last executing test programs:

39.878363095s ago: executing program 2 (id=2352):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff7ffa}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000, 0x0, 0x2, 0x0, 0x80}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socketpair(0x1e, 0x1, 0x3, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000200000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000c0b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085000000a0000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0xcdd, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7020000c3000000bf230000000000002703000000fefeff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400011000000404000001007d60b7030000000000006a0a00fe800000008500000030000000b7000000000000009500001000000000acaa8e53a53cb864c300094c07000000000000d94cf0987b00a749a8e53b5c9491cd1f2b94a64f1de23d03a8f0362ebfc44c77511e60070e25510070f7778d3e77ad85319f0113abbac795f8c24abca246150226eb93fe39233add8f68f87699162334343befce832cb8075c5f0ae30cde221371ff00000067e4b75da95370ae6fd2b99ac18f98403494d4a94e95fb8dcd813487b2bdb006c6465c15f04485a9f8c8e49d00000097184c8e9d34b1e382b25e9614634e8e09194f7b83138f5275d9ab463797a2f6dcb45d5f278cd4fb74559575da3560c01cdf1eaa3fc7a3fb4f1689dfd5b626174770e4dfd1c82a694efc62f9ef9c8c0ea1efa5b949ce22827f6fd1dfc69d03482d8ec264e3d96ad19a0c99a234b4b71b0bc22573f8594b91781cd8ff7f000000000000299ebf94588e60abe9a565c5bbdc0358226f8580dc1a83c6a44408de23475a74ef0deda8da4089269ccb4e728dee6320444576c87cc576291e5367a5f1a5d5a12f8313ffff0b7f73335279aa2b68c9f045831119881764c71bb65b5138c50e06024e80fd9656bc077e4e259695748989335ba9eeef288de73815f20fefd4acfb6813ffff00000b971aec1a3e618a08a94ecbd401c8109c87ee3f5c0501857538d2a766bfcf4128fbe726903aca577aa8943af747760718dee5a21396dce6f61c6f3c7e000000cb0868b48719e47296f2299df3ecfb5f3f0e42f6f1eb1dc64dcc8e397366d12033f6288edbda3b838100000000000000000000800000edd4e1266dc9d73223fe614f025a7f284de76b3b676a13c57a0ed24f6270c4cbbf93472eb8093d8296c68dfbb03ddedc3e029b08959b145a7b110068ba071e75d75716243052ad24b624fddc2f0f3a018c0085c2319c248d643cd09fa855b20a6d453f2e954ff0e55c010000008547c5a0ecefcc44cc9532f729167f215937357a4bb9746193c1ec000000000000dd43c108c2109d221b7b26b7c9c209000005b7918a6cd856b8fa806c85480443159c6bed51a0e021f05f7caa1b99cdb4d08d9031210ac00e67d8c40a18503cb7aabcc066dfbfd7f87abe1122f00e5454bec3563a19582e0000000000000000000000000084b27fc6a3f95bf02b4eb5f1599dd46edcad432cc216316fe07afe27649c89cf022a90d895a2d70fcde7a9c37ede0c47c27f44595ab4b1fb1ed5b1d91314b2d50f94a768fb605679485041a6376b8344a39af68aed2be39794dd86ae82f9660cf4f935255d71f9fab2e430ac42bba1f54141cf39d4d50c4ded504beacb0de210d7a3716dca7362c134b91cef3efc514fbcb4747e6814ac16449ac02a43d9d4151697b4b7890ec6b481c5f0ca8c52a6322f34a796fa5941d23409ecf73458223baaffb94a89ee2884df000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x36}, 0x48)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x275a, 0x408)
openat$tun(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r2, 0x40000f0, 0xe40, 0xffffffff, &(0x7f0000000040)="7b5515ccc8bca12641e65d58fd1a12f63952868d811b21d40ede8a2683ec657ae641e7d9876a18da8083b3", 0x0, 0x8001, 0x0, 0x0, 0x50}, 0x28)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)="d800000018007b18e00212ba0d8105040a871100fe0f040b06990300000015000500fe800000000100000300014002000c59c266cd3e72d30901a8040098007f6f9400717ce06bbace8017cbec4c2ee5a7cef4090080001fb791643a5ee4b11602b2a10c11ce1b14d6d130dfe1d9d322fe04fba8cae8c9010000734d7a50f4fa61ee8362969ad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6cdd40dd60105e9f16e9cb58000000000000000000000000000beefc58a3ef93fcbb2f125f6644dc7998a0009cbc4d0a0", 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, 0x0, 0x20000004)
recvmsg$kcm(r5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000022c0)={&(0x7f00000021c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@float={0xd, 0x0, 0x0, 0x10, 0x8}, @decl_tag={0xc, 0x0, 0x0, 0x11, 0x5, 0x7}]}, {0x0, [0x30, 0x5f, 0x61]}}, &(0x7f0000002200)=""/147, 0x39, 0x93, 0x0, 0x2, 0x10000, @value=r4}, 0x28)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x402, 0x1003ff, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r6}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r6, &(0x7f0000000340), 0x0}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r8 = openat$cgroup_devices(r7, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r8, &(0x7f0000000240)=ANY=[@ANYBLOB='c'], 0xa)
openat$cgroup_netprio_ifpriomap(r4, &(0x7f0000002300), 0x2, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000d, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x40400, &(0x7f0000002340)="9c712044ebba29c03c05a2c5dffbb28c2267e8b817864082b5c7505ac9d9bfc1e039b231a4b7b89b583d9e9d64d346fc2c9e548f9ed5803d3affbeca06b2a5a1d57b2129e7f19b04a7cfde499361a16672ac135320b527b2e246669f19b5f325b5d3f5e2efb883d193d4fe4128526cd370b2742269a1d3e789ddfe2cb0d467487f3d62", 0x83, &(0x7f0000002400), &(0x7f0000002440), &(0x7f0000002480)="a5fa285b6af2b0a9ae48d4455fa0c84dcd172b423c42f8c9050eecba214d7e30a0dcd680d445ea8ac1fa0371a83176d8e2406e75e3fe910e03d9517e197761ef9b7beb5893c16820d1e6250f9279ed66ce6b07abb3f4c3924b3acca86fd6527f03ffeaa0c929d444aae9182750f3360eec0298c40bd308b90a2037da8bb42d0e9aafff15050d10078dd51ea4d6a38ad15a7014100587ec754bda9d683d4203c50e8255669015296c1419a00ebb10f7295f97e5461a212a92b2af26758e9d7811c41826482b41772592394c03e79479430d45ea6caf5798a7c7fbca16061494e8027d60533df5c961e6db2b020f77e0d6d7331d1cfa9e1ab48f0c5825")

38.181280523s ago: executing program 2 (id=2356):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8902, &(0x7f0000000080))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000600)="ff", 0x1}], 0x1}, 0x400100f)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/213, 0xd5}, {&(0x7f0000000540)=""/82, 0x52}, {&(0x7f00000005c0)=""/28, 0x1c}], 0x4, &(0x7f0000000640)=""/222, 0xde}, 0x2000)

38.00772579s ago: executing program 2 (id=2358):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) (async)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d34, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x310c, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0xa) (async)
socketpair(0x1, 0x1, 0x0, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000700)=ANY=[@ANYBLOB='1'], 0x31) (async, rerun: 32)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="b441602d77981b7b9f14bb7cbca26014f1093b24cdac06f6ecc051acdb2d2ec39db0a9007658e52331d220088d9221ab4eceaf766a0de5d3d4cef14020994899ee9c15e8f63fc57d15f309298f1a0e00682c15b08fa34e692374da6e3803a664c3729ae21385992bfc6e46261df3f827648ed87a2e6977b05a571f042cae7bae79d3024576f016462677292396669fe15972d6f0f007f71ddc094bdd9d896b8bc33d308f80aa1795", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
openat$cgroup_int(r2, 0x0, 0x2, 0x0) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r3, &(0x7f0000000140), &(0x7f0000000240)=""/154}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
r4 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x9, 0x0, 0x0, 0xfffffffffff7bbfe, 0x1, 0x3, 0x0, 0x5ff, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000002b80)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80) (async, rerun: 32)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b80)=ANY=[@ANYBLOB='5', @ANYRES32=r5, @ANYBLOB="2f00000020c0d87fbb55f1db355c10000000", @ANYRES32, @ANYBLOB="53a1766904f6476f5e6c8b7b2671da319da0cf6ff042c7052c16c83492f0e150662cb8f5869a63e695293bf4e79ac79fe9c8587203152664c1e8a7847f492ad856c6e07334ad97c627f77b28b91b2d35b6f650c47c9401b84c7af99ce07fde8a91f0b349d765382971eaa921", @ANYRES32=r2, @ANYBLOB="c7dca03bfc01adf658343ce2e68b44b645f0374f3d8ef357bab0ecf10950aca51ef92c33603bf617bbb4ffd3d61c405697007e6f8e8a91c2b9439fff503290aced0b15982c6b9c1eed977017cd018b2dd3d5134cf24761895a62189cf18e8ca44bc94b13fc7b3d9723f7b72c598cea006793ec84ec81df719b9bcbded21880849ab34829b77c27eef23bdf9051d81bcf4342eec48918ec3c8290693a3d10e0eb4f21cd0fb7b8e894d465bfd06473270c311231c3d9026b9732", @ANYRES64=r5], 0x20)
mkdir(0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYRES32=r4], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) (async)
mkdir(&(0x7f00000000c0)='./file/file0\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file/file0/..//file0/file0\x00', 0x0) (async)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f91424fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r7 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r7, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r7, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x20000000) (async, rerun: 32)
close(r7) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xa, 0x4, &(0x7f0000000980)=ANY=[@ANYRES64, @ANYRESDEC=r6, @ANYRES32, @ANYRESOCT, @ANYRESHEX, @ANYRES64=r7, @ANYRES32, @ANYRES8=r6], 0x0, 0x0, 0x0, 0x0, 0x40efe, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000300))

37.766054448s ago: executing program 2 (id=2360):
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f8", 0x67}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/213, 0xd5}, {&(0x7f0000000540)=""/82, 0x52}, {&(0x7f00000005c0)=""/28, 0x1c}], 0x4, &(0x7f0000000640)=""/222, 0xde}, 0x2000)

36.701363915s ago: executing program 2 (id=2368):
r0 = socket$kcm(0x10, 0x0, 0x10) (async)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x18, 0x20000000, 0x2fd7d50, 0xf, 0x800, 0xffffffffffffffff, 0x7fffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x5}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xc, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0xff26) (async)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b0fd25a806c8c6f94f90224fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x10)

28.266988068s ago: executing program 2 (id=2370):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000780)=""/174, 0xae}, {&(0x7f0000000500)=""/219, 0xdb}, {&(0x7f0000001b40)=""/4050, 0xfd2}, {&(0x7f0000000b00)=""/4101, 0x1005}, {&(0x7f0000003240)=""/212, 0xd4}], 0x5}, 0x100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f0000000dc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@int={0x3, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x9, 0x728461137307123d}]}, {0x0, [0x5f, 0x30]}}, 0x0, 0x2c, 0x0, 0x1}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="01000000060000000f0000000800000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r2], 0x50)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
r4 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, @perf_bp={&(0x7f0000000300), 0x9}, 0x4044, 0x80000000000000, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
close(r6)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})

21.998781876s ago: executing program 0 (id=2399):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000400fe80000000000000080005007a010401a80016002000104004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x7, 0x5, 0x0, 0x0, 0x0, 0x4428, 0x80428, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0, 0xe}, 0x4, 0x3, 0x4cee, 0x0, 0x7fffffff, 0xe900, 0x9, 0x0, 0x7, 0x0, 0x3b6}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000780)=@generic={&(0x7f0000000740)='./file0\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000400000005"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r2, r1}, 0xc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0x8000, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext, 0x0, 0x20000000000000c8, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x8}, 0x0, 0x1000000000000000, 0xffffffffffffffff, 0xb)
r3 = socket$kcm(0x2, 0x5, 0x84)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = socket$kcm(0x2, 0x922000000001, 0x106)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0e00000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000038bd080d39c95d532ccb892dff1d2f4ffc3ea3ac4e60524dae18ac1a220609ba20d305194cd2"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r8}, 0xc)
setsockopt$sock_attach_bpf(r5, 0x6, 0x24, &(0x7f0000000000)=r6, 0xff7b)
recvmsg$unix(r6, &(0x7f0000002940)={&(0x7f0000000180), 0x6e, &(0x7f0000002840)=[{&(0x7f0000000200)=""/112, 0x70}, {&(0x7f0000000280)=""/99, 0x63}, {&(0x7f0000000300)=""/96, 0x60}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000580)=""/115, 0x73}, {&(0x7f0000000600)=""/150, 0x96}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000002680)=""/88, 0x58}, {&(0x7f0000002700)=""/228, 0xe4}, {&(0x7f0000002800)=""/24, 0x18}], 0xa, &(0x7f0000002900)=[@cred={{0x1c}}], 0x20}, 0x40010020)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
setsockopt$sock_attach_bpf(r3, 0x84, 0x79, &(0x7f0000000000), 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup/syz0\x00', 0x1ff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r10 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000b00)={r4, &(0x7f0000000900)="dbc34d2d88c76bb3a5f15eff408bde76744098cb81dd4e2900e97c44095038aff0077af063050bb6f4e6702aff0dcea079284cc43e0793c5964e7a8f2047c0e914445eacd4c83fe64a6f6cb3b63b5d1891a16c1da922a99a618e1879ff61bc4a358735bc4afe22d445b38826d6afcaf2b3c8ce0fe9567b0e8efb1ed2b94dcc3474b736de09a70b03a2561cf0133fd4bc98227f468715968fb9d06ee36317dc101ec57e352c32ac048804713ea110ea06b99ae0a1c3", &(0x7f0000000a00)=""/200, 0x79be39cc5f87460d}, 0x20)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b8703130000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000004)

21.57328444s ago: executing program 3 (id=2393):
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x9)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19", 0xbf9}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838", 0x22}], 0x2, &(0x7f00000010c0)=[@ip_tos_u8={{0x11, 0x29, 0x37}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x38}, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x40040, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[@rights={{0x10}}], 0x10}, 0x2000)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x9a)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000008c0), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000e40)=ANY=[@ANYBLOB="1e0000000903000003000000020000000d5c0700", @ANYRES32, @ANYBLOB="000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100000002000000040000000400"/24, @ANYRES32, @ANYBLOB], 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r2, 0x1, 0x41, &(0x7f0000000040), 0x4)
socket$kcm(0x2b, 0x1, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000540)}, 0xb3503436ddae298)
recvmsg$kcm(r2, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x2062)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x2800000002000000, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x500, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x5, 0x0, 0x4, 0x0, 0x2, 0xd2dde, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7, 0x4, @perf_config_ext={0x6, 0x10}, 0xb, 0x2, 0x80000001, 0x7, 0x5, 0x25, 0x3, 0x0, 0xfffffffd, 0x0, 0x400000000002}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f0, &(0x7f0000000080))

21.30449343s ago: executing program 0 (id=2394):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x10001, 0x7ff, 0x0, 0x7, 0x0, 0x4, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x6, 0x22, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @call={0x85, 0x0, 0x0, 0xb5}, @ldst={0x2, 0x0, 0x0, 0x7, 0xa, 0xfffffffffffffffe, 0xffffffffffffffff}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffc}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000006c0)='GPL\x00', 0x1, 0xf6, &(0x7f0000000700)=""/246, 0x41100, 0x54, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x11, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a40)={&(0x7f0000000940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x70, 0x70, 0x6, [@int={0xb, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x13, 0x1}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}, @enum={0x3, 0x9, 0x0, 0x6, 0x4, [{0x5, 0x8}, {0x0, 0x5}, {0x4, 0x9}, {0x10, 0xffffccdd}, {0xc, 0x10001}, {0x4, 0xfffffff3}, {0xe, 0x2}, {0xd, 0x7}, {0x9, 0x9}]}]}, {0x0, [0x2e, 0x61, 0x30, 0x61]}}, &(0x7f0000000a00)=""/23, 0x8e, 0x17, 0x0, 0x6b, 0x10000}, 0x28)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
ioctl$SIOCSIFHWADDR(r2, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @broadcast})

21.141555486s ago: executing program 3 (id=2396):
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e", 0x78}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/213, 0xd5}, {&(0x7f0000000540)=""/82, 0x52}, {&(0x7f00000005c0)=""/28, 0x1c}], 0x4, &(0x7f0000000640)=""/222, 0xde}, 0x2000)

20.15356526s ago: executing program 3 (id=2397):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000680)={0x2, 0x80, 0x5, 0x3, 0x4, 0x9e, 0x0, 0x6, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7d2, 0x1, @perf_bp={0x0, 0x7}, 0x400, 0xf7, 0x0, 0x8, 0x4, 0xe, 0x2, 0x0, 0x8, 0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640a9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0xc1a}, 0x1000, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x202009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000008c4ac4485f512d000000000000be4f67aad5a760923d3e6d0095822d045fe029745ffc8931b56bfd0b25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
syz_clone(0x22023500, 0x0, 0x20010, 0x0, 0x0, 0x0)
socket$kcm(0x29, 0x7, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x1c, 0x1, 0x0, 0x539367ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x3, 0x7fff}, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8483d0000005e145802000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x1}], 0x1, 0x0, 0x0, 0xa6820000}, 0xfff5)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r4, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a2131677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r7, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="b5", 0x1}], 0x1}, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x5}, 0x104101, 0x4, 0x7fff, 0x1, 0x10, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18080000000000000000000000000000183500000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
recvmsg(r7, &(0x7f0000000bc0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x7, &(0x7f0000000180), 0x43)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="03000004040000000400100000000000000000004b59a79d1700984b5d98db3708d6503982386b5fdbb3387847df78acd6e9e5e3f4ead80cc1af3a1bcbc942c1989a264a12997b12d59df13198c245d8ec2ad2deedc6e377012172fccd6d140e631a601f", @ANYRES32, @ANYBLOB="ffffff7f000000000000", @ANYRES32, @ANYRES32, @ANYBLOB], 0x50)

20.1502195s ago: executing program 0 (id=2398):
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0xfff}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
socketpair(0x1, 0x5, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x275a, 0x0)
write$cgroup_int(r2, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3, 0x5, 0x11, 0x7, 0x0, 0x3, 0x8008c, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xdfffffff, 0x0, @perf_bp={0x0, 0x8}, 0x1035a, 0x5, 0x1000007, 0x9, 0x8, 0x5, 0x5, 0x0, 0x2, 0x0, 0x40000002}, 0x0, 0x8, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f0, &(0x7f0000000080))
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0xbd, 0x5, 0x80, 0x7, 0x0, 0x7fffffff, 0x7a5d4, 0x5, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xdfffffff, 0x0, @perf_bp={0x0, 0xe}, 0x2, 0x1, 0x7, 0x4, 0x81, 0x8, 0x9, 0x0, 0x20002, 0x0, 0x4}, 0x0, 0x8, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000080))
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000))
socket$kcm(0x21, 0x2, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
socket$kcm(0x2, 0x200000000000001, 0x106)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x8, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0, 0x46fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x15, 0x5, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x4000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)

