last executing test programs:

44.537768819s ago: executing program 2 (id=2130):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x7b, &(0x7f00000000c0)=r2, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800ef00000000000800000800056c51056d9055582269f5489d5e5c8fc85cd10c2a10d6a858a57e654df2ec85ac2941ba96f820b9f6a837dc11edba5af7da69b436580a6138bc1f3c8b8de92317a9", @ANYRES32, @ANYRES8=r2], &(0x7f0000000240)='GPL\x00', 0x10000, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefd}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000640)={r3}, 0xc)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000280))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
socket$kcm(0x10, 0x2, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120d000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="0000e4ffffffffffffff00000000000089090000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$OBJ_PIN_MAP(0x9, &(0x7f0000000040)=@generic={0x0, r4}, 0x18)

43.377739049s ago: executing program 2 (id=2135):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001700)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000000"], 0x0, 0x1a}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d800000024008106", 0x8}], 0x1}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfe33)
r5 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0xec, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_bp={&(0x7f0000000140), 0xb}, 0x5828, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x1, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000640)={r6, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00), 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00'], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000001850000008600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r9, 0x2000012, 0x50, 0x0, &(0x7f0000000080)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x1, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000340), 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000800), 0x4)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

43.125407818s ago: executing program 0 (id=2136):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)}], 0x1}, 0x0)

43.051291821s ago: executing program 1 (id=2137):
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1d, 0x2, 0x6, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
r1 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r1, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000240)={0x3, 0x80, 0x2, 0x3, 0x5, 0x7, 0x0, 0x5, 0x80, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2afd34c3, 0x0, @perf_config_ext={0x9, 0x3e8d}, 0x1220, 0x100, 0x6, 0x5, 0x100000000, 0x5, 0x69, 0x0, 0x1, 0x0, 0x2})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)={r2})
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r4 = socket$kcm(0x18, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x40047459, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r3}, 0x8)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
recvmsg$kcm(r4, &(0x7f00000009c0)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000880), 0x0, &(0x7f0000000900)=""/131, 0x83}, 0x2003)
ioctl$TUNSETOFFLOAD(r5, 0x40086602, 0x110e22fff2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={0xffffffffffffffff, &(0x7f0000000600), &(0x7f0000000580)=""/95}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90124fc60100c044002000000053582c137153e370248078000f01700", 0x2c}], 0x1}, 0x0)

42.919578545s ago: executing program 0 (id=2139):
r0 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x25, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000340)=ANY=[@ANYRES8=r1, @ANYRES16=r1, @ANYRES8=r1], 0xffdd)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x5}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000fdff0000850000001700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000030000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0xe, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_bp={0x0, 0x9}, 0x0, 0xb, 0x8000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89a0, &(0x7f0000000080))
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89a2, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd20, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02002d000b02d25a806f8c6394f9101a04000a740100067402000000000000800c6400f01700d1bd00000000", 0x33fe0}], 0x1}, 0x0)

42.848043008s ago: executing program 2 (id=2140):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x7, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
bpf$BPF_MAP_FREEZE(0x16, 0x0, 0x0)
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x25, 0x1, 0x3, 0xfffffffe}, {}, {0x28}, {0x6, 0x6}]})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x40000100)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000700000000000000008000008500002d720000009500000000000000"], 0x0, 0x7}, 0x94)
r7 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe69, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffc)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0xfeff, &(0x7f0000000180)=[{&(0x7f0000000b40)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4803f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)
recvmsg(r5, 0x0, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c000000020000000000000000000001050000001000000000000000000000090200000000006d2ac96998770dafaa4e525063e6bea00315073cc2486e42f11a53b947fb9a4b421cc86771bead757b88e4ca4c1765a2fb45af9bd41591cfa30e258dd4d9248753fe07ba140c3af0d4f5dbffa7bb6cdb2bdbee3d0defaae72f744653dc268939f21805dc7ac9865b2efcbf61a6c322837206cfaf5d8ec57b7e098a316e8491bfd65953647b896e6e8f4fa30a0d4b4ab7912cecb4525c5ba8b0a43c063b39773836769e5a5668523ff1e5bc7b8d29b9a4a8b0147cd6bf0515b58a5aa835bb9773230f31dae40ff7767d07d1b26aa951ae"], 0x0, 0x36}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x17, 0x1c, &(0x7f0000000e00)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000019b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000182100002646917665974553c2a165d03954d7f9a45e7ccd894ac2e3955cc1af26489d3f0b0c6cc2de83b74b4ca1b8a1a62d2a10ce892789bd978940649c26c49ba57d7b973cf800f97253e4102ef2c1e7e96309d0a7811f63c36bfe7f96", @ANYRES32=r6, @ANYBLOB="0000000005000000051a0c000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], &(0x7f0000000800)='syzkaller\x00', 0xfffffff7, 0x2b, &(0x7f0000000840)=""/43, 0x41100, 0x68, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000b00)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000c40)={0x5, 0xc, 0x7fffffff, 0x9}, 0x10, 0x0, r0, 0x1, &(0x7f0000000cc0)=[r6, r2, r1, 0xffffffffffffffff, r2, r2, 0xffffffffffffffff, r2, r2, r2], &(0x7f0000000d00)=[{0x1, 0x4, 0xa, 0x1}], 0x10, 0x2}, 0x94)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfd, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440009000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)

42.587303657s ago: executing program 1 (id=2141):
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb904021d080006007c09e8fe04a1190008800d00000003600e1208000f0000000406a80016c0080009400400027c035c0461c1d67f6f00a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42abbcbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a9410000000000000000", 0xd8}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2121, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x7, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000802000000000000", @ANYRES32, @ANYBLOB="bbc9ef1f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/11], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2, <r4=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000180)=0x20000, &(0x7f00000001c0)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r5}, &(0x7f0000000040), &(0x7f0000000500)=r3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x69}, [@ldst={0x7, 0x3, 0x0, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d32, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f00000003c0)={'veth0\x00', @remote})
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0xc, &(0x7f00000011c0)=[{&(0x7f0000000080)="5c00000011006bcc9e3be35c6e17aa31e0cf876c1d0000007ea60864160af36514001ac00800050004000c00060000000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20040000)
recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

42.511144699s ago: executing program 3 (id=2142):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x8, 0xc, 0xa708, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffc74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x3, &(0x7f00000001c0)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x66}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x8}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d80000001c0081204e81f782db44b9040a1d080420000000ff0002a1180002000607002603600e12080b0f0000810401a8001605200001400200000803604e0cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee422fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef5d2defd5ccae8d3fb7c27a1059ae31", 0xd2}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000010c0)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={0x0, 0x5b, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x4, @perf_config_ext={0x3, 0x4}, 0xaa7a, 0x0, 0x0, 0x3, 0x6, 0x804000, 0xfffc, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x1)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x81, 0x1, 0x1, 0x5c}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

42.254915638s ago: executing program 3 (id=2143):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x9, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x10, 0x2, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x2)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
sendmsg$inet(r1, &(0x7f0000000440)={&(0x7f00000000c0)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x97}, 0x20000040)

42.232754529s ago: executing program 0 (id=2144):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000640)="d8000000180081054e81f782db4cb904021d0800fe00fe2eb29a39b4d305e8fe55a10a001500060014460d000000000000007f170301a8001600a40002400f000100005c0461c1d6457f01a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee53502bc9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970300000000000000000000000000000000000000fe8899d1b098ed0b00000000e2a609", 0xdb}], 0x1}, 0x20000800)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0xffffffffffffff7f}, 0x0, 0x1, 0x0, 0x1, 0x20000, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x3, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002a00)=""/238, 0xee}, {&(0x7f0000000780)=""/4043, 0xfcb}, {&(0x7f0000003b00)=""/4130, 0x1022}, {&(0x7f0000003a40)=""/166, 0xa6}, {&(0x7f0000001900)=""/107, 0x6b}, {&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000000500)=""/225, 0xe1}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/66, 0x42}, {&(0x7f0000000240)=""/182, 0xb6}, {&(0x7f0000000000)=""/39, 0x27}], 0xb}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

42.075714754s ago: executing program 1 (id=2145):
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0xa, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0), 0xe8}, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000d000000b7"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68888a8", 0x0, 0xaded, 0x4000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

41.946821319s ago: executing program 2 (id=2146):
r0 = socket$kcm(0x11, 0xa, 0x300) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000050000000200000007000000000000005fdc1aeb510974877023199dfdae655c73964c02d94df1862da1094ca160854e5d6ffa3dd4e23690ac1df522421bf4727d77040cac07403a1a33d2d74470653adf0bc8c77ee12b3a2ebd30175fdc18a22d45e2017a9ae53f6fdc34a43064c8fe151b9aeb03c28e6bc9c075732960474d520edb3bf83a2edf3e8fcb6d1ba1d6e67f9bc2b81bdb42632870e07b14d9efd23d328485141886a2ca8c5ef6d79d69461eaa506f47b11ad4c40de17faa333cfb4b9069e8e3c42d943725930284eb437a15e2c2e995d1b176edf1e5eb3a34728a55659e5dddec82668c685e6974e4cfa70630ac4ad9562738dfb788bc33dbd959532109e0c089dcde4792498021a95a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4) (async)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
socket$kcm(0x10, 0x2, 0x0)
close(0xffffffffffffffff) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x56}, 0x28) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40305829, &(0x7f0000000040)) (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x74, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f00000002c0), 0xc}, 0x624d, 0x0, 0x80000000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xffc4, 0x0, 0x69, 0x10, 0x16}}, &(0x7f0000000480)='GPL\x00'}, 0x80) (async)
r7 = socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0xa, 0x3, 0x3a) (async)
close(r7)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)

