  bpf_obj_get_user+0xbb/0x460
[  704.737787][T16988]  ? bpf_obj_pin_user+0x320/0x320
[  704.742843][T16988]  ? __might_fault+0xaa/0x120
[  704.747547][T16988]  __sys_bpf+0x70a/0x800
[  704.751818][T16988]  ? bpf_link_show_fdinfo+0x350/0x350
[  704.757215][T16988]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  704.763403][T16988]  __x64_sys_bpf+0x7c/0x90
[  704.767840][T16988]  do_syscall_64+0x55/0xb0
[  704.772289][T16988]  ? clear_bhb_loop+0x40/0x90
[  704.776986][T16988]  ? clear_bhb_loop+0x40/0x90
[  704.781689][T16988]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  704.787606][T16988] RIP: 0033:0x7f455018efc9
[  704.792062][T16988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  704.811715][T16988] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  704.820186][T16988] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  704.828792][T16988] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000007
[  704.838110][T16988] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  704.846117][T16988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  704.854381][T16988] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  704.862475][T16988]  </TASK>
[  705.741185][T17014] netlink: 'syz.0.4203': attribute type 10 has an invalid length.
[  705.821168][T17014] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4203'.
[  705.901455][T17014] team0: entered promiscuous mode
[  705.914456][T17014] team_slave_0: entered promiscuous mode
[  705.941507][T17014] team_slave_1: entered promiscuous mode
[  705.948362][T17014] team0: entered allmulticast mode
[  705.970474][T17014] team_slave_0: entered allmulticast mode
[  706.006456][T17014] team_slave_1: entered allmulticast mode
[  706.033525][T17014] 8021q: adding VLAN 0 to HW filter on device team0
[  706.064342][T17014] bond0: (slave team0): Releasing backup interface
[  706.119202][T17014] bridge0: port 3(team0) entered blocking state
[  706.128913][T17014] bridge0: port 3(team0) entered disabled state
[  706.409683][T17025] netlink: 160 bytes leftover after parsing attributes in process `syz.3.4206'.
[  706.446652][T17023] netlink: 'syz.1.4205': attribute type 10 has an invalid length.
[  706.496867][T17023] team_slave_0: left promiscuous mode
[  706.524887][T17023] team_slave_1: left promiscuous mode
[  706.547751][T17023] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  709.347426][T17035] netlink: 'syz.0.4211': attribute type 10 has an invalid length.
[  709.355601][T17035] team0: left allmulticast mode
[  709.360499][T17035] team_slave_0: left allmulticast mode
[  709.366344][T17035] team_slave_1: left allmulticast mode
[  709.371917][T17035] team0: left promiscuous mode
[  709.376922][T17035] team_slave_0: left promiscuous mode
[  709.382589][T17035] team_slave_1: left promiscuous mode
[  709.388298][T17035] bridge0: port 3(team0) entered disabled state
[  709.399063][T17035] 8021q: adding VLAN 0 to HW filter on device team0
[  709.407563][T17035] bond0: (slave team0): Enslaving as an active interface with an up link
[  709.473913][T17061] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode
[  709.498246][T17061] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode
[  709.571239][T17064] netlink: 160 bytes leftover after parsing attributes in process `syz.0.4217'.
[  710.125145][T17084] netlink: 'syz.2.4225': attribute type 10 has an invalid length.
[  711.020021][T17105] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  711.020656][T17107] FAULT_INJECTION: forcing a failure.
[  711.020656][T17107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  711.056834][T17105] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  711.082534][T17107] CPU: 1 PID: 17107 Comm: syz.2.4235 Not tainted syzkaller #0
[  711.090099][T17107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  711.100239][T17107] Call Trace:
[  711.103566][T17107]  <TASK>
[  711.106524][T17107]  dump_stack_lvl+0x16c/0x230
[  711.111236][T17107]  ? show_regs_print_info+0x20/0x20
[  711.116472][T17107]  ? load_image+0x3b0/0x3b0
[  711.121010][T17107]  ? __lock_acquire+0x7c80/0x7c80
[  711.126065][T17107]  ? snprintf+0xdb/0x120
[  711.130335][T17107]  should_fail_ex+0x39d/0x4d0
[  711.135061][T17107]  _copy_to_user+0x2f/0xa0
[  711.139508][T17107]  simple_read_from_buffer+0xe7/0x150
[  711.144956][T17107]  proc_fail_nth_read+0x1e3/0x250
[  711.150023][T17107]  ? proc_fault_inject_write+0x340/0x340
[  711.155684][T17107]  ? fsnotify_perm+0x271/0x5e0
[  711.160477][T17107]  ? proc_fault_inject_write+0x340/0x340
[  711.166223][T17107]  vfs_read+0x27e/0x920
[  711.170410][T17107]  ? kernel_read+0x1e0/0x1e0
[  711.175048][T17107]  ? __fget_files+0x28/0x4d0
[  711.179661][T17107]  ? __fget_files+0x44a/0x4d0
[  711.184388][T17107]  ? __fdget_pos+0x2a3/0x330
[  711.189005][T17107]  ? ksys_read+0x75/0x250
[  711.193371][T17107]  ksys_read+0x147/0x250
[  711.197647][T17107]  ? vfs_write+0x940/0x940
[  711.202091][T17107]  ? lockdep_hardirqs_on+0x98/0x150
[  711.207310][T17107]  do_syscall_64+0x55/0xb0
[  711.211921][T17107]  ? clear_bhb_loop+0x40/0x90
[  711.216616][T17107]  ? clear_bhb_loop+0x40/0x90
[  711.221330][T17107]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  711.227272][T17107] RIP: 0033:0x7ff247d8d9dc
[  711.231720][T17107] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  711.251355][T17107] RSP: 002b:00007ff248c9d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  711.259804][T17107] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8d9dc
[  711.267815][T17107] RDX: 000000000000000f RSI: 00007ff248c9d0a0 RDI: 0000000000000003
[  711.275807][T17107] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  711.283806][T17107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  711.291887][T17107] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  711.299909][T17107]  </TASK>
[  711.355871][T17109] netlink: 'syz.0.4236': attribute type 10 has an invalid length.
[  711.567975][T17120] FAULT_INJECTION: forcing a failure.
[  711.567975][T17120] name failslab, interval 1, probability 0, space 0, times 0
[  711.637676][T17120] CPU: 0 PID: 17120 Comm: syz.0.4241 Not tainted syzkaller #0
[  711.645334][T17120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  711.655448][T17120] Call Trace:
[  711.658776][T17120]  <TASK>
[  711.661758][T17120]  dump_stack_lvl+0x16c/0x230
[  711.666521][T17120]  ? show_regs_print_info+0x20/0x20
[  711.671809][T17120]  ? load_image+0x3b0/0x3b0
[  711.676400][T17120]  ? __might_sleep+0xe0/0xe0
[  711.681061][T17120]  ? __lock_acquire+0x7c80/0x7c80
[  711.686157][T17120]  should_fail_ex+0x39d/0x4d0
[  711.690917][T17120]  should_failslab+0x9/0x20
[  711.695494][T17120]  slab_pre_alloc_hook+0x59/0x310
[  711.700594][T17120]  ? tomoyo_encode+0x28b/0x540
[  711.705431][T17120]  ? tomoyo_encode+0x28b/0x540
[  711.710263][T17120]  __kmem_cache_alloc_node+0x53/0x260
[  711.715714][T17120]  ? tomoyo_encode+0x28b/0x540
[  711.720543][T17120]  __kmalloc+0xa4/0x240
[  711.724769][T17120]  tomoyo_encode+0x28b/0x540
[  711.729426][T17120]  tomoyo_realpath_from_path+0x592/0x5d0
[  711.735122][T17120]  tomoyo_path_number_perm+0x1ea/0x590
[  711.740617][T17120]  ? tomoyo_path_number_perm+0x1ba/0x590
[  711.746300][T17120]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  711.751792][T17120]  ? trace_call_bpf+0xc3/0x690
[  711.756592][T17120]  ? trace_call_bpf+0xc3/0x690
[  711.761394][T17120]  ? trace_call_bpf+0x5ba/0x690
[  711.766352][T17120]  ? __fget_files+0x28/0x4d0
[  711.770992][T17120]  security_file_ioctl+0x70/0xa0
[  711.775968][T17120]  __se_sys_ioctl+0x48/0x170
[  711.780594][T17120]  do_syscall_64+0x55/0xb0
[  711.785042][T17120]  ? clear_bhb_loop+0x40/0x90
[  711.789747][T17120]  ? clear_bhb_loop+0x40/0x90
[  711.794455][T17120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  711.800378][T17120] RIP: 0033:0x7f455018efc9
[  711.804911][T17120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  711.824822][T17120] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  711.833280][T17120] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  711.841286][T17120] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000005
[  711.849279][T17120] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  711.857293][T17120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  711.865289][T17120] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  711.873315][T17120]  </TASK>
[  712.006355][T17120] ERROR: Out of memory at tomoyo_realpath_from_path.
[  712.327140][T17129] netlink: 1057 bytes leftover after parsing attributes in process `syz.1.4242'.
[  712.693213][T17140] netlink: 202920 bytes leftover after parsing attributes in process `syz.3.4248'.
[  712.747767][T17144] netlink: 'syz.0.4249': attribute type 10 has an invalid length.
[  713.265169][T17159] FAULT_INJECTION: forcing a failure.