19.687199796s ago: executing program 1 (id=2400):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x4}, 0x50)
r1 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@o_path={&(0x7f0000000000)='./file0\x00', r0, 0x4000, r1}, 0x18)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f0000000100)="78541202b47cd7ce78ecaea0974624c0f6e10c41b54f478a6a9b7a174c32f9d97ad756bc283ca69dc3a3b8152d57a4aa670bcb60768a73e9713eefe79ee1736250399ed598f778d2c3394941c49a91b5a6a6c096234d7226cfee72e39dfdfb4f7d0704f957fff201ca8435be6523e330ef3ed5b7a4a2a29683934b1d25cb26ba8c251d5a26a919e316f4c3f5dd034979338b958aaa1b70bf5fc41582f87d09209f74e753dda9154b8d8fe254dc32a071e0ab071256c2a5cafd5b0f5dccb0f2f99498a61cbb340e30746acfd2221382f45fe9dc066072a058650d95931fcd0d39f5149ab4", &(0x7f0000000200)=""/9, &(0x7f0000000240)="3a04731f1c3dab18049162980a681a3b2a6731c5e275d6ee04f821571228133945f35e7912acfc9a7908e60d5774febdeb3dfc0b964d638124926a9634e91a1d87d9a76c863febafd27bf029b1ef7048fc534bcccf57a783df7d4ad8d4dd12c066afe102d6f174ad37d6571c75b79d1aadbe", &(0x7f00000002c0)="37aa1de597df2479ef0ca81ad81122e65fbdc02551c1758bc984be3fa046167bdd67e046652f2275af9fa895c4f775af23ada0aeab4b13a4eaee5cd8af18b0f072477ac5f5d72adc40aacd266ab975382c3063a3c2df435d0699ce5e238075325a85349131e57a005b095796f327b3a43901fbd17c6dbb4afcb82ec6b4871a33bdc527a33003fafb", 0x9, 0x1}, 0x38)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x6, [@enum64={0x9, 0x7, 0x0, 0x13, 0x1, 0x1, [{0x3, 0xa, 0x7}, {0x8, 0x6, 0x5}, {0x4, 0x5e, 0xffff8001}, {0xa, 0x10001, 0x2}, {0x4, 0x0, 0x9}, {0xe, 0x9, 0x6}, {0x7, 0x106, 0x8}]}, @restrict={0xa, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x5f, 0x30, 0x0, 0x30]}}, &(0x7f0000000480)=""/104, 0x8a, 0x68, 0x0, 0xa}, 0x28)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0xffff, 0x0, r0, 0x10000, '\x00', 0x0, r2, 0x3, 0x5, 0x2}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x23, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x4}, @map_fd={0x18, 0xb, 0x1, 0x0, r3}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4377}}, @ldst={0x3, 0x1, 0x1, 0x2, 0x8, 0x49e4b77a92085f7, 0xfffffffffffffff0}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000880)='GPL\x00', 0xffffffff, 0xa1, &(0x7f00000008c0)=""/161, 0x40f00, 0x1c, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000980)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0x0, 0x1, 0xfffffff9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r0, r3, r3, r0, r0, r0, r3, r3, r0], 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_tracing={0x1a, 0x7, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x81}, [@exit, @ldst={0x1, 0x0, 0x0, 0xa, 0x8, 0x2, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @alu={0x7, 0x1, 0x1, 0x7, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc}]}, &(0x7f0000000600)='syzkaller\x00', 0x9, 0x5f, &(0x7f0000000640)=""/95, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000006c0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x2, 0xc, 0x88, 0x7}, 0x10, 0xaf6f, r4, 0x4, &(0x7f0000000b00)=[r0, r0, r3, r3], &(0x7f0000000b40)=[{0x1, 0x3, 0xd, 0x5}, {0x5, 0x2, 0x2, 0xa}, {0x0, 0x4, 0xb, 0x4}, {0x4, 0x4, 0x0, 0xb}], 0x10, 0x7fffffff}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000002180)={&(0x7f0000000c80)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000002080)=[{&(0x7f0000000cc0)="9a3d3a94f915ab4ecf284a412ab7a8da5ce654c2f9e07777ba09ea757b6e", 0x1e}, {&(0x7f0000000d00)="caf47f378c9121", 0x7}, {&(0x7f0000000d40)="6448914d34fd6de1e08547df92d8abeff64278b73fcfedef0cda10680969d0c0deee134c97042f65bf8fdeb2a89612841b00b56261f4791f9e36b1af58f3659557dd503810decaa42986a2d6467a859316ccc15623611f52de07307296d8713002060cf3f1cd33764182d77b7d2ef03c34551a628a15b685e275b567b9067848c8c9f35b84e406510c25282e799c01bcb4bac863d7a7e26409f9626237315d05598206f3c2b57af978f314469f5520bb1d09c68948c8f84740a5b3e0aa15725fbc24ac2c14827f154c5a3e6ec31cf42403998d630737de512fdd13ba061575917d189d5014d6cca10cc4", 0xea}, {&(0x7f0000000e40)="ac4eeb689ffaacff21d57a79c5ae5a781f6e6dbfddc327523b4284e0a5380bb8a7aa33018228df514f82ac8012b293e0772b21f6818e5991043c", 0x3a}, {&(0x7f0000000e80)="f21573714f2654acf0b1e9c47ca192eae4ff8b7c6a6edc5bfc7d6dd2", 0x1c}, {&(0x7f0000000ec0)="ee7204de8be437a1efe9dddb2084011d84b2d5a5e18a3a8c95188085deeabb5ca99a182c4d1c19a7c88ab1c373debcab38ec47f2d69e0e08d72778e2ff11038b0144f17db4e0be99c39008f50cfcc3f2d00a3bdf7b69e56c004fbd0beb2d65fe12001c999ff1faab83c248907375de2a9e31d0005e2e2829eb710edcb62fea7ad6690f481ffb2c9e18089f24a95547e930dd188830bc2e750dea16d51ea50dcec7a5723c492dea9590193773c5171089cd4a553888583bdfe41d21997cefee708f4487793098b638dda0bc2e40d23799fa64698b41d52794ed34c5d34d7066ef7e1c1239907b9e1159b9adf3cf3ed0c37dc740e59bbc90500c54cb0ecf193f9b73625bba9567e0ea4b0d158537c65296bf7f931d7b754880323c1eda48016586656345ad50d0817d044d574f72cdf6966d11a481fc0dfa07ba1522b5f2d89e4b89eb95dd055aba0fbd39896c5b1eb0393cb19de5e349379ceafba0e6bfb1254a95a651b5640e80b22e57731f2b3e0c6d2f8496f40acff300b777b316c3e9b6600119affef09a627d434dfb24923b11602f3e2216c167c4f692748d832bfb616d115f56b589ec70e93e71c1beb782ae073029dca4994f866c9b83dcededbf8f039e14e9ab59447544a66d66ea92c42f932370ee9ceb9055dbe509b53fad551e91d86928868065d9c122503bfcb19ea04403392327ae21f8b7afa9ce83c0714a9530c702ed338724304bb954ece449920549ceda7b280227bdad736051c8bca6f8ceca383ac7af77caa8118d6d5cf5827738f844bcd872c7030b5edf5c8c3c351289828515d02261a7f86cfee632946a8830897712477337150b3aa75b3fba519eab408f28c91aea2686c7d6c16ac1cfa9fd6b4c32409f9b16caaedc5109e69bb50747b1e3112477bc8b683a26f57f94ef4d480c859dfea23aa5bc30fa3595c713a521bcd6f7800188879a699a80eeee31784c3ed11f6f597139fb7dacec1d81c0074dc27c9593fa0a2fe4144f63cce92d346e1448d9816d61b5b4491c197d3e06fc33b90e98172f6de3842d5f94f53e4f6ff1f15942aedbe6ab392659a1bf6c67e975756c5498b789d0e61c939bd0fa18e086ff8b456e66084d6d53d1dcd2b9224ad1470b14df3b045d6aa1a023ff56a05c38557a10ef4365ff6de5dadec3e400944b31d438768320bcb951ae9a5c00b3daca6720d261736efcc37acdff712fdeeb8c430c79275e822320c0df229250101e3f5e0b9e129a1d62a5a21fc2d048340d42189d03c11c9f6322fe4f1f007d08c7abc9adf00b2c31d1ad1e2dff93cb1edae22612e0570d5f742e288b18e5cf03c442069f202e1ceb842880294ba53984d8c902a2e0a02187c8ac1aa8ebf88ab0459d42cd4c8994b281e3fbd739192deb47e46d05e23cffb0aeb0d9dc582add6e451f4a7a765d0ec1e27108585bf5624faec5a67b46b39719586df7dddb50c69d90c6190ebcdb05530dadd40a532ad3982dc93259cfbbb30c75b357e6950b65dd92396d329c69ba200d13a94ff542912e0985bed6dfe9b066b53a6a97797e07e73ab773e0f6312d32c98a3d1220e5f2307addb79ba7f691bf2750af5e17927779acc5076c0ea0e40bf58371889bc88a1edb567a25ba16dd432ff013ff144448812c51fff10fcac428fd427e8a8c5513068b4dc19acf52b3249dcf9450c16a1bfba751f46d86176d189a1b8a67466a847b44546bd0b90b55a3b35be9ebeb1b4e37ef25fc42417bb6ec36a5fe238f86ae92f8f68153f1c3451f1bbc09f057cd097a33546a0a038577a56cdfab0e721f3d828f01f541fb78e5955c4b0b88474927da9cec97c6ea9f25d014d51ae3fb5c10cdea5242aea2b6e6343821fc38d73c58080742120cda3c1c68c1bfd07163d41261114c47064accd79ea53b723e4434910120fbde0184bad05c9fdb930c56e5e6f15caf24c879adbafe19e61ed8e31afed2b77a68fc090efedf2c7a228c31d1b4c14af3d11c4c4aa4427697239588f169e75631d08a15fe7bdcb114cbf1c3f845dccd5e26376893ea80e14ff119e78c08eed0f36d93fb43c1afe8189c94c2f1480687eb5e6e94e49a90395bfaacf9967aa2baa25f0ae25328b748557aabbc334f5c7a07c2ff035e1b1a0e34f51e240c8e763ec2a4725f1df416cc39e9098322ece45d5a674a6211e5ebd4956ac4f4422302c596a0166f18636abddc75572e81cd00a49e8f78660c27ed7d2e7e05db860d556b2d208e373668681733f936510427a0ed7547f549daedcb199b9b289b414357805bc7be63588db90fae94cd33a78340c6c67624b41cd428c996b96f5c1d8276b776bde0a47e00c7aceef17102b7b32c9ce9d337b8bd1b74938460b89796ae47fbb8256e86076bb25520e719d71a20736c1507b074c66431161bac4470cae07f94403e1c6896c6b40b1e6211ffd9bd83cb888e15898d02e9ff9777b326396bf4cc8f576d0f79f09014abe4967584b556f935c81a20bf9757a85b558ff004b47cad79f9d2cac886185d8dbf8173371319c3ff5c74c5124292e56189ab739f1d943652c7ed61d02980075efcb12e79bd675630675a21c4bb17c5a6c860727cb8bc25a0e0d1f31df95d937b520d8b8a18064cec8011517c558324212350045b7f5bf4577f4b7ac0805aaac5a90e48d9c4d358769cc23649eee9051b37dc175b821f2d5e8d61c4d9ece8fee479b5cc6cea6dc9fa245f978ab338e8a826c8ae5ac0bb6eaef6ae73d426dd3364f5c48daaf8bf9343be703a5ea510edc85e2c4d691b406f4b178b6b4422030daa28022956bb3c2fb909b8c92395e09a29f6452cfdac75fd33849824886d2f632223a884dbfbb5e79eaca3b7b3bc662838406d88df6b0c87cabfdd189c9b486c734d188736e181dad4b16165b54967684ea6a60e7c25e30d319358b786c12aab81f54b9dbba6a57f94c05cd1fc6063db010bf647a91c770ab53b49ae4a7c046d40528494c2d932c4e7a0e42f0f3808928899761a1a0056c8f05ee02f469322bd0d2ba672f03fddb55ba2e25c5fac54ef15899e506bdb896af98d0cda9ab4abc67b73655de55b26bebdd6f46eebc76a177de9553bdac2569ae9895c96fff2ca6be1de78cdd6faad30b6a33f89619f3f78cf8c9005d001791b5a0122c8c718b5bf819592d3d1aae207e56fcba73f6dec9ac719841faccd73b2ec99ad36c9eb41ce8c9bf8fce029485fd16b3d553ffd01b3c4dabb3f3322f66d0d0c32aa226612870f521787a852d7218e7a34a37dceb26419b8bee367b675c219f01af72c6a5485ca60a580ccfff06b9b471de6b96fc1c222351c8508b07234d601cfd6c18c750ebf98807afcff15add2d05c0945a22560c2cf4389493e87acbdb96badb5279595510a0dae2d34c456256423f272d8788346b99e469084752f7d4904b286dfb3b3ecc6b8180dd231bad153aed196b179528fdbe5e215a280c79f8eca1167495be6698a75df54e00f421bfbdbd9eb8316ec8f32e3d34c31ef05b0011e0009bb490522ded56acaa35af0b71d386bb6b11ed1f65daded56f1d740954734a594286cd0137ce5f10a1a966dd74c3038e902d3eaf5544953bd9b98f7557fdf117b1c3065a889676638f2b6392c7d4691503353dae63b9f81a3e9c123381ae678c681db5c8c1be1159ea4e52fccd1b93e8c0c057e7b0f8ca32c41fd24f0336ba653e8d3e3e6cbb9f780bd9711e07ab8839328b4ad4e2d205fe60986df6db0e9f8a58d0f98addb57796acb195b5e1f1f21f61d90e33cf71989d31041f5e97d1ca9b49c84fa7992565aec350309f0da1a0013e9bbb5bee20e613485dde7f51b01f94e9a1eb9a41370a8bb4866676884bed94a70dbe47fe0a490e0aba9ffa0fb2a216c0e40241736a4d3132ae74ba7935e7dac5eaa5f8ec02e4045530d537dc4f8d21f627899445cbb92487caf941789b61f6dfe3fe9ba69b8bfb460b580f634e2302ab46eb5c96d21204e6bcc4e9b940840b1bb9500f2398f3867b10d113b4e450ea906f3d570790e712b86f1a79304c225e6b21ca275103b8ee21157d2c879088329ceda9119740c6dcd75a0ce902d89aba3549c98bda20bed1a762ba41d1325dbe9a5b0c3ff66b4c9b2be2a155aa15466c657f228516bbebe30e08d334b79164b8b4aa25a44e277e588c47cdd3c0663d519755fa62f95185e0a5f69da0ac0b0dc8c88f87b4d3e5d0b614932afb85125469b73fae189e89cb9e642f52421d4317401df062cee8d8ed1c4a401ce64c4ee9dfae59287ddb67c355888596594ab45e55d5f11962547d93c13770ddfa72c958e8499b407752a3ed134c9444e23e19b1e69c8e4a97430480ca0c3a2d07bd10eceb441a1fde8ac416e513e707d4fba9412fbfbc0b7dec7a359dbc2a2c52e73bafcbfc8d7e9331d67656203c786efc7aa564e5283301f5b0246a8797f2f1ff9b2f286fdb8d0e563c8c909656df54d6f3f04c8d4ba4421250843dfd0b0572163a4760f3d8097ff9fe758b274e1632f40191ae8a2b37e4332805c63160f5a0505b7a35890c91e6ad085a42785e86d10a8adb6beec594572e98c981ca1704a55c3444305413646a86d9e4314e8299f60a14acad4aa0ca8bce0610784009e534341f5279191c34224071661e20699eb4b806ea2397edf0b1a3410686a5c914a3fafac58cf1814cf7933a80dc1f05f03faa826e329a353591be5d2fa199a31add2e2bae58e44ac648a19c029b84ac343cca6f37adcf466b9338d7f5498398a1810ae374171a55a4f780d07e9ace9161f892646da5e37611b46eeafafe11198de0fa5e718558e3c3e99d71bb6a65dfa7663012adda7f4b3813d07831735d5b3088a56aff0c05dd4ac7db15d70f4ede1eba667714e7c0213f1100e1013dfa41c7468f26600cd0444298f7fc0636ebbe9d8d30d89e0713321e293763e5319c854789b9a53500b5a8517e87dd6a60f47468d5d7a9f2ee9b50535ad5d3751013efd8340b4081122c6d35d147a9f92e71233e9cc5a8d807234eb07259ced9f265fe3d6f2af56871899250fa032921bc7d4369c0aef8c39e1c793610ed73e0a56f4a017551fefc1572484dc41b89eb93d0ebf52810456bbc494719bf218eb85cdb9182807ba43ed606f7c446fb0c2d7dcf29e1fc4559395a0823c7f9651491a61bac9bd4c1fb5ca74133fd64684c0e3792660bbbfabc350e03a38b06ee2e4bc79492e764771d0de1f49f19b2d7f76d555a65303c21f69aaeb8015b373210a393297b3105e6063311654eb460e77737216a62a0c3b1249b4525034648491c569dceeea08d286000fdd290307465b4047b886bda2e8db9e1c24c59fa73cf0c0b677c09f67f002f0ae6b694d04d595b5eac6e3a22dc35acef1b3d645179095d702a8f76c39ef83fde5103b5255d8ab4014250fcdf37e9f66157471de97f82dcbaebc371e8b604e33917a170d3bcfad1b52f27f9400b99feac46c63cd40bca3bf23b9db620394762be84c87d796a3087ace8b67a464a8765d7d6c3f7a977880182c336e3cdece70ae62adb552b6b33f5e0b0bc1bec3667203de6ec76c5abc187fd97eaad4339e799052948d9fc2c92f0b9d063d8dfa1c3aecadd385022528add30e0fdfbf63b1fa61da5045cf8dc07b0bb72349b63d37a53bc26878703135be275584ae843ab1232a9e428f8fce3ca0476cc6d6644d0afc63a70390ab400fc972751d6c8f48f897cb5e79f9721d589a61b5a458ab45ce62516db07f5a5d12e5a8958ee3570a1f295a9bf5f8ffd49650f846be91cf404678646f18321ee5cc16fe5adc7988", 0x1000}, {&(0x7f0000001ec0)="ef7170f989c714cfd3dbf603c57b06007c1c477f4dba9807ff1d91f002d5b4c1b00c8a3fc0e1bb5b35a735edc52e5d21f79e1c388ffc3290a8a12d6e3d9713fffd7516914e1bca0b9be0016a0b46ce5baa90294117618df249b500abd913e355345a03f2a4ad125bd2bce83efd5537f53555e6062991dbb5b4d8561e6595b560284c1c4fca72d5ea85b001aefe83b94590015d8dc566de0a956c72ec06035cec70afd5a74fb6b6f5a2a07be46a44e575730bd97b3ffdb0215cc1b6f44cacbfdada82f1f42cd8c0859ec81c706f52686242b7", 0xd2}, {&(0x7f0000001fc0)="e53e62d3944c58690aa6329367c19cc669d48558bf3bb9ef931c68ddadec2a5c84655cbad534a89aa1c6478742991b3964410d5db6e19a1b70442cee13370fa0c5b7d4854a9b956ab67ef7aee886948423504ef1c600341dc62f83b364e2d0565076925ede9ea126b4b25a0608da6f8e67a773a5ceb0fb62bc36791471e7f528474895ba58181ff66c9401ec24a8377de70fa9453b3594ab92b2ce19a1bdd0336050d17e8c974b4191cc63dd82", 0xad}], 0x8, &(0x7f0000002100)=[@ip_retopts={{0x18, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x63, [@broadcast]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x5}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x23}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x98}}], 0x60}, 0x4004)
r8 = openat$cgroup_int(r5, &(0x7f00000021c0)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000002200)=0x7fd, 0x12)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002680)={r5, 0xe0, &(0x7f0000002580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000002380)=[0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x2, 0x5, &(0x7f00000023c0)=[0x0, 0x0], &(0x7f0000002400)=[0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0, 0xa9, &(0x7f0000002440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000024c0), &(0x7f0000002500), 0x8, 0x31, 0x8, 0x8, &(0x7f0000002540)}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000002340)={@ifindex=<r11=>r9, 0x36, 0x1, 0x4, &(0x7f0000002240)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000002280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000022c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002300)=[0x0, 0x0, 0x0, 0x0], <r12=>0x0}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000026c0))
r13 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r13, 0x89e2, &(0x7f0000002700)={<r14=>r6})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000027c0)={{r0, <r15=>0xffffffffffffffff}, &(0x7f0000002740), &(0x7f0000002780)='%-010d \x00'}, 0x20)
r16 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002a40)=r10, 0x4)
r17 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002b00)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x3, '\x00', r9, 0xffffffffffffffff, 0x2, 0x3, 0x2}, 0x50)
r18 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c00)={0x18, 0x22, &(0x7f0000002800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x28ee}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r15}}, @alu={0x4, 0x0, 0x2, 0x7, 0x1, 0xfffffffffffffffc, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x101}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0x47}]}, &(0x7f0000002940)='syzkaller\x00', 0x4, 0x9c, &(0x7f0000002980)=""/156, 0x40f00, 0x41, '\x00', r11, 0x0, r16, 0x8, &(0x7f0000002a80)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000002ac0)={0x0, 0x2, 0x1}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000002b80)=[r3, r17, r3], &(0x7f0000002bc0)=[{0x3, 0x1, 0x5, 0x4}, {0x3, 0x2, 0x10, 0xb}, {0x1, 0x1, 0xf, 0x8}, {0x2, 0x5, 0xc, 0x6}], 0x10, 0x800}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000002cc0)={0x3e6}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002d00)={@fallback=r14, r5, 0x1d, 0x10, r5, @void, @value=r18, @void, @void, r12}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000002e40)={@map=<r19=>r0, 0x12, 0x1, 0xe, &(0x7f0000002d40)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000002d80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002dc0)=[0x0, 0x0], &(0x7f0000002e00)=[0x0, 0x0, 0x0, 0x0], <r20=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002e80)={@fallback=r14, r5, 0x0, 0x1, r4, @void, @value=r18, @void, @void, r20}, 0x20)
sendmsg$inet(r14, &(0x7f0000003440)={0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000002ec0)="57c58a4212e44ceffb8214de015b2e61ca3a734917a3a26b591f80758dd082dd84f36799180aa52dbc5c0e84dd05236fccde67fddf93dfc3f39e27137c32540a2f63c1a1bc89bb1d47281e3cf2171c9fd57ec3ff0859ec0b1e231f1490b03e7684040794a05ead3cf621f9f664c47a73532b76ef48f7ab394703903f78e988bdeef90e9fde8c6caba067b0", 0x8b}, {&(0x7f0000002f80)="e8dd6cce94a803256f9fb3b68fe997077bb25ad5534fdd85f68af17483c8d29e3ca18787377eed0abfdbbc2bc3f9eb3e0a6187a7ce9f6b427ec1d7e0dee7089b9367ea7457c9bf3f2d412b0a639965c3ec472f7f50bfa1bf5e5d941efc37f380fa09dc2a46f6dbe1a5542ffee2e96378a7da86f19353b74f18d2374a30595b8068", 0x81}, {&(0x7f0000003040)="e90401c7f661a3da472ff22a4be3d7f5c54d61c5a406cc0236d93eb64344d5c31946c652ac49daaad195503091db81a9d00eb88f40b06833cbceaa3abd9ef586e3e2a1353a75c62e6feafef7aeaa3b9c8916200806d5649884a5cf50d279bee58326df274cd13ea645990f8a3513ce8b00fa275635f0fd200b65fd1b3c90cf7352efb1de555ba7474d9131a7baff942611597b1a29991afe1e26e5a9abaaf3e32cb363357450c672a1791ac5d70300212f1dfd2d97f68f925bd820662bf2c87b75204206c16a0175ab3dd59efe7b135b5de5", 0xd2}, {&(0x7f0000003140)="20300ca5b4f49c6c9673d4633bbfc9d38669bcec1f34ae2253b75676774304c15b6ebc3f924e56bd2ed4155764edc17d532ce36eb694e4131858e5aab4de4de3e442f2dace5f02ca324fd903332e6c00c4faf74f7c1b8dd181a424c41829cba3793f6a35c396c63d9e0113fcbcfa2abe652dedf4f7935ec615637fc9f5c7ee2436f8db0c71452c5978e5aee6a0b9c37360f5e40e1276512d576c257e9b318554082e4c2b239f33f901f13688e08e061a288f2433889751266bf490140f786dfc9d84c58440a84d46907e582519b3682648bd3912afd7242030aefb78", 0xdc}, {&(0x7f0000003240)="716a71c069063d94392a2f76117714a967", 0x11}], 0x5, &(0x7f0000003300)=[@ip_retopts={{0xc0, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x9e, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp={0x44, 0x18, 0x24, 0x0, 0x3, [0x1ff, 0x7ff, 0x7f, 0xffff2292, 0x5]}, @timestamp_addr={0x44, 0x34, 0x83, 0x1, 0x3, [{@multicast2, 0xffffffff}, {@multicast1, 0x4}, {@rand_addr=0x64010101, 0x5}, {@loopback, 0xda}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffff7}, {@multicast2, 0x6b1}]}, @end, @rr={0x7, 0x17, 0x2f, [@remote, @private=0xa010101, @remote, @multicast1, @broadcast]}, @ra={0x94, 0x4}, @noop, @cipso={0x86, 0x3e, 0x70a426487f1a9c46, [{0x1, 0x9, "ba96031a866c44"}, {0x7, 0x12, "7b53300e7babc2444170ceb7825b5af3"}, {0x5, 0xf, "73b644b2e3c3cbf3af823856f8"}, {0x0, 0xe, "3d8be141dee1ffa99ddf1531"}]}]}}}, @ip_tos_u8={{0x11}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @loopback, @dev={0xac, 0x14, 0x14, 0x11}}}}], 0x128}, 0x0)
socket$kcm(0x29, 0x0, 0x0)
r21 = bpf$MAP_CREATE(0x0, &(0x7f0000003680)=@bloom_filter={0x1e, 0x7, 0x5, 0x0, 0x451, r17, 0x200, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x7}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000037c0)={0x6, 0x16, &(0x7f0000003480)=@raw=[@btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @generic={0x9, 0x1, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xd}, @generic={0x0, 0x5, 0x3, 0x80, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r17}}], &(0x7f0000003540)='syzkaller\x00', 0x5, 0x92, &(0x7f0000003580)=""/146, 0x41100, 0x2, '\x00', r11, 0x25, r16, 0x8, &(0x7f0000003640)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000003700)=[r19, r15, r19, r21, r15, 0x1], &(0x7f0000003740)=[{0x4, 0x1, 0xe, 0x1}, {0x0, 0x3, 0x4, 0x7}, {0x3, 0x3, 0x0, 0x8}, {0x0, 0x1, 0x5, 0x5}, {0x5, 0x1, 0xf}, {0x3, 0x4, 0xa, 0x9}, {0x1, 0x3, 0x7, 0x4}, {0x4, 0x5, 0xd, 0x7}], 0x10, 0x6b1}, 0x94)
write$cgroup_int(r8, &(0x7f0000003880), 0x12)

19.478882053s ago: executing program 0 (id=2401):
r0 = gettid()
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x5c0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x101}, 0x94)
r1 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x23, &(0x7f0000000040), 0xcf)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)="2e00000010008188040f80ec59acbc0413a1f848290000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x400c084)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair(0x25, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x64099, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b81, 0x1, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x9, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r5, 0x40042409, 0x1)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x1, 0x3, 0x0, 0x0, 0x8, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_config_ext, 0x0, 0x20000000000000c8, 0xfffffff8, 0x6, 0x4, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x100000000000008}, r0, 0xffffffffffffffd, 0xffffffffffffffff, 0xb)
r6 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x79, &(0x7f0000000000)=r9, 0x8)

19.478645223s ago: executing program 1 (id=2402):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYRESHEX], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1007f}, 0x94)
r0 = socket$kcm(0x2c, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x11b, 0x2, &(0x7f0000000040)=r1, 0x4)
socket$kcm(0x10, 0x2, 0x4)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
close(r2)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x806, 0x4, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0xec0, &(0x7f0000000000)=[{&(0x7f0000000500)="1c0000001a006bb12214b594e9a36f9e5c4eb100103fe3dc6e080000", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001d40)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, 0x0, &(0x7f0000000240)}, 0x20)
close(0x3)

18.571919895s ago: executing program 3 (id=2403):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000040)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x18}, 0xc001)
socket$kcm(0x11, 0x200000000000002, 0x300)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES8], 0x9a)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000700)=ANY=[@ANYBLOB="2d637075202d64657669636573202d626c6b696f202d6e6574202b6465766963657320cce2995e458f6c3e554c11152715b6cf05b144407dccb578b27f92149c5b615d8485365456a8bbc1a2b1547707b9b6115c85b9f3da4b298df6d669af42cf82fb1afcf6d17e0c715373527dd34ad324be26bd006fe1eee8f1c911a5f65a332ceeb4c1063cdc21db2feb8f1bac6213f99bb6f1ccc924b85c6b0289c4e16ebd664e03a69569288a3ec9ce4131d8ed6441d8c3344ff97dd1944fd49bb7ad61f0ee778fd140baff1bda41d7b48810e5f156626314922f2247d1210c3a46f9e85a436770337001ff0de565593eb7eceb196e2ab886b4f6"], 0x23)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={0x0, 0x0, 0x56, 0x0, 0x1}, 0x28)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
socketpair(0x28, 0x4, 0x22, &(0x7f0000000000))
r0 = socket$kcm(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$sock(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)="c7ee544330cd628ae74cfdd4c03948207ac93507922c08868976c744c2f1803931182a27183c803b0cc07b80485eaf7330243a8bc4201a169c79654038ef3644ca8a548c6b0645ed265f3b1cd5c8ae32cac20643d6726fac62373953dc8da16d1909bf4e7134918efee835606d5fa3", 0x6f}], 0x17}, 0x44851)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x200, 0x80220, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x411, 0x1, 0xb, 0x0, 0x81}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0}, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000faffffff0000000000000000850000002c00000085000000080000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r1, 0x0, 0x45, 0x31, &(0x7f0000000280)="fe413428b972794c6119d502c3c762494951515aa90546db2d4bd311ae31e389c9acd1e75446ed04831ccd63e13295518baeb8a055d2a53bcafbb451cd638ba44003678ae6", &(0x7f0000000340)=""/49, 0xfffffffb, 0x0, 0x3a, 0x7d, &(0x7f0000000380)="2fada1685e2e8e2d500144fc6652631499066b16e0c84c9d1cdf9a5e0adb37a8461eeeca038d7bca8ee719e4df345d22df6588ba52d9dd0c3784", &(0x7f0000000440)="659e304cea76a1f8a1ca810c1205a7aeed5ba3eacd0594304e7ca29fb3afdb65df3b8568131c81ff205045bd6d15928bcf3013799c0c5757e64c622fb67e61a595cfb3b645d02e767d85ec7345a0563c1ba186112d5f46ad352a569f92a8eae3d10c4684c23f1d985a359baef0bb78e3dc51604858e9e160c50252aa6d", 0x0, 0x0, 0x4}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000a00000009500"/32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x891e, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x13\xec\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1400000004000000040000000200020000000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r3 = socket$kcm(0xa, 0x5, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000d80)="5c0000007a006bcd9e3fe3dc6e08170007000054250ec000488bc3a00000e517d34460bc24fff3000005251e4e82949a3651f668c3664402682fb6e27bbfa83b5cae0300c9fcd1938037e786a600"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x29, 0x4a, 0x0, 0xe5)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70300004a000000850000006900000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

18.570482715s ago: executing program 1 (id=2410):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
socket$kcm(0x2c, 0x3, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001600)="5c00000014006b03000000d86e6c1d0002840900000400000000822be3f58e76ff0165f450e71b0075e3002500028d459e37000f0000000000bfd367b47e51f60a64d9f4d4938037e784f869526f9aff94890f4c4a6a639086a6d0bd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x2c, 0x3, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r3 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r3, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x0, @mcast1, 0x9}, 0xc5, 0x0}, 0xe07e872420dfefca)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

17.670235886s ago: executing program 0 (id=2404):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0e1036f91447ae6b3fccfbb00200000004000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x2, 0x1f6, 0x0, &(0x7f0000000740)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x2a}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080))

17.591118429s ago: executing program 3 (id=2405):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000780)=""/174, 0xae}, {&(0x7f0000000500)=""/219, 0xdb}, {&(0x7f0000001b40)=""/4050, 0xfd2}, {&(0x7f0000000b00)=""/4101, 0x1005}, {&(0x7f0000003240)=""/212, 0xd4}], 0x5}, 0x100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f0000000dc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@int={0x3, 0x0, 0x0, 0x1, 0x0, 0x76, 0x0, 0x9, 0x728461137307123d}]}, {0x0, [0x5f, 0x30]}}, 0x0, 0x2c, 0x0, 0x1}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="01000000060000000f0000000800000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r2], 0x50)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
r4 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, @perf_bp={&(0x7f0000000300), 0x9}, 0x4044, 0x80000000000000, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
close(r6)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})

17.377177986s ago: executing program 1 (id=2406):
r0 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e", 0x78}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/213, 0xd5}, {&(0x7f0000000540)=""/82, 0x52}, {&(0x7f00000005c0)=""/28, 0x1c}], 0x4, &(0x7f0000000640)=""/222, 0xde}, 0x2000)

17.130732465s ago: executing program 0 (id=2407):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000007600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
socket$kcm(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00e3f629c7b091ea1638d40df9056873fd7dc72e13bbb44a16d1009dfff1fc0000f800250f02000f00edaa000057d34060bc24cdb556bd05251e6194949a2756f475ce36c2ed1000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008001900030002000600030000800000005883c64d251e638294ff0051f60a84c9f4d4938037e7000000000000000000d1c566a000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x98010)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110c230000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x40}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r8}, &(0x7f0000000700), &(0x7f0000000740)=r7}, 0x20)
recvmsg$unix(r7, &(0x7f0000001600)={&(0x7f00000000c0), 0x6e, &(0x7f0000001540)=[{&(0x7f0000000140)=""/132, 0x84}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/88, 0x58}, {&(0x7f0000001280)=""/146, 0x92}, {&(0x7f0000001340)=""/47, 0x2f}, {&(0x7f0000001380)=""/245, 0xf5}, {&(0x7f0000001480)=""/82, 0x52}, {&(0x7f0000001500)}], 0x8, &(0x7f00000015c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x40}, 0x22)
ioctl$TUNSETOFFLOAD(r6, 0x4004743c, 0xf0ff1f00000000)

16.954585111s ago: executing program 3 (id=2408):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x10810)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
close(r1)
socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040), 0x4)
setsockopt$sock_attach_bpf(r1, 0x29, 0x23, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
r5 = socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000100)={0x4, <r6=>0x0}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x15, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca985739d537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='GPL\x00', 0x0, 0xffffffffffffff19, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2006}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2020000000000015000200000000103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r5, 0x88, 0x67, &(0x7f00000000c0)=r7, 0x4)
sendmsg$inet(r5, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe000004f}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000000)="813e785600", 0x5}], 0x1, &(0x7f0000000180)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @private=0xa010100}}}], 0x20}, 0x4840)
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000002280)={'bridge_slave_1\x00', @random="b900b29c117a"})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f0000000340)='%d\x00\x00\x00\x00j\xfef;q1\x95\xf4\xe4\x13\x95k#Jz.F\xce\xfb\x9c\x0f\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcf\x01t\r%\xad-\x13\xb0 E\xaaC\xc388\x13\xc6H\x0f \x03\x86\xb5\xbfq\'\xab!\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdf\xde\x91\xfd\xf1B*j\n\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x6)

16.307831703s ago: executing program 1 (id=2409):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYRESHEX], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1007f}, 0x94)
r0 = socket$kcm(0x2c, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x11b, 0x2, &(0x7f0000000040)=r1, 0x4)
socket$kcm(0x10, 0x2, 0x4)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
close(r2)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x2, @perf_bp={0x0, 0x3}, 0x8000, 0x5, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x806, 0x4, 0x8, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)="1c0000001a006bb12214b594e9a36f9e5c4eb100103fe3dc6e080000", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (fail_nth: 11)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001d40)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, 0x0, &(0x7f0000000240)}, 0x20)
close(0x3)

15.989333515s ago: executing program 1 (id=2411):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000680)={0x2, 0x80, 0x5, 0x3, 0x4, 0x9e, 0x0, 0x6, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7d2, 0x1, @perf_bp={0x0, 0x7}, 0x400, 0xf7, 0x0, 0x8, 0x4, 0xe, 0x2, 0x0, 0x8, 0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640a9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0xc1a}, 0x1000, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x202009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000008c4ac4485f512d000000000000be4f67aad5a760923d3e6d0095822d045fe029745ffc8931b56bfd0b25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
syz_clone(0x22023500, 0x0, 0x20010, 0x0, 0x0, 0x0)
socket$kcm(0x29, 0x7, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x1c, 0x1, 0x0, 0x539367ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x3, 0x7fff}, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8483d0000005e145802000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x1}], 0x1, 0x0, 0x0, 0xa6820000}, 0xfff5)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r4, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a2131677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r7, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="b5", 0x1}], 0x1}, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x5}, 0x104101, 0x4, 0x7fff, 0x1, 0x10, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18080000000000000000000000000000183500000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
recvmsg(r7, &(0x7f0000000bc0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x7, &(0x7f0000000180), 0x43)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="03000004040000000400100000000000000000004b59a79d1700984b5d98db3708d6503982386b5fdbb3387847df78acd6e9e5e3f4ead80cc1af3a1bcbc942c1989a264a12997b12d59df13198c245d8ec2ad2deedc6e377012172fccd6d140e631a601f", @ANYRES32, @ANYBLOB="ffffff7f000000000000", @ANYRES32, @ANYRES32, @ANYBLOB], 0x50)

1.096237312s ago: executing program 32 (id=2407):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000007600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
socket$kcm(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00e3f629c7b091ea1638d40df9056873fd7dc72e13bbb44a16d1009dfff1fc0000f800250f02000f00edaa000057d34060bc24cdb556bd05251e6194949a2756f475ce36c2ed1000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008001900030002000600030000800000005883c64d251e638294ff0051f60a84c9f4d4938037e7000000000000000000d1c566a000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x98010)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110c230000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x40}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r8}, &(0x7f0000000700), &(0x7f0000000740)=r7}, 0x20)
recvmsg$unix(r7, &(0x7f0000001600)={&(0x7f00000000c0), 0x6e, &(0x7f0000001540)=[{&(0x7f0000000140)=""/132, 0x84}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/88, 0x58}, {&(0x7f0000001280)=""/146, 0x92}, {&(0x7f0000001340)=""/47, 0x2f}, {&(0x7f0000001380)=""/245, 0xf5}, {&(0x7f0000001480)=""/82, 0x52}, {&(0x7f0000001500)}], 0x8, &(0x7f00000015c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x40}, 0x22)
ioctl$TUNSETOFFLOAD(r6, 0x4004743c, 0xf0ff1f00000000)

1.035830213s ago: executing program 33 (id=2408):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x10810)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
close(r1)
socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040), 0x4)
setsockopt$sock_attach_bpf(r1, 0x29, 0x23, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
r5 = socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000100)={0x4, <r6=>0x0}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r0}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x15, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca985739d537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='GPL\x00', 0x0, 0xffffffffffffff19, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2006}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0xc001, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2020000000000015000200000000103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r5, 0x88, 0x67, &(0x7f00000000c0)=r7, 0x4)
sendmsg$inet(r5, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe000004f}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000000)="813e785600", 0x5}], 0x1, &(0x7f0000000180)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @private=0xa010100}}}], 0x20}, 0x4840)
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000002280)={'bridge_slave_1\x00', @random="b900b29c117a"})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89a0, &(0x7f0000000340)='%d\x00\x00\x00\x00j\xfef;q1\x95\xf4\xe4\x13\x95k#Jz.F\xce\xfb\x9c\x0f\xf3v\x88\x91\xbct\xb0\x1bLq\x15\x00\xad\t\x13\xf5U\x02\xc9d6q\xc3\xa5\xcf\x01t\r%\xad-\x13\xb0 E\xaaC\xc388\x13\xc6H\x0f \x03\x86\xb5\xbfq\'\xab!\x9e\xa98\xa1\xc3\xe9\x06C\xd4\xb5\x18}4\xa9yA8\x1fQ\xdf\xde\x91\xfd\xf1B*j\n\xef\xff\xddR\xec~c\xcb\x93\x84\x7f\\x6\xedZ\x82\xa0\x1by\x17\x1a\xc8\x98\x99\x0f')
ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x6)