41.945592009s ago: executing program 1 (id=2147):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181003f0000", 0x17}], 0x1}, 0x0)

41.884253321s ago: executing program 3 (id=2148):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001700)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000000"], 0x0, 0x1a}, 0x28)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d800000024008106", 0x8}], 0x1}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfe33)
r5 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0xec, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_bp={&(0x7f0000000140), 0xb}, 0x5828, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x1, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000640)={r6, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00), 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00'], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000001850000008600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r9, 0x2000012, 0x50, 0x0, &(0x7f0000000080)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x1, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000340), 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000800), 0x4)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

41.882810791s ago: executing program 0 (id=2149):
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1d, 0x2, 0x6, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
r1 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r1, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000240)={0x3, 0x80, 0x2, 0x3, 0x5, 0x7, 0x0, 0x5, 0x80, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2afd34c3, 0x0, @perf_config_ext={0x9, 0x3e8d}, 0x1220, 0x100, 0x6, 0x5, 0x100000000, 0x5, 0x69, 0x0, 0x1, 0x0, 0x2})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)={r2})
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r4 = socket$kcm(0x18, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x40047459, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f00000002c0)={r3}, 0x8)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
recvmsg$kcm(r4, &(0x7f00000009c0)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000880), 0x0, &(0x7f0000000900)=""/131, 0x83}, 0x2003)
ioctl$TUNSETOFFLOAD(r5, 0x40086602, 0x110e22fff2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={0xffffffffffffffff, &(0x7f0000000600), &(0x7f0000000580)=""/95}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90124fc60100c044002000000053582c137153e370248078000f01700", 0x2c}], 0x1}, 0x0)

41.775645035s ago: executing program 2 (id=2150):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x559, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100904, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x400000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x24}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40004)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904", 0x10}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c}, 0x94)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4c)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'batadv_slave_0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r0, 0x110, 0x4, 0x0, 0x4)
socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x77, 0x0, 0x0)

41.774874785s ago: executing program 1 (id=2151):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x500, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)

41.704203417s ago: executing program 3 (id=2152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x8, 0xc, 0xa708, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffc74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x108b84, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x3, &(0x7f00000001c0)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x66}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x8}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d80000001c0081204e81f782db44b9040a1d080420000000ff0002a1180002000607002603600e12080b0f0000810401a8001605200001400200000803604e0cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee422fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef5d2defd5ccae8d3fb7c27a1059ae31", 0xd2}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000010c0)={0xffffffffffffffff, 0x20, &(0x7f00000003c0)={0x0, 0x5b, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x4, @perf_config_ext={0x3, 0x4}, 0xaa7a, 0x0, 0x0, 0x3, 0x6, 0x804000, 0xfffc, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x1)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x81, 0x1, 0x1, 0x5c}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08021a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

41.676064158s ago: executing program 0 (id=2153):
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb904021d080006007c09e8fe04a1190008800d00000003600e1208000f0000000406a80016c0080009400400027c035c0461c1d67f6f00a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42abbcbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a9410000000000000000", 0xd8}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2121, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x7, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000802000000000000", @ANYRES32, @ANYBLOB="bbc9ef1f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/11], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2, <r4=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000180)=0x20000, &(0x7f00000001c0)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r5}, &(0x7f0000000040), &(0x7f0000000500)=r3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x69}, [@ldst={0x7, 0x3, 0x0, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d32, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0}, 0x0, 0x10000, 0x9e4, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f00000003c0)={'veth0\x00', @remote})
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0xc, &(0x7f00000011c0)=[{&(0x7f0000000080)="5c00000011006bcc9e3be35c6e17aa31e0cf876c1d0000007ea60864160af36514001ac00800050004000c00060000000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20040000)
recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

41.590210311s ago: executing program 1 (id=2154):
r0 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x25, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000340)=ANY=[@ANYRES8=r1, @ANYRES16=r1, @ANYRES8=r1], 0xffdd)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x5}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000fdff0000850000001700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000030000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0xe, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_bp={0x0, 0x9}, 0x0, 0xb, 0x8000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89a0, &(0x7f0000000080))
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89a2, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd20, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02002d000b02d25a806f8c6394f9101a04000a740100067402000000000000800c6400f01700d1bd00000000", 0x33fe0}], 0x1}, 0x0)

41.526640803s ago: executing program 2 (id=2155):
r0 = socket$kcm(0x1e, 0x4, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000040), 0xfffffe91)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000006d638d777", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000008500000023000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3}, 0x94)
r2 = socket$kcm(0xa, 0x2, 0x88)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r4, 0x107, 0x11, 0x0, 0x4)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f00000005c0)={r4, r6})
sendmsg$kcm(r5, &(0x7f0000001140)={&(0x7f0000001300)=@ll={0x11, 0x16, 0x0, 0x1, 0x2, 0x6, @random="7b5b2366fde5"}, 0x80, 0x0}, 0x24000844)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x58, &(0x7f00000002c0)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7", @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x42}, 0x28)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}})
setsockopt$sock_attach_bpf(r2, 0x88, 0xa, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f00000000c0)=@llc={0x1a, 0x10, 0x6, 0x3, 0x5, 0x0, @local}, 0x80, 0x0}, 0x40)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={0xffffffffffffffff, &(0x7f0000000780)="4a09ecc174cc05e3881fd996aeffeae66cf5a5f5164d9d9f58a356faf51b21a18e5c08158631efe5957f99be6ed94151ca365afc104b1045c3c5299687dc0d71098fd6912c1ee9c4bf6a504fa22244acc0898f7f033c6af369787b0871e304bd289a472a2f2521cbbab6919ed206a313c5fb14673d29fa3dd5a03e8ab40765b543872919f42fe5e620ad640dfa7d55e6d442c817c7f377aee0170414abeca8496fa60cf58b1b64373497c0e4516fe677136d90d4ccf8709613b25155f7e18b67e9e50b4e2fdf50983ea3bca126b082758f0e2a2fdceb84089ee15764f55988da9cf8511f2bb2ec3b9e3d7d71ddbd3bb4f1b37d19", &(0x7f0000000340)=""/45, 0x4}, 0x20)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE(0x0, 0x0, 0x2e)
r8 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r8, 0x6, 0x9, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x0)

41.487302435s ago: executing program 3 (id=2156):
socket$kcm(0x2c, 0x3, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0xa, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0), 0xe8}, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000d000000b700000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68888a8", 0x0, 0xaded, 0x4000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