[  713.265169][T17159] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  713.338345][T17159] CPU: 0 PID: 17159 Comm: syz.0.4256 Not tainted syzkaller #0
[  713.345891][T17159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  713.356075][T17159] Call Trace:
[  713.359399][T17159]  <TASK>
[  713.362365][T17159]  dump_stack_lvl+0x16c/0x230
[  713.367107][T17159]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  713.373317][T17159]  ? show_regs_print_info+0x20/0x20
[  713.378565][T17159]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  713.384902][T17159]  should_fail_ex+0x39d/0x4d0
[  713.389639][T17159]  _copy_from_user+0x2f/0xe0
[  713.394277][T17159]  ___sys_sendmsg+0x159/0x290
[  713.399010][T17159]  ? __sys_sendmsg+0x270/0x270
[  713.403883][T17159]  __se_sys_sendmsg+0x1a5/0x270
[  713.408804][T17159]  ? __x64_sys_sendmsg+0x80/0x80
[  713.413823][T17159]  ? syscall_enter_from_user_mode+0x2e/0x80
[  713.419768][T17159]  do_syscall_64+0x55/0xb0
[  713.424246][T17159]  ? clear_bhb_loop+0x40/0x90
[  713.428965][T17159]  ? clear_bhb_loop+0x40/0x90
[  713.433687][T17159]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  713.439637][T17159] RIP: 0033:0x7f455018efc9
[  713.444090][T17159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.463751][T17159] RSP: 002b:00007f4550f91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  713.472231][T17159] RAX: ffffffffffffffda RBX: 00007f45503e6090 RCX: 00007f455018efc9
[  713.480248][T17159] RDX: 0000000000000060 RSI: 0000200000000080 RDI: 0000000000000008
[  713.488267][T17159] RBP: 00007f4550f91090 R08: 0000000000000000 R09: 0000000000000000
[  713.496279][T17159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.504291][T17159] R13: 00007f45503e6128 R14: 00007f45503e6090 R15: 00007ffe462e0328
[  713.512320][T17159]  </TASK>
[  713.879699][T17169] syzkaller0: entered promiscuous mode
[  713.894306][T17169] syzkaller0: entered allmulticast mode
[  713.934147][T17176] netlink: 'syz.3.4261': attribute type 10 has an invalid length.
[  714.155354][T17185] netlink: 160 bytes leftover after parsing attributes in process `syz.1.4263'.
[  714.651211][T17197] netlink: 'syz.1.4267': attribute type 3 has an invalid length.
[  714.659123][T17197] netlink: 'syz.1.4267': attribute type 4 has an invalid length.
[  714.691104][T17197] netlink: 'syz.1.4267': attribute type 7 has an invalid length.
[  714.703976][T17197] netlink: 'syz.1.4267': attribute type 8 has an invalid length.
[  714.714371][T17197] netlink: 'syz.1.4267': attribute type 7 has an invalid length.
[  714.724161][T17197] netlink: 198048 bytes leftover after parsing attributes in process `syz.1.4267'.
[  717.635292][T17208] netlink: 'syz.3.4272': attribute type 10 has an invalid length.
[  718.444291][T17227] netlink: 6527 bytes leftover after parsing attributes in process `syz.2.4277'.
[  718.458264][T17226] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  718.487108][T17226] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  718.776332][T17229] netlink: 'syz.3.4279': attribute type 21 has an invalid length.
[  718.785664][T17229] IPv6: NLM_F_CREATE should be specified when creating new route
[  718.841114][T17231] C: renamed from team_slave_0 (while UP)
[  718.850943][T17231] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4279'.
[  719.018219][T17244] FAULT_INJECTION: forcing a failure.
[  719.018219][T17244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.040125][T17244] CPU: 0 PID: 17244 Comm: syz.0.4283 Not tainted syzkaller #0
[  719.047767][T17244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  719.057865][T17244] Call Trace:
[  719.061185][T17244]  <TASK>
[  719.064150][T17244]  dump_stack_lvl+0x16c/0x230
[  719.068879][T17244]  ? show_regs_print_info+0x20/0x20
[  719.074106][T17244]  ? load_image+0x3b0/0x3b0
[  719.078628][T17244]  ? __might_fault+0xaa/0x120
[  719.083326][T17244]  ? __lock_acquire+0x7c80/0x7c80
[  719.088463][T17244]  should_fail_ex+0x39d/0x4d0
[  719.093198][T17244]  _copy_from_user+0x2f/0xe0
[  719.097836][T17244]  __sys_bpf+0x1e9/0x800
[  719.102125][T17244]  ? bpf_link_show_fdinfo+0x350/0x350
[  719.107546][T17244]  ? lock_chain_count+0x20/0x20
[  719.112435][T17244]  __x64_sys_bpf+0x7c/0x90
[  719.116870][T17244]  do_syscall_64+0x55/0xb0
[  719.121312][T17244]  ? clear_bhb_loop+0x40/0x90
[  719.126011][T17244]  ? clear_bhb_loop+0x40/0x90
[  719.130724][T17244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  719.136633][T17244] RIP: 0033:0x7f455018efc9
[  719.141069][T17244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.160693][T17244] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  719.169125][T17244] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  719.177112][T17244] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  719.185101][T17244] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  719.193088][T17244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.201076][T17244] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  719.209101][T17244]  </TASK>
[  719.328496][T17246] netlink: 'syz.3.4284': attribute type 10 has an invalid length.
[  719.530662][T17255] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4289'.
[  719.566718][T17255] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4289'.
[  719.587119][T17255] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4289'.
[  719.625057][T17255] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4289'.
[  720.034298][T17258] team0: Port device team_slave_0 removed
[  720.043766][T17258] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  720.440477][T17282] netlink: 'syz.3.4297': attribute type 10 has an invalid length.
[  720.878587][T17301] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4305'.
[  721.070059][T17306] netlink: 'syz.0.4307': attribute type 21 has an invalid length.
[  721.078445][T17306] IPv6: NLM_F_CREATE should be specified when creating new route
[  721.286867][T17305] C: renamed from team_slave_0
[  721.342527][T17305] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4307'.
[  721.511122][T17313] netlink: 'syz.3.4310': attribute type 10 has an invalid length.
[  721.560443][T17317] FAULT_INJECTION: forcing a failure.
[  721.560443][T17317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  721.590797][T17317] CPU: 1 PID: 17317 Comm: syz.0.4311 Not tainted syzkaller #0
[  721.598351][T17317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  721.608456][T17317] Call Trace:
[  721.611770][T17317]  <TASK>
[  721.614746][T17317]  dump_stack_lvl+0x16c/0x230
[  721.619482][T17317]  ? show_regs_print_info+0x20/0x20
[  721.624733][T17317]  ? load_image+0x3b0/0x3b0
[  721.629303][T17317]  ? __lock_acquire+0x7c80/0x7c80
[  721.634386][T17317]  ? snprintf+0xdb/0x120
[  721.638684][T17317]  should_fail_ex+0x39d/0x4d0
[  721.643578][T17317]  _copy_to_user+0x2f/0xa0
[  721.648049][T17317]  simple_read_from_buffer+0xe7/0x150
[  721.653491][T17317]  proc_fail_nth_read+0x1e3/0x250
[  721.658595][T17317]  ? proc_fault_inject_write+0x340/0x340
[  721.664314][T17317]  ? fsnotify_perm+0x271/0x5e0
[  721.669145][T17317]  ? proc_fault_inject_write+0x340/0x340
[  721.674891][T17317]  vfs_read+0x27e/0x920
[  721.679120][T17317]  ? kernel_read+0x1e0/0x1e0
[  721.683749][T17317]  ? __fget_files+0x28/0x4d0
[  721.688456][T17317]  ? __fget_files+0x44a/0x4d0
[  721.693174][T17317]  ? __fdget_pos+0x2a3/0x330
[  721.697882][T17317]  ? ksys_read+0x75/0x250
[  721.702243][T17317]  ksys_read+0x147/0x250
[  721.706525][T17317]  ? vfs_write+0x940/0x940
[  721.710972][T17317]  ? lockdep_hardirqs_on+0x98/0x150
[  721.716194][T17317]  do_syscall_64+0x55/0xb0
[  721.720636][T17317]  ? clear_bhb_loop+0x40/0x90
[  721.725341][T17317]  ? clear_bhb_loop+0x40/0x90
[  721.730125][T17317]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  721.736038][T17317] RIP: 0033:0x7f455018d9dc
[  721.740469][T17317] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  721.760100][T17317] RSP: 002b:00007f4550fb2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  721.768533][T17317] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018d9dc
[  721.776520][T17317] RDX: 000000000000000f RSI: 00007f4550fb20a0 RDI: 0000000000000005
[  721.784507][T17317] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  721.792503][T17317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  721.800491][T17317] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  721.808503][T17317]  </TASK>
[  721.982226][T17323] netlink: set zone limit has 8 unknown bytes
[  722.245552][T17328] netlink: 'syz.3.4317': attribute type 1 has an invalid length.
[  722.295442][T17328] tap0: tun_chr_ioctl cmd 2147767506
[  722.600334][T17338] netlink: 'syz.1.4321': attribute type 21 has an invalid length.
[  722.617458][T17338] IPv6: NLM_F_CREATE should be specified when creating new route
[  722.758927][T17344] C: renamed from team_slave_0 (while UP)
[  722.776235][T17344] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4321'.
[  724.647628][T17385] netlink: 'syz.2.4336': attribute type 21 has an invalid length.
[  724.692912][T17385] IPv6: NLM_F_CREATE should be specified when creating new route
[  724.760104][T17392] C: renamed from team_slave_0 (while UP)
[  724.805699][T17389] netlink: 'syz.3.4339': attribute type 29 has an invalid length.
[  724.862417][T17392] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4336'.
[  724.885324][T17389] netlink: 'syz.3.4339': attribute type 29 has an invalid length.