0s ago: executing program 34 (id=2411):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000680)={0x2, 0x80, 0x5, 0x3, 0x4, 0x9e, 0x0, 0x6, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7d2, 0x1, @perf_bp={0x0, 0x7}, 0x400, 0xf7, 0x0, 0x8, 0x4, 0xe, 0x2, 0x0, 0x8, 0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640a9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0xc1a}, 0x1000, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x202009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000008c4ac4485f512d000000000000be4f67aad5a760923d3e6d0095822d045fe029745ffc8931b56bfd0b25"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
syz_clone(0x22023500, 0x0, 0x20010, 0x0, 0x0, 0x0)
socket$kcm(0x29, 0x7, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x1c, 0x1, 0x0, 0x539367ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3efd7ab4c41335d9, @perf_config_ext={0x3, 0x7fff}, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0xa)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000740)="2e00000010008188e6b62aa73f72cc9f0ba1f8483d0000005e145802000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x1}], 0x1, 0x0, 0x0, 0xa6820000}, 0xfff5)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r4, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a2131677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r7, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="b5", 0x1}], 0x1}, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x5}, 0x104101, 0x4, 0x7fff, 0x1, 0x10, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18080000000000000000000000000000183500000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r8, 0x40042408, r9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
recvmsg(r7, &(0x7f0000000bc0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x7, &(0x7f0000000180), 0x43)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="03000004040000000400100000000000000000004b59a79d1700984b5d98db3708d6503982386b5fdbb3387847df78acd6e9e5e3f4ead80cc1af3a1bcbc942c1989a264a12997b12d59df13198c245d8ec2ad2deedc6e377012172fccd6d140e631a601f", @ANYRES32, @ANYBLOB="ffffff7f000000000000", @ANYRES32, @ANYRES32, @ANYBLOB], 0x50)

kernel console output (not intermixed with test programs):