41.315592181s ago: executing program 0 (id=2157):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x100084, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0xa) (async)
r1 = socket$kcm(0x21, 0x2, 0xa)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f00000002c0)='\x02;\xe5\b\x00\x00\x9c\x00\xe4c\xbf\x00\x00\x00\x00PbS\xf2\"j\x88\xe7\xe1\x04\xd8\x92yJ\xba\xe0\xaf(\xda}\xb6p\xcb\xbd\f&\xb3]\t\x81\xd3\x0f\x18\xc9X\xba:\x1f\x94!\x8f\xd6F\xbar\xa8\xb8\xfc\x92\xc0\xfb\xdbd*f\x9c\ap\xd6\x1c,\x99\x8fWn\x16\xb9\x1el\xf4\xc8\x16\xc3\x05\x01\x9c\xa8\xd2\xe7J\xd0\xa5\xa8\xf4\xc0DL\x85ju\xe6\xdc\t\x15b\x12\xda\x83\xc5\xafQ\xed\x11\xda\x03\x05K|~B\xfe\xb6U\xae\xb1J\xc8\xe6\"t\x11N\x7f=\x9e\xbd\xd1\x8d\x90I\xbeb\xf6\x0f\xe8\xf4\xa8\\`0\x15[W\xd6\x95\f\x84\xe94]\xa5\xad\xb3\xd0\x80[\x92_\xca^8\x80\xa8\xd1\x9d\xe0Zu\x9f\xeb\xb7\xceM ;`37+P\xbc\xcafTT\xf7\x0f\xf1\xa7c<\x87\xf6\nI\x06\xdc\xb7\xf8\x12n)\x8df\xb3\xa8l\x92\xdcz]\x1c/\xa5/\x1f')
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000100)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x80, 0x0, 0x0, &(0x7f0000001240)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0x0)
socket$kcm(0x11, 0x3, 0x0) (async)
r2 = socket$kcm(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xd, 0x5a87, 0x4, 0x3, 0x18}, 0x48)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000200)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r3, &(0x7f0000000200)='blkio.bfq.io_queued\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0x1)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f0000000480)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611", 0x2c}, {&(0x7f0000001980)="7d586d16062b1e1b9685b88189e0093982f6994b8df2fe56386ed999f1b34b06f2f69618bf033adc88f5360397a115f725e1165f4333f06cbce55a5f20f3095d1492f30e34c2e78534aa2059bcdd5e6c215f8a1d23f5b78a8119bd6c6c6e104923606c286343b114791a0a866bcccd0fb4fa8a960d6e7a59fd52884294b949a1a028d0fd8aefa6ee1070863365ffdfc3ab2876f7423594e3ff0182a3b92a1d51842ad30dab67f17c9938c758102e63c18870f229e0ffd2398686915f863c49fdc6e949856be1d47dac4f6d56e49c9fe34ec3306a64761d6fce755e911854ad8aaf1eb5411bdd83773c3dbf8a774f02e39ce9a13692a2e62e497588697b3406011dff49e483b7af2e2ab2324cdb0854dd9c05fcd9f7891d3f4d166b88a26a1463ac7f87ab1108eb14620661c1eb302caa7417ef79e463c0447f90f85a5b7c8dfed05edcd6cd56eb526a10b859e6e23f7e8d0911defae5937f74d4b60e05992585a3a88d7234c77a5038ae4c84942a6dd682094421a9d22e412f8500823a9482dcddef53022db0e12a7ba36547b7a62e5a22279966bf8c9783d5ca2ebcff237bbbc50ae48f87e4bca97b69279826358efe838bd7a503a2d42ee1989e9302a22188", 0x1c0}], 0x2}, 0x24000008) (async)
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f0000000480)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611", 0x2c}, {&(0x7f0000001980)="7d586d16062b1e1b9685b88189e0093982f6994b8df2fe56386ed999f1b34b06f2f69618bf033adc88f5360397a115f725e1165f4333f06cbce55a5f20f3095d1492f30e34c2e78534aa2059bcdd5e6c215f8a1d23f5b78a8119bd6c6c6e104923606c286343b114791a0a866bcccd0fb4fa8a960d6e7a59fd52884294b949a1a028d0fd8aefa6ee1070863365ffdfc3ab2876f7423594e3ff0182a3b92a1d51842ad30dab67f17c9938c758102e63c18870f229e0ffd2398686915f863c49fdc6e949856be1d47dac4f6d56e49c9fe34ec3306a64761d6fce755e911854ad8aaf1eb5411bdd83773c3dbf8a774f02e39ce9a13692a2e62e497588697b3406011dff49e483b7af2e2ab2324cdb0854dd9c05fcd9f7891d3f4d166b88a26a1463ac7f87ab1108eb14620661c1eb302caa7417ef79e463c0447f90f85a5b7c8dfed05edcd6cd56eb526a10b859e6e23f7e8d0911defae5937f74d4b60e05992585a3a88d7234c77a5038ae4c84942a6dd682094421a9d22e412f8500823a9482dcddef53022db0e12a7ba36547b7a62e5a22279966bf8c9783d5ca2ebcff237bbbc50ae48f87e4bca97b69279826358efe838bd7a503a2d42ee1989e9302a22188", 0x1c0}], 0x2}, 0x24000008)

40.505601379s ago: executing program 3 (id=2158):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000640)="d8000000180081054e81f782db4cb904021d0800fe00fe2eb29a39b4d305e8fe55a10a001500060014460d000000000000007f170301a8001600a40002400f000100005c0461c1d6457f01a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee53502bc9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970300000000000000000000000000000000000000fe8899d1b098ed0b00000000e2a609", 0xdb}], 0x1}, 0x20000800)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x8, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, @perf_config_ext={0xffffffffffffff7f}, 0x0, 0x1, 0x0, 0x1, 0x20000, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x3, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002a00)=""/238, 0xee}, {&(0x7f0000000780)=""/4043, 0xfcb}, {&(0x7f0000003b00)=""/4130, 0x1022}, {&(0x7f0000003a40)=""/166, 0xa6}, {&(0x7f0000001900)=""/107, 0x6b}, {&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000000500)=""/225, 0xe1}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/66, 0x42}, {&(0x7f0000000240)=""/182, 0xb6}, {&(0x7f0000000000)=""/39, 0x27}], 0xb}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r2, 0x4)
sendmsg$kcm(r0, 0x0, 0x0)

0s ago: executing program 32 (id=2157):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xc}, 0x100084, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x21, 0x2, 0xa) (async)
r1 = socket$kcm(0x21, 0x2, 0xa)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f00000002c0)='\x02;\xe5\b\x00\x00\x9c\x00\xe4c\xbf\x00\x00\x00\x00PbS\xf2\"j\x88\xe7\xe1\x04\xd8\x92yJ\xba\xe0\xaf(\xda}\xb6p\xcb\xbd\f&\xb3]\t\x81\xd3\x0f\x18\xc9X\xba:\x1f\x94!\x8f\xd6F\xbar\xa8\xb8\xfc\x92\xc0\xfb\xdbd*f\x9c\ap\xd6\x1c,\x99\x8fWn\x16\xb9\x1el\xf4\xc8\x16\xc3\x05\x01\x9c\xa8\xd2\xe7J\xd0\xa5\xa8\xf4\xc0DL\x85ju\xe6\xdc\t\x15b\x12\xda\x83\xc5\xafQ\xed\x11\xda\x03\x05K|~B\xfe\xb6U\xae\xb1J\xc8\xe6\"t\x11N\x7f=\x9e\xbd\xd1\x8d\x90I\xbeb\xf6\x0f\xe8\xf4\xa8\\`0\x15[W\xd6\x95\f\x84\xe94]\xa5\xad\xb3\xd0\x80[\x92_\xca^8\x80\xa8\xd1\x9d\xe0Zu\x9f\xeb\xb7\xceM ;`37+P\xbc\xcafTT\xf7\x0f\xf1\xa7c<\x87\xf6\nI\x06\xdc\xb7\xf8\x12n)\x8df\xb3\xa8l\x92\xdcz]\x1c/\xa5/\x1f')
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000100)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x80, 0x0, 0x0, &(0x7f0000001240)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0x0)
socket$kcm(0x11, 0x3, 0x0) (async)
r2 = socket$kcm(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xd, 0x5a87, 0x4, 0x3, 0x18}, 0x48)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000200)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r3, &(0x7f0000000200)='blkio.bfq.io_queued\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0x1)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f0000000480)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611", 0x2c}, {&(0x7f0000001980)="7d586d16062b1e1b9685b88189e0093982f6994b8df2fe56386ed999f1b34b06f2f69618bf033adc88f5360397a115f725e1165f4333f06cbce55a5f20f3095d1492f30e34c2e78534aa2059bcdd5e6c215f8a1d23f5b78a8119bd6c6c6e104923606c286343b114791a0a866bcccd0fb4fa8a960d6e7a59fd52884294b949a1a028d0fd8aefa6ee1070863365ffdfc3ab2876f7423594e3ff0182a3b92a1d51842ad30dab67f17c9938c758102e63c18870f229e0ffd2398686915f863c49fdc6e949856be1d47dac4f6d56e49c9fe34ec3306a64761d6fce755e911854ad8aaf1eb5411bdd83773c3dbf8a774f02e39ce9a13692a2e62e497588697b3406011dff49e483b7af2e2ab2324cdb0854dd9c05fcd9f7891d3f4d166b88a26a1463ac7f87ab1108eb14620661c1eb302caa7417ef79e463c0447f90f85a5b7c8dfed05edcd6cd56eb526a10b859e6e23f7e8d0911defae5937f74d4b60e05992585a3a88d7234c77a5038ae4c84942a6dd682094421a9d22e412f8500823a9482dcddef53022db0e12a7ba36547b7a62e5a22279966bf8c9783d5ca2ebcff237bbbc50ae48f87e4bca97b69279826358efe838bd7a503a2d42ee1989e9302a22188", 0x1c0}], 0x2}, 0x24000008) (async)
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f0000000480)=[{&(0x7f00000007c0)="27031c0016001400020000000000000006e1f0000000890900000002ee1680ca82973d2bd4b836954268e611", 0x2c}, {&(0x7f0000001980)="7d586d16062b1e1b9685b88189e0093982f6994b8df2fe56386ed999f1b34b06f2f69618bf033adc88f5360397a115f725e1165f4333f06cbce55a5f20f3095d1492f30e34c2e78534aa2059bcdd5e6c215f8a1d23f5b78a8119bd6c6c6e104923606c286343b114791a0a866bcccd0fb4fa8a960d6e7a59fd52884294b949a1a028d0fd8aefa6ee1070863365ffdfc3ab2876f7423594e3ff0182a3b92a1d51842ad30dab67f17c9938c758102e63c18870f229e0ffd2398686915f863c49fdc6e949856be1d47dac4f6d56e49c9fe34ec3306a64761d6fce755e911854ad8aaf1eb5411bdd83773c3dbf8a774f02e39ce9a13692a2e62e497588697b3406011dff49e483b7af2e2ab2324cdb0854dd9c05fcd9f7891d3f4d166b88a26a1463ac7f87ab1108eb14620661c1eb302caa7417ef79e463c0447f90f85a5b7c8dfed05edcd6cd56eb526a10b859e6e23f7e8d0911defae5937f74d4b60e05992585a3a88d7234c77a5038ae4c84942a6dd682094421a9d22e412f8500823a9482dcddef53022db0e12a7ba36547b7a62e5a22279966bf8c9783d5ca2ebcff237bbbc50ae48f87e4bca97b69279826358efe838bd7a503a2d42ee1989e9302a22188", 0x1c0}], 0x2}, 0x24000008)

kernel console output (not intermixed with test programs):