[  725.151201][T17403] netlink: 140 bytes leftover after parsing attributes in process `syz.1.4343'.
[  725.160723][T17403] netlink: 6 bytes leftover after parsing attributes in process `syz.1.4343'.
[  726.172359][T17440] FAULT_INJECTION: forcing a failure.
[  726.172359][T17440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  726.266569][T17440] CPU: 0 PID: 17440 Comm: syz.3.4356 Not tainted syzkaller #0
[  726.274125][T17440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  726.284228][T17440] Call Trace:
[  726.287554][T17440]  <TASK>
[  726.290523][T17440]  dump_stack_lvl+0x16c/0x230
[  726.295270][T17440]  ? show_regs_print_info+0x20/0x20
[  726.300705][T17440]  ? load_image+0x3b0/0x3b0
[  726.305255][T17440]  ? __might_fault+0xaa/0x120
[  726.309973][T17440]  ? __lock_acquire+0x7c80/0x7c80
[  726.315033][T17440]  should_fail_ex+0x39d/0x4d0
[  726.319738][T17440]  _copy_from_user+0x2f/0xe0
[  726.324351][T17440]  ___sys_sendmsg+0x159/0x290
[  726.329062][T17440]  ? __sys_sendmsg+0x270/0x270
[  726.333868][T17440]  ? __lock_acquire+0x7c80/0x7c80
[  726.338936][T17440]  __se_sys_sendmsg+0x1a5/0x270
[  726.343856][T17440]  ? __x64_sys_sendmsg+0x80/0x80
[  726.348841][T17440]  ? lockdep_hardirqs_on+0x98/0x150
[  726.354152][T17440]  do_syscall_64+0x55/0xb0
[  726.358587][T17440]  ? clear_bhb_loop+0x40/0x90
[  726.363283][T17440]  ? clear_bhb_loop+0x40/0x90
[  726.367978][T17440]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  726.373897][T17440] RIP: 0033:0x7f5b5ab8efc9
[  726.378336][T17440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.398056][T17440] RSP: 002b:00007f5b5bb11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  726.406675][T17440] RAX: ffffffffffffffda RBX: 00007f5b5ade5fa0 RCX: 00007f5b5ab8efc9
[  726.414674][T17440] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  726.422773][T17440] RBP: 00007f5b5bb11090 R08: 0000000000000000 R09: 0000000000000000
[  726.430788][T17440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  726.438877][T17440] R13: 00007f5b5ade6038 R14: 00007f5b5ade5fa0 R15: 00007ffc4d223338
[  726.446994][T17440]  </TASK>
[  727.944375][T17477] FAULT_INJECTION: forcing a failure.
[  727.944375][T17477] name failslab, interval 1, probability 0, space 0, times 0
[  727.981279][T17477] CPU: 1 PID: 17477 Comm: syz.2.4371 Not tainted syzkaller #0
[  727.988822][T17477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  727.998918][T17477] Call Trace:
[  728.002235][T17477]  <TASK>
[  728.005196][T17477]  dump_stack_lvl+0x16c/0x230
[  728.009921][T17477]  ? show_regs_print_info+0x20/0x20
[  728.015175][T17477]  ? load_image+0x3b0/0x3b0
[  728.019722][T17477]  ? __might_sleep+0xe0/0xe0
[  728.024360][T17477]  ? __lock_acquire+0x7c80/0x7c80
[  728.029449][T17477]  should_fail_ex+0x39d/0x4d0
[  728.034195][T17477]  should_failslab+0x9/0x20
[  728.038745][T17477]  slab_pre_alloc_hook+0x59/0x310
[  728.043822][T17477]  ? kvmalloc_node+0x70/0x180
[  728.048552][T17477]  ? kvmalloc_node+0x70/0x180
[  728.053293][T17477]  __kmem_cache_alloc_node+0x53/0x260
[  728.058722][T17477]  ? kvmalloc_node+0x70/0x180
[  728.063456][T17477]  __kmalloc_node+0xa4/0x230
[  728.068102][T17477]  kvmalloc_node+0x70/0x180
[  728.072746][T17477]  bpf_test_run_xdp_live+0x1a7/0x1a20
[  728.078170][T17477]  ? 0xffffffffa0004740
[  728.082367][T17477]  ? bpf_dispatcher_change_prog+0xa76/0xcc0
[  728.088315][T17477]  ? __sys_bpf+0x440/0x800
[  728.092766][T17477]  ? __x64_sys_bpf+0x7c/0x90
[  728.097400][T17477]  ? do_syscall_64+0x55/0xb0
[  728.102049][T17477]  ? xdp_convert_md_to_buff+0x330/0x330
[  728.107670][T17477]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  728.113954][T17477]  ? _copy_from_user+0xa5/0xe0
[  728.118800][T17477]  ? bpf_test_init+0x134/0x150
[  728.123610][T17477]  ? xdp_convert_md_to_buff+0x5b/0x330
[  728.129122][T17477]  bpf_prog_test_run_xdp+0x76c/0xfa0
[  728.134468][T17477]  ? dev_put+0x80/0x80
[  728.138611][T17477]  ? dev_put+0x80/0x80
[  728.142717][T17477]  bpf_prog_test_run+0x321/0x390
[  728.147704][T17477]  __sys_bpf+0x440/0x800
[  728.151990][T17477]  ? bpf_link_show_fdinfo+0x350/0x350
[  728.157432][T17477]  ? lock_chain_count+0x20/0x20
[  728.162339][T17477]  __x64_sys_bpf+0x7c/0x90
[  728.166807][T17477]  do_syscall_64+0x55/0xb0
[  728.171270][T17477]  ? clear_bhb_loop+0x40/0x90
[  728.175988][T17477]  ? clear_bhb_loop+0x40/0x90
[  728.180706][T17477]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  728.186640][T17477] RIP: 0033:0x7ff247d8efc9
[  728.191091][T17477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.210742][T17477] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  728.219296][T17477] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  728.227412][T17477] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  728.235503][T17477] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  728.243522][T17477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.251680][T17477] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  728.259723][T17477]  </TASK>
[  729.021242][T17494] netlink: 'syz.2.4379': attribute type 10 has an invalid length.
[  729.049777][T17496] netlink: 'syz.0.4380': attribute type 1 has an invalid length.
[  729.061627][T17496] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.4380'.
[  729.103218][T17496] netlink: 9 bytes leftover after parsing attributes in process `syz.0.4380'.
[  730.657777][T17535] netlink: 'syz.3.4395': attribute type 1 has an invalid length.
[  730.668647][T17537] netlink: 'syz.1.4396': attribute type 21 has an invalid length.
[  730.685719][T17537] netlink: 'syz.1.4396': attribute type 6 has an invalid length.
[  730.694880][T17537] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4396'.
[  730.723525][T17535] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.4395'.
[  730.771701][T17535] netlink: 9 bytes leftover after parsing attributes in process `syz.3.4395'.
[  733.084473][T17563] netlink: 'syz.0.4413': attribute type 10 has an invalid length.
[  733.161479][T17572] netlink: 'syz.1.4408': attribute type 22 has an invalid length.
[  733.191231][T17572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4408'.
[  733.210617][T17572] FAULT_INJECTION: forcing a failure.
[  733.210617][T17572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  733.256871][T17572] CPU: 0 PID: 17572 Comm: syz.1.4408 Not tainted syzkaller #0
[  733.264521][T17572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  733.274631][T17572] Call Trace:
[  733.277951][T17572]  <TASK>
[  733.280924][T17572]  dump_stack_lvl+0x16c/0x230
[  733.285660][T17572]  ? show_regs_print_info+0x20/0x20
[  733.290899][T17572]  ? load_image+0x3b0/0x3b0
[  733.295453][T17572]  ? __lock_acquire+0x7c80/0x7c80
[  733.300594][T17572]  ? snprintf+0xdb/0x120
[  733.304864][T17572]  should_fail_ex+0x39d/0x4d0
[  733.309584][T17572]  _copy_to_user+0x2f/0xa0
[  733.314040][T17572]  simple_read_from_buffer+0xe7/0x150
[  733.319516][T17572]  proc_fail_nth_read+0x1e3/0x250
[  733.324860][T17572]  ? proc_fault_inject_write+0x340/0x340
[  733.330538][T17572]  ? fsnotify_perm+0x271/0x5e0
[  733.335337][T17572]  ? proc_fault_inject_write+0x340/0x340
[  733.341014][T17572]  vfs_read+0x27e/0x920
[  733.345201][T17572]  ? kernel_read+0x1e0/0x1e0
[  733.349842][T17572]  ? __fget_files+0x28/0x4d0
[  733.354474][T17572]  ? __fget_files+0x44a/0x4d0
[  733.359192][T17572]  ? __fdget_pos+0x2a3/0x330
[  733.363807][T17572]  ? ksys_read+0x75/0x250
[  733.368200][T17572]  ksys_read+0x147/0x250
[  733.372483][T17572]  ? vfs_write+0x940/0x940
[  733.376941][T17572]  ? lockdep_hardirqs_on+0x98/0x150
[  733.382167][T17572]  do_syscall_64+0x55/0xb0
[  733.386612][T17572]  ? clear_bhb_loop+0x40/0x90
[  733.391315][T17572]  ? clear_bhb_loop+0x40/0x90
[  733.396119][T17572]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  733.402113][T17572] RIP: 0033:0x7f9cd978d9dc
[  733.407182][T17572] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  733.429754][T17572] RSP: 002b:00007f9cda5b8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  733.438326][T17572] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978d9dc
[  733.446328][T17572] RDX: 000000000000000f RSI: 00007f9cda5b80a0 RDI: 0000000000000005
[  733.454598][T17572] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  733.462864][T17572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.471052][T17572] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  733.479093][T17572]  </TASK>
[  733.529121][T17575] netlink: 'syz.0.4409': attribute type 10 has an invalid length.