000000000000246 R12: 0000000000000002
[  423.150777][T11239] R13: 00007fdbdf216038 R14: 00007fdbdf215fa0 R15: 00007ffc8b9d2038
[  423.158796][T11239]  </TASK>
[  423.255078][T11245] netlink: 'syz.1.1679': attribute type 39 has an invalid length.
[  423.488853][T11253] FAULT_INJECTION: forcing a failure.
[  423.488853][T11253] name failslab, interval 1, probability 0, space 0, times 0
[  423.510960][T11253] CPU: 1 PID: 11253 Comm: syz.3.1682 Not tainted syzkaller #0
[  423.518604][T11253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  423.528963][T11253] Call Trace:
[  423.532274][T11253]  <TASK>
[  423.535320][T11253]  dump_stack_lvl+0x18c/0x250
[  423.540049][T11253]  ? show_regs_print_info+0x20/0x20
[  423.545738][T11253]  ? load_image+0x400/0x400
[  423.550284][T11253]  ? verify_lock_unused+0x140/0x140
[  423.555529][T11253]  should_fail_ex+0x39d/0x4d0
[  423.560266][T11253]  should_failslab+0x9/0x20
[  423.564825][T11253]  slab_pre_alloc_hook+0x59/0x310
[  423.569902][T11253]  kmem_cache_alloc+0x5a/0x2d0
[  423.574806][T11253]  ? skb_clone+0x1eb/0x370
[  423.579272][T11253]  skb_clone+0x1eb/0x370
[  423.583577][T11253]  __netlink_deliver_tap+0x41c/0x830
[  423.588944][T11253]  ? netlink_deliver_tap+0x2e/0x1b0
[  423.594216][T11253]  netlink_deliver_tap+0x19c/0x1b0
[  423.599387][T11253]  netlink_unicast+0x72c/0x8d0
[  423.604212][T11253]  netlink_sendmsg+0x8d0/0xbf0
[  423.609069][T11253]  ? netlink_getsockopt+0x590/0x590
[  423.614407][T11253]  ? aa_sock_msg_perm+0x94/0x150
[  423.619482][T11253]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  423.624893][T11253]  ? security_socket_sendmsg+0x80/0xa0
[  423.630389][T11253]  ? netlink_getsockopt+0x590/0x590
[  423.635647][T11253]  ____sys_sendmsg+0x5ba/0x960
[  423.640446][T11253]  ? __asan_memset+0x22/0x40
[  423.645060][T11253]  ? __sys_sendmsg_sock+0x30/0x30
[  423.650091][T11253]  ? __import_iovec+0x5f2/0x850
[  423.654974][T11253]  ? import_iovec+0x73/0xa0
[  423.659490][T11253]  ___sys_sendmsg+0x2a6/0x360
[  423.664177][T11253]  ? get_pid_task+0x20/0x1e0
[  423.668783][T11253]  ? __sys_sendmsg+0x2a0/0x2a0
[  423.673583][T11253]  ? __lock_acquire+0x7d40/0x7d40
[  423.678729][T11253]  __se_sys_sendmsg+0x1c2/0x2b0
[  423.683601][T11253]  ? __x64_sys_sendmsg+0x80/0x80
[  423.688559][T11253]  ? lockdep_hardirqs_on+0x98/0x150
[  423.693786][T11253]  do_syscall_64+0x55/0xa0
[  423.698387][T11253]  ? clear_bhb_loop+0x40/0x90
[  423.703082][T11253]  ? clear_bhb_loop+0x40/0x90
[  423.707769][T11253]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  423.713670][T11253] RIP: 0033:0x7fa34779c819
[  423.718096][T11253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  423.737808][T11253] RSP: 002b:00007fa3486af028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  423.746519][T11253] RAX: ffffffffffffffda RBX: 00007fa347a15fa0 RCX: 00007fa34779c819
[  423.754602][T11253] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  423.762589][T11253] RBP: 00007fa3486af090 R08: 0000000000000000 R09: 0000000000000000
[  423.770569][T11253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.778563][T11253] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  423.786648][T11253]  </TASK>
[  423.801082][T11255] __nla_validate_parse: 10 callbacks suppressed
[  423.801100][T11255] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1683'.
[  423.817366][T11255] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1683'.
[  423.828951][T11255] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1683'.
[  424.188180][T11269] netlink: 'syz.2.1685': attribute type 10 has an invalid length.
[  424.804298][T11281] netlink: 'syz.2.1689': attribute type 39 has an invalid length.
[  425.037462][T11285] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1691'.
[  425.097431][T11287] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1692'.
[  425.129181][T11287] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1692'.
[  425.151500][T11290] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1692'.
[  425.425892][T11302] Q±6ã�`Ò˜: renamed from lo (while UP)
[  425.458505][T11304] netlink: 'syz.0.1696': attribute type 10 has an invalid length.
[  425.995655][T11310] netlink: 'syz.1.1698': attribute type 39 has an invalid length.
[  426.093117][T11313] netlink: 'syz.2.1700': attribute type 39 has an invalid length.
[  427.031446][T11334] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.1703'.
[  427.049830][T11336] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1704'.
[  427.059472][T11336] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1704'.
[  427.695750][T11352] netlink: 'syz.1.1709': attribute type 10 has an invalid length.
[  428.912880][T11379] netlink: 'syz.1.1718': attribute type 2 has an invalid length.
[  428.931426][T11379] netlink: 'syz.1.1718': attribute type 8 has an invalid length.
[  428.939320][T11379] __nla_validate_parse: 4 callbacks suppressed
[  428.939335][T11379] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1718'.
[  429.119325][T11387] netlink: 'syz.1.1720': attribute type 10 has an invalid length.
[  429.196556][T11389] FAULT_INJECTION: forcing a failure.
[  429.196556][T11389] name failslab, interval 1, probability 0, space 0, times 0
[  429.209516][T11389] CPU: 0 PID: 11389 Comm: syz.0.1721 Not tainted syzkaller #0
[  429.217014][T11389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  429.227077][T11389] Call Trace:
[  429.230358][T11389]  <TASK>
[  429.233295][T11389]  dump_stack_lvl+0x18c/0x250
[  429.237977][T11389]  ? sctp_sendmsg+0x1575/0x28c0
[  429.242852][T11389]  ? ___sys_sendmsg+0x2a6/0x360
[  429.247736][T11389]  ? show_regs_print_info+0x20/0x20
[  429.252947][T11389]  ? load_image+0x400/0x400
[  429.257549][T11389]  should_fail_ex+0x39d/0x4d0
[  429.262258][T11389]  should_failslab+0x9/0x20
[  429.266797][T11389]  slab_pre_alloc_hook+0x59/0x310
[  429.271825][T11389]  ? sctp_add_bind_addr+0x8c/0x360
[  429.276933][T11389]  __kmem_cache_alloc_node+0x53/0x250
[  429.282683][T11389]  ? sctp_add_bind_addr+0x8c/0x360
[  429.287823][T11389]  kmalloc_trace+0x2a/0xe0
[  429.292244][T11389]  sctp_add_bind_addr+0x8c/0x360
[  429.297364][T11389]  sctp_copy_local_addr_list+0x315/0x4f0
[  429.303014][T11389]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  429.308763][T11389]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  429.315125][T11389]  ? sctp_v4_is_any+0x35/0x60
[  429.319837][T11389]  ? sctp_copy_one_addr+0x8c/0x350
[  429.324950][T11389]  sctp_bind_addr_copy+0xb3/0x3c0
[  429.329973][T11389]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  429.336307][T11389]  sctp_connect_new_asoc+0x2f9/0x6a0
[  429.341621][T11389]  ? __sctp_connect+0xd80/0xd80
[  429.346581][T11389]  ? __local_bh_enable_ip+0x13a/0x1c0
[  429.351965][T11389]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  429.357603][T11389]  ? security_sctp_bind_connect+0x89/0xb0
[  429.363354][T11389]  sctp_sendmsg+0x1575/0x28c0
[  429.368060][T11389]  ? sctp_getsockopt+0xb60/0xb60
[  429.372998][T11389]  ? aa_sk_perm+0x83c/0x970
[  429.377513][T11389]  ? aa_af_perm+0x330/0x330
[  429.382037][T11389]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  429.388479][T11389]  ? sock_rps_record_flow+0x19/0x3f0
[  429.393772][T11389]  ? inet_sendmsg+0xe9/0x2f0
[  429.398375][T11389]  ? inet_send_prepare+0x260/0x260
[  429.403537][T11389]  ____sys_sendmsg+0x5ba/0x960
[  429.408319][T11389]  ? __lock_acquire+0x7d40/0x7d40
[  429.413344][T11389]  ? __asan_memset+0x22/0x40
[  429.417949][T11389]  ? __sys_sendmsg_sock+0x30/0x30
[  429.423008][T11389]  ? __import_iovec+0x5f2/0x850
[  429.427886][T11389]  ? import_iovec+0x73/0xa0
[  429.432410][T11389]  ___sys_sendmsg+0x2a6/0x360
[  429.437117][T11389]  ? get_pid_task+0x20/0x1e0
[  429.441912][T11389]  ? __sys_sendmsg+0x2a0/0x2a0
[  429.447003][T11389]  ? __lock_acquire+0x7d40/0x7d40
[  429.452078][T11389]  __se_sys_sendmsg+0x1c2/0x2b0
[  429.456951][T11389]  ? __x64_sys_sendmsg+0x80/0x80
[  429.461976][T11389]  ? lockdep_hardirqs_on+0x98/0x150
[  429.467214][T11389]  do_syscall_64+0x55/0xa0
[  429.471640][T11389]  ? clear_bhb_loop+0x40/0x90
[  429.476326][T11389]  ? clear_bhb_loop+0x40/0x90
[  429.481021][T11389]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  429.486958][T11389] RIP: 0033:0x7f38c119c819
[  429.491386][T11389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  429.511094][T11389] RSP: 002b:00007f38c209c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  429.519513][T11389] RAX: ffffffffffffffda RBX: 00007f38c1415fa0 RCX: 00007f38c119c819
[  429.527615][T11389] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  429.535590][T11389] RBP: 00007f38c209c090 R08: 0000000000000000 R09: 0000000000000000
[  429.543580][T11389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  429.551579][T11389] R13: 00007f38c1416038 R14: 00007f38c1415fa0 R15: 00007fff509d2fc8
[  429.559601][T11389]  </TASK>
[  429.767850][T11396] netlink: 'syz.3.1724': attribute type 10 has an invalid length.
[  429.787862][T11396] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1724'.
[  429.811497][T11396] FAULT_INJECTION: forcing a failure.
[  429.811497][T11396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.865790][T11396] CPU: 0 PID: 11396 Comm: syz.3.1724 Not tainted syzkaller #0
[  429.873378][T11396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  429.883756][T11396] Call Trace:
[  429.887117][T11396]  <TASK>
[  429.890100][T11396]  dump_stack_lvl+0x18c/0x250
[  429.894872][T11396]  ? show_regs_print_info+0x20/0x20
[  429.900169][T11396]  ? load_image+0x400/0x400
[  429.904778][T11396]  ? __might_fault+0xaa/0x120
[  429.909532][T11396]  ? __lock_acquire+0x7d40/0x7d40
[  429.914655][T11396]  should_fail_ex+0x39d/0x4d0
[  429.919437][T11396]  _copy_from_user+0x2f/0xe0
[  429.924115][T11396]  kstrtouint_from_user+0xde/0x170
[  429.929326][T11396]  ? kstrtol_from_user+0x190/0x190
[  429.934591][T11396]  proc_fail_nth_write+0x8f/0x250
[  429.939695][T11396]  ? proc_fail_nth_read+0x260/0x260
[  429.944981][T11396]  ? proc_fail_nth_read+0x260/0x260
[  429.950237][T11396]  vfs_write+0x296/0x990
[  429.954555][T11396]  ? file_end_write+0x250/0x250
[  429.959449][T11396]  ? __fget_files+0x28/0x4b0
[  429.964069][T11396]  ? __fget_files+0x28/0x4b0
[  429.968693][T11396]  ? __fget_files+0x43d/0x4b0
[  429.973434][T11396]  ? __fdget_pos+0x2a3/0x330
[  429.978057][T11396]  ? ksys_write+0x75/0x260
[  429.982519][T11396]  ksys_write+0x150/0x260
[  429.986895][T11396]  ? __ia32_sys_read+0x90/0x90
[  429.991721][T11396]  ? lockdep_hardirqs_on+0x98/0x150
[  429.996967][T11396]  do_syscall_64+0x55/0xa0
[  430.001426][T11396]  ? clear_bhb_loop+0x40/0x90
[  430.006139][T11396]  ? clear_bhb_loop+0x40/0x90
[  430.010857][T11396]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  430.016813][T11396] RIP: 0033:0x7fa34775d04e
[  430.021288][T11396] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  430.040946][T11396] RSP: 002b:00007fa3486aefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  430.049455][T11396] RAX: ffffffffffffffda RBX: 00007fa3486af6c0 RCX: 00007fa34775d04e
[  430.057456][T11396] RDX: 0000000000000001 RSI: 00007fa3486af0a0 RDI: 0000000000000004
[  430.065455][T11396] RBP: 00007fa3486af090 R08: 0000000000000000 R09: 0000000000000000
[  430.073562][T11396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  430.081669][T11396] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  430.089809][T11396]  </TASK>
[  430.251095][T11399] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1722'.
[  431.149032][T11400] IPv6: Can't replace route, no match found
[  432.157057][T11432] netlink: 'syz.2.1734': attribute type 10 has an invalid length.
[  432.175510][T11432] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1734'.
[  432.208629][T11432] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  432.235202][T11435] netlink: 'syz.0.1733': attribute type 10 has an invalid length.
[  432.484867][T11446] IPv6: Can't replace route, no match found
[  432.646168][T11447] netlink: 'syz.0.1738': attribute type 39 has an invalid length.
[  434.352652][T11475] netlink: 'syz.3.1746': attribute type 10 has an invalid length.
[  434.465309][T11478] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1748'.
[  435.380190][T11493] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1751'.
[  436.133048][T11502] FAULT_INJECTION: forcing a failure.
[  436.133048][T11502] name failslab, interval 1, probability 0, space 0, times 0
[  436.147525][T11504] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1755'.
[  436.169742][T11504] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1755'.
[  436.183109][T11502] CPU: 0 PID: 11502 Comm: syz.2.1754 Not tainted syzkaller #0
[  436.190934][T11502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  436.201152][T11502] Call Trace:
[  436.204493][T11502]  <TASK>
[  436.207463][T11502]  dump_stack_lvl+0x18c/0x250
[  436.212316][T11502]  ? show_regs_print_info+0x20/0x20
[  436.217602][T11502]  ? load_image+0x400/0x400
[  436.222207][T11502]  ? __might_sleep+0xe0/0xe0
[  436.226909][T11502]  ? __lock_acquire+0x7d40/0x7d40
[  436.231990][T11502]  should_fail_ex+0x39d/0x4d0
[  436.236782][T11502]  should_failslab+0x9/0x20
[  436.241358][T11502]  slab_pre_alloc_hook+0x59/0x310
[  436.246584][T11502]  ? __request_module+0x2ed/0x600
[  436.251709][T11502]  ? __request_module+0x2ed/0x600
[  436.253397][T11504] netlink: 4595 bytes leftover after parsing attributes in process `syz.3.1755'.
[  436.256817][T11502]  __kmem_cache_alloc_node+0x53/0x250
[  436.256882][T11502]  ? __request_module+0x2ed/0x600
[  436.256909][T11502]  __kmalloc_node_track_caller+0xa2/0x230
[  436.282517][T11502]  kstrdup+0x3b/0x80
[  436.286463][T11502]  __request_module+0x2ed/0x600
[  436.291364][T11502]  ? module_enforce_rwx_sections+0x150/0x150
[  436.297469][T11502]  ? dev_load+0x21/0x1f0
[  436.301769][T11502]  ? bpf_lsm_capable+0x9/0x10
[  436.306596][T11502]  ? dev_load+0x21/0x1f0
[  436.310908][T11502]  dev_load+0x18b/0x1f0
[  436.315161][T11502]  dev_ioctl+0x837/0x1140
[  436.319551][T11502]  sock_ioctl+0x74c/0x7e0
[  436.323944][T11502]  ? sock_poll+0x3e0/0x3e0
[  436.328420][T11502]  ? bpf_lsm_file_ioctl+0x9/0x10
[  436.333470][T11502]  ? security_file_ioctl+0x80/0xa0
[  436.338618][T11502]  ? sock_poll+0x3e0/0x3e0
[  436.343281][T11502]  __se_sys_ioctl+0xfd/0x170
[  436.348028][T11502]  do_syscall_64+0x55/0xa0
[  436.352492][T11502]  ? clear_bhb_loop+0x40/0x90
[  436.357225][T11502]  ? clear_bhb_loop+0x40/0x90
[  436.362003][T11502]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  436.367927][T11502] RIP: 0033:0x7f905039c819
[  436.372503][T11502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  436.392136][T11502] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  436.400598][T11502] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  436.408600][T11502] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000006
[  436.416686][T11502] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  436.424711][T11502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.432705][T11502] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  436.440919][T11502]  </TASK>
[  436.918794][T11516] netlink: 'syz.3.1758': attribute type 10 has an invalid length.
[  437.208802][T11523] netlink: 'syz.0.1759': attribute type 10 has an invalid length.
[  437.228018][T11523] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1759'.
[  437.265314][T11523] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  437.313088][T11524] IPv6: Can't replace route, no match found
[  437.864370][T11536] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1766'.
[  437.891014][T11536] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1766'.
[  437.909225][T11536] netlink: 4595 bytes leftover after parsing attributes in process `syz.0.1766'.
[  438.279400][T11550] netlink: 'syz.0.1769': attribute type 10 has an invalid length.
[  438.853582][T11561] netlink: 'syz.0.1773': attribute type 6 has an invalid length.
[  438.865536][T11561] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1773'.
[  440.099525][T11578] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1777'.
[  440.109705][T11578] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1777'.
[  440.123599][T11578] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.1777'.
[  440.356739][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.363356][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.488254][T11592] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1782'.
[  440.500580][T11592] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1782'.
[  440.520004][T11592] FAULT_INJECTION: forcing a failure.
[  440.520004][T11592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.528499][T11590] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  440.538046][T11592] CPU: 1 PID: 11592 Comm: syz.0.1782 Not tainted syzkaller #0
[  440.549048][T11592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  440.559144][T11592] Call Trace:
[  440.562444][T11592]  <TASK>
[  440.565390][T11592]  dump_stack_lvl+0x18c/0x250
[  440.570094][T11592]  ? show_regs_print_info+0x20/0x20
[  440.575328][T11592]  ? load_image+0x400/0x400
[  440.579865][T11592]  should_fail_ex+0x39d/0x4d0
[  440.584582][T11592]  copyout+0x1a/0x90
[  440.588497][T11592]  _copy_to_iter+0x432/0x1120
[  440.593203][T11592]  ? iov_iter_init+0x1e0/0x1e0
[  440.597989][T11592]  ? __virt_addr_valid+0x18c/0x540
[  440.603114][T11592]  ? __virt_addr_valid+0x469/0x540
[  440.608250][T11592]  ? __phys_addr_symbol+0x2f/0x70
[  440.613308][T11592]  __skb_datagram_iter+0xdb/0x780
[  440.618352][T11592]  ? skb_copy_datagram_iter+0x200/0x200
[  440.623914][T11592]  skb_copy_datagram_iter+0xb1/0x200
[  440.629243][T11592]  netlink_recvmsg+0x2d4/0xe60
[  440.634034][T11592]  ? netlink_sendmsg+0xbf0/0xbf0
[  440.639000][T11592]  ? aa_af_perm+0x330/0x330
[  440.643516][T11592]  ? __lock_acquire+0x1273/0x7d40
[  440.648655][T11592]  ? verify_lock_unused+0x140/0x140
[  440.653868][T11592]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  440.659255][T11592]  ? security_socket_recvmsg+0x89/0xb0
[  440.664721][T11592]  ? netlink_sendmsg+0xbf0/0xbf0
[  440.669675][T11592]  ____sys_recvmsg+0x2ce/0x5e0
[  440.674464][T11592]  ? __sys_recvmsg_sock+0x50/0x50
[  440.679681][T11592]  ? import_iovec+0x73/0xa0
[  440.684229][T11592]  ___sys_recvmsg+0x216/0x590
[  440.688937][T11592]  ? __sys_recvmsg+0x2a0/0x2a0
[  440.693723][T11592]  ? ksys_write+0x1c4/0x260
[  440.698280][T11592]  ? __fget_files+0x43d/0x4b0
[  440.703066][T11592]  __x64_sys_recvmsg+0x20c/0x2e0
[  440.708015][T11592]  ? ___sys_recvmsg+0x590/0x590
[  440.712918][T11592]  ? lockdep_hardirqs_on+0x98/0x150
[  440.718569][T11592]  do_syscall_64+0x55/0xa0
[  440.723001][T11592]  ? clear_bhb_loop+0x40/0x90
[  440.727691][T11592]  ? clear_bhb_loop+0x40/0x90
[  440.732382][T11592]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  440.738283][T11592] RIP: 0033:0x7f38c119c819
[  440.742800][T11592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  440.762415][T11592] RSP: 002b:00007f38c209c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  440.771104][T11592] RAX: ffffffffffffffda RBX: 00007f38c1415fa0 RCX: 00007f38c119c819
[  440.779084][T11592] RDX: 0000000000010182 RSI: 0000200000000640 RDI: 0000000000000003
[  440.787151][T11592] RBP: 00007f38c209c090 R08: 0000000000000000 R09: 0000000000000000
[  440.795232][T11592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.803221][T11592] R13: 00007f38c1416038 R14: 00007f38c1415fa0 R15: 00007fff509d2fc8
[  440.811389][T11592]  </TASK>
[  440.821173][T11592] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1782'.
[  440.862778][T11593] netlink: 'syz.3.1780': attribute type 10 has an invalid length.
[  440.922037][T11590] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  440.949761][T11595] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  440.964599][T11596] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  440.985366][T11585] IPv6: NLM_F_CREATE should be specified when creating new route
[  441.015245][T11585] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1779'.
[  441.057095][T11598] netlink: 'syz.0.1783': attribute type 39 has an invalid length.
[  441.089375][T11590] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  441.747075][T11590] netlink: 'syz.1.1781': attribute type 29 has an invalid length.
[  442.523358][T11628] netlink: 'syz.1.1794': attribute type 39 has an invalid length.
[  442.750142][T11637] netlink: 'syz.3.1795': attribute type 10 has an invalid length.
[  443.314424][T11653] syzkaller0: entered promiscuous mode
[  443.319979][T11653] syzkaller0: entered allmulticast mode
[  445.919688][T11665] netlink: 'syz.1.1806': attribute type 39 has an invalid length.
[  445.931193][T11671] netlink: 'syz.3.1807': attribute type 23 has an invalid length.
[  446.344819][T11693] netlink: 'syz.1.1811': attribute type 10 has an invalid length.
[  447.475410][T11709] netlink: 'syz.2.1816': attribute type 10 has an invalid length.
[  447.484534][T11709] batman_adv: batadv0: Removing interface: netdevsim0
[  447.518193][T11709] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  447.920848][T11724] netlink: 'syz.2.1819': attribute type 29 has an invalid length.
[  448.071722][T11720] netlink: 'syz.3.1818': attribute type 39 has an invalid length.
[  448.081441][T11724] netlink: 'syz.2.1819': attribute type 29 has an invalid length.
[  448.101140][T11722] netlink: 'syz.2.1819': attribute type 29 has an invalid length.
[  448.142657][T11726] netlink: 'syz.2.1819': attribute type 29 has an invalid length.
[  448.158131][T11724] netlink: 'syz.2.1819': attribute type 29 has an invalid length.
[  448.482077][T11714] team0: Device hsr_slave_0 failed to register rx_handler
[  450.339343][T11762] bond0: (slave netdevsim0): Releasing backup interface
[  450.374018][T11762] batman_adv: batadv0: Adding interface: netdevsim0
[  450.398770][T11762] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  450.443199][T11762] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  451.276201][T11769] validate_nla: 4 callbacks suppressed
[  451.276221][T11769] netlink: 'syz.1.1833': attribute type 10 has an invalid length.
[  452.001294][T11790] netlink: 'syz.1.1839': attribute type 39 has an invalid length.
[  452.253197][ T1099] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  455.013589][T11826] netlink: 'syz.2.1850': attribute type 39 has an invalid length.
[  455.182202][T11819] netlink: 'syz.3.1848': attribute type 10 has an invalid length.
[  455.217662][T11819] team0: Device hsr_slave_0 failed to register rx_handler
[  455.268171][T11828] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.1857'.
[  455.298335][T11828] netlink: zone id is out of range
[  455.344055][T11828] netlink: zone id is out of range
[  455.370738][T11828] netlink: zone id is out of range
[  455.412434][T11828] netlink: zone id is out of range
[  455.457130][T11828] netlink: zone id is out of range
[  455.491155][T11828] netlink: zone id is out of range
[  455.503886][T11828] netlink: zone id is out of range
[  455.519914][T11828] netlink: zone id is out of range
[  455.546545][T11828] netlink: zone id is out of range
[  455.563581][T11828] netlink: zone id is out of range
[  458.308213][T11863] netlink: 'syz.0.1865': attribute type 10 has an invalid length.
[  458.476224][T11869] IPv6: Can't replace route, no match found
[  458.540376][T11870] netlink: 'syz.2.1860': attribute type 39 has an invalid length.
[  459.271283][T11882] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1866'.
[  459.290804][T11882] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1866'.
[  459.313556][T11882] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1866'.
[  460.583819][T11897] netlink: 'syz.1.1871': attribute type 39 has an invalid length.
[  461.353603][T11898] __sock_release: fasync list not empty!
[  461.935824][T11905] netlink: 'syz.3.1874': attribute type 5 has an invalid length.
[  462.095870][T11910] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1876'.
[  462.989287][T11926] netlink: 'syz.0.1881': attribute type 39 has an invalid length.
[  463.166831][T11928] netlink: 'syz.3.1882': attribute type 21 has an invalid length.
[  463.183568][T11928] netlink: 'syz.3.1882': attribute type 11 has an invalid length.
[  463.215970][T11932] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1883'.
[  463.243268][T11932] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1883'.
[  463.322319][T11932] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1883'.
[  463.341797][T11936] netlink: 'syz.3.1882': attribute type 3 has an invalid length.
[  463.358690][T11936] netlink: 68216 bytes leftover after parsing attributes in process `syz.3.1882'.
[  463.387386][T11932] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.430850][T11932] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.870777][T11945] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1884'.
[  464.033196][T11932] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  464.050344][T11932] batman_adv: batadv0: Removing interface: batadv_slave_1
[  464.119615][T11932] batman_adv: batadv0: Removing interface: netdevsim0
[  464.520934][T11932] bond0: (slave batadv0): Releasing backup interface
[  464.676190][T11941] syzkaller0: entered promiscuous mode
[  464.692505][T11941] syzkaller0: entered allmulticast mode
[  464.707512][T11945] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1884'.
[  464.807797][T11955] netlink: 'syz.2.1887': attribute type 2 has an invalid length.
[  464.817344][T11955] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1887'.
[  464.827925][T11955] FAULT_INJECTION: forcing a failure.
[  464.827925][T11955] name failslab, interval 1, probability 0, space 0, times 0
[  464.871075][T11955] CPU: 1 PID: 11955 Comm: syz.2.1887 Not tainted syzkaller #0
[  464.878642][T11955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  464.888780][T11955] Call Trace:
[  464.892118][T11955]  <TASK>
[  464.895110][T11955]  dump_stack_lvl+0x18c/0x250
[  464.899885][T11955]  ? show_regs_print_info+0x20/0x20
[  464.905171][T11955]  ? load_image+0x400/0x400
[  464.909861][T11955]  ? verify_lock_unused+0x140/0x140
[  464.915171][T11955]  should_fail_ex+0x39d/0x4d0
[  464.919971][T11955]  should_failslab+0x9/0x20
[  464.924541][T11955]  slab_pre_alloc_hook+0x59/0x310
[  464.929636][T11955]  kmem_cache_alloc+0x5a/0x2d0
[  464.934435][T11955]  ? skb_clone+0x1eb/0x370
[  464.938947][T11955]  skb_clone+0x1eb/0x370
[  464.943370][T11955]  __netlink_deliver_tap+0x41c/0x830
[  464.948753][T11955]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.954933][T11955]  netlink_deliver_tap+0x19c/0x1b0
[  464.960109][T11955]  netlink_sendskb+0x68/0x130
[  464.964846][T11955]  netlink_ack+0xce1/0x1180
[  464.969419][T11955]  ? __bpf_trace_bpf_trace_printk+0x100/0x100
[  464.975590][T11955]  ? netlink_dump+0xe50/0xe50
[  464.980320][T11955]  ? perf_trace_lock+0x304/0x3b0
[  464.985330][T11955]  netlink_rcv_skb+0x2c5/0x4d0
[  464.990142][T11955]  ? rtnetlink_bind+0x80/0x80
[  464.994864][T11955]  ? netlink_ack+0x1180/0x1180
[  464.999704][T11955]  ? __lock_acquire+0x7d40/0x7d40
[  465.004784][T11955]  ? netlink_deliver_tap+0x2e/0x1b0
[  465.010031][T11955]  netlink_unicast+0x751/0x8d0
[  465.014957][T11955]  netlink_sendmsg+0x8d0/0xbf0
[  465.019761][T11955]  ? perf_trace_lock+0x304/0x3b0
[  465.024752][T11955]  ? netlink_getsockopt+0x590/0x590
[  465.029994][T11955]  ? aa_sock_msg_perm+0x94/0x150
[  465.034977][T11955]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  465.040290][T11955]  ? security_socket_sendmsg+0x80/0xa0
[  465.045782][T11955]  ? netlink_getsockopt+0x590/0x590
[  465.051022][T11955]  ____sys_sendmsg+0x5ba/0x960
[  465.055838][T11955]  ? __asan_memset+0x22/0x40
[  465.060487][T11955]  ? __sys_sendmsg_sock+0x30/0x30
[  465.065562][T11955]  ? __import_iovec+0x5f2/0x850
[  465.070483][T11955]  ? import_iovec+0x73/0xa0
[  465.075048][T11955]  ___sys_sendmsg+0x2a6/0x360
[  465.079787][T11955]  ? __sys_sendmsg+0x2a0/0x2a0
[  465.084642][T11955]  ? trace_call_bpf+0xc3/0x6c0
[  465.089514][T11955]  __se_sys_sendmsg+0x1c2/0x2b0
[  465.094403][T11955]  ? __x64_sys_sendmsg+0x80/0x80
[  465.099424][T11955]  ? lockdep_hardirqs_on+0x98/0x150
[  465.104670][T11955]  do_syscall_64+0x55/0xa0
[  465.109118][T11955]  ? clear_bhb_loop+0x40/0x90
[  465.113826][T11955]  ? clear_bhb_loop+0x40/0x90
[  465.118542][T11955]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  465.124467][T11955] RIP: 0033:0x7f905039c819
[  465.128922][T11955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  465.148730][T11955] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.157220][T11955] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  465.165309][T11955] RDX: 0000000000008094 RSI: 0000200000000080 RDI: 0000000000000003
[  465.173308][T11955] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  465.181308][T11955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.189315][T11955] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  465.197475][T11955]  </TASK>
[  467.449823][T11961] netlink: 'syz.0.1888': attribute type 21 has an invalid length.
[  467.661877][T11976] netlink: 'syz.3.1892': attribute type 39 has an invalid length.
[  467.937098][T11981] netlink: 'syz.2.1894': attribute type 2 has an invalid length.
[  467.945887][T11981] netlink: 'syz.2.1894': attribute type 8 has an invalid length.
[  467.982217][   T51] Bluetooth: hci1: unexpected event 0x10 length: 15 > 1
[  467.983408][   T51] Bluetooth: hci1: hardware error 0x0f
[  468.005211][T11981] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1894'.
[  469.581145][T12014] netlink: 'syz.1.1904': attribute type 2 has an invalid length.
[  469.589328][T12014] netlink: 51 bytes leftover after parsing attributes in process `syz.1.1904'.
[  470.048121][   T51] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  470.507640][T12041] netlink: 'syz.1.1913': attribute type 21 has an invalid length.
[  470.554292][T12041] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  471.103763][T12057] net_ratelimit: 332 callbacks suppressed
[  471.103780][T12057] netlink: set zone limit has 8 unknown bytes
[  471.493250][T12063] netlink: 'syz.3.1916': attribute type 2 has an invalid length.
[  471.530907][T12063] netlink: 51 bytes leftover after parsing attributes in process `syz.3.1916'.
[  472.641620][T12090] netlink: 'syz.2.1925': attribute type 10 has an invalid length.
[  472.649631][T12090] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1925'.
[  473.670001][T12110] netlink: 'syz.2.1931': attribute type 2 has an invalid length.
[  473.678437][T12110] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1931'.
[  474.005502][T12121] FAULT_INJECTION: forcing a failure.
[  474.005502][T12121] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  474.125166][T12121] CPU: 1 PID: 12121 Comm: syz.0.1935 Not tainted syzkaller #0
[  474.132850][T12121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  474.142962][T12121] Call Trace:
[  474.146285][T12121]  <TASK>
[  474.149254][T12121]  dump_stack_lvl+0x18c/0x250
[  474.154085][T12121]  ? show_regs_print_info+0x20/0x20
[  474.159526][T12121]  ? load_image+0x400/0x400
[  474.164093][T12121]  ? __lock_acquire+0x7d40/0x7d40
[  474.169179][T12121]  should_fail_ex+0x39d/0x4d0
[  474.173918][T12121]  prepare_alloc_pages+0x1e2/0x5f0
[  474.179090][T12121]  __alloc_pages+0x134/0x460
[  474.183739][T12121]  ? zone_statistics+0x170/0x170
[  474.188733][T12121]  ? xdp_convert_md_to_buff+0x5b/0x330
[  474.194244][T12121]  bpf_prog_test_run_xdp+0xc37/0x10e0
[  474.199737][T12121]  ? dev_put+0x80/0x80
[  474.203879][T12121]  ? dev_put+0x80/0x80
[  474.208080][T12121]  bpf_prog_test_run+0x321/0x390
[  474.213072][T12121]  __sys_bpf+0x49d/0x890
[  474.217453][T12121]  ? bpf_link_show_fdinfo+0x390/0x390
[  474.222883][T12121]  ? lock_chain_count+0x20/0x20
[  474.227781][T12121]  __x64_sys_bpf+0x7c/0x90
[  474.232266][T12121]  do_syscall_64+0x55/0xa0
[  474.236703][T12121]  ? clear_bhb_loop+0x40/0x90
[  474.241393][T12121]  ? clear_bhb_loop+0x40/0x90
[  474.246092][T12121]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  474.251998][T12121] RIP: 0033:0x7f38c119c819
[  474.256429][T12121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  474.276484][T12121] RSP: 002b:00007f38c209c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  474.284914][T12121] RAX: ffffffffffffffda RBX: 00007f38c1415fa0 RCX: 00007f38c119c819