55.801881][ T9202] FAULT_INJECTION: forcing a failure.
[  355.801881][ T9202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.804712][ T9200] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1191'.
[  355.839557][ T9202] CPU: 0 PID: 9202 Comm: syz.0.1192 Not tainted syzkaller #0
[  355.847117][ T9202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  355.857342][ T9202] Call Trace:
[  355.860793][ T9202]  <TASK>
[  355.863875][ T9202]  dump_stack_lvl+0x18c/0x250
[  355.868631][ T9202]  ? show_regs_print_info+0x20/0x20
[  355.873894][ T9202]  ? load_image+0x420/0x420
[  355.878571][ T9202]  ? __lock_acquire+0x7d40/0x7d40
[  355.883666][ T9202]  ? snprintf+0xe9/0x140
[  355.887989][ T9202]  should_fail_ex+0x39d/0x4d0
[  355.892749][ T9202]  _copy_to_user+0x2f/0xa0
[  355.897238][ T9202]  simple_read_from_buffer+0xe7/0x150
[  355.902689][ T9202]  proc_fail_nth_read+0x1e8/0x260
[  355.907976][ T9202]  ? proc_fault_inject_write+0x360/0x360
[  355.913690][ T9202]  ? fsnotify_perm+0x271/0x5e0
[  355.918527][ T9202]  ? proc_fault_inject_write+0x360/0x360
[  355.924219][ T9202]  vfs_read+0x28b/0x970
[  355.928550][ T9202]  ? kernel_read+0x1e0/0x1e0
[  355.933217][ T9202]  ? __fget_files+0x28/0x4b0
[  355.937867][ T9202]  ? __fget_files+0x28/0x4b0
[  355.942517][ T9202]  ? __fget_files+0x43d/0x4b0
[  355.947438][ T9202]  ? __fdget_pos+0x2a3/0x330
[  355.952089][ T9202]  ? ksys_read+0x75/0x260
[  355.956490][ T9202]  ksys_read+0x150/0x260
[  355.960960][ T9202]  ? vfs_write+0x990/0x990
[  355.965540][ T9202]  ? lockdep_hardirqs_on+0x98/0x150
[  355.970808][ T9202]  do_syscall_64+0x55/0xa0
[  355.975288][ T9202]  ? clear_bhb_loop+0x40/0x90
[  355.980283][ T9202]  ? clear_bhb_loop+0x40/0x90
[  355.985016][ T9202]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  355.990964][ T9202] RIP: 0033:0x7fbf0455d04e
[  355.995517][ T9202] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  356.016056][ T9202] RSP: 002b:00007fbf053cbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  356.024565][ T9202] RAX: ffffffffffffffda RBX: 00007fbf053cc6c0 RCX: 00007fbf0455d04e
[  356.032687][ T9202] RDX: 000000000000000f RSI: 00007fbf053cc0a0 RDI: 0000000000000006
[  356.040709][ T9202] RBP: 00007fbf053cc090 R08: 0000000000000000 R09: 0000000000000000
[  356.048814][ T9202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.056842][ T9202] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  356.064884][ T9202]  </TASK>
[  356.232566][ T9211] netlink: 'syz.0.1197': attribute type 8 has an invalid length.
[  356.240563][ T9211] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1197'.
[  356.426285][ T9212] netlink: 'syz.1.1196': attribute type 1 has an invalid length.
[  356.452506][ T9212] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.1196'.
[  356.557851][ T9219] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1200'.
[  356.584775][ T9219] netlink: 'syz.3.1200': attribute type 10 has an invalid length.
[  356.594392][ T9219] team0: Device hsr_slave_0 failed to register rx_handler
[  357.263599][ T9229] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1204'.
[  358.607958][ T9252] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1213'.
[  358.660420][ T9250] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1214'.
[  358.688513][ T9252] netlink: 'syz.0.1213': attribute type 10 has an invalid length.
[  358.715988][ T9252] team0: Device hsr_slave_0 failed to register rx_handler
[  359.053513][ T9267] netlink: 'syz.1.1219': attribute type 19 has an invalid length.
[  359.069903][ T9267] batman_adv: batadv0: Interface deactivated: veth1_virt_wifi
[  360.177144][ T9288] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1226'.
[  360.678633][ T9304] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1230'.
[  360.720521][ T9304] netlink: 'syz.2.1230': attribute type 10 has an invalid length.
[  360.731582][ T9304] team0: Device hsr_slave_0 failed to register rx_handler
[  360.878935][ T9314] FAULT_INJECTION: forcing a failure.
[  360.878935][ T9314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.924926][ T9314] CPU: 1 PID: 9314 Comm: syz.2.1234 Not tainted syzkaller #0
[  360.932491][ T9314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  360.942838][ T9314] Call Trace:
[  360.946302][ T9314]  <TASK>
[  360.949479][ T9314]  dump_stack_lvl+0x18c/0x250
[  360.954258][ T9314]  ? show_regs_print_info+0x20/0x20
[  360.959633][ T9314]  ? load_image+0x420/0x420
[  360.964303][ T9314]  ? __lock_acquire+0x7d40/0x7d40
[  360.969403][ T9314]  ? __local_bh_enable_ip+0x13a/0x1c0
[  360.974853][ T9314]  should_fail_ex+0x39d/0x4d0
[  360.979622][ T9314]  _copy_from_user+0x2f/0xe0
[  360.984288][ T9314]  copy_from_sockptr+0x69/0x80
[  360.989126][ T9314]  do_ipv6_setsockopt+0xf20/0x3e20
[  360.994341][ T9314]  ? sk_dst_reset+0xa0/0xa0
[  360.998920][ T9314]  ? perf_trace_run_bpf_submit+0x1c0/0x1c0
[  361.004987][ T9314]  ? aa_label_sk_perm+0x463/0x5c0
[  361.010138][ T9314]  ? aa_sk_perm+0x970/0x970
[  361.014760][ T9314]  ? trace_event_raw_event_lock+0x250/0x250
[  361.020728][ T9314]  ? __might_sleep+0xe0/0xe0
[  361.025489][ T9314]  ? ksys_write+0x1c4/0x260
[  361.030103][ T9314]  ? aa_sk_perm+0x83c/0x970
[  361.034770][ T9314]  ? __fget_files+0x28/0x4b0
[  361.039450][ T9314]  ? aa_af_perm+0x330/0x330
[  361.044142][ T9314]  ? __fget_files+0x28/0x4b0
[  361.048800][ T9314]  ? __fget_files+0x28/0x4b0
[  361.053479][ T9314]  ? aa_sock_opt_perm+0x74/0x100
[  361.058493][ T9314]  ipv6_setsockopt+0x59/0x190
[  361.063249][ T9314]  ? sock_common_recvmsg+0x190/0x190
[  361.068623][ T9314]  do_sock_setsockopt+0x175/0x1a0
[  361.073715][ T9314]  ? __fdget+0x180/0x210
[  361.078037][ T9314]  __x64_sys_setsockopt+0x182/0x200
[  361.083402][ T9314]  do_syscall_64+0x55/0xa0
[  361.087875][ T9314]  ? clear_bhb_loop+0x40/0x90
[  361.092755][ T9314]  ? clear_bhb_loop+0x40/0x90
[  361.097526][ T9314]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  361.103500][ T9314] RIP: 0033:0x7f275a59c819
[  361.107985][ T9314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  361.127766][ T9314] RSP: 002b:00007f275b486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  361.136266][ T9314] RAX: ffffffffffffffda RBX: 00007f275a815fa0 RCX: 00007f275a59c819
[  361.144407][ T9314] RDX: 0000000000000014 RSI: 0000000000000029 RDI: 0000000000000004
[  361.152460][ T9314] RBP: 00007f275b486090 R08: 0000000000000120 R09: 0000000000000000
[  361.160585][ T9314] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  361.168632][ T9314] R13: 00007f275a816038 R14: 00007f275a815fa0 R15: 00007ffc90f50908
[  361.176807][ T9314]  </TASK>
[  361.824996][ T9321] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1237'.
[  362.039801][ T9325] netlink: 'syz.0.1240': attribute type 4 has an invalid length.
[  362.069706][ T9325] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1240'.
[  363.774714][ T9351] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1251'.
[  363.961743][ T9355] netlink: 'syz.3.1252': attribute type 10 has an invalid length.
[  364.132782][ T9359] netlink: 'syz.1.1254': attribute type 4 has an invalid length.
[  364.140959][ T9359] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1254'.
[  367.393415][ T9383] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1262'.
[  367.559961][ T9386] FAULT_INJECTION: forcing a failure.
[  367.559961][ T9386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.574115][ T9386] CPU: 0 PID: 9386 Comm: syz.0.1264 Not tainted syzkaller #0
[  367.581640][ T9386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  367.591851][ T9386] Call Trace:
[  367.595189][ T9386]  <TASK>
[  367.598447][ T9386]  dump_stack_lvl+0x18c/0x250
[  367.603384][ T9386]  ? show_regs_print_info+0x20/0x20
[  367.608832][ T9386]  ? load_image+0x420/0x420
[  367.613479][ T9386]  ? __might_fault+0xaa/0x120
[  367.618223][ T9386]  ? __lock_acquire+0x7d40/0x7d40
[  367.623342][ T9386]  should_fail_ex+0x39d/0x4d0
[  367.628125][ T9386]  _copy_from_user+0x2f/0xe0