[  733.654639][T17582] netlink: 'syz.0.4412': attribute type 22 has an invalid length.
[  733.679650][T17582] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4412'.
[  734.226416][T17594] netlink: 'syz.2.4418': attribute type 10 has an invalid length.
[  734.454368][T17598] netlink: 'syz.1.4419': attribute type 1 has an invalid length.
[  734.501377][T17598] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.4419'.
[  734.533514][T17598] netlink: 9 bytes leftover after parsing attributes in process `syz.1.4419'.
[  734.850732][T17605] netlink: 'syz.2.4422': attribute type 21 has an invalid length.
[  734.860574][T17605] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4422'.
[  734.870085][T17605] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4422'.
[  735.035721][T17609] FAULT_INJECTION: forcing a failure.
[  735.035721][T17609] name failslab, interval 1, probability 0, space 0, times 0
[  735.049251][T17609] CPU: 1 PID: 17609 Comm: syz.1.4423 Not tainted syzkaller #0
[  735.056795][T17609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  735.066889][T17609] Call Trace:
[  735.070204][T17609]  <TASK>
[  735.073170][T17609]  dump_stack_lvl+0x16c/0x230
[  735.077900][T17609]  ? show_regs_print_info+0x20/0x20
[  735.083148][T17609]  ? load_image+0x3b0/0x3b0
[  735.087855][T17609]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  735.093919][T17609]  ? __asan_memset+0x22/0x40
[  735.098597][T17609]  should_fail_ex+0x39d/0x4d0
[  735.103368][T17609]  should_failslab+0x9/0x20
[  735.107939][T17609]  slab_pre_alloc_hook+0x59/0x310
[  735.113024][T17609]  ? __debug_object_init+0xe8/0x430
[  735.118743][T17609]  kmem_cache_alloc+0x5a/0x2e0
[  735.123559][T17609]  ? slab_build_skb+0x2b/0x3f0
[  735.128393][T17609]  slab_build_skb+0x2b/0x3f0
[  735.133055][T17609]  bpf_prog_test_run_skb+0x3ba/0x11c0
[  735.138480][T17609]  ? __fget_files+0x28/0x4d0
[  735.143315][T17609]  ? cpu_online+0x60/0x60
[  735.148133][T17609]  bpf_prog_test_run+0x321/0x390
[  735.153128][T17609]  __sys_bpf+0x440/0x800
[  735.157437][T17609]  ? bpf_link_show_fdinfo+0x350/0x350
[  735.162870][T17609]  ? lock_chain_count+0x20/0x20
[  735.167780][T17609]  __x64_sys_bpf+0x7c/0x90
[  735.172274][T17609]  do_syscall_64+0x55/0xb0
[  735.176826][T17609]  ? clear_bhb_loop+0x40/0x90
[  735.181541][T17609]  ? clear_bhb_loop+0x40/0x90
[  735.186257][T17609]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  735.192188][T17609] RIP: 0033:0x7f9cd978efc9
[  735.196645][T17609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.216302][T17609] RSP: 002b:00007f9cda597038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  735.224792][T17609] RAX: ffffffffffffffda RBX: 00007f9cd99e6090 RCX: 00007f9cd978efc9
[  735.232809][T17609] RDX: 0000000000000050 RSI: 0000200000000d80 RDI: 000000000000000a
[  735.240890][T17609] RBP: 00007f9cda597090 R08: 0000000000000000 R09: 0000000000000000
[  735.249034][T17609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  735.257045][T17609] R13: 00007f9cd99e6128 R14: 00007f9cd99e6090 R15: 00007fff93f8d3e8
[  735.265092][T17609]  </TASK>
[  735.475990][T17607] delete_channel: no stack
[  735.946152][T17622] validate_nla: 2 callbacks suppressed
[  735.946177][T17622] netlink: 'syz.2.4428': attribute type 21 has an invalid length.
[  735.982720][T17622] netlink: 'syz.2.4428': attribute type 6 has an invalid length.
[  735.990557][T17622] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4428'.
[  738.012374][T17674] netlink: 'syz.3.4446': attribute type 21 has an invalid length.
[  738.020399][T17674] netlink: 'syz.3.4446': attribute type 6 has an invalid length.
[  738.040531][T17674] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4446'.
[  739.129895][T17699] FAULT_INJECTION: forcing a failure.
[  739.129895][T17699] name failslab, interval 1, probability 0, space 0, times 0
[  739.152202][T17699] CPU: 0 PID: 17699 Comm: syz.1.4456 Not tainted syzkaller #0
[  739.159756][T17699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  739.170210][T17699] Call Trace:
[  739.173553][T17699]  <TASK>
[  739.176531][T17699]  dump_stack_lvl+0x16c/0x230
[  739.181284][T17699]  ? show_regs_print_info+0x20/0x20
[  739.186561][T17699]  ? load_image+0x3b0/0x3b0
[  739.191393][T17699]  ? __might_sleep+0xe0/0xe0
[  739.196028][T17699]  ? __lock_acquire+0x7c80/0x7c80
[  739.201118][T17699]  should_fail_ex+0x39d/0x4d0
[  739.205856][T17699]  should_failslab+0x9/0x20
[  739.210413][T17699]  slab_pre_alloc_hook+0x59/0x310
[  739.215494][T17699]  ? __kernfs_new_node+0x9d/0x7e0
[  739.220595][T17699]  ? rcu_is_watching+0x15/0xb0
[  739.225426][T17699]  kmem_cache_alloc+0x5a/0x2e0
[  739.230247][T17699]  ? __kernfs_new_node+0xd8/0x7e0
[  739.235329][T17699]  __kernfs_new_node+0xd8/0x7e0
[  739.240230][T17699]  ? verify_lock_unused+0x140/0x140
[  739.245490][T17699]  ? kernfs_new_node+0x260/0x260
[  739.250506][T17699]  ? make_kgid+0x1ae/0x640
[  739.254987][T17699]  ? from_kuid_munged+0x690/0x690
[  739.260072][T17699]  kernfs_new_node+0x14c/0x260
[  739.264903][T17699]  kernfs_create_dir_ns+0x44/0x120
[  739.270077][T17699]  sysfs_create_dir_ns+0x124/0x280
[  739.275258][T17699]  ? get_device_parent+0x20d/0x390
[  739.280436][T17699]  ? sysfs_warn_dup+0xa0/0xa0
[  739.285181][T17699]  ? do_raw_spin_unlock+0x121/0x230
[  739.290437][T17699]  kobject_add_internal+0x6b8/0xc70
[  739.295698][T17699]  kobject_add+0x156/0x220
[  739.300170][T17699]  ? kobject_init+0x1e0/0x1e0
[  739.304891][T17699]  ? get_device_parent+0x366/0x390
[  739.310054][T17699]  device_add+0x408/0xc20
[  739.314430][T17699]  ? device_initialize+0x24b/0x440
[  739.319690][T17699]  netdev_register_kobject+0x17a/0x310
[  739.325208][T17699]  register_netdevice+0x128f/0x1ae0
[  739.330487][T17699]  ? netif_stacked_transfer_operstate+0x210/0x210
[  739.336979][T17699]  ? __lock_acquire+0x7c80/0x7c80
[  739.342088][T17699]  ? net_generic+0x1e/0x240
[  739.346644][T17699]  ip6_tnl_create2+0x80/0x140
[  739.351368][T17699]  ip6_tnl_locate+0x702/0x800
[  739.356108][T17699]  ? ip6_tnl_parm_from_user+0x340/0x340
[  739.361716][T17699]  ? __might_fault+0xaa/0x120
[  739.366449][T17699]  ? __might_fault+0xc6/0x120
[  739.371162][T17699]  ? __might_fault+0xaa/0x120
[  739.375875][T17699]  ? ip6_tnl_siocdevprivate+0x605/0xac0
[  739.382104][T17699]  ip6_tnl_siocdevprivate+0x629/0xac0
[  739.387547][T17699]  ? ip6_tnl_start_xmit+0x1140/0x1140
[  739.392989][T17699]  ? rcu_is_watching+0x15/0xb0
[  739.397818][T17699]  ? full_name_hash+0x92/0xe0
[  739.402554][T17699]  dev_ifsioc+0xae6/0xe20
[  739.406948][T17699]  ? dev_ioctl+0x1170/0x1170
[  739.411664][T17699]  ? dev_load+0x21/0x1f0
[  739.415945][T17699]  ? dev_load+0x21/0x1f0
[  739.420231][T17699]  dev_ioctl+0x87a/0x1170
[  739.424602][T17699]  sock_ioctl+0x726/0x7a0
[  739.429057][T17699]  ? sock_poll+0x3d0/0x3d0
[  739.433518][T17699]  ? bpf_lsm_file_ioctl+0x9/0x10
[  739.438579][T17699]  ? security_file_ioctl+0x80/0xa0
[  739.443739][T17699]  ? sock_poll+0x3d0/0x3d0
[  739.448187][T17699]  __se_sys_ioctl+0xfd/0x170
[  739.452835][T17699]  do_syscall_64+0x55/0xb0
[  739.457293][T17699]  ? clear_bhb_loop+0x40/0x90
[  739.462061][T17699]  ? clear_bhb_loop+0x40/0x90
[  739.466799][T17699]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  739.472754][T17699] RIP: 0033:0x7f9cd978efc9
[  739.477204][T17699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.496859][T17699] RSP: 002b:00007f9cda5b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  739.505393][T17699] RAX: ffffffffffffffda RBX: 00007f9cd99e5fa0 RCX: 00007f9cd978efc9
[  739.513679][T17699] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000005
[  739.521778][T17699] RBP: 00007f9cda5b8090 R08: 0000000000000000 R09: 0000000000000000
[  739.529793][T17699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  739.537827][T17699] R13: 00007f9cd99e6038 R14: 00007f9cd99e5fa0 R15: 00007fff93f8d3e8
[  739.545864][T17699]  </TASK>
[  739.555143][T17699] kobject: kobject_add_internal failed for … (error: -12 parent: net)
[  739.663026][T17704] veth1_to_bond: entered allmulticast mode
[  739.783522][T17700] veth1_macvtap: left promiscuous mode
[  739.789103][T17700] macsec0: entered allmulticast mode
[  739.892121][T17703] veth1_macvtap: entered promiscuous mode
[  739.898032][T17703] veth1_macvtap: entered allmulticast mode
[  739.943742][T17703] macsec0: entered promiscuous mode
[  740.443430][T17722] delete_channel: no stack
[  740.560457][T17731] netlink: 'syz.3.4466': attribute type 21 has an invalid length.