[  474.292984][T12121] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  474.300963][T12121] RBP: 00007f38c209c090 R08: 0000000000000000 R09: 0000000000000000
[  474.308944][T12121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.317018][T12121] R13: 00007f38c1416038 R14: 00007f38c1415fa0 R15: 00007fff509d2fc8
[  474.325038][T12121]  </TASK>
[  474.365673][T12111] delete_channel: no stack
[  475.057724][T12143] netlink: 'syz.0.1941': attribute type 2 has an invalid length.
[  475.358783][T12143] netlink: 51 bytes leftover after parsing attributes in process `syz.0.1941'.
[  477.159478][T12181] netlink: 'syz.2.1953': attribute type 21 has an invalid length.
[  477.447883][T12177] delete_channel: no stack
[  477.472461][T12188] netlink: 'syz.0.1954': attribute type 10 has an invalid length.
[  477.705837][T12193] netlink: 'syz.2.1956': attribute type 39 has an invalid length.
[  478.923795][T12217] FAULT_INJECTION: forcing a failure.
[  478.923795][T12217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  478.954530][T12217] CPU: 1 PID: 12217 Comm: syz.2.1964 Not tainted syzkaller #0
[  478.962080][T12217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  478.972325][T12217] Call Trace:
[  478.975636][T12217]  <TASK>
[  478.978601][T12217]  dump_stack_lvl+0x18c/0x250
[  478.983328][T12217]  ? show_regs_print_info+0x20/0x20
[  478.988571][T12217]  ? load_image+0x400/0x400
[  478.993118][T12217]  ? __might_fault+0xaa/0x120
[  478.997897][T12217]  should_fail_ex+0x39d/0x4d0
[  479.002619][T12217]  copyin+0x1a/0x90
[  479.006446][T12217]  _copy_from_iter+0x54f/0x12e0
[  479.011331][T12217]  ? __virt_addr_valid+0x18c/0x540
[  479.016511][T12217]  ? copyout_mc+0x70/0x70
[  479.021012][T12217]  ? __virt_addr_valid+0x18c/0x540
[  479.026163][T12217]  ? __virt_addr_valid+0x18c/0x540
[  479.031307][T12217]  ? __virt_addr_valid+0x469/0x540
[  479.036424][T12217]  ? __check_object_size+0x506/0xa20
[  479.041713][T12217]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  479.047439][T12217]  ? dev_get_by_index+0x22/0x2d0
[  479.052374][T12217]  ? skb_put+0x11b/0x210
[  479.056632][T12217]  packet_sendmsg+0x3566/0x4d70
[  479.061529][T12217]  ? verify_lock_unused+0x140/0x140
[  479.066773][T12217]  ? mark_lock+0x94/0x320
[  479.071247][T12217]  ? __lock_acquire+0x1273/0x7d40
[  479.076484][T12217]  ? verify_lock_unused+0x140/0x140
[  479.081728][T12217]  ? aa_sk_perm+0x83c/0x970
[  479.086280][T12217]  ? packet_getsockopt+0xad0/0xad0
[  479.091430][T12217]  ? aa_sock_msg_perm+0x94/0x150
[  479.096421][T12217]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  479.101752][T12217]  ? security_socket_sendmsg+0x80/0xa0
[  479.107239][T12217]  ? packet_getsockopt+0xad0/0xad0
[  479.112379][T12217]  ____sys_sendmsg+0x5ba/0x960
[  479.117162][T12217]  ? __lock_acquire+0x7d40/0x7d40
[  479.122202][T12217]  ? __asan_memset+0x22/0x40
[  479.126794][T12217]  ? __sys_sendmsg_sock+0x30/0x30
[  479.131901][T12217]  ? __import_iovec+0x3fa/0x850
[  479.136768][T12217]  ? import_iovec+0x73/0xa0
[  479.141403][T12217]  ___sys_sendmsg+0x2a6/0x360
[  479.146809][T12217]  ? get_pid_task+0x20/0x1e0
[  479.151515][T12217]  ? __sys_sendmsg+0x2a0/0x2a0
[  479.156436][T12217]  ? __lock_acquire+0x7d40/0x7d40
[  479.161522][T12217]  __se_sys_sendmsg+0x1c2/0x2b0
[  479.166408][T12217]  ? __x64_sys_sendmsg+0x80/0x80
[  479.171370][T12217]  ? lockdep_hardirqs_on+0x98/0x150
[  479.176573][T12217]  do_syscall_64+0x55/0xa0
[  479.181021][T12217]  ? clear_bhb_loop+0x40/0x90
[  479.185716][T12217]  ? clear_bhb_loop+0x40/0x90
[  479.190924][T12217]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  479.196819][T12217] RIP: 0033:0x7f905039c819
[  479.201240][T12217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  479.220871][T12217] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  479.229296][T12217] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  479.237268][T12217] RDX: 0000000000000000 RSI: 0000200000000b00 RDI: 0000000000000003
[  479.245335][T12217] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  479.253324][T12217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  479.261390][T12217] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  479.269616][T12217]  </TASK>
[  479.484288][T12229] netlink: 'syz.2.1967': attribute type 39 has an invalid length.
[  479.743010][T12231] netlink: 'syz.3.1969': attribute type 10 has an invalid length.
[  479.762702][T12231] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1969'.
[  479.774312][T12231] hsr0: entered promiscuous mode
[  480.133291][T12244] netlink: 'syz.2.1972': attribute type 1 has an invalid length.
[  480.183651][T12244] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.1972'.
[  480.511439][T12248] delete_channel: no stack
[  480.681870][T12260] netlink: 'syz.3.1980': attribute type 10 has an invalid length.
[  480.953299][T12270] FAULT_INJECTION: forcing a failure.
[  480.953299][T12270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.023852][T12270] CPU: 1 PID: 12270 Comm: syz.2.1983 Not tainted syzkaller #0
[  481.031409][T12270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  481.041510][T12270] Call Trace:
[  481.044872][T12270]  <TASK>
[  481.047858][T12270]  dump_stack_lvl+0x18c/0x250
[  481.052601][T12270]  ? show_regs_print_info+0x20/0x20
[  481.057858][T12270]  ? load_image+0x400/0x400
[  481.062433][T12270]  ? __might_fault+0xaa/0x120
[  481.067163][T12270]  should_fail_ex+0x39d/0x4d0
[  481.071987][T12270]  copyin+0x1a/0x90
[  481.075853][T12270]  _copy_from_iter+0x54f/0x12e0
[  481.080751][T12270]  ? __virt_addr_valid+0x18c/0x540
[  481.086011][T12270]  ? copyout_mc+0x70/0x70
[  481.090401][T12270]  ? __virt_addr_valid+0x18c/0x540
[  481.095557][T12270]  ? __virt_addr_valid+0x18c/0x540
[  481.100737][T12270]  ? __virt_addr_valid+0x469/0x540
[  481.105888][T12270]  ? __check_object_size+0x506/0xa20
[  481.111209][T12270]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  481.117036][T12270]  ? dev_get_by_index+0x22/0x2d0
[  481.122007][T12270]  ? skb_put+0x11b/0x210
[  481.126260][T12270]  packet_sendmsg+0x3566/0x4d70
[  481.131149][T12270]  ? verify_lock_unused+0x140/0x140
[  481.136357][T12270]  ? mark_lock+0x94/0x320
[  481.140708][T12270]  ? __lock_acquire+0x1273/0x7d40
[  481.145748][T12270]  ? verify_lock_unused+0x140/0x140
[  481.150970][T12270]  ? aa_sk_perm+0x83c/0x970
[  481.155904][T12270]  ? packet_getsockopt+0xad0/0xad0
[  481.161039][T12270]  ? aa_sock_msg_perm+0x94/0x150
[  481.165989][T12270]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  481.171285][T12270]  ? security_socket_sendmsg+0x80/0xa0
[  481.176756][T12270]  ? packet_getsockopt+0xad0/0xad0
[  481.181883][T12270]  ____sys_sendmsg+0x5ba/0x960
[  481.186662][T12270]  ? __lock_acquire+0x7d40/0x7d40
[  481.191878][T12270]  ? __asan_memset+0x22/0x40
[  481.196634][T12270]  ? __sys_sendmsg_sock+0x30/0x30
[  481.201734][T12270]  ? __import_iovec+0x3fa/0x850
[  481.206621][T12270]  ? import_iovec+0x73/0xa0
[  481.211153][T12270]  ___sys_sendmsg+0x2a6/0x360
[  481.215841][T12270]  ? get_pid_task+0x20/0x1e0
[  481.220457][T12270]  ? __sys_sendmsg+0x2a0/0x2a0
[  481.225257][T12270]  ? __lock_acquire+0x7d40/0x7d40
[  481.230673][T12270]  __se_sys_sendmsg+0x1c2/0x2b0
[  481.235551][T12270]  ? __x64_sys_sendmsg+0x80/0x80
[  481.240511][T12270]  ? lockdep_hardirqs_on+0x98/0x150
[  481.245727][T12270]  do_syscall_64+0x55/0xa0
[  481.250162][T12270]  ? clear_bhb_loop+0x40/0x90
[  481.254863][T12270]  ? clear_bhb_loop+0x40/0x90
[  481.259583][T12270]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  481.265486][T12270] RIP: 0033:0x7f905039c819
[  481.269909][T12270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  481.289621][T12270] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.298052][T12270] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  481.306030][T12270] RDX: 0000000000000000 RSI: 0000200000000b00 RDI: 0000000000000003
[  481.314006][T12270] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  481.321996][T12270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  481.329973][T12270] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  481.338055][T12270]  </TASK>
[  481.346893][T12274] netlink: 668 bytes leftover after parsing attributes in process `syz.1.1981'.
[  481.412036][T12274] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  481.420365][T12274] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  482.525927][T12284] netlink: 'syz.0.1988': attribute type 1 has an invalid length.
[  482.568778][T12284] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.1988'.
[  483.107201][T12298] netlink: 'syz.2.1994': attribute type 10 has an invalid length.
[  484.024874][ T1091] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  484.325036][T12320] netlink: 'syz.2.2002': attribute type 39 has an invalid length.
[  484.682297][T12322] netlink: 'syz.1.2003': attribute type 39 has an invalid length.
[  485.467207][T12333] netlink: 'syz.0.2013': attribute type 39 has an invalid length.
[  485.987757][T12334] netlink: 'syz.1.2005': attribute type 1 has an invalid length.
[  486.026502][T12339] FAULT_INJECTION: forcing a failure.
[  486.026502][T12339] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  486.047119][T12334] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.2005'.
[  486.073189][T12339] CPU: 0 PID: 12339 Comm: syz.2.2007 Not tainted syzkaller #0
[  486.080744][T12339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  486.091013][T12339] Call Trace:
[  486.094326][T12339]  <TASK>
[  486.097275][T12339]  dump_stack_lvl+0x18c/0x250
[  486.101989][T12339]  ? show_regs_print_info+0x20/0x20
[  486.107641][T12339]  ? load_image+0x400/0x400
[  486.112175][T12339]  ? __lock_acquire+0x7d40/0x7d40
[  486.117232][T12339]  ? verify_lock_unused+0x140/0x140
[  486.122452][T12339]  should_fail_ex+0x39d/0x4d0
[  486.127269][T12339]  prepare_alloc_pages+0x1e2/0x5f0
[  486.132418][T12339]  __alloc_pages+0x134/0x460
[  486.137029][T12339]  ? zone_statistics+0x170/0x170
[  486.142000][T12339]  ? mt_find+0x169/0x650
[  486.146281][T12339]  ? handle_mm_fault+0xe7/0x4c00
[  486.151243][T12339]  __folio_alloc+0x10/0x20
[  486.155679][T12339]  vma_alloc_folio+0x47a/0x8f0
[  486.160666][T12339]  handle_mm_fault+0x1b3b/0x4c00
[  486.165673][T12339]  ? handle_mm_fault+0xe7/0x4c00
[  486.170653][T12339]  ? numa_migrate_prep+0x350/0x350
[  486.175819][T12339]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  486.181195][T12339]  do_user_addr_fault+0x730/0x12c0
[  486.186507][T12339]  exc_page_fault+0x64/0x100
[  486.191291][T12339]  asm_exc_page_fault+0x26/0x30
[  486.196272][T12339] RIP: 0010:rep_movs_alternative+0x33/0x90
[  486.202111][T12339] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  486.222445][T12339] RSP: 0018:ffffc90019ccfa10 EFLAGS: 00050216
[  486.228588][T12339] RAX: 00441f0ffa1e0ff3 RBX: 0000000000000011 RCX: 0000000000000011
[  486.236611][T12339] RDX: 0000000000000000 RSI: ffffffffa0002358 RDI: 0000200000002e00
[  486.244595][T12339] RBP: ffffc90019ccfd70 R08: ffffffffa0002368 R09: 1ffffffff400046d
[  486.252690][T12339] R10: dffffc0000000000 R11: fffffbfff400046e R12: 0000200000002e11
[  486.260771][T12339] R13: 0000000000000011 R14: 0000200000002e00 R15: ffffffffa0002358
[  486.268769][T12339]  ? 0xffffffffa0002358
[  486.272944][T12339]  ? bpf_prog_89f733ace28d1b04+0x10/0x31
[  486.278616][T12339]  ? 0xffffffffa0002358
[  486.282854][T12339]  _copy_to_user+0x85/0xa0
[  486.287289][T12339]  ? 0xffffffffa0002358
[  486.291803][T12339]  bpf_obj_get_info_by_fd+0x1baf/0x3080
[  486.297377][T12339]  ? bpf_map_get_fd_by_id+0x310/0x310
[  486.302855][T12339]  ? get_pid_task+0x20/0x1e0
[  486.307615][T12339]  ? file_end_write+0x159/0x250
[  486.312502][T12339]  ? __might_fault+0xaa/0x120
[  486.317271][T12339]  ? __might_fault+0xc6/0x120
[  486.322060][T12339]  ? __might_fault+0xaa/0x120
[  486.326762][T12339]  ? bpf_lsm_bpf+0x9/0x10
[  486.331109][T12339]  ? security_bpf+0x7e/0xa0
[  486.335639][T12339]  __sys_bpf+0x7eb/0x890
[  486.339896][T12339]  ? bpf_link_show_fdinfo+0x390/0x390
[  486.345294][T12339]  ? lock_chain_count+0x20/0x20
[  486.350169][T12339]  __x64_sys_bpf+0x7c/0x90
[  486.354612][T12339]  do_syscall_64+0x55/0xa0
[  486.359043][T12339]  ? clear_bhb_loop+0x40/0x90
[  486.363820][T12339]  ? clear_bhb_loop+0x40/0x90
[  486.368711][T12339]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  486.374638][T12339] RIP: 0033:0x7f905039c819
[  486.379080][T12339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  486.398733][T12339] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  486.407267][T12339] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  486.415253][T12339] RDX: 0000000000000010 RSI: 0000200000000340 RDI: 000000000000000f
[  486.423320][T12339] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  486.431531][T12339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.439546][T12339] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  486.447551][T12339]  </TASK>
[  486.507472][T12337] netlink: 61967 bytes leftover after parsing attributes in process `syz.0.2006'.
[  487.753414][T12351] netlink: 'syz.0.2011': attribute type 10 has an invalid length.
[  488.046631][T12354] netlink: 'syz.2.2012': attribute type 10 has an invalid length.
[  488.246243][T12356] netlink: 'syz.1.2015': attribute type 39 has an invalid length.
[  488.312096][T12358] netlink: 'syz.0.2014': attribute type 39 has an invalid length.
[  490.087234][T12377] netlink: 'syz.1.2022': attribute type 10 has an invalid length.
[  490.357396][T12385] netlink: 'syz.3.2024': attribute type 39 has an invalid length.
[  490.509366][T12387] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.2025'.
[  490.840470][T12393] syzkaller0: entered promiscuous mode
[  490.886233][T12393] syzkaller0: entered allmulticast mode
[  490.919429][T12398] netlink: 'syz.2.2030': attribute type 10 has an invalid length.
[  492.304553][T12419] FAULT_INJECTION: forcing a failure.
[  492.304553][T12419] name failslab, interval 1, probability 0, space 0, times 0
[  492.340891][T12419] CPU: 0 PID: 12419 Comm: syz.2.2035 Not tainted syzkaller #0
[  492.348439][T12419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  492.358538][T12419] Call Trace:
[  492.361943][T12419]  <TASK>
[  492.364910][T12419]  dump_stack_lvl+0x18c/0x250
[  492.369645][T12419]  ? show_regs_print_info+0x20/0x20
[  492.374894][T12419]  ? load_image+0x400/0x400
[  492.379446][T12419]  ? __might_sleep+0xe0/0xe0
[  492.384077][T12419]  ? __lock_acquire+0x7d40/0x7d40
[  492.389156][T12419]  should_fail_ex+0x39d/0x4d0
[  492.393887][T12419]  should_failslab+0x9/0x20
[  492.398530][T12419]  slab_pre_alloc_hook+0x59/0x310
[  492.403598][T12419]  ? __lock_acquire+0x7d40/0x7d40
[  492.408664][T12419]  kmem_cache_alloc_node+0x60/0x320
[  492.413912][T12419]  ? __alloc_skb+0x103/0x2c0
[  492.418631][T12419]  __alloc_skb+0x103/0x2c0
[  492.423083][T12419]  netlink_sendmsg+0x66a/0xbf0
[  492.427903][T12419]  ? netlink_getsockopt+0x590/0x590
[  492.433242][T12419]  ? aa_sock_msg_perm+0x94/0x150
[  492.438227][T12419]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  492.443642][T12419]  ? security_socket_sendmsg+0x80/0xa0
[  492.449134][T12419]  ? netlink_getsockopt+0x590/0x590
[  492.454553][T12419]  ____sys_sendmsg+0x5ba/0x960
[  492.459361][T12419]  ? __asan_memset+0x22/0x40
[  492.464014][T12419]  ? __sys_sendmsg_sock+0x30/0x30
[  492.469169][T12419]  ? __import_iovec+0x5f2/0x850
[  492.474235][T12419]  ? import_iovec+0x73/0xa0
[  492.478864][T12419]  ___sys_sendmsg+0x2a6/0x360
[  492.483585][T12419]  ? __sys_sendmsg+0x2a0/0x2a0
[  492.488535][T12419]  __se_sys_sendmsg+0x1c2/0x2b0
[  492.493422][T12419]  ? __x64_sys_sendmsg+0x80/0x80
[  492.498702][T12419]  ? syscall_enter_from_user_mode+0x2e/0x80
[  492.504756][T12419]  do_syscall_64+0x55/0xa0
[  492.509222][T12419]  ? clear_bhb_loop+0x40/0x90
[  492.513947][T12419]  ? clear_bhb_loop+0x40/0x90
[  492.518664][T12419]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  492.524638][T12419] RIP: 0033:0x7f905039c819
[  492.529097][T12419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  492.548762][T12419] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  492.557232][T12419] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  492.565255][T12419] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000008
[  492.573271][T12419] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  492.581290][T12419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.589303][T12419] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  492.597343][T12419]  </TASK>
[  495.251949][T12417] netlink: 'syz.3.2034': attribute type 10 has an invalid length.
[  495.274459][T12428] netlink: 'syz.0.2044': attribute type 10 has an invalid length.
[  495.283023][T12433] netlink: 'syz.2.2038': attribute type 39 has an invalid length.
[  495.676946][T12437] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.2039'.
[  496.134882][T12458] sctp: [Deprecated]: syz.0.2046 (pid 12458) Use of struct sctp_assoc_value in delayed_ack socket option.
[  496.134882][T12458] Use struct sctp_sack_info instead
[  496.492677][T12462] netlink: 'syz.1.2048': attribute type 1 has an invalid length.
[  496.511981][T12462] netlink: 7674 bytes leftover after parsing attributes in process `syz.1.2048'.
[  496.534001][T12468] netlink: 'syz.2.2049': attribute type 10 has an invalid length.
[  497.201195][T12488] FAULT_INJECTION: forcing a failure.
[  497.201195][T12488] name failslab, interval 1, probability 0, space 0, times 0
[  497.219510][T12488] CPU: 0 PID: 12488 Comm: syz.2.2058 Not tainted syzkaller #0
[  497.227033][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  497.237194][T12488] Call Trace:
[  497.240488][T12488]  <TASK>
[  497.243431][T12488]  dump_stack_lvl+0x18c/0x250
[  497.248167][T12488]  ? show_regs_print_info+0x20/0x20
[  497.253470][T12488]  ? load_image+0x400/0x400
[  497.257992][T12488]  ? __might_sleep+0xe0/0xe0
[  497.262613][T12488]  ? __lock_acquire+0x7d40/0x7d40
[  497.267652][T12488]  should_fail_ex+0x39d/0x4d0
[  497.272395][T12488]  should_failslab+0x9/0x20
[  497.276912][T12488]  slab_pre_alloc_hook+0x59/0x310
[  497.281956][T12488]  ? __lock_acquire+0x7d40/0x7d40
[  497.286998][T12488]  ? dev_ethtool+0x129/0x18d0
[  497.291690][T12488]  __kmem_cache_alloc_node+0x53/0x250
[  497.297076][T12488]  ? __might_fault+0xaa/0x120
[  497.301768][T12488]  ? dev_ethtool+0x129/0x18d0
[  497.306458][T12488]  kmalloc_trace+0x2a/0xe0
[  497.310900][T12488]  dev_ethtool+0x129/0x18d0
[  497.315440][T12488]  ? ethtool_get_module_eeprom_call+0x170/0x170
[  497.321693][T12488]  ? __lock_acquire+0x7d40/0x7d40
[  497.326818][T12488]  ? __might_fault+0xaa/0x120
[  497.331501][T12488]  ? full_name_hash+0x92/0xe0
[  497.336196][T12488]  ? dev_load+0x21/0x1f0
[  497.340452][T12488]  dev_ioctl+0x392/0x1140
[  497.344798][T12488]  sock_do_ioctl+0x239/0x310
[  497.349405][T12488]  ? sock_show_fdinfo+0xb0/0xb0
[  497.354276][T12488]  sock_ioctl+0x5ba/0x7e0
[  497.358621][T12488]  ? sock_poll+0x3e0/0x3e0
[  497.363058][T12488]  ? bpf_lsm_file_ioctl+0x9/0x10
[  497.368000][T12488]  ? security_file_ioctl+0x80/0xa0
[  497.373127][T12488]  ? sock_poll+0x3e0/0x3e0
[  497.377552][T12488]  __se_sys_ioctl+0xfd/0x170
[  497.382156][T12488]  do_syscall_64+0x55/0xa0
[  497.386589][T12488]  ? clear_bhb_loop+0x40/0x90
[  497.391276][T12488]  ? clear_bhb_loop+0x40/0x90
[  497.395965][T12488]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  497.401883][T12488] RIP: 0033:0x7f905039c819
[  497.406311][T12488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  497.425931][T12488] RSP: 002b:00007f904e5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  497.434357][T12488] RAX: ffffffffffffffda RBX: 00007f9050615fa0 RCX: 00007f905039c819
[  497.442339][T12488] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000033
[  497.450316][T12488] RBP: 00007f904e5f6090 R08: 0000000000000000 R09: 0000000000000000
[  497.458293][T12488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.466359][T12488] R13: 00007f9050616038 R14: 00007f9050615fa0 R15: 00007ffc2e65c768
[  497.474357][T12488]  </TASK>
[  497.531908][T12491] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2057'.
[  497.761290][T12501] netlink: 'syz.2.2060': attribute type 10 has an invalid length.
[  499.020829][T12538] netlink: set zone limit has 8 unknown bytes
[  499.101655][T12539] netlink: 'syz.0.2070': attribute type 10 has an invalid length.
[  499.325027][T12545] FAULT_INJECTION: forcing a failure.
[  499.325027][T12545] name failslab, interval 1, probability 0, space 0, times 0
[  499.348200][T12543] netlink: 'syz.1.2073': attribute type 28 has an invalid length.
[  499.361732][T12545] CPU: 1 PID: 12545 Comm: syz.0.2074 Not tainted syzkaller #0
[  499.369271][T12545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  499.379367][T12545] Call Trace:
[  499.382685][T12545]  <TASK>
[  499.385663][T12545]  dump_stack_lvl+0x18c/0x250
[  499.390397][T12545]  ? show_regs_print_info+0x20/0x20
[  499.395642][T12545]  ? load_image+0x400/0x400
[  499.400195][T12545]  ? __might_sleep+0xe0/0xe0
[  499.404820][T12545]  ? __lock_acquire+0x7d40/0x7d40
[  499.409864][T12545]  should_fail_ex+0x39d/0x4d0
[  499.414567][T12545]  should_failslab+0x9/0x20
[  499.419090][T12545]  slab_pre_alloc_hook+0x59/0x310
[  499.424135][T12545]  ? __lock_acquire+0x7d40/0x7d40
[  499.429173][T12545]  kmem_cache_alloc_node+0x60/0x320
[  499.434395][T12545]  ? __alloc_skb+0x103/0x2c0
[  499.439004][T12545]  __alloc_skb+0x103/0x2c0
[  499.443443][T12545]  netlink_sendmsg+0x66a/0xbf0
[  499.448239][T12545]  ? netlink_getsockopt+0x590/0x590
[  499.453462][T12545]  ? aa_sock_msg_perm+0x94/0x150
[  499.458416][T12545]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  499.463718][T12545]  ? security_socket_sendmsg+0x80/0xa0
[  499.469190][T12545]  ? netlink_getsockopt+0x590/0x590
[  499.474410][T12545]  ____sys_sendmsg+0x5ba/0x960
[  499.479188][T12545]  ? __asan_memset+0x22/0x40
[  499.483792][T12545]  ? __sys_sendmsg_sock+0x30/0x30
[  499.488909][T12545]  ? __import_iovec+0x5f2/0x850
[  499.493774][T12545]  ? import_iovec+0x73/0xa0
[  499.498394][T12545]  ___sys_sendmsg+0x2a6/0x360
[  499.503088][T12545]  ? get_pid_task+0x20/0x1e0
[  499.507801][T12545]  ? __sys_sendmsg+0x2a0/0x2a0
[  499.512591][T12545]  ? __lock_acquire+0x7d40/0x7d40
[  499.517649][T12545]  __se_sys_sendmsg+0x1c2/0x2b0
[  499.522513][T12545]  ? __x64_sys_sendmsg+0x80/0x80
[  499.527472][T12545]  ? lockdep_hardirqs_on+0x98/0x150
[  499.532685][T12545]  do_syscall_64+0x55/0xa0
[  499.537118][T12545]  ? clear_bhb_loop+0x40/0x90
[  499.541806][T12545]  ? clear_bhb_loop+0x40/0x90
[  499.546502][T12545]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  499.552408][T12545] RIP: 0033:0x7f38c119c819
[  499.557265][T12545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  499.576881][T12545] RSP: 002b:00007f38c209c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.585306][T12545] RAX: ffffffffffffffda RBX: 00007f38c1415fa0 RCX: 00007f38c119c819
[  499.593288][T12545] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  499.601363][T12545] RBP: 00007f38c209c090 R08: 0000000000000000 R09: 0000000000000000
[  499.609343][T12545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.617322][T12545] R13: 00007f38c1416038 R14: 00007f38c1415fa0 R15: 00007fff509d2fc8
[  499.625328][T12545]  </TASK>
[  499.884941][T12548] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2076'.
[  499.903214][T12548] openvswitch: netlink: Tunnel attr 13157 out of range max 16
[  500.697565][T12570] netlink: 'syz.1.2083': attribute type 10 has an invalid length.
[  501.868999][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  501.875873][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  502.216593][T12612] netlink: 'syz.2.2096': attribute type 10 has an invalid length.
[  502.721028][T12618] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2097'.
[  502.722098][T12611] syz.1.2097[12611] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  502.769472][T12611] syz.1.2097[12611] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  502.824896][T12613] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  502.940998][T12613] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  502.995315][T12624] netlink: 'syz.0.2101': attribute type 10 has an invalid length.
[  503.008228][T12624] FAULT_INJECTION: forcing a failure.
[  503.008228][T12624] name failslab, interval 1, probability 0, space 0, times 0
[  503.035311][T12624] CPU: 0 PID: 12624 Comm: syz.0.2101 Not tainted syzkaller #0
[  503.043553][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  503.053759][T12624] Call Trace:
[  503.057083][T12624]  <TASK>
[  503.060481][T12624]  dump_stack_lvl+0x18c/0x250
[  503.065221][T12624]  ? show_regs_print_info+0x20/0x20
[  503.070482][T12624]  ? load_image+0x400/0x400
[  503.075122][T12624]  ? verify_lock_unused+0x140/0x140
[  503.080372][T12624]  should_fail_ex+0x39d/0x4d0
[  503.085112][T12624]  should_failslab+0x9/0x20
[  503.089688][T12624]  slab_pre_alloc_hook+0x59/0x310
[  503.094773][T12624]  kmem_cache_alloc+0x5a/0x2d0
[  503.099588][T12624]  ? skb_clone+0x1eb/0x370
[  503.104065][T12624]  skb_clone+0x1eb/0x370
[  503.108389][T12624]  __netlink_deliver_tap+0x41c/0x830
[  503.113839][T12624]  ? netlink_deliver_tap+0x2e/0x1b0
[  503.119103][T12624]  netlink_deliver_tap+0x19c/0x1b0
[  503.124277][T12624]  netlink_sendskb+0x68/0x130
[  503.129015][T12624]  netlink_ack+0xce1/0x1180
[  503.133635][T12624]  ? netlink_dump+0xe50/0xe50
[  503.138375][T12624]  ? ref_tracker_free+0x690/0x840
[  503.143551][T12624]  netlink_rcv_skb+0x2c5/0x4d0
[  503.148475][T12624]  ? rtnetlink_bind+0x80/0x80
[  503.153214][T12624]  ? netlink_ack+0x1180/0x1180
[  503.158045][T12624]  ? __lock_acquire+0x7d40/0x7d40
[  503.163127][T12624]  ? netlink_deliver_tap+0x2e/0x1b0
[  503.168394][T12624]  netlink_unicast+0x751/0x8d0
[  503.173221][T12624]  netlink_sendmsg+0x8d0/0xbf0
[  503.178046][T12624]  ? netlink_getsockopt+0x590/0x590
[  503.183303][T12624]  ? aa_sock_msg_perm+0x94/0x150
[  503.188397][T12624]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  503.193737][T12624]  ? security_socket_sendmsg+0x80/0xa0
[  503.199235][T12624]  ? netlink_getsockopt+0x590/0x590
[  503.204485][T12624]  ____sys_sendmsg+0x5ba/0x960
[  503.209304][T12624]  ? __asan_memset+0x22/0x40
[  503.213943][T12624]  ? __sys_sendmsg_sock+0x30/0x30
[  503.218999][T12624]  ? __import_iovec+0x5f2/0x850
[  503.223992][T12624]  ? import_iovec+0x73/0xa0
[  503.228548][T12624]  ___sys_sendmsg+0x2a6/0x360
[  503.233358][T12624]  ? __sys_sendmsg+0x2a0/0x2a0
[  503.238189][T12624]  ? trace_call_bpf+0xc3/0x6c0
[  503.243112][T12624]  __se_sys_sendmsg+0x1c2/0x2b0
[  503.248096][T12624]  ? __x64_sys_sendmsg+0x80/0x80
[  503.253099][T12624]  ? lockdep_hardirqs_on+0x98/0x150
[  503.258435][T12624]  do_syscall_64+0x55/0xa0
[  503.262900][T12624]  ? clear_bhb_loop+0x40/0x90
[  503.267634][T12624]  ? clear_bhb_loop+0x40/0x90
[  503.272367][T12624]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  503.278301][T12624] RIP: 0033:0x7f38c119c819
[  503.282754][T12624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  503.302490][T12624] RSP: 002b:00007f38c207b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  503.310952][T12624] RAX: ffffffffffffffda RBX: 00007f38c1416090 RCX: 00007f38c119c819
[  503.319055][T12624] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a
[  503.327156][T12624] RBP: 00007f38c207b090 R08: 0000000000000000 R09: 0000000000000000
[  503.335262][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  503.343509][T12624] R13: 00007f38c1416128 R14: 00007f38c1416090 R15: 00007fff509d2fc8
[  503.351543][T12624]  </TASK>
[  503.794499][T12642] netlink: 'syz.0.2105': attribute type 39 has an invalid length.
[  504.674242][T12652] netlink: 'syz.0.2110': attribute type 10 has an invalid length.
[  510.463009][T12735] FAULT_INJECTION: forcing a failure.
[  510.463009][T12735] name fail_futex, interval 1, probability 0, space 0, times 1
[  510.539566][T12735] CPU: 0 PID: 12735 Comm: syz.3.2132 Not tainted syzkaller #0
[  510.547129][T12735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  510.557316][T12735] Call Trace:
[  510.560638][T12735]  <TASK>
[  510.563606][T12735]  dump_stack_lvl+0x18c/0x250
[  510.568347][T12735]  ? show_regs_print_info+0x20/0x20
[  510.573605][T12735]  ? load_image+0x400/0x400
[  510.578248][T12735]  ? __lock_acquire+0x1347/0x7d40
[  510.583387][T12735]  ? verify_lock_unused+0x140/0x140
[  510.588844][T12735]  should_fail_ex+0x39d/0x4d0
[  510.593663][T12735]  get_futex_key+0x136/0x1010
[  510.598494][T12735]  ? futex_setup_timer+0xc0/0xc0
[  510.603479][T12735]  ? perf_trace_lock+0xfc/0x3b0
[  510.608391][T12735]  futex_wake+0x127/0x4f0
[  510.612778][T12735]  ? futex_wake_mark+0x150/0x150
[  510.617774][T12735]  do_futex+0x35d/0x3e0
[  510.621968][T12735]  ? __might_fault+0xaa/0x120
[  510.626722][T12735]  ? __ia32_sys_get_robust_list+0x110/0x110
[  510.632747][T12735]  ? __might_fault+0xc6/0x120
[  510.637483][T12735]  mm_release+0x184/0x3a0
[  510.641857][T12735]  ? exit_mm_release+0x30/0x30
[  510.646662][T12735]  ? lockdep_hardirqs_on+0x98/0x150
[  510.651913][T12735]  exit_mm+0xa7/0x2c0
[  510.655950][T12735]  ? do_exit+0x2460/0x2460
[  510.660415][T12735]  ? taskstats_exit+0x35e/0x9e0
[  510.665313][T12735]  do_exit+0x8dd/0x2460
[  510.669552][T12735]  ? get_signal+0x1068/0x13f0
[  510.674275][T12735]  ? put_task_struct+0xc0/0xc0
[  510.679091][T12735]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  510.685126][T12735]  ? lock_chain_count+0x20/0x20
[  510.690019][T12735]  ? _raw_spin_lock_irq+0xbb/0xf0
[  510.695090][T12735]  do_group_exit+0x21b/0x2d0
[  510.699727][T12735]  ? lockdep_hardirqs_on+0x98/0x150
[  510.704970][T12735]  get_signal+0x12fc/0x13f0
[  510.709553][T12735]  arch_do_signal_or_restart+0xc2/0x800
[  510.715168][T12735]  ? get_sigframe_size+0x20/0x20
[  510.720256][T12735]  ? perf_trace_preemptirq_template+0xac/0x330
[  510.726575][T12735]  ? exit_to_user_mode_loop+0x3b/0x110
[  510.732329][T12735]  exit_to_user_mode_loop+0x70/0x110
[  510.737678][T12735]  exit_to_user_mode_prepare+0xee/0x180
[  510.743278][T12735]  syscall_exit_to_user_mode+0x1a/0x50
[  510.748791][T12735]  do_syscall_64+0x61/0xa0
[  510.753264][T12735]  ? clear_bhb_loop+0x40/0x90
[  510.757984][T12735]  ? clear_bhb_loop+0x40/0x90
[  510.762703][T12735]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  510.768637][T12735] RIP: 0033:0x7fa34779c819
[  510.773099][T12735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.792756][T12735] RSP: 002b:00007fa34868e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  510.801226][T12735] RAX: 0000000000000000 RBX: 00007fa347a16090 RCX: 00007fa34779c819
[  510.809252][T12735] RDX: 0000000000000102 RSI: 0000200000000dc0 RDI: 0000000000000005
[  510.817272][T12735] RBP: 00007fa34868e090 R08: 0000000000000000 R09: 0000000000000000
[  510.825382][T12735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.833406][T12735] R13: 00007fa347a16128 R14: 00007fa347a16090 R15: 00007ffc4ca393c8
[  510.841611][T12735]  </TASK>
[  512.408059][T12753] netlink: 'syz.3.2137': attribute type 10 has an invalid length.
[  515.540562][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  519.154460][T12819] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2157'.
[  519.210479][T12822] FAULT_INJECTION: forcing a failure.
[  519.210479][T12822] name failslab, interval 1, probability 0, space 0, times 0
[  519.270764][T12822] CPU: 0 PID: 12822 Comm: syz.3.2158 Not tainted syzkaller #0
[  519.278327][T12822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  519.288436][T12822] Call Trace:
[  519.291767][T12822]  <TASK>
[  519.294759][T12822]  dump_stack_lvl+0x18c/0x250
[  519.299604][T12822]  ? show_regs_print_info+0x20/0x20
[  519.304872][T12822]  ? load_image+0x400/0x400
[  519.309442][T12822]  ? __might_sleep+0xe0/0xe0
[  519.314112][T12822]  ? __lock_acquire+0x7d40/0x7d40
[  519.319294][T12822]  should_fail_ex+0x39d/0x4d0
[  519.324056][T12822]  should_failslab+0x9/0x20
[  519.328618][T12822]  slab_pre_alloc_hook+0x59/0x310
[  519.333806][T12822]  kmem_cache_alloc_lru+0x4d/0x2d0
[  519.339069][T12822]  ? __d_alloc+0x31/0x730
[  519.343471][T12822]  __d_alloc+0x31/0x730
[  519.347705][T12822]  d_alloc_parallel+0xe0/0x1530