[  367.632784][ T9386]  __sys_bpf+0x23e/0x890
[  367.637090][ T9386]  ? bpf_link_show_fdinfo+0x390/0x390
[  367.642707][ T9386]  ? lock_chain_count+0x20/0x20
[  367.647601][ T9386]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  367.653636][ T9386]  __x64_sys_bpf+0x7c/0x90
[  367.658103][ T9386]  do_syscall_64+0x55/0xa0
[  367.662557][ T9386]  ? clear_bhb_loop+0x40/0x90
[  367.667363][ T9386]  ? clear_bhb_loop+0x40/0x90
[  367.672172][ T9386]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  367.678127][ T9386] RIP: 0033:0x7fbf0459c819
[  367.682785][ T9386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  367.702539][ T9386] RSP: 002b:00007fbf053cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  367.711018][ T9386] RAX: ffffffffffffffda RBX: 00007fbf04815fa0 RCX: 00007fbf0459c819
[  367.719124][ T9386] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  367.727256][ T9386] RBP: 00007fbf053cc090 R08: 0000000000000000 R09: 0000000000000000
[  367.735302][ T9386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.743363][ T9386] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  367.751511][ T9386]  </TASK>
[  367.793975][ T9390] netlink: 'syz.2.1265': attribute type 4 has an invalid length.
[  367.806489][ T9390] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1265'.
[  368.216272][ T9409] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1276'.
[  368.640971][ T9421] netlink: 'syz.1.1282': attribute type 4 has an invalid length.
[  368.650132][ T9421] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1282'.
[  369.013149][ T3485] tipc: Subscription rejected, illegal request
[  369.165211][ T9436] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1288'.
[  369.572165][ T9447] netlink: 'syz.0.1293': attribute type 4 has an invalid length.
[  369.587314][ T9447] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1293'.
[  369.781560][ T9455] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1298'.
[  371.259399][ T9485] netlink: 'syz.0.1307': attribute type 4 has an invalid length.
[  371.279364][ T9485] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1307'.
[  371.453766][ T9492] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1310'.
[  371.826137][ T9505] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1316'.
[  371.845411][ T9505] netlink: 'syz.0.1316': attribute type 10 has an invalid length.
[  371.859944][ T9505] team0: Device hsr_slave_0 failed to register rx_handler
[  372.130173][ T9515] netlink: 'syz.0.1321': attribute type 4 has an invalid length.
[  372.503267][ T9519] tap2: tun_chr_ioctl cmd 1074025677
[  372.536923][ T9519] tap2: linktype set to 805
[  372.543355][ T9518] __nla_validate_parse: 1 callbacks suppressed
[  372.543399][ T9518] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1322'.
[  372.832251][ T9532] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1327'.
[  372.852090][ T9532] netlink: 'syz.2.1327': attribute type 10 has an invalid length.
[  372.866969][ T9532] team0: Device hsr_slave_0 failed to register rx_handler
[  373.120104][ T9542] netlink: 'syz.1.1331': attribute type 4 has an invalid length.
[  373.139222][ T9542] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1331'.
[  373.457711][ T9556] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1335'.
[  373.583920][ T9560] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1338'.
[  373.634603][ T9560] netlink: 'syz.2.1338': attribute type 10 has an invalid length.
[  373.654354][ T9560] team0: Device hsr_slave_0 failed to register rx_handler
[  373.762826][ T9567] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1340'.
[  373.943874][ T9574] netlink: 'syz.2.1343': attribute type 4 has an invalid length.
[  373.952365][ T9574] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1343'.
[  374.491928][ T9593] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1349'.
[  374.696027][ T9597] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1351'.
[  374.712108][ T9597] netlink: 'syz.2.1351': attribute type 10 has an invalid length.
[  374.722818][ T9597] team0: Device hsr_slave_0 failed to register rx_handler
[  375.015074][ T9605] netlink: 'syz.1.1355': attribute type 4 has an invalid length.
[  375.029193][ T9605] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1355'.
[  375.402762][ T9620] netlink: 'syz.0.1362': attribute type 10 has an invalid length.
[  375.421737][ T9620] team0: Device hsr_slave_0 failed to register rx_handler
[  375.705741][ T9634] netlink: 'syz.2.1368': attribute type 4 has an invalid length.
[  375.953030][ T9645] netlink: 'syz.2.1371': attribute type 15 has an invalid length.
[  375.979049][ T9645] netlink: 'syz.2.1371': attribute type 5 has an invalid length.
[  376.444733][ T9655] team0: Device hsr_slave_0 failed to register rx_handler
[  377.974768][ T9672] __nla_validate_parse: 9 callbacks suppressed
[  377.974836][ T9672] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1383'.
[  378.335736][ T9685] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1386'.
[  378.363989][ T9685] validate_nla: 3 callbacks suppressed
[  378.364013][ T9685] netlink: 'syz.3.1386': attribute type 10 has an invalid length.
[  378.410029][ T9685] team0: Device hsr_slave_0 failed to register rx_handler
[  379.172614][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  379.185354][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  379.267079][ T9693] netlink: 'syz.1.1390': attribute type 4 has an invalid length.
[  379.283160][ T9693] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1390'.
[  379.481405][ T9704] netlink: 'syz.0.1393': attribute type 8 has an invalid length.
[  379.520193][ T9704] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1393'.
[  379.808592][ T9711] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1397'.
[  380.416408][ T9718] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1400'.
[  380.543107][ T9718] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  380.915311][ T9733] netlink: 'syz.0.1404': attribute type 4 has an invalid length.
[  380.925694][ T9733] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1404'.
[  381.193911][ T9741] netlink: 'syz.3.1408': attribute type 8 has an invalid length.
[  381.209185][ T9741] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1408'.
[  381.312996][ T9743] netlink: 'syz.1.1409': attribute type 11 has an invalid length.
[  381.331763][ T9743] netlink: 184116 bytes leftover after parsing attributes in process `syz.1.1409'.
[  381.378274][ T9743] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  381.400302][ T9743] CPU: 1 PID: 9743 Comm: syz.1.1409 Not tainted syzkaller #0
[  381.407779][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  381.418067][ T9743] Call Trace:
[  381.421489][ T9743]  <TASK>
[  381.424466][ T9743]  dump_stack_lvl+0x18c/0x250
[  381.429219][ T9743]  ? show_regs_print_info+0x20/0x20
[  381.434566][ T9743]  ? load_image+0x420/0x420
[  381.439166][ T9743]  sysfs_warn_dup+0x8e/0xa0
[  381.443803][ T9743]  sysfs_do_create_link_sd+0xc0/0x110
[  381.449237][ T9743]  device_add_class_symlinks+0x1cf/0x240
[  381.454932][ T9743]  device_add+0x507/0xc20
[  381.459392][ T9743]  wiphy_register+0x1dad/0x2ae0
[  381.464470][ T9743]  ? cfg80211_event_work+0x40/0x40
[  381.469614][ T9743]  ? minstrel_ht_alloc+0x88a/0x990
[  381.474775][ T9743]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  381.480890][ T9743]  ieee80211_register_hw+0x3464/0x4250
[  381.486487][ T9743]  ? ieee80211_tasklet_handler+0x20/0x20
[  381.492158][ T9743]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  381.498092][ T9743]  ? __debug_object_init+0xec/0x450
[  381.503329][ T9743]  ? __asan_memset+0x22/0x40
[  381.507989][ T9743]  ? __hrtimer_init+0x186/0x270
[  381.512909][ T9743]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  381.518860][ T9743]  ? mac80211_hwsim_free+0x220/0x220
[  381.524199][ T9743]  ? rcu_is_watching+0x15/0xb0
[  381.529180][ T9743]  ? kstrndup+0xbd/0x140
[  381.533639][ T9743]  hwsim_new_radio_nl+0xdc9/0x1a90