[  741.244391][T17748] veth1_macvtap: left promiscuous mode
[  741.262083][T17748] macsec0: entered allmulticast mode
[  741.370327][T17750] veth1_macvtap: entered promiscuous mode
[  741.408667][T17750] veth1_macvtap: entered allmulticast mode
[  741.472833][T17750] macsec0: entered promiscuous mode
[  741.484362][T17756] netlink: 'syz.0.4476': attribute type 13 has an invalid length.
[  741.493507][T17756] netlink: 168 bytes leftover after parsing attributes in process `syz.0.4476'.
[  741.548309][T17756] netlink: 209588 bytes leftover after parsing attributes in process `syz.0.4476'.
[  741.569421][T17756] netlink: zone id is out of range
[  741.575647][T17756] netlink: zone id is out of range
[  741.582803][T17756] netlink: zone id is out of range
[  741.588939][T17756] netlink: zone id is out of range
[  741.588966][T17758] netlink: 'syz.0.4476': attribute type 2 has an invalid length.
[  741.588985][T17758] netlink: 'syz.0.4476': attribute type 8 has an invalid length.
[  741.588999][T17758] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4476'.
[  741.633660][T17756] netlink: zone id is out of range
[  741.650524][T17756] netlink: zone id is out of range
[  741.690971][T17756] netlink: zone id is out of range
[  741.696734][T17756] netlink: zone id is out of range
[  741.707509][T17756] netlink: get zone limit has 4 unknown bytes
[  742.626374][T17775] netlink: 'syz.2.4480': attribute type 10 has an invalid length.
[  743.363241][T17795] veth1_to_bond: entered allmulticast mode
[  743.459938][T17797] veth1_macvtap: left promiscuous mode
[  743.480999][T17797] macsec0: entered allmulticast mode
[  743.969860][T17804] FAULT_INJECTION: forcing a failure.
[  743.969860][T17804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  744.010985][T17804] CPU: 1 PID: 17804 Comm: syz.0.4493 Not tainted syzkaller #0
[  744.018547][T17804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  744.028651][T17804] Call Trace:
[  744.031974][T17804]  <TASK>
[  744.034934][T17804]  dump_stack_lvl+0x16c/0x230
[  744.039660][T17804]  ? show_regs_print_info+0x20/0x20
[  744.044919][T17804]  ? load_image+0x3b0/0x3b0
[  744.049497][T17804]  ? __lock_acquire+0x7c80/0x7c80
[  744.054584][T17804]  should_fail_ex+0x39d/0x4d0
[  744.059328][T17804]  _copy_from_user+0x2f/0xe0
[  744.063969][T17804]  __copy_msghdr+0x3bb/0x580
[  744.068621][T17804]  ___sys_sendmsg+0x1a6/0x290
[  744.073358][T17804]  ? __sys_sendmsg+0x270/0x270
[  744.078214][T17804]  ? __lock_acquire+0x7c80/0x7c80
[  744.083333][T17804]  __se_sys_sendmsg+0x1a5/0x270
[  744.088250][T17804]  ? perf_trace_preemptirq_template+0x281/0x340
[  744.094553][T17804]  ? __x64_sys_sendmsg+0x80/0x80
[  744.099584][T17804]  ? lockdep_hardirqs_on+0x98/0x150
[  744.104829][T17804]  do_syscall_64+0x55/0xb0
[  744.109297][T17804]  ? clear_bhb_loop+0x40/0x90
[  744.114030][T17804]  ? clear_bhb_loop+0x40/0x90
[  744.118763][T17804]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  744.124704][T17804] RIP: 0033:0x7f455018efc9
[  744.129143][T17804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.148785][T17804] RSP: 002b:00007f4550fb2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  744.157223][T17804] RAX: ffffffffffffffda RBX: 00007f45503e5fa0 RCX: 00007f455018efc9
[  744.165213][T17804] RDX: 0000000000000000 RSI: 0000200000000fc0 RDI: 0000000000000003
[  744.173203][T17804] RBP: 00007f4550fb2090 R08: 0000000000000000 R09: 0000000000000000
[  744.181196][T17804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  744.189189][T17804] R13: 00007f45503e6038 R14: 00007f45503e5fa0 R15: 00007ffe462e0328
[  744.197194][T17804]  </TASK>
[  744.292112][T17808] netlink: 'syz.2.4494': attribute type 10 has an invalid length.
[  745.097907][T17838] netlink: 'syz.0.4503': attribute type 33 has an invalid length.
[  745.161095][T17838] netlink: 160 bytes leftover after parsing attributes in process `syz.0.4503'.
[  745.261465][T17845] netlink: 'syz.2.4505': attribute type 10 has an invalid length.
[  746.015962][T17867] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4513'.
[  746.308055][T17879] netlink: 'syz.0.4517': attribute type 10 has an invalid length.
[  746.606661][T17891] netlink: 'syz.3.4522': attribute type 13 has an invalid length.
[  746.617408][T17891] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4522'.
[  746.649673][T17891] netlink: 209588 bytes leftover after parsing attributes in process `syz.3.4522'.
[  746.660362][T17891] netlink: zone id is out of range
[  746.666579][T17891] netlink: zone id is out of range
[  746.674156][T17891] netlink: zone id is out of range
[  746.680003][T17891] netlink: zone id is out of range
[  746.686333][T17891] netlink: zone id is out of range
[  746.693882][T17891] netlink: zone id is out of range
[  746.701470][T17895] netlink: 'syz.3.4522': attribute type 2 has an invalid length.
[  746.709364][T17895] netlink: 'syz.3.4522': attribute type 8 has an invalid length.
[  746.717550][T17891] netlink: zone id is out of range
[  746.718116][T17895] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4522'.
[  746.725200][T17891] netlink: zone id is out of range
[  746.740491][T17891] netlink: get zone limit has 4 unknown bytes
[  746.890263][T17899] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4525'.
[  746.904176][T17899] netlink: 'syz.3.4525': attribute type 2 has an invalid length.
[  746.915958][T17899] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4525'.
[  747.288711][T17909] netlink: 'syz.2.4529': attribute type 10 has an invalid length.
[  747.549208][T17923] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4535'.
[  747.598473][T17918] netlink: 'syz.2.4534': attribute type 13 has an invalid length.
[  747.640950][T17918] netlink: 168 bytes leftover after parsing attributes in process `syz.2.4534'.
[  747.676181][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  747.683616][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  747.717399][T17918] netlink: 209588 bytes leftover after parsing attributes in process `syz.2.4534'.
[  747.760271][T17918] netlink: zone id is out of range
[  747.787327][T17918] netlink: 'syz.2.4534': attribute type 2 has an invalid length.
[  747.795601][T17918] netlink: 'syz.2.4534': attribute type 8 has an invalid length.
[  747.803480][T17918] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4534'.
[  748.217773][T17946] netlink: 'syz.2.4542': attribute type 10 has an invalid length.
[  748.406157][T17951] netlink: 830 bytes leftover after parsing attributes in process `syz.2.4546'.
[  748.837799][ T5804] Bluetooth: hci1: unexpected subevent 0x0a length: 150 > 30
[  748.845872][ T5804] Bluetooth: hci1: Invalid handle: 0x8000 > 0x0eff
[  749.328965][T17973] netlink: 'syz.0.4554': attribute type 10 has an invalid length.
[  751.838780][T18027] __nla_validate_parse: 1 callbacks suppressed
[  751.838804][T18027] netlink: 63503 bytes leftover after parsing attributes in process `syz.0.4571'.
[  751.885727][T18027] ipvlan0: entered promiscuous mode
[  751.899511][T18027] ipvlan0: entered allmulticast mode
[  751.918021][T18027] veth0_vlan: entered allmulticast mode
[  752.146195][T18035] validate_nla: 1 callbacks suppressed
[  752.146215][T18035] netlink: 'syz.0.4575': attribute type 10 has an invalid length.
[  752.477658][T18050] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4580'.
[  753.356251][T18069] netlink: 'syz.0.4587': attribute type 10 has an invalid length.
[  754.304549][T18083] FAULT_INJECTION: forcing a failure.