[  519.352620][T12822]  ? __asan_memset+0x22/0x40
[  519.357280][T12822]  ? __asan_memset+0x22/0x40
[  519.361929][T12822]  ? lockdep_init_map_type+0x9c/0x8e0
[  519.367447][T12822]  ? lockdep_softirqs_off+0x430/0x430
[  519.372970][T12822]  ? d_hash_and_lookup+0x1b0/0x1b0
[  519.378162][T12822]  ? __init_waitqueue_head+0xa9/0x150
[  519.383589][T12822]  __lookup_slow+0x138/0x400
[  519.388395][T12822]  ? lookup_one_len+0x2e0/0x2e0
[  519.393385][T12822]  ? down_read+0x1ac/0x2e0
[  519.397828][T12822]  lookup_slow+0x53/0x70
[  519.402104][T12822]  link_path_walk+0x990/0xe30
[  519.406834][T12822]  ? handle_lookup_down+0x130/0x130
[  519.412059][T12822]  ? percpu_counter_add_batch+0x1f1/0x2a0
[  519.417824][T12822]  path_lookupat+0x9d/0x440
[  519.422370][T12822]  do_o_path+0xa0/0x200
[  519.426560][T12822]  ? do_tmpfile+0x240/0x240
[  519.431097][T12822]  ? init_file+0x12c/0x1f0
[  519.435557][T12822]  path_openat+0x2ad7/0x3230
[  519.440218][T12822]  ? do_filp_open+0x430/0x430
[  519.444911][T12822]  ? perf_trace_lock+0x304/0x3b0
[  519.449880][T12822]  ? trace_event_raw_event_lock+0x250/0x250
[  519.455818][T12822]  do_filp_open+0x1f5/0x430
[  519.460425][T12822]  ? alloc_fd+0x58f/0x630
[  519.464787][T12822]  ? vfs_tmpfile+0x490/0x490
[  519.469436][T12822]  ? _raw_spin_unlock+0x28/0x40
[  519.474311][T12822]  ? alloc_fd+0x58f/0x630
[  519.478767][T12822]  do_sys_openat2+0x134/0x1d0
[  519.483504][T12822]  ? do_sys_open+0xe0/0xe0
[  519.487949][T12822]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  519.493954][T12822]  ? lock_chain_count+0x20/0x20
[  519.498836][T12822]  __x64_sys_openat+0x139/0x160
[  519.503716][T12822]  do_syscall_64+0x55/0xa0
[  519.508155][T12822]  ? clear_bhb_loop+0x40/0x90
[  519.512859][T12822]  ? clear_bhb_loop+0x40/0x90
[  519.517732][T12822]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  519.523647][T12822] RIP: 0033:0x7fa34779c819
[  519.528086][T12822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  519.547721][T12822] RSP: 002b:00007fa3486af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  519.556161][T12822] RAX: ffffffffffffffda RBX: 00007fa347a15fa0 RCX: 00007fa34779c819
[  519.564150][T12822] RDX: 0000000000200002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  519.572137][T12822] RBP: 00007fa3486af090 R08: 0000000000000000 R09: 0000000000000000
[  519.580216][T12822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.588205][T12822] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  519.596224][T12822]  </TASK>
[  519.706644][T12819] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  520.211318][T12825] netlink: 'syz.2.2160': attribute type 10 has an invalid length.
[  521.465091][T12841] FAULT_INJECTION: forcing a failure.
[  521.465091][T12841] name failslab, interval 1, probability 0, space 0, times 0
[  521.500752][T12841] CPU: 1 PID: 12841 Comm: syz.3.2165 Not tainted syzkaller #0
[  521.508485][T12841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  521.518609][T12841] Call Trace:
[  521.521925][T12841]  <TASK>
[  521.524886][T12841]  dump_stack_lvl+0x18c/0x250
[  521.529615][T12841]  ? show_regs_print_info+0x20/0x20
[  521.534857][T12841]  ? load_image+0x400/0x400
[  521.539399][T12841]  ? __might_sleep+0xe0/0xe0
[  521.544026][T12841]  ? __lock_acquire+0x7d40/0x7d40
[  521.549095][T12841]  should_fail_ex+0x39d/0x4d0
[  521.553838][T12841]  should_failslab+0x9/0x20
[  521.558402][T12841]  slab_pre_alloc_hook+0x59/0x310
[  521.563472][T12841]  ? kvmalloc_node+0x70/0x180
[  521.568209][T12841]  ? kvmalloc_node+0x70/0x180
[  521.572936][T12841]  __kmem_cache_alloc_node+0x53/0x250
[  521.578362][T12841]  ? kvmalloc_node+0x70/0x180
[  521.583085][T12841]  __kmalloc_node+0xa4/0x230
[  521.587723][T12841]  kvmalloc_node+0x70/0x180
[  521.592269][T12841]  page_pool_create+0x1eb/0x5c0
[  521.597252][T12841]  bpf_test_run_xdp_live+0x203/0x1b20
[  521.602675][T12841]  ? bpf_dispatcher_xdp+0x800/0x1000
[  521.608003][T12841]  ? bpf_dispatcher_xdp+0x800/0x1000
[  521.613319][T12841]  ? bpf_dispatcher_change_prog+0xcbf/0xf10
[  521.619316][T12841]  ? bpf_dispatcher_xdp+0x800/0x1000
[  521.624616][T12841]  ? xdp_convert_md_to_buff+0x330/0x330
[  521.630197][T12841]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  521.636540][T12841]  ? _copy_from_user+0xa5/0xe0
[  521.641322][T12841]  ? bpf_test_init+0x119/0x140
[  521.646182][T12841]  ? xdp_convert_md_to_buff+0x5b/0x330
[  521.651660][T12841]  bpf_prog_test_run_xdp+0x7ca/0x10e0
[  521.657054][T12841]  ? dev_put+0x80/0x80
[  521.661144][T12841]  ? dev_put+0x80/0x80
[  521.665313][T12841]  bpf_prog_test_run+0x321/0x390
[  521.670263][T12841]  __sys_bpf+0x49d/0x890
[  521.674522][T12841]  ? bpf_link_show_fdinfo+0x390/0x390
[  521.679920][T12841]  ? lock_chain_count+0x20/0x20
[  521.684791][T12841]  __x64_sys_bpf+0x7c/0x90
[  521.689218][T12841]  do_syscall_64+0x55/0xa0
[  521.693652][T12841]  ? clear_bhb_loop+0x40/0x90
[  521.698602][T12841]  ? clear_bhb_loop+0x40/0x90
[  521.703293][T12841]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  521.709196][T12841] RIP: 0033:0x7fa34779c819
[  521.713625][T12841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  521.733336][T12841] RSP: 002b:00007fa3486af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  521.741846][T12841] RAX: ffffffffffffffda RBX: 00007fa347a15fa0 RCX: 00007fa34779c819
[  521.749823][T12841] RDX: 0000000000000050 RSI: 0000200000000b80 RDI: 000000000000000a
[  521.757887][T12841] RBP: 00007fa3486af090 R08: 0000000000000000 R09: 0000000000000000
[  521.766079][T12841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.774077][T12841] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  521.782074][T12841]  </TASK>
[  521.800974][T12841] page_pool_create() gave up with errno -12
[  522.100618][T12850] FAULT_INJECTION: forcing a failure.
[  522.100618][T12850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.135183][T12850] CPU: 0 PID: 12850 Comm: syz.1.2168 Not tainted syzkaller #0
[  522.142835][T12850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  522.152930][T12850] Call Trace:
[  522.156502][T12850]  <TASK>
[  522.159473][T12850]  dump_stack_lvl+0x18c/0x250
[  522.164218][T12850]  ? show_regs_print_info+0x20/0x20
[  522.169478][T12850]  ? load_image+0x400/0x400
[  522.174035][T12850]  ? __might_fault+0xaa/0x120
[  522.178757][T12850]  should_fail_ex+0x39d/0x4d0
[  522.183486][T12850]  copyin+0x1a/0x90
[  522.187343][T12850]  _copy_from_iter+0x404/0x12e0
[  522.192215][T12850]  ? slab_post_alloc_hook+0x8a/0x4b0
[  522.197608][T12850]  ? __virt_addr_valid+0x18c/0x540
[  522.202738][T12850]  ? __lock_acquire+0x7d40/0x7d40
[  522.207778][T12850]  ? copyout_mc+0x70/0x70
[  522.212129][T12850]  ? __virt_addr_valid+0x18c/0x540
[  522.217260][T12850]  ? __virt_addr_valid+0x18c/0x540
[  522.222557][T12850]  ? __virt_addr_valid+0x469/0x540
[  522.227691][T12850]  ? __check_object_size+0x506/0xa20
[  522.232990][T12850]  netlink_sendmsg+0x76b/0xbf0
[  522.237792][T12850]  ? netlink_getsockopt+0x590/0x590
[  522.243007][T12850]  ? aa_sock_msg_perm+0x94/0x150
[  522.247960][T12850]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  522.253279][T12850]  ? security_socket_sendmsg+0x80/0xa0
[  522.258757][T12850]  ? netlink_getsockopt+0x590/0x590
[  522.263982][T12850]  ____sys_sendmsg+0x5ba/0x960
[  522.268795][T12850]  ? __asan_memset+0x22/0x40
[  522.273494][T12850]  ? __sys_sendmsg_sock+0x30/0x30
[  522.278524][T12850]  ? __import_iovec+0x3fa/0x850
[  522.283574][T12850]  ? import_iovec+0x73/0xa0
[  522.288091][T12850]  ___sys_sendmsg+0x2a6/0x360
[  522.292775][T12850]  ? get_pid_task+0x20/0x1e0
[  522.297382][T12850]  ? __sys_sendmsg+0x2a0/0x2a0
[  522.302173][T12850]  ? __lock_acquire+0x7d40/0x7d40
[  522.307314][T12850]  __se_sys_sendmsg+0x1c2/0x2b0
[  522.312180][T12850]  ? __x64_sys_sendmsg+0x80/0x80
[  522.317138][T12850]  ? lockdep_hardirqs_on+0x98/0x150
[  522.322360][T12850]  do_syscall_64+0x55/0xa0
[  522.326791][T12850]  ? clear_bhb_loop+0x40/0x90
[  522.331567][T12850]  ? clear_bhb_loop+0x40/0x90
[  522.336259][T12850]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  522.342258][T12850] RIP: 0033:0x7fdbdef9c819
[  522.346688][T12850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  522.366303][T12850] RSP: 002b:00007fdbdfe35028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  522.374943][T12850] RAX: ffffffffffffffda RBX: 00007fdbdf215fa0 RCX: 00007fdbdef9c819
[  522.382922][T12850] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  522.390903][T12850] RBP: 00007fdbdfe35090 R08: 0000000000000000 R09: 0000000000000000
[  522.398894][T12850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.406877][T12850] R13: 00007fdbdf216038 R14: 00007fdbdf215fa0 R15: 00007ffc8b9d2038
[  522.414875][T12850]  </TASK>
[  522.921290][T12852] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2167'.
[  522.953271][T12852] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  522.965220][T12852] CPU: 1 PID: 12852 Comm: syz.3.2167 Not tainted syzkaller #0
[  522.972868][T12852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  522.983065][T12852] Call Trace:
[  522.986391][T12852]  <TASK>
[  522.989366][T12852]  dump_stack_lvl+0x18c/0x250
[  522.994110][T12852]  ? show_regs_print_info+0x20/0x20
[  522.999366][T12852]  ? load_image+0x400/0x400
[  523.004717][T12852]  sysfs_warn_dup+0x8e/0xa0
[  523.009274][T12852]  sysfs_do_create_link_sd+0xc0/0x110
[  523.014695][T12852]  device_add_class_symlinks+0x1cf/0x240
[  523.020397][T12852]  device_add+0x507/0xc20
[  523.024785][T12852]  wiphy_register+0x1dad/0x2ae0
[  523.029711][T12852]  ? cfg80211_event_work+0x40/0x40
[  523.034861][T12852]  ? minstrel_ht_alloc+0x88a/0x990
[  523.040035][T12852]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  523.046152][T12852]  ieee80211_register_hw+0x3464/0x4250
[  523.051791][T12852]  ? ieee80211_tasklet_handler+0x20/0x20
[  523.057476][T12852]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  523.063468][T12852]  ? __debug_object_init+0xec/0x450
[  523.068726][T12852]  ? __asan_memset+0x22/0x40
[  523.073375][T12852]  ? __hrtimer_init+0x186/0x270
[  523.078286][T12852]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  523.084083][T12852]  ? mac80211_hwsim_free+0x220/0x220
[  523.089477][T12852]  ? rcu_is_watching+0x15/0xb0
[  523.094299][T12852]  ? kstrndup+0xbd/0x140
[  523.098701][T12852]  hwsim_new_radio_nl+0xdc9/0x1a90
[  523.103868][T12852]  ? __nla_validate+0x50/0x50
[  523.108611][T12852]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  523.115016][T12852]  ? __nla_parse+0x40/0x50
[  523.119503][T12852]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  523.125898][T12852]  genl_family_rcv_msg_doit+0x211/0x310
[  523.131538][T12852]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  523.137509][T12852]  ? bpf_lsm_capable+0x9/0x10
[  523.142242][T12852]  ? security_capable+0x89/0xb0
[  523.147148][T12852]  genl_rcv_msg+0x619/0x7a0
[  523.151702][T12852]  ? genl_bind+0x360/0x360
[  523.156155][T12852]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  523.162663][T12852]  netlink_rcv_skb+0x241/0x4d0
[  523.167488][T12852]  ? genl_bind+0x360/0x360
[  523.171961][T12852]  ? netlink_ack+0x1180/0x1180
[  523.176798][T12852]  ? __lock_acquire+0x7d40/0x7d40
[  523.181879][T12852]  ? down_read+0x1ac/0x2e0
[  523.186434][T12852]  genl_rcv+0x28/0x40
[  523.190477][T12852]  netlink_unicast+0x751/0x8d0
[  523.195326][T12852]  netlink_sendmsg+0x8d0/0xbf0
[  523.200157][T12852]  ? netlink_getsockopt+0x590/0x590
[  523.205523][T12852]  ? aa_sock_msg_perm+0x94/0x150
[  523.210564][T12852]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  523.215905][T12852]  ? security_socket_sendmsg+0x80/0xa0
[  523.221413][T12852]  ? netlink_getsockopt+0x590/0x590
[  523.226675][T12852]  ____sys_sendmsg+0x5ba/0x960
[  523.231503][T12852]  ? __asan_memset+0x22/0x40
[  523.236136][T12852]  ? __sys_sendmsg_sock+0x30/0x30
[  523.241196][T12852]  ? __import_iovec+0x5f2/0x850
[  523.246099][T12852]  ? import_iovec+0x73/0xa0
[  523.250645][T12852]  ___sys_sendmsg+0x2a6/0x360
[  523.255457][T12852]  ? __sys_sendmsg+0x2a0/0x2a0
[  523.260297][T12852]  ? trace_call_bpf+0xc3/0x6c0
[  523.265145][T12852]  __se_sys_sendmsg+0x1c2/0x2b0
[  523.270055][T12852]  ? __x64_sys_sendmsg+0x80/0x80
[  523.275149][T12852]  ? lockdep_hardirqs_on+0x98/0x150
[  523.280400][T12852]  do_syscall_64+0x55/0xa0
[  523.284894][T12852]  ? clear_bhb_loop+0x40/0x90
[  523.289618][T12852]  ? clear_bhb_loop+0x40/0x90
[  523.294360][T12852]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  523.300301][T12852] RIP: 0033:0x7fa34779c819
[  523.304759][T12852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  523.324684][T12852] RSP: 002b:00007fa3486af028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.333242][T12852] RAX: ffffffffffffffda RBX: 00007fa347a15fa0 RCX: 00007fa34779c819
[  523.341468][T12852] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000f
[  523.349841][T12852] RBP: 00007fa347832c91 R08: 0000000000000000 R09: 0000000000000000
[  523.357856][T12852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  523.365870][T12852] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  523.373903][T12852]  </TASK>
[  523.423617][T12864] mac80211_hwsim hwsim6 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  523.516016][T12862] netlink: 'syz.2.2171': attribute type 10 has an invalid length.
[  523.767424][T12876] ip6gretap0: entered promiscuous mode
[  523.793747][T12876] ip6gretap0: entered allmulticast mode
[  524.627569][T12890] netlink: 'syz.0.2179': attribute type 10 has an invalid length.
[  524.635922][T12890] netlink: 55 bytes leftover after parsing attributes in process `syz.0.2179'.
[  525.137751][T12899] netlink: 'syz.1.2181': attribute type 10 has an invalid length.
[  525.238496][T12906] netlink: 'syz.2.2182': attribute type 29 has an invalid length.
[  525.459955][T12899] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2181'.
[  525.569567][T12899] batadv0: entered promiscuous mode
[  525.785557][T12899] batadv0: entered allmulticast mode
[  525.793071][T12899] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  525.809566][T12906] netlink: 'syz.2.2182': attribute type 29 has an invalid length.
[  525.833300][T12907] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2183'.
[  526.191310][   T11] wlan1: Trigger new scan to find an IBSS to join
[  526.836248][T12939] netlink: 'syz.0.2192': attribute type 29 has an invalid length.
[  526.875533][T12939] netlink: 'syz.0.2192': attribute type 29 has an invalid length.
[  526.914299][T12938] can: request_module (can-proto-0) failed.
[  527.189950][T12947] netlink: 'syz.2.2194': attribute type 10 has an invalid length.
[  527.211038][T12947] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2194'.
[  527.708462][T12961] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2200'.
[  528.594350][T12980] FAULT_INJECTION: forcing a failure.
[  528.594350][T12980] name failslab, interval 1, probability 0, space 0, times 0
[  528.661177][T12980] CPU: 0 PID: 12980 Comm: syz.1.2204 Not tainted syzkaller #0
[  528.668722][T12980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  528.678903][T12980] Call Trace:
[  528.682280][T12980]  <TASK>
[  528.685257][T12980]  dump_stack_lvl+0x18c/0x250
[  528.689989][T12980]  ? show_regs_print_info+0x20/0x20
[  528.695224][T12980]  ? load_image+0x400/0x400
[  528.699773][T12980]  ? __might_sleep+0xe0/0xe0
[  528.704404][T12980]  ? __lock_acquire+0x7d40/0x7d40
[  528.709470][T12980]  should_fail_ex+0x39d/0x4d0
[  528.714207][T12980]  should_failslab+0x9/0x20
[  528.718753][T12980]  slab_pre_alloc_hook+0x59/0x310
[  528.723819][T12980]  ? apparmor_sk_alloc_security+0x77/0x100
[  528.729664][T12980]  __kmem_cache_alloc_node+0x53/0x250
[  528.735085][T12980]  ? apparmor_sk_alloc_security+0x77/0x100
[  528.740953][T12980]  kmalloc_trace+0x2a/0xe0
[  528.745434][T12980]  apparmor_sk_alloc_security+0x77/0x100
[  528.751231][T12980]  security_sk_alloc+0x6e/0xa0
[  528.756129][T12980]  sk_prot_alloc+0x101/0x210
[  528.761260][T12980]  ? sk_alloc+0x24/0x360
[  528.765613][T12980]  sk_alloc+0x3a/0x360
[  528.769693][T12980]  ? bpf_ctx_init+0x163/0x1a0
[  528.774747][T12980]  ? bpf_prog_test_run_skb+0x273/0x12b0
[  528.780421][T12980]  bpf_prog_test_run_skb+0x3a5/0x12b0
[  528.785809][T12980]  ? __fget_files+0x28/0x4b0
[  528.790423][T12980]  ? __fget_files+0x28/0x4b0
[  528.795028][T12980]  ? __fget_files+0x43d/0x4b0
[  528.799822][T12980]  ? cpu_online+0x60/0x60
[  528.804252][T12980]  bpf_prog_test_run+0x321/0x390
[  528.809300][T12980]  __sys_bpf+0x49d/0x890
[  528.813556][T12980]  ? bpf_link_show_fdinfo+0x390/0x390
[  528.819217][T12980]  ? lock_chain_count+0x20/0x20
[  528.824089][T12980]  __x64_sys_bpf+0x7c/0x90
[  528.828517][T12980]  do_syscall_64+0x55/0xa0
[  528.832948][T12980]  ? clear_bhb_loop+0x40/0x90
[  528.837636][T12980]  ? clear_bhb_loop+0x40/0x90
[  528.842331][T12980]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  528.848244][T12980] RIP: 0033:0x7fdbdef9c819
[  528.852683][T12980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  528.872301][T12980] RSP: 002b:00007fdbdfe14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  528.880756][T12980] RAX: ffffffffffffffda RBX: 00007fdbdf216090 RCX: 00007fdbdef9c819
[  528.888775][T12980] RDX: 0000000000000050 RSI: 00002000000000c0 RDI: 000000000000000a
[  528.896787][T12980] RBP: 00007fdbdfe14090 R08: 0000000000000000 R09: 0000000000000000
[  528.904773][T12980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.912755][T12980] R13: 00007fdbdf216128 R14: 00007fdbdf216090 R15: 00007ffc8b9d2038
[  528.920749][T12980]  </TASK>
[  529.050972][T12984] netlink: 'syz.2.2205': attribute type 21 has an invalid length.
[  529.064294][T12984] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2205'.
[  529.231021][ T1099] wlan1: Trigger new scan to find an IBSS to join
[  529.699593][T12995] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2208'.
[  529.729745][T12995] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  530.319088][T13013] pim6reg1: entered allmulticast mode
[  532.170013][T13058] netlink: 'syz.2.2225': attribute type 10 has an invalid length.
[  532.207776][ T1099] wlan1: Creating new IBSS network, BSSID 6e:80:43:7b:fb:5d
[  533.017683][T13071] FAULT_INJECTION: forcing a failure.
[  533.017683][T13071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  533.033920][T13071] CPU: 1 PID: 13071 Comm: syz.0.2233 Not tainted syzkaller #0
[  533.041474][T13071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  533.051664][T13071] Call Trace:
[  533.055225][T13071]  <TASK>
[  533.058173][T13071]  dump_stack_lvl+0x18c/0x250
[  533.062902][T13071]  ? show_regs_print_info+0x20/0x20
[  533.068127][T13071]  ? load_image+0x400/0x400
[  533.072661][T13071]  ? __might_fault+0xaa/0x120
[  533.077365][T13071]  ? __lock_acquire+0x7d40/0x7d40
[  533.082504][T13071]  should_fail_ex+0x39d/0x4d0
[  533.087222][T13071]  _copy_from_user+0x2f/0xe0
[  533.091926][T13071]  ___sys_recvmsg+0x176/0x590
[  533.096725][T13071]  ? __sys_recvmsg+0x2a0/0x2a0
[  533.101641][T13071]  ? ksys_write+0x1c4/0x260
[  533.106218][T13071]  ? __fget_files+0x43d/0x4b0
[  533.110954][T13071]  __x64_sys_recvmsg+0x20c/0x2e0
[  533.116044][T13071]  ? ___sys_recvmsg+0x590/0x590
[  533.120974][T13071]  ? lockdep_hardirqs_on+0x98/0x150
[  533.126231][T13071]  do_syscall_64+0x55/0xa0
[  533.130683][T13071]  ? clear_bhb_loop+0x40/0x90
[  533.135387][T13071]  ? clear_bhb_loop+0x40/0x90
[  533.140091][T13071]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  533.146007][T13071] RIP: 0033:0x7f38c119c819
[  533.150447][T13071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  533.170080][T13071] RSP: 002b:00007f38c209c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  533.178526][T13071] RAX: ffffffffffffffda RBX: 00007f38c1415fa0 RCX: 00007f38c119c819
[  533.186558][T13071] RDX: 0000000000010002 RSI: 0000200000000580 RDI: 0000000000000004
[  533.194588][T13071] RBP: 00007f38c209c090 R08: 0000000000000000 R09: 0000000000000000
[  533.202756][T13071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  533.210765][T13071] R13: 00007f38c1416038 R14: 00007f38c1415fa0 R15: 00007fff509d2fc8
[  533.218794][T13071]  </TASK>
[  534.578779][T13093] netlink: 'syz.3.2242': attribute type 10 has an invalid length.
[  534.755030][T13101] netlink: 'syz.2.2244': attribute type 2 has an invalid length.
[  535.028925][T13103] FAULT_INJECTION: forcing a failure.
[  535.028925][T13103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  535.073772][T13103] CPU: 0 PID: 13103 Comm: syz.1.2245 Not tainted syzkaller #0
[  535.081407][T13103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  535.091506][T13103] Call Trace:
[  535.094825][T13103]  <TASK>
[  535.097791][T13103]  dump_stack_lvl+0x18c/0x250
[  535.102524][T13103]  ? show_regs_print_info+0x20/0x20
[  535.107766][T13103]  ? load_image+0x400/0x400
[  535.112312][T13103]  ? __might_fault+0xaa/0x120
[  535.117024][T13103]  ? __lock_acquire+0x7d40/0x7d40
[  535.122190][T13103]  should_fail_ex+0x39d/0x4d0
[  535.126922][T13103]  _copy_from_user+0x2f/0xe0
[  535.131553][T13103]  ___sys_sendmsg+0x1c7/0x360
[  535.136279][T13103]  ? get_pid_task+0x20/0x1e0
[  535.140916][T13103]  ? __sys_sendmsg+0x2a0/0x2a0
[  535.145832][T13103]  ? __lock_acquire+0x7d40/0x7d40
[  535.150931][T13103]  __se_sys_sendmsg+0x1c2/0x2b0
[  535.155843][T13103]  ? __x64_sys_sendmsg+0x80/0x80
[  535.160843][T13103]  ? lockdep_hardirqs_on+0x98/0x150
[  535.166176][T13103]  do_syscall_64+0x55/0xa0
[  535.170818][T13103]  ? clear_bhb_loop+0x40/0x90
[  535.175538][T13103]  ? clear_bhb_loop+0x40/0x90
[  535.180279][T13103]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  535.186221][T13103] RIP: 0033:0x7fdbdef9c819
[  535.190680][T13103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  535.210365][T13103] RSP: 002b:00007fdbdfe35028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.218910][T13103] RAX: ffffffffffffffda RBX: 00007fdbdf215fa0 RCX: 00007fdbdef9c819
[  535.226916][T13103] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  535.234911][T13103] RBP: 00007fdbdfe35090 R08: 0000000000000000 R09: 0000000000000000
[  535.242897][T13103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.250880][T13103] R13: 00007fdbdf216038 R14: 00007fdbdf215fa0 R15: 00007ffc8b9d2038
[  535.258959][T13103]  </TASK>
[  535.742563][T13118] netlink: 'syz.3.2249': attribute type 10 has an invalid length.
[  536.974281][T13137] netlink: 'syz.0.2256': attribute type 10 has an invalid length.
[  537.911445][T13147] netlink: 'syz.3.2261': attribute type 10 has an invalid length.
[  539.313614][T13183] netlink: 'syz.1.2272': attribute type 10 has an invalid length.
[  539.340887][T13183] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2272'.
[  539.797355][T13188] netlink: 'syz.3.2274': attribute type 10 has an invalid length.
[  540.936416][T13209] syzkaller0: entered promiscuous mode
[  540.942245][T13209] syzkaller0: entered allmulticast mode
[  543.700630][T13227] netlink: 'syz.1.2285': attribute type 10 has an invalid length.
[  545.235840][T13261] syzkaller1: tun_chr_ioctl cmd 1074025675
[  545.242010][T13261] syzkaller1: persist enabled
[  545.246843][T13262] syzkaller1: tun_chr_ioctl cmd 1074025675
[  545.257159][T13262] syzkaller1: persist disabled
[  545.490070][T13267] netlink: 'syz.0.2297': attribute type 10 has an invalid length.
[  546.447216][T13292] netlink: 'syz.3.2305': attribute type 12 has an invalid length.
[  546.462462][T13292] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2305'.
[  546.475258][T13289] netlink: 'syz.1.2304': attribute type 2 has an invalid length.
[  546.500361][T13289] netlink: 'syz.1.2304': attribute type 8 has an invalid length.
[  546.541378][T13290] netlink: 'syz.1.2304': attribute type 3 has an invalid length.
[  546.549642][T13290] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2304'.
[  546.561534][T13289] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2304'.
[  546.742544][T13289] netlink: 'syz.1.2304': attribute type 2 has an invalid length.
[  546.769203][T13289] netlink: 'syz.1.2304': attribute type 8 has an invalid length.
[  546.777076][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  546.819550][T13289] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2304'.
[  546.865788][T13295] netlink: 'syz.2.2307': attribute type 10 has an invalid length.
[  547.686437][T13328] netlink: 'syz.1.2316': attribute type 1 has an invalid length.
[  547.802232][T13328] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.2316'.
[  549.158479][T13344] netlink: 'syz.1.2319': attribute type 10 has an invalid length.
[  550.995096][T13357] netlink: 'syz.0.2327': attribute type 2 has an invalid length.
[  551.014649][T13357] netlink: 'syz.0.2327': attribute type 8 has an invalid length.
[  551.031719][T13357] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2327'.
[  551.050202][T13357] FAULT_INJECTION: forcing a failure.
[  551.050202][T13357] name failslab, interval 1, probability 0, space 0, times 0
[  551.081656][T13357] CPU: 0 PID: 13357 Comm: syz.0.2327 Not tainted syzkaller #0
[  551.089210][T13357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  551.099288][T13357] Call Trace:
[  551.102611][T13357]  <TASK>
[  551.105608][T13357]  dump_stack_lvl+0x18c/0x250
[  551.110462][T13357]  ? show_regs_print_info+0x20/0x20
[  551.115832][T13357]  ? load_image+0x400/0x400
[  551.120510][T13357]  ? __might_sleep+0xe0/0xe0
[  551.125259][T13357]  ? __lock_acquire+0x7d40/0x7d40
[  551.130353][T13357]  should_fail_ex+0x39d/0x4d0
[  551.135157][T13357]  should_failslab+0x9/0x20
[  551.139713][T13357]  slab_pre_alloc_hook+0x59/0x310
[  551.144792][T13357]  ? ip_mc_find_dev+0xc2/0x3f0
[  551.149649][T13357]  ? sock_kmalloc+0x96/0xf0
[  551.154215][T13357]  ? sock_kmalloc+0x96/0xf0
[  551.158785][T13357]  __kmem_cache_alloc_node+0x53/0x250
[  551.164313][T13357]  ? sock_kmalloc+0x96/0xf0
[  551.168896][T13357]  __kmalloc+0xa4/0x230
[  551.173147][T13357]  sock_kmalloc+0x96/0xf0
[  551.177586][T13357]  __ip_mc_join_group+0x36b/0x510
[  551.182741][T13357]  ip_mc_autojoin_config+0x177/0x240
[  551.188124][T13357]  ? inet_set_link_af+0x4a0/0x4a0
[  551.193296][T13357]  inet_rtm_newaddr+0xbca/0x1ae0
[  551.198336][T13357]  ? inet_netconf_fill_devconf+0x8f0/0x8f0
[  551.204267][T13357]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  551.209528][T13357]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  551.214683][T13357]  ? inet_netconf_fill_devconf+0x8f0/0x8f0
[  551.220670][T13357]  rtnetlink_rcv_msg+0x869/0xfa0
[  551.225717][T13357]  ? lockdep_hardirqs_on+0x98/0x150
[  551.231020][T13357]  ? rtnetlink_bind+0x80/0x80
[  551.235867][T13357]  ? perf_trace_preemptirq_template+0xac/0x330
[  551.242302][T13357]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  551.248399][T13357]  ? lock_chain_count+0x20/0x20
[  551.253364][T13357]  ? __local_bh_enable_ip+0x13a/0x1c0
[  551.258829][T13357]  ? lockdep_hardirqs_on+0x98/0x150
[  551.264122][T13357]  ? __local_bh_enable_ip+0x13a/0x1c0
[  551.269575][T13357]  ? _local_bh_enable+0xa0/0xa0
[  551.274531][T13357]  ? __dev_queue_xmit+0x265/0x3660
[  551.279716][T13357]  ? __dev_queue_xmit+0x265/0x3660
[  551.284913][T13357]  ? __dev_queue_xmit+0x1b2c/0x3660
[  551.290235][T13357]  ? __dev_queue_xmit+0x265/0x3660
[  551.295465][T13357]  ? ref_tracker_free+0x690/0x840
[  551.300620][T13357]  netlink_rcv_skb+0x241/0x4d0
[  551.305555][T13357]  ? rtnetlink_bind+0x80/0x80
[  551.310329][T13357]  ? netlink_ack+0x1180/0x1180
[  551.315225][T13357]  ? __lock_acquire+0x7d40/0x7d40
[  551.320355][T13357]  ? netlink_deliver_tap+0x2e/0x1b0
[  551.325668][T13357]  netlink_unicast+0x751/0x8d0
[  551.330572][T13357]  netlink_sendmsg+0x8d0/0xbf0
[  551.335455][T13357]  ? netlink_getsockopt+0x590/0x590
[  551.340738][T13357]  ? aa_sock_msg_perm+0x94/0x150
[  551.345760][T13357]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  551.351113][T13357]  ? security_socket_sendmsg+0x80/0xa0
[  551.356636][T13357]  ? netlink_getsockopt+0x590/0x590
[  551.362012][T13357]  ____sys_sendmsg+0x5ba/0x960
[  551.366883][T13357]  ? __asan_memset+0x22/0x40
[  551.371548][T13357]  ? __sys_sendmsg_sock+0x30/0x30
[  551.376636][T13357]  ? __import_iovec+0x5f2/0x850
[  551.381590][T13357]  ? import_iovec+0x73/0xa0
[  551.386182][T13357]  ___sys_sendmsg+0x2a6/0x360
[  551.391052][T13357]  ? get_pid_task+0x20/0x1e0
[  551.395740][T13357]  ? __sys_sendmsg+0x2a0/0x2a0
[  551.400746][T13357]  ? __lock_acquire+0x7d40/0x7d40
[  551.406147][T13357]  __se_sys_sendmsg+0x1c2/0x2b0
[  551.411097][T13357]  ? __x64_sys_sendmsg+0x80/0x80
[  551.416173][T13357]  ? lockdep_hardirqs_on+0x98/0x150
[  551.421462][T13357]  do_syscall_64+0x55/0xa0
[  551.425953][T13357]  ? clear_bhb_loop+0x40/0x90
[  551.430699][T13357]  ? clear_bhb_loop+0x40/0x90
[  551.435454][T13357]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  551.441446][T13357] RIP: 0033:0x7f38c119c819
[  551.445934][T13357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  551.465613][T13357] RSP: 002b:00007f38c207b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  551.474115][T13357] RAX: ffffffffffffffda RBX: 00007f38c1416090 RCX: 00007f38c119c819
[  551.482156][T13357] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 000000000000000b
[  551.490198][T13357] RBP: 00007f38c207b090 R08: 0000000000000000 R09: 0000000000000000
[  551.498352][T13357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  551.506481][T13357] R13: 00007f38c1416128 R14: 00007f38c1416090 R15: 00007fff509d2fc8
[  551.514591][T13357]  </TASK>
[  551.622923][T13361] netlink: 'syz.3.2328': attribute type 10 has an invalid length.
[  551.660894][T13361] netlink: 65015 bytes leftover after parsing attributes in process `syz.3.2328'.
[  551.712174][T13360] netlink: 'syz.3.2328': attribute type 10 has an invalid length.
[  551.740227][T13360] netlink: 65015 bytes leftover after parsing attributes in process `syz.3.2328'.
[  554.238840][T13384] syzkaller0: entered promiscuous mode
[  554.257297][T13384] syzkaller0: entered allmulticast mode
[  554.324502][T13393] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  554.339717][T13393] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  554.381064][T13393] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  554.399035][T13393] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  554.427569][T13393] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  554.441690][T13393] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  554.526454][T13390] netlink: 'syz.2.2334': attribute type 10 has an invalid length.
[  555.337315][T13392] chnl_net:caif_netlink_parms(): no params data found
[  555.788086][T13409] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2338'.
[  555.805341][T13392] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.821321][T13392] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.829493][T13392] bridge_slave_0: entered allmulticast mode
[  555.842645][T13392] bridge_slave_0: entered promiscuous mode
[  555.865475][T13392] bridge0: port 2(bridge_slave_1) entered blocking state
[  555.877980][T13392] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.890828][T13392] bridge_slave_1: entered allmulticast mode
[  555.907661][T13392] bridge_slave_1: entered promiscuous mode
[  555.931113][T13409] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2338'.
[  556.012996][T13414] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2338'.
[  556.031568][T13415] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2338'.
[  556.103065][T13392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  556.137187][T13392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  556.257447][T13392] team0: Port device team_slave_0 added
[  556.343401][T13392] team0: Port device team_slave_1 added
[  556.452663][T13392] batman_adv: batadv0: Adding interface: batadv_slave_0
[  556.481207][T13392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  556.520988][   T51] Bluetooth: hci4: command tx timeout
[  556.550761][T13392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  556.569041][T13392] batman_adv: batadv0: Adding interface: batadv_slave_1
[  556.577114][T13392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  556.604572][T13392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  556.837148][T13392] hsr_slave_0: entered promiscuous mode
[  556.878991][T13421] FAULT_INJECTION: forcing a failure.