[  381.538783][ T9743]  ? __nla_validate+0x50/0x50
[  381.543514][ T9743]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  381.549883][ T9743]  ? __nla_parse+0x40/0x50
[  381.554848][ T9743]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  381.561241][ T9743]  genl_family_rcv_msg_doit+0x211/0x310
[  381.566815][ T9743]  ? end_current_label_crit_section+0x170/0x170
[  381.573092][ T9743]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  381.579032][ T9743]  ? bpf_lsm_capable+0x9/0x10
[  381.583754][ T9743]  ? security_capable+0x89/0xb0
[  381.588659][ T9743]  genl_rcv_msg+0x619/0x7a0
[  381.593215][ T9743]  ? genl_bind+0x360/0x360
[  381.597699][ T9743]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  381.604143][ T9743]  ? ref_tracker_free+0x690/0x840
[  381.609245][ T9743]  netlink_rcv_skb+0x241/0x4d0
[  381.614143][ T9743]  ? genl_bind+0x360/0x360
[  381.618771][ T9743]  ? netlink_ack+0x1180/0x1180
[  381.623610][ T9743]  ? __lock_acquire+0x7d40/0x7d40
[  381.628682][ T9743]  ? down_read+0x1ac/0x2e0
[  381.633143][ T9743]  genl_rcv+0x28/0x40
[  381.637152][ T9743]  netlink_unicast+0x751/0x8d0
[  381.642251][ T9743]  netlink_sendmsg+0x8d0/0xbf0
[  381.647153][ T9743]  ? netlink_getsockopt+0x590/0x590
[  381.652388][ T9743]  ? aa_sock_msg_perm+0x94/0x150
[  381.657364][ T9743]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  381.662682][ T9743]  ? security_socket_sendmsg+0x80/0xa0
[  381.668193][ T9743]  ? netlink_getsockopt+0x590/0x590
[  381.673447][ T9743]  ____sys_sendmsg+0x5ba/0x960
[  381.678267][ T9743]  ? __asan_memset+0x22/0x40
[  381.682897][ T9743]  ? __sys_sendmsg_sock+0x30/0x30
[  381.687946][ T9743]  ? __import_iovec+0x5f2/0x850
[  381.692863][ T9743]  ? import_iovec+0x73/0xa0
[  381.697397][ T9743]  ___sys_sendmsg+0x2a6/0x360
[  381.702107][ T9743]  ? __sys_sendmsg+0x2a0/0x2a0
[  381.706943][ T9743]  __se_sys_sendmsg+0x1c2/0x2b0
[  381.711825][ T9743]  ? __x64_sys_sendmsg+0x80/0x80
[  381.716811][ T9743]  ? lockdep_hardirqs_on+0x98/0x150
[  381.722056][ T9743]  do_syscall_64+0x55/0xa0
[  381.726497][ T9743]  ? clear_bhb_loop+0x40/0x90
[  381.731217][ T9743]  ? clear_bhb_loop+0x40/0x90
[  381.735931][ T9743]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  381.741858][ T9743] RIP: 0033:0x7fec1019c819
[  381.746305][ T9743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  381.765951][ T9743] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.774395][ T9743] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  381.782402][ T9743] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  381.790406][ T9743] RBP: 00007fec10232c91 R08: 0000000000000000 R09: 0000000000000000
[  381.798420][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  381.806418][ T9743] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  381.814439][ T9743]  </TASK>
[  381.887263][ T9749] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1411'.
[  381.946972][ T9743] netlink: 'syz.1.1409': attribute type 11 has an invalid length.
[  381.968317][ T9743] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  381.984146][ T9743] CPU: 1 PID: 9743 Comm: syz.1.1409 Not tainted syzkaller #0
[  381.991713][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  382.001830][ T9743] Call Trace:
[  382.005330][ T9743]  <TASK>
[  382.008313][ T9743]  dump_stack_lvl+0x18c/0x250
[  382.013068][ T9743]  ? show_regs_print_info+0x20/0x20
[  382.018344][ T9743]  ? load_image+0x420/0x420
[  382.022935][ T9743]  sysfs_warn_dup+0x8e/0xa0
[  382.027493][ T9743]  sysfs_do_create_link_sd+0xc0/0x110
[  382.032921][ T9743]  device_add_class_symlinks+0x1cf/0x240
[  382.038622][ T9743]  device_add+0x507/0xc20
[  382.043026][ T9743]  wiphy_register+0x1dad/0x2ae0
[  382.047968][ T9743]  ? cfg80211_event_work+0x40/0x40
[  382.053214][ T9743]  ? minstrel_ht_alloc+0x88a/0x990
[  382.058499][ T9743]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  382.064638][ T9743]  ieee80211_register_hw+0x3464/0x4250
[  382.070637][ T9743]  ? ieee80211_tasklet_handler+0x20/0x20
[  382.076336][ T9743]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  382.082313][ T9743]  ? __debug_object_init+0xec/0x450
[  382.087593][ T9743]  ? __asan_memset+0x22/0x40
[  382.092436][ T9743]  ? __hrtimer_init+0x186/0x270
[  382.097364][ T9743]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  382.103332][ T9743]  ? mac80211_hwsim_free+0x220/0x220
[  382.108695][ T9743]  ? rcu_is_watching+0x15/0xb0
[  382.113533][ T9743]  ? kstrndup+0xbd/0x140
[  382.117942][ T9743]  hwsim_new_radio_nl+0xdc9/0x1a90
[  382.123303][ T9743]  ? __nla_validate+0x50/0x50
[  382.128065][ T9743]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  382.134474][ T9743]  ? __nla_parse+0x40/0x50
[  382.138986][ T9743]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  382.145389][ T9743]  genl_family_rcv_msg_doit+0x211/0x310
[  382.151006][ T9743]  ? end_current_label_crit_section+0x170/0x170
[  382.157349][ T9743]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  382.163334][ T9743]  ? bpf_lsm_capable+0x9/0x10
[  382.168258][ T9743]  ? security_capable+0x89/0xb0
[  382.173185][ T9743]  genl_rcv_msg+0x619/0x7a0
[  382.177754][ T9743]  ? genl_bind+0x360/0x360
[  382.182232][ T9743]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  382.188625][ T9743]  ? perf_trace_lock+0xfc/0x3b0
[  382.193725][ T9743]  netlink_rcv_skb+0x241/0x4d0
[  382.198568][ T9743]  ? genl_bind+0x360/0x360
[  382.203045][ T9743]  ? netlink_ack+0x1180/0x1180
[  382.207893][ T9743]  ? __lock_acquire+0x7d40/0x7d40
[  382.212997][ T9743]  ? down_read+0x1ac/0x2e0
[  382.217487][ T9743]  genl_rcv+0x28/0x40
[  382.221532][ T9743]  netlink_unicast+0x751/0x8d0
[  382.226386][ T9743]  netlink_sendmsg+0x8d0/0xbf0
[  382.231239][ T9743]  ? netlink_getsockopt+0x590/0x590
[  382.236519][ T9743]  ? aa_sock_msg_perm+0x94/0x150
[  382.241529][ T9743]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  382.246875][ T9743]  ? security_socket_sendmsg+0x80/0xa0
[  382.252482][ T9743]  ? netlink_getsockopt+0x590/0x590
[  382.257765][ T9743]  ____sys_sendmsg+0x5ba/0x960
[  382.262885][ T9743]  ? __asan_memset+0x22/0x40
[  382.267549][ T9743]  ? __sys_sendmsg_sock+0x30/0x30
[  382.272634][ T9743]  ? __import_iovec+0x5f2/0x850
[  382.277556][ T9743]  ? import_iovec+0x73/0xa0
[  382.282169][ T9743]  ___sys_sendmsg+0x2a6/0x360
[  382.286961][ T9743]  ? __sys_sendmsg+0x2a0/0x2a0
[  382.291989][ T9743]  ? trace_call_bpf+0xc3/0x6c0
[  382.296890][ T9743]  __se_sys_sendmsg+0x1c2/0x2b0
[  382.301804][ T9743]  ? __x64_sys_sendmsg+0x80/0x80
[  382.306815][ T9743]  ? lockdep_hardirqs_on+0x98/0x150
[  382.312097][ T9743]  do_syscall_64+0x55/0xa0
[  382.316581][ T9743]  ? clear_bhb_loop+0x40/0x90
[  382.321328][ T9743]  ? clear_bhb_loop+0x40/0x90
[  382.326084][ T9743]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  382.332054][ T9743] RIP: 0033:0x7fec1019c819
[  382.336518][ T9743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.356258][ T9743] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.364797][ T9743] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  382.372888][ T9743] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  382.380883][ T9743] RBP: 00007fec10232c91 R08: 0000000000000000 R09: 0000000000000000
[  382.388893][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.396902][ T9743] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  382.405015][ T9743]  </TASK>
[  382.656865][ T9760] -1: renamed from syzkaller0
[  382.665570][ T9764] netlink: 'syz.0.1415': attribute type 4 has an invalid length.
[  383.646461][ T9773] netlink: 'syz.1.1420': attribute type 8 has an invalid length.
[  383.658067][ T9773] __nla_validate_parse: 2 callbacks suppressed
[  383.658086][ T9773] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1420'.
[  384.314801][ T9790] netlink: 763 bytes leftover after parsing attributes in process `syz.3.1423'.
[  385.183487][ T9796] netlink: 'syz.1.1427': attribute type 4 has an invalid length.
[  385.203701][ T9796] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1427'.