[  754.304549][T18083] name failslab, interval 1, probability 0, space 0, times 0
[  754.319454][T18083] CPU: 1 PID: 18083 Comm: syz.2.4593 Not tainted syzkaller #0
[  754.326982][T18083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  754.337097][T18083] Call Trace:
[  754.340420][T18083]  <TASK>
[  754.343470][T18083]  dump_stack_lvl+0x16c/0x230
[  754.349146][T18083]  ? show_regs_print_info+0x20/0x20
[  754.354377][T18083]  ? load_image+0x3b0/0x3b0
[  754.358909][T18083]  ? __might_sleep+0xe0/0xe0
[  754.363894][T18083]  ? __lock_acquire+0x7c80/0x7c80
[  754.368990][T18083]  should_fail_ex+0x39d/0x4d0
[  754.373713][T18083]  should_failslab+0x9/0x20
[  754.378622][T18083]  slab_pre_alloc_hook+0x59/0x310
[  754.383677][T18083]  ? __inet_diag_dump_start+0x8b/0x9e0
[  754.389277][T18083]  __kmem_cache_alloc_node+0x53/0x260
[  754.394688][T18083]  ? __inet_diag_dump_start+0x8b/0x9e0
[  754.400182][T18083]  kmalloc_trace+0x2a/0xe0
[  754.404649][T18083]  __inet_diag_dump_start+0x8b/0x9e0
[  754.410437][T18083]  ? netlink_lookup+0x30/0x200
[  754.415351][T18083]  ? netlink_lookup+0x30/0x200
[  754.420148][T18083]  __netlink_dump_start+0x4a9/0x810
[  754.425393][T18083]  inet_diag_rcv_msg_compat+0x1eb/0x3c0
[  754.430976][T18083]  ? __inet_diag_dump+0x380/0x380
[  754.436036][T18083]  ? sock_diag_rcv_msg+0xd1/0x600
[  754.441116][T18083]  ? inet_diag_rcv_msg_compat+0x3c0/0x3c0
[  754.446868][T18083]  ? inet_diag_dump_start_compat+0x20/0x20
[  754.452704][T18083]  ? inet_diag_dump+0x50/0x50
[  754.457449][T18083]  ? __inet_diag_dump+0x380/0x380
[  754.462518][T18083]  sock_diag_rcv_msg+0x3d8/0x600
[  754.467496][T18083]  netlink_rcv_skb+0x216/0x480
[  754.472295][T18083]  ? sock_diag_bind+0xb0/0xb0
[  754.477007][T18083]  ? netlink_ack+0x1110/0x1110
[  754.481869][T18083]  ? __lock_acquire+0x7c80/0x7c80
[  754.486946][T18083]  ? netlink_deliver_tap+0x2e/0x1b0
[  754.492196][T18083]  sock_diag_rcv+0x2a/0x40
[  754.496637][T18083]  netlink_unicast+0x751/0x8d0
[  754.501438][T18083]  netlink_sendmsg+0x8c1/0xbe0
[  754.506245][T18083]  ? netlink_getsockopt+0x580/0x580
[  754.511564][T18083]  ? aa_sock_msg_perm+0x94/0x150
[  754.516529][T18083]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  754.521856][T18083]  ? security_socket_sendmsg+0x80/0xa0
[  754.527348][T18083]  ? netlink_getsockopt+0x580/0x580
[  754.532573][T18083]  ____sys_sendmsg+0x5bf/0x950
[  754.537379][T18083]  ? __asan_memset+0x22/0x40
[  754.542018][T18083]  ? __sys_sendmsg_sock+0x30/0x30
[  754.547086][T18083]  ? __import_iovec+0x5f2/0x860
[  754.551998][T18083]  ? import_iovec+0x73/0xa0
[  754.556554][T18083]  ___sys_sendmsg+0x220/0x290
[  754.561291][T18083]  ? __sys_sendmsg+0x270/0x270
[  754.566144][T18083]  ? __lock_acquire+0x7c80/0x7c80
[  754.571228][T18083]  __se_sys_sendmsg+0x1a5/0x270
[  754.576125][T18083]  ? __x64_sys_sendmsg+0x80/0x80
[  754.581201][T18083]  ? lockdep_hardirqs_on+0x98/0x150
[  754.586430][T18083]  do_syscall_64+0x55/0xb0
[  754.590882][T18083]  ? clear_bhb_loop+0x40/0x90
[  754.595599][T18083]  ? clear_bhb_loop+0x40/0x90
[  754.600311][T18083]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  754.606235][T18083] RIP: 0033:0x7ff247d8efc9
[  754.610683][T18083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.630322][T18083] RSP: 002b:00007ff248c9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  754.638767][T18083] RAX: ffffffffffffffda RBX: 00007ff247fe5fa0 RCX: 00007ff247d8efc9
[  754.646764][T18083] RDX: 0000000024002040 RSI: 0000200000000000 RDI: 0000000000000003
[  754.654784][T18083] RBP: 00007ff248c9d090 R08: 0000000000000000 R09: 0000000000000000
[  754.662804][T18083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.670977][T18083] R13: 00007ff247fe6038 R14: 00007ff247fe5fa0 R15: 00007ffe6d8733c8
[  754.679033][T18083]  </TASK>
[  755.042320][T18094] netlink: 'syz.0.4598': attribute type 10 has an invalid length.
[  755.346087][T18098] netlink: 830 bytes leftover after parsing attributes in process `syz.3.4599'.
[  756.407021][T18132] netlink: 'syz.2.4611': attribute type 10 has an invalid length.
[  756.675822][T18138] netlink: 14568 bytes leftover after parsing attributes in process `syz.3.4613'.
[  756.713527][T18138] netlink: 'syz.3.4613': attribute type 13 has an invalid length.
[  756.728030][T18138] netlink: 160 bytes leftover after parsing attributes in process `syz.3.4613'.
[  756.757022][T18138] erspan0: refused to change device tx_queue_len
[  756.764083][T18138] net_ratelimit: 8 callbacks suppressed
[  756.764100][T18138] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  757.143842][T18146] netlink: 830 bytes leftover after parsing attributes in process `syz.0.4615'.
[  757.527600][T18154] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4618'.
[  757.592319][T18149] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4618'.
[  757.665556][T18162] FAULT_INJECTION: forcing a failure.
[  757.665556][T18162] name failslab, interval 1, probability 0, space 0, times 0
[  757.679241][T18162] CPU: 1 PID: 18162 Comm: syz.3.4620 Not tainted syzkaller #0
[  757.686774][T18162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  757.696895][T18162] Call Trace:
[  757.700223][T18162]  <TASK>
[  757.703195][T18162]  dump_stack_lvl+0x16c/0x230
[  757.707935][T18162]  ? show_regs_print_info+0x20/0x20
[  757.713282][T18162]  ? load_image+0x3b0/0x3b0
[  757.717852][T18162]  ? __asan_memset+0x22/0x40
[  757.722509][T18162]  should_fail_ex+0x39d/0x4d0
[  757.727254][T18162]  should_failslab+0x9/0x20
[  757.731836][T18162]  slab_pre_alloc_hook+0x59/0x310
[  757.736948][T18162]  ? __debug_object_init+0xe8/0x430
[  757.742203][T18162]  kmem_cache_alloc+0x5a/0x2e0
[  757.746995][T18162]  ? slab_build_skb+0x2b/0x3f0
[  757.751792][T18162]  slab_build_skb+0x2b/0x3f0
[  757.756506][T18162]  bpf_prog_test_run_skb+0x3ba/0x11c0
[  757.761918][T18162]  ? __fget_files+0x28/0x4d0
[  757.766543][T18162]  ? cpu_online+0x60/0x60
[  757.770899][T18162]  bpf_prog_test_run+0x321/0x390
[  757.775873][T18162]  __sys_bpf+0x440/0x800
[  757.780134][T18162]  ? bpf_link_show_fdinfo+0x350/0x350
[  757.785546][T18162]  ? lock_chain_count+0x20/0x20
[  757.790506][T18162]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  757.796528][T18162]  __x64_sys_bpf+0x7c/0x90
[  757.800965][T18162]  do_syscall_64+0x55/0xb0
[  757.805491][T18162]  ? clear_bhb_loop+0x40/0x90
[  757.810186][T18162]  ? clear_bhb_loop+0x40/0x90
[  757.814898][T18162]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  757.820821][T18162] RIP: 0033:0x7f5b5ab8efc9
[  757.825369][T18162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.845016][T18162] RSP: 002b:00007f5b5bb11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  757.853458][T18162] RAX: ffffffffffffffda RBX: 00007f5b5ade5fa0 RCX: 00007f5b5ab8efc9
[  757.861473][T18162] RDX: 0000000000000050 RSI: 0000200000000d80 RDI: 000000000000000a
[  757.869914][T18162] RBP: 00007f5b5bb11090 R08: 0000000000000000 R09: 0000000000000000
[  757.877908][T18162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  757.885920][T18162] R13: 00007f5b5ade6038 R14: 00007f5b5ade5fa0 R15: 00007ffc4d223338
[  757.893951][T18162]  </TASK>
[  758.096206][T18170] netlink: 'syz.2.4622': attribute type 10 has an invalid length.
[  758.270286][T18173] netlink: 'syz.0.4632': attribute type 10 has an invalid length.
[  759.606079][T18211] netlink: 'syz.2.4636': attribute type 10 has an invalid length.
[  762.585392][T18253] netlink: 'syz.3.4650': attribute type 10 has an invalid length.
[  764.150604][T18284] netlink: 'syz.3.4660': attribute type 10 has an invalid length.
[  765.353357][T18302] netlink: 'syz.3.4666': attribute type 19 has an invalid length.
[  765.913630][T18310] netlink: 'syz.0.4667': attribute type 21 has an invalid length.
[  766.046138][T18316] delete_channel: no stack
[  766.607303][T18327] netlink: 'syz.0.4672': attribute type 10 has an invalid length.