[  556.878991][T13421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.921998][T13392] hsr_slave_1: entered promiscuous mode
[  556.941546][T13421] CPU: 1 PID: 13421 Comm: syz.3.2342 Not tainted syzkaller #0
[  556.949128][T13421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  556.959255][T13421] Call Trace:
[  556.962599][T13421]  <TASK>
[  556.965594][T13421]  dump_stack_lvl+0x18c/0x250
[  556.970360][T13421]  ? show_regs_print_info+0x20/0x20
[  556.975635][T13421]  ? load_image+0x400/0x400
[  556.980265][T13421]  ? __might_fault+0xaa/0x120
[  556.985051][T13421]  should_fail_ex+0x39d/0x4d0
[  556.989830][T13421]  copyin+0x1a/0x90
[  556.993718][T13421]  _copy_from_iter+0x54f/0x12e0
[  556.998639][T13421]  ? __virt_addr_valid+0x18c/0x540
[  557.003857][T13421]  ? copyout_mc+0x70/0x70
[  557.008256][T13421]  ? __virt_addr_valid+0x18c/0x540
[  557.013458][T13421]  ? __virt_addr_valid+0x18c/0x540
[  557.018742][T13421]  ? __virt_addr_valid+0x469/0x540
[  557.023937][T13421]  ? __check_object_size+0x506/0xa20
[  557.029399][T13421]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  557.035197][T13421]  ? dev_get_by_index+0x22/0x2d0
[  557.040303][T13421]  ? skb_put+0x11b/0x210
[  557.044635][T13421]  packet_sendmsg+0x3566/0x4d70
[  557.049670][T13421]  ? verify_lock_unused+0x140/0x140
[  557.054937][T13421]  ? perf_trace_lock_acquire+0x34f/0x410
[  557.060694][T13421]  ? aa_sk_perm+0x83c/0x970
[  557.065294][T13421]  ? packet_getsockopt+0xad0/0xad0
[  557.070515][T13421]  ? aa_sock_msg_perm+0x94/0x150
[  557.075529][T13421]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  557.080894][T13421]  ? security_socket_sendmsg+0x80/0xa0
[  557.086514][T13421]  ? packet_getsockopt+0xad0/0xad0
[  557.091801][T13421]  ____sys_sendmsg+0x5ba/0x960
[  557.096635][T13421]  ? __lock_acquire+0x7d40/0x7d40
[  557.101750][T13421]  ? __asan_memset+0x22/0x40
[  557.106437][T13421]  ? __sys_sendmsg_sock+0x30/0x30
[  557.111518][T13421]  ? __import_iovec+0x3fa/0x850
[  557.116475][T13421]  ? import_iovec+0x73/0xa0
[  557.121054][T13421]  ___sys_sendmsg+0x2a6/0x360
[  557.125822][T13421]  ? __sys_sendmsg+0x2a0/0x2a0
[  557.130840][T13421]  __se_sys_sendmsg+0x1c2/0x2b0
[  557.135777][T13421]  ? __x64_sys_sendmsg+0x80/0x80
[  557.140843][T13421]  ? syscall_enter_from_user_mode+0x2e/0x80
[  557.146828][T13421]  do_syscall_64+0x55/0xa0
[  557.151315][T13421]  ? clear_bhb_loop+0x40/0x90
[  557.156054][T13421]  ? clear_bhb_loop+0x40/0x90
[  557.160799][T13421]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  557.166767][T13421] RIP: 0033:0x7fa34779c819
[  557.171257][T13421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  557.191200][T13421] RSP: 002b:00007fa3486af028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  557.199695][T13421] RAX: ffffffffffffffda RBX: 00007fa347a15fa0 RCX: 00007fa34779c819
[  557.207815][T13421] RDX: 0000000004000081 RSI: 00002000000000c0 RDI: 0000000000000009
[  557.215936][T13421] RBP: 00007fa3486af090 R08: 0000000000000000 R09: 0000000000000000
[  557.224099][T13421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.232152][T13421] R13: 00007fa347a16038 R14: 00007fa347a15fa0 R15: 00007ffc4ca393c8
[  557.240255][T13421]  </TASK>
[  558.044387][T13434] netlink: 'syz.2.2344': attribute type 10 has an invalid length.
[  558.343733][T13392] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.600950][   T51] Bluetooth: hci4: command tx timeout
[  558.648407][T13392] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.916025][T13392] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.116325][T13392] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.415500][T13449] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2349'.
[  559.449843][T13449] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2349'.
[  559.513061][T13450] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2349'.
[  559.547867][T13449] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2349'.
[  559.656871][T13392] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  559.694915][T13392] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  559.715823][T13392] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  559.743908][T13392] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  560.225949][T13392] 8021q: adding VLAN 0 to HW filter on device bond0
[  560.350409][T13392] 8021q: adding VLAN 0 to HW filter on device team0
[  560.415751][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  560.422993][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  560.503501][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  560.510893][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  560.532977][T13459] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.2353'.
[  560.550220][T13457] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2352'.
[  560.671009][   T51] Bluetooth: hci4: command tx timeout
[  560.943721][T13463] netlink: 'syz.3.2355': attribute type 10 has an invalid length.
[  561.896727][T13392] 8021q: adding VLAN 0 to HW filter on device batadv0
[  561.914219][T13482] sock: sock_timestamping_bind_phc: sock not bind to device
[  562.173437][T13392] veth0_vlan: entered promiscuous mode
[  562.215042][T13392] veth1_vlan: entered promiscuous mode
[  562.301777][T13392] veth0_macvtap: entered promiscuous mode
[  562.326297][T13392] veth1_macvtap: entered promiscuous mode
[  562.371420][T13392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  562.396438][T13392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  562.438130][T13392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  562.454559][T13392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  562.470298][T13392] batman_adv: batadv0: Interface activated: batadv_slave_0
[  562.483592][T13392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  562.494434][T13392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  562.507101][T13392] batman_adv: batadv0: Interface activated: batadv_slave_1
[  562.571644][T13392] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  562.586559][T13392] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  562.606543][T13392] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  562.616004][T13392] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  562.735093][T13500] netlink: 'syz.1.2364': attribute type 10 has an invalid length.
[  562.753771][   T51] Bluetooth: hci4: command tx timeout
[  562.804080][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  562.815088][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  562.857173][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  562.866032][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  564.807737][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  564.814294][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  565.320355][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  571.341497][T13522] bond0: entered promiscuous mode
[  571.355352][T13522] bond_slave_0: entered promiscuous mode
[  571.386199][T13522] bond_slave_1: entered promiscuous mode
[  571.406540][T13522] bond0: entered allmulticast mode
[  571.431145][T13522] bond_slave_0: entered allmulticast mode
[  571.443873][T13522] bond_slave_1: entered allmulticast mode
[  571.765780][T13528] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2370'.
[  571.799516][T13530] netlink: 'syz.3.2371': attribute type 10 has an invalid length.
[  571.832221][T13530] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  572.541252][T13530] batman_adv: batadv0: Removing interface: batadv_slave_0
[  572.616075][T13530] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  572.625846][T13528] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2370'.
[  572.699055][T13540] netlink: 'syz.0.2372': attribute type 10 has an invalid length.
[  572.726220][T13540] batman_adv: batadv0: Adding interface: netdevsim0
[  572.761175][T13540] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  572.784808][T13542] netlink: 'syz.3.2373': attribute type 4 has an invalid length.
[  572.795179][T13540] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  572.815413][T13542] netlink: 'syz.3.2373': attribute type 16 has an invalid length.
[  572.841792][T13542] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2373'.
[  573.101462][T13542] netlink: 'syz.3.2373': attribute type 10 has an invalid length.
[  573.125337][T13542] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2373'.
[  573.172423][T13542] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  573.659264][T13393] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  573.678382][T13393] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  573.692244][T13393] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  573.697488][ T1091] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.726456][T13393] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  573.736666][T13393] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  573.744981][T13393] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  573.808715][T13557] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  574.028684][ T1091] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.419258][ T1091] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.582820][ T1091] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.888237][T13556] chnl_net:caif_netlink_parms(): no params data found
[  575.329905][T13582] netlink: 'syz.1.2385': attribute type 10 has an invalid length.
[  575.380635][T13582] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  575.794456][   T51] Bluetooth: hci0: command tx timeout
[  576.254167][T13582] batman_adv: batadv0: Removing interface: batadv_slave_0
[  576.295958][T13582] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  576.413580][ T1091] tipc: Left network mode
[  576.448389][T13556] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.457103][T13556] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.466786][T13556] bridge_slave_0: entered allmulticast mode
[  576.502859][T13556] bridge_slave_0: entered promiscuous mode
[  576.962145][T13556] bridge0: port 2(bridge_slave_1) entered blocking state
[  576.984050][T13556] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.998936][T13556] bridge_slave_1: entered allmulticast mode
[  577.013619][T13556] bridge_slave_1: entered promiscuous mode
[  577.052929][T13588] netlink: 'syz.0.2386': attribute type 10 has an invalid length.
[  577.134662][T13588] team0: Device veth1_macvtap failed to register rx_handler
[  577.616333][T13617] syz.3.2389 (13617) used obsolete PPPIOCDETACH ioctl
[  577.663906][T13556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  577.727762][T13556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  577.737346][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  577.873902][   T51] Bluetooth: hci0: command tx timeout
[  577.961288][T13627] netlink: 'syz.0.2399': attribute type 4 has an invalid length.
[  577.969121][T13627] netlink: 'syz.0.2399': attribute type 16 has an invalid length.
[  578.000974][T13627] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2399'.
[  578.056917][T13556] team0: Port device team_slave_0 added
[  578.159232][T13556] team0: Port device team_slave_1 added
[  578.340598][T13627] netlink: 'syz.0.2399': attribute type 10 has an invalid length.
[  578.377121][T13627] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2399'.
[  578.399560][T13627] caif0: entered promiscuous mode
[  578.409017][T13627] caif0: entered allmulticast mode
[  578.435582][T13627] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  578.541297][T13556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  578.548531][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  578.578079][T13556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  578.602601][T13556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  578.609618][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  578.656579][T13556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  578.851187][T13556] hsr_slave_0: entered promiscuous mode
[  578.878728][T13556] hsr_slave_1: entered promiscuous mode
[  579.950956][   T51] Bluetooth: hci0: command tx timeout
[  580.014143][T13556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  580.063514][T13556] Cannot create hsr debugfs directory
[  580.363177][T13667] netlink: 'syz.3.2397': attribute type 10 has an invalid length.
[  580.906197][T13667] team0: Device veth1_macvtap failed to register rx_handler
[  581.156395][T13680] netlink: 'syz.0.2401': attribute type 10 has an invalid length.
[  581.219096][T13680] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  582.026427][T13680] batman_adv: batadv0: Removing interface: batadv_slave_0
[  582.041511][   T51] Bluetooth: hci0: command tx timeout
[  582.053106][T13680] batadv_slave_0: entered promiscuous mode
[  582.059159][T13680] batadv_slave_0: entered allmulticast mode
[  582.067621][T13680] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  582.401478][T13698] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2405'.
[  582.643223][T13698] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2405'.
[  582.667730][T13700] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2405'.
[  582.744083][ T1091] bond0: (slave wlan1): Releasing backup interface
[  582.816926][T13701] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2405'.
[  583.053605][T13717] netlink: 'syz.0.2407': attribute type 25 has an invalid length.
[  583.077511][T13717] netlink: 'syz.0.2407': attribute type 3 has an invalid length.
[  583.347342][ T1091] hsr_slave_0: left promiscuous mode
[  583.515767][ T1091] hsr_slave_1: left promiscuous mode
[  599.159376][T13393] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  599.168330][T13393] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  599.178045][T13393] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  599.187562][T13393] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  599.198495][T13393] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  599.217711][T13393] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  599.418350][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  599.428121][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  599.437667][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  599.447471][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  599.455682][   T51] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  599.465573][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  600.177221][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  600.186034][   T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  600.197424][   T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  600.205976][   T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  600.214906][   T51] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  600.224481][   T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  601.320945][   T51] Bluetooth: hci3: command tx timeout
[  601.551622][   T51] Bluetooth: hci5: command tx timeout
[  602.272758][   T51] Bluetooth: hci6: command tx timeout
[  603.390800][   T51] Bluetooth: hci3: command tx timeout
[  603.631212][   T51] Bluetooth: hci5: command tx timeout
[  604.350930][   T51] Bluetooth: hci6: command tx timeout
[  605.480857][   T51] Bluetooth: hci3: command tx timeout
[  605.720870][   T51] Bluetooth: hci5: command tx timeout
[  606.432057][   T51] Bluetooth: hci6: command tx timeout
[  607.550873][   T51] Bluetooth: hci3: command tx timeout
[  607.790939][   T51] Bluetooth: hci5: command tx timeout
[  608.510985][   T51] Bluetooth: hci6: command tx timeout
[  624.675991][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  624.682691][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  632.360885][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  634.088606][T13393] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  634.097321][T13393] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  634.106756][T13393] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  634.122034][T13393] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  634.129888][T13393] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  634.138283][T13393] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  636.191273][T13393] Bluetooth: hci7: command tx timeout
[  638.271113][T13393] Bluetooth: hci7: command tx timeout
[  640.351150][T13393] Bluetooth: hci7: command tx timeout
[  642.431162][T13393] Bluetooth: hci7: command tx timeout
[  659.805871][   T51] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  659.816281][   T51] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  659.827301][   T51] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  659.838870][   T51] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  659.855747][   T51] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  659.863442][   T51] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  659.929512][T13393] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  659.938835][T13393] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  659.949879][T13393] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  659.966127][T13393] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  659.974039][T13393] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  659.981745][T13393] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  660.622324][T13393] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  660.636822][T13393] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  660.645521][T13393] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  660.659917][T13393] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  660.668042][T13393] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  660.675830][T13393] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  661.950999][   T51] Bluetooth: hci8: command tx timeout
[  662.035064][   T51] Bluetooth: hci9: command tx timeout
[  662.750894][   T51] Bluetooth: hci10: command tx timeout
[  663.711004][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  664.031005][   T51] Bluetooth: hci8: command tx timeout
[  664.114056][   T51] Bluetooth: hci9: command tx timeout
[  664.830960][   T51] Bluetooth: hci10: command tx timeout
[  666.110766][   T51] Bluetooth: hci8: command tx timeout
[  666.190962][   T51] Bluetooth: hci9: command tx timeout
[  666.911138][   T51] Bluetooth: hci10: command tx timeout
[  668.190902][   T51] Bluetooth: hci8: command tx timeout
[  668.271888][   T51] Bluetooth: hci9: command tx timeout
[  668.990786][   T51] Bluetooth: hci10: command tx timeout
[  677.950767][T13393] Bluetooth: hci4: command 0x0406 tx timeout
[  686.115563][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  686.127833][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  694.163054][T13393] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  694.174229][T13393] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  694.182918][T13393] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  694.193723][T13393] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  694.207243][T13393] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  694.215135][T13393] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  695.710934][   T66] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  696.270916][T13393] Bluetooth: hci11: command tx timeout
[  698.350737][   T51] Bluetooth: hci11: command tx timeout
[  698.431219][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  700.430759][T13393] Bluetooth: hci11: command tx timeout
[  702.510891][T13393] Bluetooth: hci11: command tx timeout
[  719.699665][   T51] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  719.716654][   T51] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  719.725601][   T51] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  719.734023][   T51] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  719.745807][   T51] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  719.753508][   T51] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  720.900540][T13393] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  720.922673][T13393] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  720.931536][T13393] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  720.942892][T13393] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  720.951687][T13393] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  720.959305][T13393] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  721.006856][T13393] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  721.015929][T13393] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  721.026576][T13393] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  721.035235][T13393] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  721.044472][T13393] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  721.053332][T13393] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  721.790990][   T51] Bluetooth: hci12: command tx timeout
[  722.990803][T13784] Bluetooth: hci13: command tx timeout
[  723.161072][T13784] Bluetooth: hci14: command tx timeout
[  723.881007][T13784] Bluetooth: hci12: command tx timeout
[  724.040445][T13784] Bluetooth: hci6: command 0x0406 tx timeout
[  724.046162][T13783] Bluetooth: hci3: command 0x0406 tx timeout
[  724.047437][T13784] Bluetooth: hci5: command 0x0406 tx timeout
[  725.070800][   T51] Bluetooth: hci13: command tx timeout
[  725.230846][   T51] Bluetooth: hci14: command tx timeout
[  725.955707][   T51] Bluetooth: hci12: command tx timeout
[  727.150765][   T51] Bluetooth: hci13: command tx timeout
[  727.310742][   T51] Bluetooth: hci14: command tx timeout
[  727.711309][T13749] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  728.030806][   T51] Bluetooth: hci12: command tx timeout
[  729.230740][   T51] Bluetooth: hci13: command tx timeout
[  729.390881][   T51] Bluetooth: hci14: command tx timeout
[  746.910937][   T28] INFO: task kworker/u4:3:49 blocked for more than 143 seconds.
[  746.918746][   T28]       Not tainted syzkaller #0
[  746.934230][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  746.943003][   T28] task:kworker/u4:3    state:D stack:21464 pid:49    ppid:2      flags:0x00004000
[  746.952343][   T28] Workqueue: events_unbound linkwatch_event
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  746.958389][   T28] Call Trace:
[  746.962257][   T28]  <TASK>
[  746.965370][   T28]  __schedule+0x1553/0x45a0
[  746.969934][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  746.990783][   T28]  ? asan.module_dtor+0x20/0x20
[  746.995728][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  747.000436][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  747.020830][   T28]  ? kthread_data+0x4f/0xc0
[  747.025462][   T28]  ? wq_worker_sleeping+0x63/0x240
[  747.040690][   T28]  schedule+0xbd/0x170
[  747.044848][   T28]  schedule_preempt_disabled+0x13/0x20
[  747.050436][   T28]  __mutex_lock+0x6a9/0xcc0
[  747.070901][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  747.075830][   T28]  ? linkwatch_event+0xe/0x60
[  747.080527][   T28]  ? mutex_lock_nested+0x20/0x20
[  747.130698][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  747.136006][   T28]  ? process_scheduled_works+0x96f/0x15d0
[  747.170625][   T28]  linkwatch_event+0xe/0x60
[  747.175232][   T28]  process_scheduled_works+0xa5d/0x15d0
[  747.183623][   T28]  ? worker_attach_to_pool+0x380/0x380
[  747.189148][   T28]  ? assign_work+0x3d2/0x5d0
[  747.194173][   T28]  worker_thread+0xa55/0xfc0
[  747.198854][   T28]  kthread+0x2fa/0x390
[  747.203029][   T28]  ? pr_cont_work+0x560/0x560
[  747.207750][   T28]  ? kthread_blkcg+0xd0/0xd0
[  747.212446][   T28]  ret_from_fork+0x48/0x80
[  747.216905][   T28]  ? kthread_blkcg+0xd0/0xd0
[  747.221708][   T28]  ret_from_fork_asm+0x11/0x20
[  747.226611][   T28]  </TASK>
[  747.229734][   T28] INFO: task dhcpcd:5432 blocked for more than 143 seconds.
[  747.237569][   T28]       Not tainted syzkaller #0
[  747.242619][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  747.251396][   T28] task:dhcpcd          state:D stack:20968 pid:5432  ppid:5431   flags:0x00004002
[  747.260807][   T28] Call Trace:
[  747.264104][   T28]  <TASK>
[  747.267521][   T28]  __schedule+0x1553/0x45a0
[  747.272132][   T28]  ? __stack_depot_save+0x1f/0x630
[  747.277299][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  747.284027][   T28]  ? kmalloc_reserve+0x116/0x240
[  747.289014][   T28]  ? asan.module_dtor+0x20/0x20
[  747.294315][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  747.299095][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  747.305090][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  747.313355][   T28]  schedule+0xbd/0x170
[  747.317563][   T28]  schedule_preempt_disabled+0x13/0x20
[  747.323407][   T28]  __mutex_lock+0x6a9/0xcc0
[  747.327982][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  747.332764][   T28]  ? netlink_dump+0x78f/0xe50
[  747.337484][   T28]  ? mutex_lock_nested+0x20/0x20
[  747.342530][   T28]  ? __build_skb_around+0x255/0x3d0
[  747.347879][   T28]  ? __alloc_skb+0x1b2/0x2c0
[  747.352554][   T28]  netlink_dump+0x78f/0xe50
[  747.357115][   T28]  ? netlink_lookup+0x200/0x200
[  747.362074][   T28]  ? netlink_autobind+0x300/0x300
[  747.367159][   T28]  ? netlink_lookup+0x30/0x200
[  747.372674][   T28]  ? netlink_lookup+0x30/0x200
[  747.377479][   T28]  __netlink_dump_start+0x5f1/0x810
[  747.382784][   T28]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  747.387948][   T28]  rtnetlink_rcv_msg+0xe1d/0xfa0
[  747.393141][   T28]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  747.398291][   T28]  ? rtnl_getlink+0xd20/0xd20
[  747.403077][   T28]  ? rtnetlink_bind+0x80/0x80
[  747.407824][   T28]  ? mark_lock+0x94/0x320
[  747.412450][   T28]  ? verify_lock_unused+0x140/0x140
[  747.417743][   T28]  ? perf_trace_lock_acquire+0x104/0x410
[  747.423476][   T28]  ? verify_lock_unused+0x140/0x140
[  747.428717][   T28]  ? rtnl_getlink+0xd20/0xd20
[  747.433510][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  747.440158][   T28]  netlink_rcv_skb+0x241/0x4d0
[  747.445138][   T28]  ? rtnetlink_bind+0x80/0x80
[  747.450035][   T28]  ? netlink_ack+0x1180/0x1180
[  747.454913][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  747.459968][   T28]  ? net_generic+0x1e/0x240
[  747.464689][   T28]  ? netlink_deliver_tap+0x2e/0x1b0
[  747.469948][   T28]  netlink_unicast+0x751/0x8d0
[  747.475370][   T28]  netlink_sendmsg+0x8d0/0xbf0
[  747.480197][   T28]  ? netlink_getsockopt+0x590/0x590
[  747.485501][   T28]  ? aa_sock_msg_perm+0x94/0x150
[  747.490496][   T28]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  747.495894][   T28]  ? security_socket_sendmsg+0x80/0xa0
[  747.501427][   T28]  __sys_sendto+0x4a9/0x6b0
[  747.506044][   T28]  ? __ia32_sys_getpeername+0x90/0x90
[  747.511483][   T28]  ? __might_fault+0xc6/0x120
[  747.516222][   T28]  ? perf_trace_run_bpf_submit+0x125/0x1c0
[  747.522275][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  747.528294][   T28]  ? lock_chain_count+0x20/0x20
[  747.533507][   T28]  __x64_sys_sendto+0xde/0xf0
[  747.538214][   T28]  do_syscall_64+0x55/0xa0
[  747.542820][   T28]  ? clear_bhb_loop+0x40/0x90
[  747.547543][   T28]  ? clear_bhb_loop+0x40/0x90
[  747.552465][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  747.559008][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  747.565366][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  747.574789][   T28] RIP: 0033:0x7fa5b7bca407
[  747.579261][   T28] RSP: 002b:00007ffcb9617950 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[  747.587763][   T28] RAX: ffffffffffffffda RBX: 00007fa5b7b40740 RCX: 00007fa5b7bca407
[  747.595821][   T28] RDX: 0000000000000014 RSI: 00007ffcb96179e0 RDI: 0000000000000016
[  747.603910][   T28] RBP: 00007ffcb96179c4 R08: 00007ffcb96179c4 R09: 000000000000000c
[  747.612129][   T28] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffcb96382d0
[  747.620133][   T28] R13: 00007fa5b7b406c8 R14: 00007ffcb9617ac0 R15: 00007ffcb96280a0
[  747.628374][   T28]  </TASK>
[  747.632042][   T28] INFO: task syz-executor:13556 blocked for more than 144 seconds.
[  747.639981][   T28]       Not tainted syzkaller #0
[  747.645235][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  747.654986][   T28] task:syz-executor    state:D stack:22248 pid:13556 ppid:1      flags:0x00004004
[  747.664381][   T28] Call Trace:
[  747.667684][   T28]  <TASK>
[  747.670680][   T28]  __schedule+0x1553/0x45a0
[  747.675272][   T28]  ? asan.module_dtor+0x20/0x20
[  747.680659][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  747.685373][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  747.691341][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  747.697540][   T28]  schedule+0xbd/0x170
[  747.701732][   T28]  schedule_preempt_disabled+0x13/0x20
[  747.707257][   T28]  __mutex_lock+0x6a9/0xcc0
[  747.712038][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  747.716764][   T28]  ? register_nexthop_notifier+0x88/0x240
[  747.722576][   T28]  ? mutex_lock_nested+0x20/0x20
[  747.727558][   T28]  ? __asan_memset+0x22/0x40
[  747.732320][   T28]  register_nexthop_notifier+0x88/0x240
[  747.737903][   T28]  ? devlink_resource_find+0xb2/0xe0
[  747.743446][   T28]  ? fib_check_nexthop+0x560/0x560
[  747.748611][   T28]  ? devlink_resource_find+0xbc/0xe0
[  747.754082][   T28]  nsim_fib_create+0x997/0xb90
[  747.758908][   T28]  ? nsim_fib_get_val+0x100/0x100
[  747.764084][   T28]  nsim_drv_probe+0x7aa/0xbb0
[  747.768807][   T28]  ? nsim_dev_get_vfs+0xa0/0xa0
[  747.773900][   T28]  ? driver_sysfs_add+0x1f5/0x210
[  747.779427][   T28]  ? nsim_bus_exit+0x210/0x210
[  747.784494][   T28]  really_probe+0x25b/0xb20
[  747.789027][   T28]  ? pm_runtime_barrier+0x14b/0x1c0
[  747.794503][   T28]  __driver_probe_device+0x18c/0x330
[  747.799842][   T28]  driver_probe_device+0x4f/0x420
[  747.805009][   T28]  __device_attach_driver+0x2ca/0x510
[  747.810428][   T28]  bus_for_each_drv+0x252/0x2e0
[  747.819197][   T28]  ? coredump_store+0x90/0x90
[  747.824713][   T28]  ? bus_find_device+0x300/0x300
[  747.829716][   T28]  __device_attach+0x2c2/0x420
[  747.838483][   T28]  ? device_attach+0x20/0x20
[  747.843207][   T28]  ? __kmem_cache_free+0xba/0x1e0
[  747.848297][   T28]  ? do_raw_spin_unlock+0x121/0x230
[  747.857533][   T28]  bus_probe_device+0x180/0x260
[  747.862555][   T28]  device_add+0x85b/0xc20
[  747.866945][   T28]  new_device_store+0x37c/0x690
[  747.877853][   T28]  ? nsim_num_vf+0x50/0x50
[  747.883126][   T28]  ? sysfs_kf_write+0x187/0x2a0
[  747.888193][   T28]  ? sysfs_kf_read+0x310/0x310
[  747.897006][   T28]  kernfs_fop_write_iter+0x3b6/0x520
[  747.902427][   T28]  vfs_write+0x46c/0x990
[  747.906706][   T28]  ? file_end_write+0x250/0x250
[  747.915582][   T28]  ? do_sys_openat2+0x170/0x1d0
[  747.920479][   T28]  ? __fdget_pos+0x2ba/0x330
[  747.925158][   T28]  ksys_write+0x150/0x260
[  747.929538][   T28]  ? __ia32_sys_read+0x90/0x90
[  747.938572][   T28]  ? lockdep_hardirqs_on+0x98/0x150
[  747.943876][   T28]  do_syscall_64+0x55/0xa0
[  747.948320][   T28]  ? clear_bhb_loop+0x40/0x90
[  747.964150][   T28]  ? clear_bhb_loop+0x40/0x90
[  747.968869][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  747.975019][   T28] RIP: 0033:0x7fb1bcd5d04e
[  747.979474][   T28] RSP: 002b:00007ffd439000c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  747.990273][   T28] RAX: ffffffffffffffda RBX: 0000555582f56500 RCX: 00007fb1bcd5d04e
[  747.998428][   T28] RDX: 0000000000000003 RSI: 00007ffd43900150 RDI: 0000000000000005
[  748.006564][   T28] RBP: 00007fb1bce33538 R08: 0000000000000000 R09: 0000000000000000
[  748.014715][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  748.022788][   T28] R13: 00007ffd43900150 R14: 00007fb1bdb44620 R15: 0000000000000003
[  748.031053][   T28]  </TASK>
[  748.034188][   T28] INFO: task syz.0.2407:13710 blocked for more than 144 seconds.
[  748.043116][   T28]       Not tainted syzkaller #0
[  748.048253][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  748.057564][   T28] task:syz.0.2407      state:D stack:25320 pid:13710 ppid:13392  flags:0x00004004
[  748.067090][   T28] Call Trace:
[  748.070400][   T28]  <TASK>
[  748.073935][   T28]  __schedule+0x1553/0x45a0