[  385.576429][ T9809] netlink: 'syz.0.1433': attribute type 8 has an invalid length.
[  385.604971][ T9809] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1433'.
[  385.639293][ T9812] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1435'.
[  385.732999][ T9809] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1433'.
[  386.789407][ T9829] netlink: 'syz.1.1441': attribute type 4 has an invalid length.
[  386.797243][ T9829] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1441'.
[  387.143678][ T9841] netlink: 'syz.3.1448': attribute type 8 has an invalid length.
[  387.164336][ T9841] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1448'.
[  387.217065][ T9843] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1447'.
[  387.241020][ T9844] netlink: 1047 bytes leftover after parsing attributes in process `syz.2.1444'.
[  387.690370][ T9852] netlink: 'syz.0.1451': attribute type 8 has an invalid length.
[  387.720518][ T9855] netlink: 'syz.3.1453': attribute type 4 has an invalid length.
[  387.887608][ T9860] netlink: 'syz.3.1455': attribute type 4 has an invalid length.
[  388.777381][ T9868] __nla_validate_parse: 4 callbacks suppressed
[  388.777450][ T9868] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1459'.
[  388.932498][ T9874] netlink: 'syz.1.1462': attribute type 8 has an invalid length.
[  388.942558][ T9874] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1462'.
[  388.984901][ T9874] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1462'.
[  389.006271][ T9877] netlink: set zone limit has 8 unknown bytes
[  389.397036][ T9877] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1461'.
[  390.015218][ T9885] macvlan1: entered promiscuous mode
[  390.183776][ T9892] netlink: 'syz.3.1466': attribute type 8 has an invalid length.
[  390.203566][ T9892] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1466'.
[  390.258852][ T9894] netlink: 'syz.2.1468': attribute type 4 has an invalid length.
[  390.289106][ T9894] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1468'.
[  391.155054][ T9905] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1471'.
[  391.230039][ T9908] netlink: 'syz.3.1473': attribute type 8 has an invalid length.
[  391.238294][ T9908] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1473'.
[  391.284830][ T9908] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1473'.
[  391.623719][ T9921] netlink: 'syz.0.1480': attribute type 4 has an invalid length.
[  391.632576][ T9921] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1480'.
[  391.897572][ T9914] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  391.920425][ T9914] CPU: 1 PID: 9914 Comm: syz.1.1477 Not tainted syzkaller #0
[  391.927995][ T9914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  391.938158][ T9914] Call Trace:
[  391.941506][ T9914]  <TASK>
[  391.944481][ T9914]  dump_stack_lvl+0x18c/0x250
[  391.949235][ T9914]  ? show_regs_print_info+0x20/0x20
[  391.954501][ T9914]  ? load_image+0x420/0x420
[  391.959079][ T9914]  sysfs_warn_dup+0x8e/0xa0
[  391.963633][ T9914]  sysfs_do_create_link_sd+0xc0/0x110
[  391.969057][ T9914]  device_add_class_symlinks+0x1cf/0x240
[  391.974759][ T9914]  device_add+0x507/0xc20
[  391.979161][ T9914]  wiphy_register+0x1dad/0x2ae0
[  391.984096][ T9914]  ? cfg80211_event_work+0x40/0x40
[  391.989259][ T9914]  ? minstrel_ht_alloc+0x88a/0x990
[  391.994423][ T9914]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  392.000812][ T9914]  ieee80211_register_hw+0x3464/0x4250
[  392.006346][ T9914]  ? ieee80211_tasklet_handler+0x20/0x20
[  392.012027][ T9914]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  392.017980][ T9914]  ? __debug_object_init+0xec/0x450
[  392.023235][ T9914]  ? __asan_memset+0x22/0x40
[  392.027862][ T9914]  ? __hrtimer_init+0x186/0x270
[  392.032754][ T9914]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  392.038524][ T9914]  ? mac80211_hwsim_free+0x220/0x220
[  392.043929][ T9914]  ? rcu_is_watching+0x15/0xb0
[  392.048730][ T9914]  ? kstrndup+0xbd/0x140
[  392.053015][ T9914]  hwsim_new_radio_nl+0xdc9/0x1a90
[  392.058161][ T9914]  ? __nla_validate+0x50/0x50
[  392.063050][ T9914]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  392.069504][ T9914]  ? __nla_parse+0x40/0x50
[  392.073946][ T9914]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  392.080395][ T9914]  genl_family_rcv_msg_doit+0x211/0x310
[  392.086089][ T9914]  ? end_current_label_crit_section+0x170/0x170
[  392.092381][ T9914]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  392.098314][ T9914]  ? bpf_lsm_capable+0x9/0x10
[  392.103129][ T9914]  ? security_capable+0x89/0xb0
[  392.108021][ T9914]  genl_rcv_msg+0x619/0x7a0
[  392.112592][ T9914]  ? genl_bind+0x360/0x360
[  392.117059][ T9914]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  392.123522][ T9914]  netlink_rcv_skb+0x241/0x4d0
[  392.128387][ T9914]  ? genl_bind+0x360/0x360
[  392.132842][ T9914]  ? netlink_ack+0x1180/0x1180
[  392.137659][ T9914]  ? __lock_acquire+0x7d40/0x7d40
[  392.142781][ T9914]  ? down_read+0x1ac/0x2e0
[  392.147414][ T9914]  genl_rcv+0x28/0x40
[  392.151471][ T9914]  netlink_unicast+0x751/0x8d0
[  392.156286][ T9914]  netlink_sendmsg+0x8d0/0xbf0
[  392.161180][ T9914]  ? lockdep_hardirqs_on+0x98/0x150
[  392.166421][ T9914]  ? netlink_getsockopt+0x590/0x590
[  392.171667][ T9914]  ? aa_sock_msg_perm+0x94/0x150
[  392.176640][ T9914]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  392.181965][ T9914]  ? security_socket_sendmsg+0x80/0xa0
[  392.187459][ T9914]  ? netlink_getsockopt+0x590/0x590
[  392.192696][ T9914]  ____sys_sendmsg+0x5ba/0x960
[  392.197591][ T9914]  ? __asan_memset+0x22/0x40
[  392.202396][ T9914]  ? __sys_sendmsg_sock+0x30/0x30
[  392.207565][ T9914]  ? __import_iovec+0x5f2/0x850
[  392.212486][ T9914]  ? import_iovec+0x73/0xa0
[  392.217144][ T9914]  ___sys_sendmsg+0x2a6/0x360
[  392.221875][ T9914]  ? __sys_sendmsg+0x2a0/0x2a0
[  392.226806][ T9914]  __se_sys_sendmsg+0x1c2/0x2b0
[  392.231708][ T9914]  ? __x64_sys_sendmsg+0x80/0x80
[  392.236794][ T9914]  ? lockdep_hardirqs_on+0x98/0x150
[  392.242055][ T9914]  do_syscall_64+0x55/0xa0
[  392.246608][ T9914]  ? clear_bhb_loop+0x40/0x90
[  392.251365][ T9914]  ? clear_bhb_loop+0x40/0x90
[  392.256091][ T9914]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  392.262033][ T9914] RIP: 0033:0x7fec1019c819
[  392.266493][ T9914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  392.286136][ T9914] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  392.294686][ T9914] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  392.302801][ T9914] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  392.310891][ T9914] RBP: 00007fec10232c91 R08: 0000000000000000 R09: 0000000000000000
[  392.319162][ T9914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.327179][ T9914] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  392.335346][ T9914]  </TASK>
[  392.789924][ T9940] netlink: 'syz.0.1487': attribute type 8 has an invalid length.
[  393.430792][ T9954] netlink: 'syz.1.1491': attribute type 21 has an invalid length.
[  393.572531][ T9959] netlink: 'syz.0.1492': attribute type 4 has an invalid length.
[  394.166047][ T9962] __nla_validate_parse: 10 callbacks suppressed
[  394.166088][ T9962] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1494'.
[  394.246122][ T9962] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  394.256467][ T9962] CPU: 1 PID: 9962 Comm: syz.2.1494 Not tainted syzkaller #0
[  394.263909][ T9962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  394.274221][ T9962] Call Trace:
[  394.277947][ T9962]  <TASK>
[  394.280931][ T9962]  dump_stack_lvl+0x18c/0x250
[  394.285670][ T9962]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  394.291955][ T9962]  ? show_regs_print_info+0x20/0x20
[  394.297283][ T9962]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  394.303496][ T9962]  sysfs_warn_dup+0x8e/0xa0
[  394.308030][ T9962]  sysfs_do_create_link_sd+0xc0/0x110