[  767.854240][ T5796] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  767.867109][ T5796] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  767.876866][ T5796] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  767.963953][ T5796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  767.973605][ T5796] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  767.984209][ T5796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  768.345710][T16269] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.555961][T16269] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.601133][T18354] netlink: 'syz.2.4678': attribute type 19 has an invalid length.
[  768.820315][T16269] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.955550][T18341] chnl_net:caif_netlink_parms(): no params data found
[  769.123987][T16269] team0: Port device netdevsim0 removed
[  769.145774][T16269] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  769.465290][T18341] bridge0: port 1(bridge_slave_0) entered blocking state
[  769.501471][T18341] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.508962][T18341] bridge_slave_0: entered allmulticast mode
[  769.541953][T18341] bridge_slave_0: entered promiscuous mode
[  769.551252][T18341] bridge0: port 2(bridge_slave_1) entered blocking state
[  769.558780][T18341] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.566378][T18341] bridge_slave_1: entered allmulticast mode
[  769.574887][T18341] bridge_slave_1: entered promiscuous mode
[  769.723270][T18341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  769.764346][T18341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  769.797535][T18378] netlink: 'syz.0.4687': attribute type 3 has an invalid length.
[  769.806867][T18378] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4687'.
[  770.044522][T18341] team0: Port device team_slave_0 added
[  770.076657][T18341] team0: Port device team_slave_1 added
[  770.086791][ T5796] Bluetooth: hci0: command tx timeout
[  770.219687][T18341] batman_adv: batadv0: Adding interface: batadv_slave_0
[  770.235379][T18341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.268473][T18341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  770.312299][T18341] batman_adv: batadv0: Adding interface: batadv_slave_1
[  770.330881][T18341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.380060][T18341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  770.796928][T18341] hsr_slave_0: entered promiscuous mode
[  770.817378][T18341] hsr_slave_1: entered promiscuous mode
[  770.825974][T18341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  770.835888][T18341] Cannot create hsr debugfs directory
[  771.139007][T18409] netlink: 'syz.0.4693': attribute type 19 has an invalid length.
[  772.066338][T16269] 
[  772.068739][T16269] ======================================================
[  772.075885][T16269] WARNING: possible circular locking dependency detected
[  772.082955][T16269] syzkaller #0 Not tainted
[  772.087412][T16269] ------------------------------------------------------
[  772.094561][T16269] kworker/u4:7/16269 is trying to acquire lock:
[  772.100835][T16269] ffff88805c6f0d00 (team->team_lock_key#5){+.+.}-{3:3}, at: team_del_slave+0x32/0x1c0
[  772.110476][T16269] 
[  772.110476][T16269] but task is already holding lock:
[  772.117875][T16269] ffff88802efc0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  772.128307][T16269] 
[  772.128307][T16269] which lock already depends on the new lock.
[  772.128307][T16269] 
[  772.138754][T16269] 
[  772.138754][T16269] the existing dependency chain (in reverse order) is:
[  772.147867][T16269] 
[  772.147867][T16269] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  772.155617][T16269]        __mutex_lock+0x129/0xcc0
[  772.160663][T16269]        ieee80211_open+0x144/0x200
[  772.165885][T16269]        __dev_open+0x2bc/0x430
[  772.170747][T16269]        dev_open+0xab/0x170
[  772.175383][T16269]        team_add_slave+0xae7/0x2660
[  772.180691][T16269]        do_setlink+0xe14/0x3fb0
[  772.185640][T16269]        rtnl_newlink+0x175b/0x2020
[  772.190868][T16269]        rtnetlink_rcv_msg+0x7c7/0xf10
[  772.196342][T16269]        netlink_rcv_skb+0x216/0x480
[  772.201642][T16269]        netlink_unicast+0x751/0x8d0
[  772.206943][T16269]        netlink_sendmsg+0x8c1/0xbe0
[  772.212365][T16269]        ____sys_sendmsg+0x5bf/0x950
[  772.217674][T16269]        ___sys_sendmsg+0x220/0x290
[  772.222892][T16269]        __se_sys_sendmsg+0x1a5/0x270
[  772.228285][T16269]        do_syscall_64+0x55/0xb0
[  772.233239][T16269]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  772.239678][T16269] 
[  772.239678][T16269] -> #0 (team->team_lock_key#5){+.+.}-{3:3}:
[  772.247889][T16269]        __lock_acquire+0x2ddb/0x7c80
[  772.253292][T16269]        lock_acquire+0x197/0x410
[  772.258341][T16269]        __mutex_lock+0x129/0xcc0
[  772.263392][T16269]        team_del_slave+0x32/0x1c0
[  772.268549][T16269]        team_device_event+0x28d/0xa20
[  772.274052][T16269]        notifier_call_chain+0x197/0x390
[  772.279715][T16269]        unregister_netdevice_many_notify+0xf36/0x1810
[  772.286590][T16269]        unregister_netdevice_queue+0x324/0x360
[  772.292947][T16269]        _cfg80211_unregister_wdev+0x16b/0x580
[  772.299126][T16269]        ieee80211_remove_interfaces+0x496/0x680
[  772.305472][T16269]        ieee80211_unregister_hw+0x5d/0x2a0
[  772.311383][T16269]        mac80211_hwsim_del_radio+0x274/0x450
[  772.317497][T16269]        hwsim_exit_net+0x585/0x640
[  772.322710][T16269]        cleanup_net+0x6f4/0xb90
[  772.327666][T16269]        process_scheduled_works+0xa45/0x15b0
[  772.333749][T16269]        worker_thread+0xa55/0xfc0
[  772.338873][T16269]        kthread+0x2fa/0x390
[  772.343560][T16269]        ret_from_fork+0x48/0x80
[  772.348521][T16269]        ret_from_fork_asm+0x11/0x20
[  772.353826][T16269] 
[  772.353826][T16269] other info that might help us debug this:
[  772.353826][T16269] 
[  772.364583][T16269]  Possible unsafe locking scenario:
[  772.364583][T16269] 
[  772.372039][T16269]        CPU0                    CPU1
[  772.377414][T16269]        ----                    ----
[  772.382870][T16269]   lock(&rdev->wiphy.mtx);
[  772.387387][T16269]                                lock(team->team_lock_key#5);
[  772.394865][T16269]                                lock(&rdev->wiphy.mtx);
[  772.401900][T16269]   lock(team->team_lock_key#5);
[  772.406858][T16269] 
[  772.406858][T16269]  *** DEADLOCK ***
[  772.406858][T16269] 
[  772.415039][T16269] 5 locks held by kworker/u4:7/16269:
[  772.420422][T16269]  #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  772.431333][T16269]  #1: ffffc900106c7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  772.441920][T16269]  #2: ffffffff8dfaee10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90
[  772.451467][T16269]  #3: ffffffff8dfbbc48 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2a0
[  772.461436][T16269]  #4: ffff88802efc0768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x292/0x680
[  772.472257][T16269] 
[  772.472257][T16269] stack backtrace:
[  772.478352][T16269] CPU: 0 PID: 16269 Comm: kworker/u4:7 Not tainted syzkaller #0
[  772.485992][T16269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  772.496058][T16269] Workqueue: netns cleanup_net
[  772.500944][T16269] Call Trace:
[  772.504243][T16269]  <TASK>
[  772.507225][T16269]  dump_stack_lvl+0x16c/0x230
[  772.511936][T16269]  ? load_image+0x3b0/0x3b0
[  772.516457][T16269]  ? show_regs_print_info+0x20/0x20
[  772.521687][T16269]  ? print_circular_bug+0x12b/0x1a0
[  772.526906][T16269]  check_noncircular+0x2bd/0x3c0
[  772.531897][T16269]  ? print_deadlock_bug+0x5d0/0x5d0
[  772.537110][T16269]  ? lockdep_lock+0xe0/0x220
[  772.541745][T16269]  ? __lock_acquire+0x1334/0x7c80
[  772.546842][T16269]  ? _find_first_zero_bit+0xd3/0x100
[  772.552160][T16269]  __lock_acquire+0x2ddb/0x7c80
[  772.557042][T16269]  ? verify_lock_unused+0x140/0x140
[  772.562262][T16269]  ? verify_lock_unused+0x140/0x140
[  772.567494][T16269]  lock_acquire+0x197/0x410
[  772.572030][T16269]  ? team_del_slave+0x32/0x1c0
[  772.576835][T16269]  ? __might_sleep+0xe0/0xe0
[  772.581456][T16269]  ? read_lock_is_recursive+0x20/0x20
[  772.586856][T16269]  __mutex_lock+0x129/0xcc0
[  772.591394][T16269]  ? team_del_slave+0x32/0x1c0
[  772.596198][T16269]  ? __lock_acquire+0x7c80/0x7c80
[  772.601255][T16269]  ? rcu_is_watching+0x15/0xb0
[  772.606040][T16269]  ? trace_contention_end+0x39/0xe0
[  772.611272][T16269]  ? __mutex_lock+0x304/0xcc0
[  772.615982][T16269]  ? team_del_slave+0x32/0x1c0
[  772.620785][T16269]  ? mutex_lock_nested+0x20/0x20
[  772.625762][T16269]  ? bond_netdev_event+0xe1/0xef0
[  772.630812][T16269]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  772.636508][T16269]  ? bond_ipsec_offload_ok+0x410/0x410
[  772.642010][T16269]  team_del_slave+0x32/0x1c0
[  772.646637][T16269]  team_device_event+0x28d/0xa20
[  772.651598][T16269]  notifier_call_chain+0x197/0x390
[  772.656734][T16269]  unregister_netdevice_many_notify+0xf36/0x1810
[  772.663210][T16269]  ? lock_chain_count+0x20/0x20
[  772.668084][T16269]  ? unregister_netdevice_many+0x20/0x20
[  772.673868][T16269]  ? kernfs_remove_by_name_ns+0x117/0x150
[  772.679701][T16269]  ? __lock_acquire+0x7c80/0x7c80
[  772.684857][T16269]  unregister_netdevice_queue+0x324/0x360
[  772.690614][T16269]  ? list_netdevice+0x730/0x730
[  772.695490][T16269]  ? kernfs_remove_by_name_ns+0x117/0x150
[  772.701356][T16269]  _cfg80211_unregister_wdev+0x16b/0x580
[  772.707028][T16269]  ieee80211_remove_interfaces+0x496/0x680