[  748.078535][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  748.085355][   T28]  ? asan.module_dtor+0x20/0x20
[  748.090777][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  748.095641][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  748.102226][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  748.108443][   T28]  schedule+0xbd/0x170
[  748.112603][   T28]  schedule_preempt_disabled+0x13/0x20
[  748.118146][   T28]  __mutex_lock+0x6a9/0xcc0
[  748.122799][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  748.127658][   T28]  ? ppp_release+0x8a/0x1f0
[  748.132302][   T28]  ? mutex_lock_nested+0x20/0x20
[  748.137310][   T28]  ? fsnotify_set_children_dentry_flags+0x220/0x220
[  748.144041][   T28]  ppp_release+0x8a/0x1f0
[  748.148499][   T28]  ? ppp_open+0x70/0x70
[  748.153690][   T28]  __fput+0x234/0x970
[  748.157749][   T28]  task_work_run+0x1d4/0x260
[  748.162591][   T28]  ? task_work_cancel+0x220/0x220
[  748.167671][   T28]  ? exit_to_user_mode_loop+0x3b/0x110
[  748.173598][   T28]  exit_to_user_mode_loop+0xe6/0x110
[  748.178940][   T28]  exit_to_user_mode_prepare+0xee/0x180
[  748.184691][   T28]  syscall_exit_to_user_mode+0x1a/0x50
[  748.191554][   T28]  do_syscall_64+0x61/0xa0
[  748.196149][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.200972][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.205695][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  748.212588][   T28] RIP: 0033:0x7fc86e39c819
[  748.217123][   T28] RSP: 002b:00007ffe911ea498 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  748.225630][   T28] RAX: 0000000000000000 RBX: 00007fc86e617da0 RCX: 00007fc86e39c819
[  748.233671][   T28] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  748.241758][   T28] RBP: 00007fc86e617da0 R08: 0000000000000006 R09: 0000000000000000
[  748.249850][   T28] R10: 00007fc86e617cb0 R11: 0000000000000246 R12: 000000000008e7ed
[  748.257916][   T28] R13: 00007fc86e61618c R14: 000000000008e662 R15: 00007fc86e616180
[  748.266072][   T28]  </TASK>
[  748.269146][   T28] INFO: task syz.3.2408:13714 blocked for more than 144 seconds.
[  748.277020][   T28]       Not tainted syzkaller #0
[  748.282071][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  748.292001][   T28] task:syz.3.2408      state:D stack:24232 pid:13714 ppid:5769   flags:0x00004004
[  748.301689][   T28] Call Trace:
[  748.305011][   T28]  <TASK>
[  748.308001][   T28]  __schedule+0x1553/0x45a0
[  748.313232][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  748.319894][   T28]  ? asan.module_dtor+0x20/0x20
[  748.325087][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  748.329814][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  748.335398][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  748.342052][   T28]  schedule+0xbd/0x170
[  748.346167][   T28]  schedule_preempt_disabled+0x13/0x20
[  748.352664][   T28]  __mutex_lock+0x6a9/0xcc0
[  748.357327][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  748.362503][   T28]  ? tun_chr_close+0x41/0x1c0
[  748.367219][   T28]  ? mutex_lock_nested+0x20/0x20
[  748.372642][   T28]  ? __fput+0x61c/0x970
[  748.376828][   T28]  ? tun_chr_open+0x510/0x510
[  748.381997][   T28]  tun_chr_close+0x41/0x1c0
[  748.386546][   T28]  __fput+0x234/0x970
[  748.390979][   T28]  task_work_run+0x1d4/0x260
[  748.396050][   T28]  ? task_work_cancel+0x220/0x220
[  748.401562][   T28]  ? exit_to_user_mode_loop+0x3b/0x110
[  748.407079][   T28]  exit_to_user_mode_loop+0xe6/0x110
[  748.412927][   T28]  exit_to_user_mode_prepare+0xee/0x180
[  748.418529][   T28]  syscall_exit_to_user_mode+0x1a/0x50
[  748.424336][   T28]  do_syscall_64+0x61/0xa0
[  748.428815][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.433898][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.438649][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  748.444756][   T28] RIP: 0033:0x7fa34779c819
[  748.449207][   T28] RSP: 002b:00007ffc4ca39528 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  748.457714][   T28] RAX: 0000000000000000 RBX: 00007fa347a17da0 RCX: 00007fa34779c819
[  748.465795][   T28] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  748.474187][   T28] RBP: 00007fa347a17da0 R08: 0000000000000006 R09: 0000000000000000
[  748.482270][   T28] R10: 00007fa347a17cb0 R11: 0000000000000246 R12: 000000000008e86e
[  748.490272][   T28] R13: 00007fa347a1627c R14: 000000000008e739 R15: 00007fa347a16270
[  748.498849][   T28]  </TASK>
[  748.502261][   T28] INFO: task syz.3.2408:13719 blocked for more than 144 seconds.
[  748.510013][   T28]       Not tainted syzkaller #0
[  748.515058][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  748.523824][   T28] task:syz.3.2408      state:D stack:26088 pid:13719 ppid:5769   flags:0x00004004
[  748.533126][   T28] Call Trace:
[  748.536436][   T28]  <TASK>
[  748.539402][   T28]  __schedule+0x1553/0x45a0
[  748.544507][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  748.551477][   T28]  ? asan.module_dtor+0x20/0x20
[  748.556377][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  748.561482][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  748.566981][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  748.573226][   T28]  schedule+0xbd/0x170
[  748.577330][   T28]  schedule_preempt_disabled+0x13/0x20
[  748.582985][   T28]  __mutex_lock+0x6a9/0xcc0
[  748.587530][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  748.592305][   T28]  ? dev_ioctl+0x5dc/0x1140
[  748.596847][   T28]  ? mutex_lock_nested+0x20/0x20
[  748.602710][   T28]  ? bpf_lsm_capable+0x9/0x10
[  748.607431][   T28]  ? security_capable+0x89/0xb0
[  748.612359][   T28]  dev_ioctl+0x5dc/0x1140
[  748.616730][   T28]  sock_do_ioctl+0x239/0x310
[  748.621456][   T28]  ? sock_show_fdinfo+0xb0/0xb0
[  748.626371][   T28]  sock_ioctl+0x5ba/0x7e0
[  748.630799][   T28]  ? sock_poll+0x3e0/0x3e0
[  748.635247][   T28]  ? bpf_lsm_file_ioctl+0x9/0x10
[  748.640195][   T28]  ? security_file_ioctl+0x80/0xa0
[  748.645403][   T28]  ? sock_poll+0x3e0/0x3e0
[  748.649881][   T28]  __se_sys_ioctl+0xfd/0x170
[  748.655594][   T28]  do_syscall_64+0x55/0xa0
[  748.660078][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.665857][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.670650][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  748.677520][   T28] RIP: 0033:0x7fa34779c819
[  748.685305][   T28] RSP: 002b:00007fa34868e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  748.694893][   T28] RAX: ffffffffffffffda RBX: 00007fa347a16090 RCX: 00007fa34779c819
[  748.704644][   T28] RDX: 0000200000002280 RSI: 0000000000008923 RDI: 0000000000000008
[  748.712755][   T28] RBP: 00007fa347832c91 R08: 0000000000000000 R09: 0000000000000000
[  748.720860][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  748.728867][   T28] R13: 00007fa347a16128 R14: 00007fa347a16090 R15: 00007ffc4ca393c8
[  748.736954][   T28]  </TASK>
[  748.740019][   T28] INFO: task syz.3.2408:13721 blocked for more than 145 seconds.
[  748.747934][   T28]       Not tainted syzkaller #0
[  748.752965][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  748.761876][   T28] task:syz.3.2408      state:D stack:29128 pid:13721 ppid:5769   flags:0x00004004
[  748.771190][   T28] Call Trace:
[  748.774589][   T28]  <TASK>
[  748.777564][   T28]  __schedule+0x1553/0x45a0
[  748.782758][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  748.789407][   T28]  ? __lock_acquire+0x1347/0x7d40
[  748.794960][   T28]  ? asan.module_dtor+0x20/0x20
[  748.799867][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  748.805451][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  748.811310][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  748.817524][   T28]  schedule+0xbd/0x170
[  748.822101][   T28]  schedule_preempt_disabled+0x13/0x20
[  748.827640][   T28]  __mutex_lock+0x6a9/0xcc0
[  748.833012][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  748.837737][   T28]  ? br_ioctl_stub+0x1a9/0xd50
[  748.842974][   T28]  ? mutex_lock_nested+0x20/0x20
[  748.847977][   T28]  br_ioctl_stub+0x1a9/0xd50
[  748.852666][   T28]  ? rcu_is_watching+0x15/0xb0
[  748.857673][   T28]  ? rcu_read_unlock+0xa0/0xa0
[  748.862553][   T28]  ? trace_contention_end+0x39/0xe0
[  748.867884][   T28]  ? __mutex_lock+0x315/0xcc0
[  748.872928][   T28]  ? mutex_lock_nested+0x20/0x20
[  748.877923][   T28]  ? rcu_read_unlock+0xa0/0xa0
[  748.882969][   T28]  sock_ioctl+0x517/0x7e0
[  748.887345][   T28]  ? sock_poll+0x3e0/0x3e0
[  748.891864][   T28]  ? bpf_lsm_file_ioctl+0x9/0x10
[  748.896845][   T28]  ? security_file_ioctl+0x80/0xa0
[  748.904164][   T28]  ? sock_poll+0x3e0/0x3e0
[  748.909384][   T28]  __se_sys_ioctl+0xfd/0x170
[  748.916198][   T28]  do_syscall_64+0x55/0xa0
[  748.923956][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.928673][   T28]  ? clear_bhb_loop+0x40/0x90
[  748.934524][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  748.940442][   T28] RIP: 0033:0x7fa34779c819
[  748.948258][   T28] RSP: 002b:00007fa34866d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  748.956876][   T28] RAX: ffffffffffffffda RBX: 00007fa347a16180 RCX: 00007fa34779c819
[  748.969223][   T28] RDX: 0000200000000340 RSI: 00000000000089a0 RDI: 0000000000000006
[  748.977273][   T28] RBP: 00007fa347832c91 R08: 0000000000000000 R09: 0000000000000000
[  748.989981][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  749.005273][   T28] R13: 00007fa347a16218 R14: 00007fa347a16180 R15: 00007ffc4ca393c8
[  749.014425][   T28]  </TASK>
[  749.017496][   T28] INFO: task syz.1.2411:13733 blocked for more than 145 seconds.
[  749.025312][   T28]       Not tainted syzkaller #0
[  749.030267][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  749.039056][   T28] task:syz.1.2411      state:D stack:26824 pid:13733 ppid:5767   flags:0x00004004
[  749.049286][   T28] Call Trace:
[  749.055568][   T28]  <TASK>
[  749.058539][   T28]  __schedule+0x1553/0x45a0
[  749.064249][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  749.073885][   T28]  ? asan.module_dtor+0x20/0x20
[  749.078782][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  749.084661][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  749.090141][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  749.098408][   T28]  schedule+0xbd/0x170
[  749.102704][   T28]  schedule_preempt_disabled+0x13/0x20
[  749.108220][   T28]  __mutex_lock+0x6a9/0xcc0
[  749.113427][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  749.118158][   T28]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  749.123384][   T28]  ? mutex_lock_nested+0x20/0x20
[  749.128382][   T28]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  749.133652][   T28]  rtnetlink_rcv_msg+0x811/0xfa0
[  749.138647][   T28]  ? rtnetlink_bind+0x80/0x80
[  749.143419][   T28]  ? perf_trace_preemptirq_template+0xac/0x330
[  749.149623][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  749.156146][   T28]  ? lock_chain_count+0x20/0x20
[  749.161546][   T28]  ? __local_bh_enable_ip+0x13a/0x1c0
[  749.166993][   T28]  ? lockdep_hardirqs_on+0x98/0x150
[  749.172729][   T28]  ? __local_bh_enable_ip+0x13a/0x1c0
[  749.178140][   T28]  ? _local_bh_enable+0xa0/0xa0
[  749.183096][   T28]  ? __dev_queue_xmit+0x265/0x3660
[  749.188492][   T28]  ? __dev_queue_xmit+0x265/0x3660
[  749.193750][   T28]  ? __dev_queue_xmit+0x1b2c/0x3660
[  749.199196][   T28]  ? __dev_queue_xmit+0x265/0x3660
[  749.205534][   T28]  ? ref_tracker_free+0x690/0x840
[  749.211183][   T28]  netlink_rcv_skb+0x241/0x4d0
[  749.216968][   T28]  ? rtnetlink_bind+0x80/0x80
[  749.223034][   T28]  ? netlink_ack+0x1180/0x1180
[  749.228107][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  749.233700][   T28]  ? netlink_deliver_tap+0x2e/0x1b0
[  749.238961][   T28]  netlink_unicast+0x751/0x8d0
[  749.244019][   T28]  netlink_sendmsg+0x8d0/0xbf0
[  749.248956][   T28]  ? netlink_getsockopt+0x590/0x590
[  749.256723][   T28]  ? aa_sock_msg_perm+0x94/0x150
[  749.262211][   T28]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  749.267911][   T28]  ? security_socket_sendmsg+0x80/0xa0
[  749.274108][   T28]  ? netlink_getsockopt+0x590/0x590
[  749.279360][   T28]  ____sys_sendmsg+0x5ba/0x960
[  749.284208][   T28]  ? __asan_memset+0x22/0x40
[  749.289098][   T28]  ? __sys_sendmsg_sock+0x30/0x30
[  749.294363][   T28]  ? __import_iovec+0x5f2/0x850
[  749.299245][   T28]  ? import_iovec+0x73/0xa0
[  749.303818][   T28]  ___sys_sendmsg+0x2a6/0x360
[  749.308541][   T28]  ? __sys_sendmsg+0x2a0/0x2a0
[  749.313634][   T28]  ? trace_call_bpf+0xc3/0x6c0
[  749.318951][   T28]  __se_sys_sendmsg+0x1c2/0x2b0
[  749.323903][   T28]  ? __x64_sys_sendmsg+0x80/0x80
[  749.328914][   T28]  ? lockdep_hardirqs_on+0x98/0x150
[  749.334484][   T28]  do_syscall_64+0x55/0xa0
[  749.338940][   T28]  ? clear_bhb_loop+0x40/0x90
[  749.343665][   T28]  ? clear_bhb_loop+0x40/0x90
[  749.348385][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  749.354383][   T28] RIP: 0033:0x7fdbdef9c819
[  749.358831][   T28] RSP: 002b:00007fdbdfe14028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  749.368145][   T28] RAX: ffffffffffffffda RBX: 00007fdbdf216090 RCX: 00007fdbdef9c819
[  749.376216][   T28] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000a
[  749.384572][   T28] RBP: 00007fdbdf032c91 R08: 0000000000000000 R09: 0000000000000000
[  749.393691][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  749.401967][   T28] R13: 00007fdbdf216128 R14: 00007fdbdf216090 R15: 00007ffc8b9d2038
[  749.409986][   T28]  </TASK>
[  749.413545][   T28] INFO: task syz-executor:13740 blocked for more than 145 seconds.
[  749.424172][   T28]       Not tainted syzkaller #0
[  749.429148][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  749.437958][   T28] task:syz-executor    state:D stack:25320 pid:13740 ppid:1      flags:0x00004004
[  749.448182][   T28] Call Trace:
[  749.454503][   T28]  <TASK>
[  749.457458][   T28]  __schedule+0x1553/0x45a0
[  749.463262][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  749.469922][   T28]  ? asan.module_dtor+0x20/0x20
[  749.475787][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  749.480524][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  749.486268][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  749.493597][   T28]  schedule+0xbd/0x170
[  749.497698][   T28]  schedule_preempt_disabled+0x13/0x20
[  749.506364][   T28]  __mutex_lock+0x6a9/0xcc0
[  749.512399][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  749.517160][   T28]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  749.526004][   T28]  ? mutex_lock_nested+0x20/0x20
[  749.532801][   T28]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  749.537967][   T28]  rtnetlink_rcv_msg+0x811/0xfa0
[  749.545990][   T28]  ? rtnetlink_bind+0x80/0x80
[  749.551972][   T28]  ? mark_lock+0x94/0x320
[  749.556351][   T28]  ? __lock_acquire+0x1273/0x7d40
[  749.564566][   T28]  ? __kernel_text_address+0xd/0x30
[  749.569823][   T28]  ? mark_lock+0x94/0x320
[  749.574347][   T28]  ? mark_lock+0x94/0x320
[  749.578708][   T28]  ? __lock_acquire+0x1273/0x7d40
[  749.584812][   T28]  ? verify_lock_unused+0x140/0x140
[  749.590060][   T28]  ? perf_trace_lock_acquire+0x104/0x410
[  749.595860][   T28]  ? verify_lock_unused+0x140/0x140
[  749.601312][   T28]  ? perf_trace_lock_acquire+0x104/0x410
[  749.606995][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  749.613808][   T28]  netlink_rcv_skb+0x241/0x4d0
[  749.618611][   T28]  ? rtnetlink_bind+0x80/0x80
[  749.627070][   T28]  ? netlink_ack+0x1180/0x1180
[  749.633059][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  749.638099][   T28]  ? net_generic+0x1e/0x240
[  749.646706][   T28]  ? netlink_deliver_tap+0x2e/0x1b0
[  749.652117][   T28]  netlink_unicast+0x751/0x8d0
[  749.656923][   T28]  netlink_sendmsg+0x8d0/0xbf0
[  749.661865][   T28]  ? netlink_getsockopt+0x590/0x590
[  749.667117][   T28]  ? aa_sock_msg_perm+0x94/0x150
[  749.672253][   T28]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  749.677581][   T28]  ? security_socket_sendmsg+0x80/0xa0
[  749.683150][   T28]  __sys_sendto+0x4a9/0x6b0
[  749.687698][   T28]  ? __ia32_sys_getpeername+0x90/0x90
[  749.693240][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  749.698308][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  749.704389][   T28]  ? lock_chain_count+0x20/0x20
[  749.709264][   T28]  ? lock_chain_count+0x20/0x20
[  749.714552][   T28]  __x64_sys_sendto+0xde/0xf0
[  749.721210][   T28]  do_syscall_64+0x55/0xa0
[  749.726312][   T28]  ? clear_bhb_loop+0x40/0x90
[  749.731328][   T28]  ? clear_bhb_loop+0x40/0x90
[  749.736252][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  749.745172][   T28] RIP: 0033:0x7f6b3235d04e
[  749.749621][   T28] RSP: 002b:00007fffb3e05a08 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  749.759733][   T28] RAX: ffffffffffffffda RBX: 0000555560576500 RCX: 00007f6b3235d04e
[  749.767979][   T28] RDX: 0000000000000028 RSI: 00007f6b33144670 RDI: 0000000000000003
[  749.776197][   T28] RBP: 0000000000000001 R08: 00007fffb3e05a84 R09: 000000000000000c
[  749.784247][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  749.795945][   T28] R13: 0000000000000000 R14: 00007f6b33144670 R15: 0000000000000000
[  749.806417][   T28]  </TASK>
[  749.809516][   T28] INFO: task syz-executor:13744 blocked for more than 146 seconds.
[  749.819674][   T28]       Not tainted syzkaller #0
[  749.827677][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  749.838593][   T28] task:syz-executor    state:D stack:25320 pid:13744 ppid:1      flags:0x00004004
[  749.850087][   T28] Call Trace:
[  749.855474][   T28]  <TASK>
[  749.858554][   T28]  __schedule+0x1553/0x45a0
[  749.866063][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  749.875834][   T28]  ? asan.module_dtor+0x20/0x20
[  749.882792][   T28]  ? __mutex_lock+0x6a4/0xcc0
[  749.887559][   T28]  ? __mutex_trylock_common+0x8a/0x260
[  749.895342][   T28]  ? trace_raw_output_contention_end+0xd0/0xd0
[  749.903653][   T28]  schedule+0xbd/0x170
[  749.907854][   T28]  schedule_preempt_disabled+0x13/0x20
[  749.914379][   T28]  __mutex_lock+0x6a9/0xcc0
[  749.918937][   T28]  ? __mutex_lock+0x4f9/0xcc0
[  749.923783][   T28]  ? rtnetlink_rcv_msg+0x811/0xfa0
[  749.928949][   T28]  ? mutex_lock_nested+0x20/0x20
[  749.934597][   T28]  ? rtnetlink_rcv_msg+0x221/0xfa0
[  749.939769][   T28]  rtnetlink_rcv_msg+0x811/0xfa0
[  749.944808][   T28]  ? rtnetlink_bind+0x80/0x80
[  749.949552][   T28]  ? mark_lock+0x94/0x320
[  749.954429][   T28]  ? __lock_acquire+0x1273/0x7d40
[  749.959511][   T28]  ? __kernel_text_address+0xd/0x30
[  749.964838][   T28]  ? mark_lock+0x94/0x320
[  749.969213][   T28]  ? mark_lock+0x94/0x320
[  749.975342][   T28]  ? __lock_acquire+0x1273/0x7d40
[  749.980448][   T28]  ? verify_lock_unused+0x140/0x140
[  749.985729][   T28]  ? perf_trace_lock_acquire+0x104/0x410
[  749.991518][   T28]  ? verify_lock_unused+0x140/0x140
[  749.996853][   T28]  ? perf_trace_lock_acquire+0x104/0x410
[  750.002821][   T28]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  750.009462][   T28]  netlink_rcv_skb+0x241/0x4d0
[  750.014342][   T28]  ? rtnetlink_bind+0x80/0x80
[  750.019060][   T28]  ? netlink_ack+0x1180/0x1180
[  750.024251][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  750.029324][   T28]  ? net_generic+0x1e/0x240
[  750.042668][   T28]  ? netlink_deliver_tap+0x2e/0x1b0
[  750.047920][   T28]  netlink_unicast+0x751/0x8d0
[  750.053192][   T28]  netlink_sendmsg+0x8d0/0xbf0
[  750.058019][   T28]  ? netlink_getsockopt+0x590/0x590
[  750.063335][   T28]  ? aa_sock_msg_perm+0x94/0x150
[  750.068312][   T28]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  750.073697][   T28]  ? security_socket_sendmsg+0x80/0xa0
[  750.079187][   T28]  __sys_sendto+0x4a9/0x6b0
[  750.083952][   T28]  ? __ia32_sys_getpeername+0x90/0x90
[  750.089378][   T28]  ? __lock_acquire+0x7d40/0x7d40
[  750.094858][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  750.101598][   T28]  ? lock_chain_count+0x20/0x20
[  750.106485][   T28]  ? lock_chain_count+0x20/0x20
[  750.111928][   T28]  __x64_sys_sendto+0xde/0xf0
[  750.116732][   T28]  do_syscall_64+0x55/0xa0
[  750.121744][   T28]  ? clear_bhb_loop+0x40/0x90
[  750.126475][   T28]  ? clear_bhb_loop+0x40/0x90
[  750.131587][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  750.137850][   T28] RIP: 0033:0x7f3f8a55d04e
[  750.142924][   T28] RSP: 002b:00007fff1f77b6f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  750.151601][   T28] RAX: ffffffffffffffda RBX: 000055557070b500 RCX: 00007f3f8a55d04e
[  750.159604][   T28] RDX: 0000000000000028 RSI: 00007f3f8b344670 RDI: 0000000000000003
[  750.167648][   T28] RBP: 0000000000000001 R08: 00007fff1f77b774 R09: 000000000000000c
[  750.175712][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  750.183778][   T28] R13: 0000000000000000 R14: 00007f3f8b344670 R15: 0000000000000000
[  750.192542][   T28]  </TASK>
[  750.195603][   T28] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  750.205411][   T28] 
[  750.205411][   T28] Showing all locks held in the system:
[  750.213664][   T28] 1 lock held by khungtaskd/28:
[  750.218550][   T28]  #0: ffffffff8d1320a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  750.228488][   T28] 3 locks held by kworker/u4:3/49:
[  750.233817][   T28]  #0: ffff888017c71538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.246200][   T28]  #1: ffffc90000ba7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.258244][   T28]  #2: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  750.267356][   T28] 4 locks held by kworker/u4:7/1091:
[  750.272723][   T28]  #0: ffff88801a254938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.283706][   T28]  #1: ffffc9000440fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.294358][   T28]  #2: ffffffff8e3b4950 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[  750.303973][   T28]  #3: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xf2/0xa80
[  750.314130][   T28] 3 locks held by kworker/u4:8/1096:
[  750.319431][   T28]  #0: ffff88814c61c138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.331150][   T28]  #1: ffffc9000451fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.345813][   T28]  #2: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  750.355830][   T28] 2 locks held by kworker/u4:9/1099:
[  750.361246][   T28]  #0: ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  750.371342][   T28]  #1: ffff8880b8e289c0 (psi_seq){-.-.}-{0:0}, at: __schedule+0x2176/0x45a0
[  750.380152][   T28] 2 locks held by dhcpcd/5432:
[  750.385067][   T28]  #0: ffff88805ac36690 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0xf4/0x810
[  750.395472][   T28]  #1: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x78f/0xe50
[  750.404610][   T28] 2 locks held by getty/5527:
[  750.409314][   T28]  #0: ffff888031b3a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  750.419319][   T28]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  750.429546][   T28] 3 locks held by kworker/0:6/5808:
[  750.437111][   T28]  #0: ffff888017c71d38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.450133][   T28]  #1: ffffc90005137d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  750.462053][   T28]  #2: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x92/0xd90
[  750.471856][   T28] 7 locks held by syz-executor/13556:
[  750.477273][   T28]  #0: ffff88807e504418 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x21b/0x990
[  750.486365][   T28]  #1: ffff8880259c2888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1e7/0x520
[  750.496295][   T28]  #2: ffff88814273f6d0 (kn->active#54){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x23a/0x520
[  750.506609][   T28]  #3: ffffffff8dca2008 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x13d/0x690
[  750.517116][   T28]  #4: ffff8880273f60e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x89/0x420
[  750.526737][   T28]  #5: ffff88801eb5c250 (&devlink->lock_key#6){+.+.}-{3:3}, at: nsim_drv_probe+0xc8/0xbb0
[  750.536974][   T28]  #6: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x88/0x240
[  750.547980][   T28] 1 lock held by syz.0.2407/13710:
[  750.553182][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: ppp_release+0x8a/0x1f0
[  750.562349][   T28] 1 lock held by syz.3.2408/13714:
[  750.567497][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0
[  750.576568][   T28] 1 lock held by syz.3.2408/13719:
[  750.581909][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x5dc/0x1140
[  750.591247][   T28] 2 locks held by syz.3.2408/13721:
[  750.596522][   T28]  #0: ffffffff8e3a68a8 (br_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x4f4/0x7e0
[  750.605873][   T28]  #1: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: br_ioctl_stub+0x1a9/0xd50
[  750.615177][   T28] 1 lock held by syz.1.2411/13733:
[  750.620305][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.629873][   T28] 1 lock held by syz-executor/13740:
[  750.635307][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.644935][   T28] 1 lock held by syz-executor/13744:
[  750.650703][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.660179][   T28] 1 lock held by syz-executor/13747:
[  750.665632][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.675128][   T28] 1 lock held by syz-executor/13751:
[  750.680458][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.690016][   T28] 1 lock held by syz-executor/13757:
[  750.695363][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.705164][   T28] 1 lock held by syz-executor/13760:
[  750.710503][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.720085][   T28] 1 lock held by syz-executor/13764:
[  750.725706][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.735591][   T28] 1 lock held by syz-executor/13768:
[  750.741587][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.751827][   T28] 1 lock held by syz-executor/13773:
[  750.757168][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.767078][   T28] 1 lock held by syz-executor/13778:
[  750.772471][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.782057][   T28] 1 lock held by syz-executor/13780:
[  750.787639][   T28]  #0: ffffffff8e3c1988 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x811/0xfa0
[  750.797516][   T28] 
[  750.799869][   T28] =============================================
[  750.799869][   T28] 
[  750.808524][   T28] NMI backtrace for cpu 1
[  750.812883][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted syzkaller #0
[  750.820192][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  750.830245][   T28] Call Trace:
[  750.833547][   T28]  <TASK>
[  750.836493][   T28]  dump_stack_lvl+0x18c/0x250
[  750.841280][   T28]  ? preempt_count_add+0x91/0x1a0
[  750.846326][   T28]  ? show_regs_print_info+0x20/0x20
[  750.851636][   T28]  ? load_image+0x400/0x400
[  750.856164][   T28]  nmi_cpu_backtrace+0x3a6/0x3e0
[  750.861117][   T28]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  750.867279][   T28]  ? _printk+0xde/0x130
[  750.871448][   T28]  ? load_image+0x400/0x400
[  750.875964][   T28]  ? load_image+0x400/0x400
[  750.880485][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  750.886568][   T28]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  750.892562][   T28]  watchdog+0xf3d/0xf80
[  750.896767][   T28]  ? watchdog+0x1e1/0xf80
[  750.901116][   T28]  kthread+0x2fa/0x390
[  750.905196][   T28]  ? hungtask_pm_notify+0x90/0x90
[  750.910231][   T28]  ? kthread_blkcg+0xd0/0xd0
[  750.914835][   T28]  ret_from_fork+0x48/0x80
[  750.919264][   T28]  ? kthread_blkcg+0xd0/0xd0
[  750.923862][   T28]  ret_from_fork_asm+0x11/0x20
[  750.928652][   T28]  </TASK>
[  750.932478][   T28] Sending NMI from CPU 1 to CPUs 0:
[  750.937727][    C0] NMI backtrace for cpu 0
[  750.937739][    C0] CPU: 0 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0
[  750.937755][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  750.937765][    C0] Workqueue: bat_events batadv_nc_worker
[  750.937784][    C0] RIP: 0010:__lock_acquire+0x3f3/0x7d40
[  750.937805][    C0] Code: 4c 89 a4 24 90 00 00 00 49 8d 7c 24 08 48 89 f8 48 c1 e8 03 42 80 3c 00 00 74 0f e8 87 29 77 00 49 b8 00 00 00 00 00 fc ff df <48> 8b 84 24 90 00 00 00 4c 89 70 08 49 89 c6 4c 8d 60 10 4c 89 e0
[  750.937818][    C0] RSP: 0018:ffffc90000107740 EFLAGS: 00000046
[  750.937831][    C0] RAX: 1ffff110035488e7 RBX: 0000000000000000 RCX: 1ffff110035488ea
[  750.937843][    C0] RDX: ffff88801aa44728 RSI: 0000000000000002 RDI: ffff88801aa44738
[  750.937853][    C0] RBP: ffffc90000107988 R08: dffffc0000000000 R09: 0000000000000000
[  750.937864][    C0] R10: dffffc0000000000 R11: fffffbfff1d16056 R12: ffff88801aa44730
[  750.937875][    C0] R13: 0000000000000021 R14: ffffffff8a4dd9ba R15: 0000000000000000
[  750.937885][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  750.937899][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  750.937909][    C0] CR2: 00007fe436f47e20 CR3: 000000000cf32000 CR4: 00000000003506f0
[  750.937926][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  750.937935][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  750.937945][    C0] Call Trace:
[  750.937951][    C0]  <TASK>
[  750.937970][    C0]  ? verify_lock_unused+0x140/0x140
[  750.937989][    C0]  ? perf_trace_lock_acquire+0x104/0x410
[  750.938011][    C0]  ? verify_lock_unused+0x140/0x140
[  750.938027][    C0]  ? perf_trace_lock_acquire+0x104/0x410
[  750.938051][    C0]  ? trace_event_raw_event_lock_acquire+0x2c0/0x2c0
[  750.938074][    C0]  ? mark_lock+0x94/0x320
[  750.938093][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  750.938112][    C0]  lock_acquire+0x19e/0x420
[  750.938128][    C0]  ? batadv_nc_process_nc_paths+0xba/0x390
[  750.938149][    C0]  ? batadv_nc_process_nc_paths+0xba/0x390
[  750.938165][    C0]  ? read_lock_is_recursive+0x20/0x20
[  750.938184][    C0]  ? do_raw_spin_unlock+0x121/0x230
[  750.938203][    C0]  ? batadv_nc_purge_paths+0x311/0x3a0
[  750.938217][    C0]  ? batadv_nc_to_purge_nc_path_coding+0x120/0x120
[  750.938233][    C0]  ? batadv_nc_fwd_flush+0x330/0x330
[  750.938246][    C0]  ? batadv_nc_fwd_flush+0x330/0x330
[  750.938262][    C0]  batadv_nc_process_nc_paths+0xdb/0x390
[  750.938277][    C0]  ? batadv_nc_process_nc_paths+0xba/0x390
[  750.938293][    C0]  ? batadv_nc_process_nc_paths+0xba/0x390
[  750.938311][    C0]  batadv_nc_worker+0x52b/0x610
[  750.938328][    C0]  ? process_scheduled_works+0x96f/0x15d0
[  750.938347][    C0]  process_scheduled_works+0xa5d/0x15d0
[  750.938380][    C0]  ? worker_attach_to_pool+0x380/0x380
[  750.938402][    C0]  ? assign_work+0x3d2/0x5d0
[  750.938431][    C0]  worker_thread+0xa55/0xfc0
[  750.938463][    C0]  kthread+0x2fa/0x390
[  750.938573][    C0]  ? pr_cont_work+0x560/0x560
[  750.938608][    C0]  ? kthread_blkcg+0xd0/0xd0
[  750.938624][    C0]  ret_from_fork+0x48/0x80
[  750.938648][    C0]  ? kthread_blkcg+0xd0/0xd0
[  750.938663][    C0]  ret_from_fork_asm+0x11/0x20
[  750.938691][    C0]  </TASK>
[  750.960732][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  750.960751][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted syzkaller #0
[  750.960771][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  750.960790][   T28] Call Trace:
[  750.960799][   T28]  <TASK>
[  750.960808][   T28]  dump_stack_lvl+0x18c/0x250
[  750.960844][   T28]  ? show_regs_print_info+0x20/0x20
[  750.960871][   T28]  ? load_image+0x400/0x400
[  750.960906][   T28]  panic+0x2dc/0x730
[  750.960926][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  750.960956][   T28]  ? bpf_jit_dump+0xd0/0xd0
[  750.960976][   T28]  ? __irq_work_queue_local+0x13a/0x3b0
[  750.961002][   T28]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  750.961028][   T28]  watchdog+0xf7c/0xf80
[  750.961053][   T28]  ? watchdog+0x1e1/0xf80
[  750.961082][   T28]  kthread+0x2fa/0x390
[  750.961099][   T28]  ? hungtask_pm_notify+0x90/0x90
[  750.961122][   T28]  ? kthread_blkcg+0xd0/0xd0
[  750.961139][   T28]  ret_from_fork+0x48/0x80
[  750.961158][   T28]  ? kthread_blkcg+0xd0/0xd0
[  750.961176][   T28]  ret_from_fork_asm+0x11/0x20
[  750.961213][   T28]  </TASK>
[  750.962934][   T28] Kernel Offset: disabled
[  751.364095][   T28] Rebooting in 86400 seconds..