[  772.712878][T16269]  ? ieee80211_do_stop+0x1db0/0x1db0
[  772.718197][T16269]  ? rcu_is_watching+0x15/0xb0
[  772.723003][T16269]  ieee80211_unregister_hw+0x5d/0x2a0
[  772.728436][T16269]  mac80211_hwsim_del_radio+0x274/0x450
[  772.734041][T16269]  ? rhashtable_remove_fast+0xbf0/0xbf0
[  772.739605][T16269]  hwsim_exit_net+0x585/0x640
[  772.744364][T16269]  ? hwsim_init_net+0x90/0x90
[  772.749145][T16269]  ? __ip_vs_dev_cleanup_batch+0x238/0x250
[  772.754972][T16269]  cleanup_net+0x6f4/0xb90
[  772.759413][T16269]  ? ops_free_list+0x3b0/0x3b0
[  772.764208][T16269]  ? _raw_spin_unlock_irq+0x23/0x50
[  772.769461][T16269]  ? process_scheduled_works+0x957/0x15b0
[  772.775206][T16269]  ? process_scheduled_works+0x957/0x15b0
[  772.781012][T16269]  process_scheduled_works+0xa45/0x15b0
[  772.786641][T16269]  ? assign_work+0x400/0x400
[  772.791254][T16269]  ? assign_work+0x39e/0x400
[  772.795899][T16269]  worker_thread+0xa55/0xfc0
[  772.800512][T16269]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  772.806422][T16269]  ? _raw_spin_unlock+0x40/0x40
[  772.811306][T16269]  ? _raw_spin_unlock_irqrestore+0x86/0x110
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  772.817240][T16269]  kthread+0x2fa/0x390
[  772.821329][T16269]  ? pr_cont_work+0x560/0x560
[  772.826033][T16269]  ? kthread_blkcg+0xd0/0xd0
[  772.830637][T16269]  ret_from_fork+0x48/0x80
[  772.835077][T16269]  ? kthread_blkcg+0xd0/0xd0
[  772.839681][T16269]  ret_from_fork_asm+0x11/0x20
[  772.844558][T16269]  </TASK>
[  772.852416][ T5796] Bluetooth: hci0: command tx timeout
[  772.963589][T16269] team0: Port device wlan1 removed
[  773.584264][T16269] hsr_slave_0: left promiscuous mode
[  773.660966][T16269] hsr_slave_1: left promiscuous mode
[  773.751101][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  773.758737][T16269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  773.801795][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  773.809687][T16269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  773.836411][T16269] bridge_slave_1: left allmulticast mode
[  773.845098][T16269] bridge_slave_1: left promiscuous mode
[  773.852960][T16269] bridge0: port 2(bridge_slave_1) entered disabled state
[  773.880490][T16269] bridge_slave_0: left allmulticast mode
[  773.886436][T16269] bridge_slave_0: left promiscuous mode
[  773.892518][T16269] bridge0: port 1(bridge_slave_0) entered disabled state
[  773.917250][T16269] veth1_macvtap: left promiscuous mode
[  773.923533][T16269] veth1_vlan: left allmulticast mode
[  773.933421][T16269] veth1_vlan: left promiscuous mode
[  773.939038][T16269] veth0_vlan: left promiscuous mode
[  774.099388][T16269] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  774.129292][T16269] team0 (unregistering): Port device vlan0 removed
[  774.238134][T16269] team0 (unregistering): Port device team_slave_1 removed
[  774.270075][T16269] team0 (unregistering): Port device C removed
[  774.283888][T16269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  774.312996][T16269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  774.515906][T16269] bond0 (unregistering): (slave team0): Releasing backup interface
[  774.539987][T16269] bond0 (unregistering): Released all slaves
[  775.162906][T16269] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.240206][T16269] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.300214][T16269] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.371512][T16269] team0: Port device netdevsim0 removed
[  775.378882][T16269] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.020093][T16269] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.078363][T16269] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.129355][T16269] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.203536][T16269] team0: Port device netdevsim0 removed
[  777.211752][T16269] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.334634][T16269] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.399164][T16269] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.453425][T16269] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.522194][T16269] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  779.076179][T16269] hsr_slave_0: left promiscuous mode
[  779.082421][T16269] hsr_slave_1: left promiscuous mode
[  779.088491][T16269] bridge_slave_1: left allmulticast mode
[  779.096223][T16269] bridge_slave_1: left promiscuous mode
[  779.102520][T16269] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.116930][T16269] bridge_slave_0: left allmulticast mode
[  779.122709][T16269] bridge_slave_0: left promiscuous mode
[  779.128486][T16269] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.143531][T16269] hsr_slave_0: left promiscuous mode
[  779.149588][T16269] hsr_slave_1: left promiscuous mode
[  779.156585][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  779.166482][T16269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  779.175499][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  779.183043][T16269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  779.192033][T16269] batadv0: left allmulticast mode
[  779.197177][T16269] batadv0: left promiscuous mode
[  779.202899][T16269] bridge0: port 3(batadv0) entered disabled state
[  779.211024][T16269] bridge_slave_1: left allmulticast mode
[  779.216810][T16269] bridge_slave_1: left promiscuous mode
[  779.222897][T16269] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.233332][T16269] bridge_slave_0: left allmulticast mode
[  779.239033][T16269] bridge_slave_0: left promiscuous mode
[  779.244954][T16269] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.257097][T16269] hsr_slave_0: left promiscuous mode
[  779.263100][T16269] hsr_slave_1: left promiscuous mode
[  779.268922][T16269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  779.278572][T16269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  779.286748][T16269] bridge_slave_1: left allmulticast mode
[  779.292544][T16269] bridge_slave_1: left promiscuous mode
[  779.298235][T16269] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.306573][T16269] bridge_slave_0: left allmulticast mode
[  779.312310][T16269] bridge_slave_0: left promiscuous mode
[  779.318012][T16269] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.330383][T16269] hsr_slave_0: left promiscuous mode
[  779.336333][T16269] hsr_slave_1: left promiscuous mode
[  779.342819][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  779.350270][T16269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  779.359736][T16269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  779.367486][T16269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  779.375308][T16269] bridge_slave_1: left allmulticast mode
[  779.381146][T16269] bridge_slave_1: left promiscuous mode
[  779.386930][T16269] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.395652][T16269] bridge_slave_0: left allmulticast mode
[  779.401665][T16269] bridge_slave_0: left promiscuous mode
[  779.407410][T16269] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.420727][T16269] veth1_macvtap: left allmulticast mode
[  779.426839][T16269] veth1_macvtap: left promiscuous mode
[  779.432504][T16269] veth0_macvtap: left promiscuous mode
[  779.438124][T16269] veth1_vlan: left promiscuous mode
[  779.443522][T16269] veth0_vlan: left promiscuous mode
[  779.449817][T16269] veth1_macvtap: left allmulticast mode
[  779.455652][T16269] veth1_macvtap: left promiscuous mode
[  779.462594][T16269] veth0_macvtap: left promiscuous mode
[  779.468452][T16269] veth1_vlan: left allmulticast mode
[  779.474030][T16269] veth1_vlan: left promiscuous mode
[  779.479432][T16269] veth0_vlan: left promiscuous mode
[  779.485786][T16269] veth0_macvtap: left promiscuous mode
[  779.491871][T16269] veth1_vlan: left promiscuous mode
[  779.497195][T16269] veth0_vlan: left promiscuous mode
[  779.734174][T16269] team0 (unregistering): Port device vlan0 removed
[  779.835160][T16269] team0 (unregistering): Port device team_slave_1 removed
[  779.866651][T16269] team0 (unregistering): Port device C removed
[  779.892841][T16269]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  779.933872][T16269]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.101328][T16269]  (unregistering): (slave team0): Releasing backup interface
[  780.235737][T16269]  (unregistering): Released all slaves
[  780.328881][T16269] team0 (unregistering): Port device macvlan1 removed
[  780.455805][T16269] team0 (unregistering): Port device team_slave_1 removed
[  780.483647][T16269] team0 (unregistering): Port device C removed
[  780.528491][T16269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.569894][T16269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.749990][T16269] bond0 (unregistering): (slave team0): Releasing backup interface
[  780.776988][T16269] bond0 (unregistering): Released all slaves
[  780.944754][T16269] team0 (unregistering): Port device team_slave_1 removed
[  780.957637][T16269] team0 (unregistering): Port device team_slave_0 removed
[  780.989161][T16269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.017533][T16269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  781.083690][T16269] bond0 (unregistering): Released all slaves
[  781.343968][T16269] team0 (unregistering): Port device team_slave_1 removed
[  781.407764][T16269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.459045][T16269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  781.630333][T16269] bond0 (unregistering): (slave team0): Releasing backup interface
[  781.655649][T16269] bond0 (unregistering): Released all slaves