[  394.313442][ T9962]  device_add_class_symlinks+0x1cf/0x240
[  394.319146][ T9962]  device_add+0x507/0xc20
[  394.323516][ T9962]  wiphy_register+0x1dad/0x2ae0
[  394.328638][ T9962]  ? cfg80211_event_work+0x40/0x40
[  394.333810][ T9962]  ? minstrel_ht_alloc+0x88a/0x990
[  394.338990][ T9962]  ? ieee80211_init_rate_ctrl_alg+0x562/0x5e0
[  394.345549][ T9962]  ieee80211_register_hw+0x3464/0x4250
[  394.351069][ T9962]  ? ieee80211_tasklet_handler+0x20/0x20
[  394.356815][ T9962]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  394.362753][ T9962]  ? __debug_object_init+0xec/0x450
[  394.368012][ T9962]  ? __asan_memset+0x22/0x40
[  394.372644][ T9962]  ? __hrtimer_init+0x186/0x270
[  394.377617][ T9962]  mac80211_hwsim_new_radio+0x2a00/0x4d10
[  394.383393][ T9962]  ? mac80211_hwsim_free+0x220/0x220
[  394.388705][ T9962]  ? rcu_is_watching+0x15/0xb0
[  394.393517][ T9962]  ? kstrndup+0xbd/0x140
[  394.398066][ T9962]  hwsim_new_radio_nl+0xdc9/0x1a90
[  394.403335][ T9962]  ? __nla_validate+0x50/0x50
[  394.408074][ T9962]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  394.414477][ T9962]  ? __nla_parse+0x40/0x50
[  394.418934][ T9962]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x290
[  394.425315][ T9962]  genl_family_rcv_msg_doit+0x211/0x310
[  394.430906][ T9962]  ? end_current_label_crit_section+0x170/0x170
[  394.437190][ T9962]  ? genl_family_rcv_msg_dumpit+0x310/0x310
[  394.443243][ T9962]  ? bpf_lsm_capable+0x9/0x10
[  394.447972][ T9962]  ? security_capable+0x89/0xb0
[  394.452887][ T9962]  genl_rcv_msg+0x619/0x7a0
[  394.457446][ T9962]  ? genl_bind+0x360/0x360
[  394.461894][ T9962]  ? hwsim_tx_info_frame_received_nl+0xd60/0xd60
[  394.468305][ T9962]  netlink_rcv_skb+0x241/0x4d0
[  394.473170][ T9962]  ? genl_bind+0x360/0x360
[  394.477635][ T9962]  ? netlink_ack+0x1180/0x1180
[  394.482555][ T9962]  ? __lock_acquire+0x7d40/0x7d40
[  394.487647][ T9962]  ? down_read+0x1ac/0x2e0
[  394.492139][ T9962]  genl_rcv+0x28/0x40
[  394.496155][ T9962]  netlink_unicast+0x751/0x8d0
[  394.500995][ T9962]  netlink_sendmsg+0x8d0/0xbf0
[  394.505817][ T9962]  ? lockdep_hardirqs_on+0x98/0x150
[  394.511160][ T9962]  ? netlink_getsockopt+0x590/0x590
[  394.516412][ T9962]  ? aa_sock_msg_perm+0x94/0x150
[  394.521399][ T9962]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  394.526729][ T9962]  ? security_socket_sendmsg+0x80/0xa0
[  394.532312][ T9962]  ? netlink_getsockopt+0x590/0x590
[  394.537564][ T9962]  ____sys_sendmsg+0x5ba/0x960
[  394.542368][ T9962]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  394.548582][ T9962]  ? __asan_memset+0x22/0x40
[  394.553235][ T9962]  ? __sys_sendmsg_sock+0x30/0x30
[  394.558389][ T9962]  ? __import_iovec+0x5f2/0x850
[  394.563290][ T9962]  ? import_iovec+0x73/0xa0
[  394.567834][ T9962]  ___sys_sendmsg+0x2a6/0x360
[  394.572556][ T9962]  ? __sys_sendmsg+0x2a0/0x2a0
[  394.577404][ T9962]  __se_sys_sendmsg+0x1c2/0x2b0
[  394.582298][ T9962]  ? __x64_sys_sendmsg+0x80/0x80
[  394.587317][ T9962]  ? syscall_enter_from_user_mode+0x2e/0x80
[  394.593275][ T9962]  do_syscall_64+0x55/0xa0
[  394.597814][ T9962]  ? clear_bhb_loop+0x40/0x90
[  394.602527][ T9962]  ? clear_bhb_loop+0x40/0x90
[  394.607251][ T9962]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  394.613194][ T9962] RIP: 0033:0x7f275a59c819
[  394.617748][ T9962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  394.637396][ T9962] RSP: 002b:00007f275b465028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  394.645854][ T9962] RAX: ffffffffffffffda RBX: 00007f275a816090 RCX: 00007f275a59c819
[  394.653975][ T9962] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  394.661999][ T9962] RBP: 00007f275a632c91 R08: 0000000000000000 R09: 0000000000000000
[  394.670009][ T9962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  394.678024][ T9962] R13: 00007f275a816128 R14: 00007f275a816090 R15: 00007ffc90f50908
[  394.686100][ T9962]  </TASK>
[  394.991055][ T9970] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1496'.
[  395.077042][ T9974] netlink: 'syz.0.1498': attribute type 8 has an invalid length.
[  395.107623][ T9974] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1498'.
[  395.213374][ T9974] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1498'.
[  396.645419][ T9977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  396.801813][T10001] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1508'.
[  396.909514][T10006] lo: entered allmulticast mode
[  396.936069][T10007] netlink: 'syz.3.1507': attribute type 4 has an invalid length.
[  396.944542][T10007] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1507'.
[  396.955446][T10006] lo: entered promiscuous mode
[  396.961493][T10006] lo: left allmulticast mode
[  398.371552][T10029] netlink: 'syz.0.1520': attribute type 4 has an invalid length.
[  398.391201][T10029] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1520'.
[  398.648141][T10034] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  398.695286][T10039] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1523'.
[  399.132904][T10053] can: request_module (can-proto-5) failed.
[  399.867119][T10058] netlink: 'syz.3.1531': attribute type 4 has an invalid length.
[  399.875100][T10058] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1531'.
[  400.031694][T10063] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1533'.
[  400.097731][T10063] netlink: 'syz.1.1533': attribute type 10 has an invalid length.
[  400.121961][T10063] team0: Device hsr_slave_0 failed to register rx_handler
[  400.212073][T10067] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1534'.
[  400.231650][T10070] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1536'.
[  400.321896][T10070] netlink: 'syz.0.1536': attribute type 10 has an invalid length.
[  400.333308][T10070] team0: Device hsr_slave_0 failed to register rx_handler
[  400.472500][T10079] FAULT_INJECTION: forcing a failure.
[  400.472500][T10079] name failslab, interval 1, probability 0, space 0, times 0
[  400.501299][T10079] CPU: 1 PID: 10079 Comm: syz.2.1540 Not tainted syzkaller #0
[  400.508849][T10079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  400.518951][T10079] Call Trace:
[  400.522268][T10079]  <TASK>
[  400.525230][T10079]  dump_stack_lvl+0x18c/0x250
[  400.529960][T10079]  ? show_regs_print_info+0x20/0x20
[  400.535199][T10079]  ? load_image+0x420/0x420
[  400.539745][T10079]  ? __might_sleep+0xe0/0xe0
[  400.544367][T10079]  ? __lock_acquire+0x7d40/0x7d40
[  400.549438][T10079]  should_fail_ex+0x39d/0x4d0
[  400.554191][T10079]  should_failslab+0x9/0x20
[  400.558825][T10079]  slab_pre_alloc_hook+0x59/0x310
[  400.563899][T10079]  ? tomoyo_encode+0x28b/0x540
[  400.568690][T10079]  ? tomoyo_encode+0x28b/0x540
[  400.573492][T10079]  __kmem_cache_alloc_node+0x53/0x250
[  400.578913][T10079]  ? tomoyo_encode+0x28b/0x540
[  400.583719][T10079]  __kmalloc+0xa4/0x230
[  400.587919][T10079]  tomoyo_encode+0x28b/0x540
[  400.592549][T10079]  tomoyo_realpath_from_path+0x592/0x5d0
[  400.598321][T10079]  tomoyo_path_number_perm+0x248/0x620
[  400.603819][T10079]  ? tomoyo_path_number_perm+0x217/0x620
[  400.609615][T10079]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  400.615112][T10079]  ? ksys_write+0x1c4/0x260
[  400.619769][T10079]  ? __fget_files+0x28/0x4b0
[  400.624564][T10079]  ? __fget_files+0x28/0x4b0
[  400.629209][T10079]  security_file_ioctl+0x70/0xa0
[  400.634175][T10079]  __se_sys_ioctl+0x48/0x170
[  400.638796][T10079]  do_syscall_64+0x55/0xa0
[  400.643258][T10079]  ? clear_bhb_loop+0x40/0x90
[  400.647989][T10079]  ? clear_bhb_loop+0x40/0x90
[  400.652705][T10079]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  400.658644][T10079] RIP: 0033:0x7f275a59c819
[  400.663089][T10079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  400.682845][T10079] RSP: 002b:00007f275b486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  400.691304][T10079] RAX: ffffffffffffffda RBX: 00007f275a815fa0 RCX: 00007f275a59c819
[  400.699305][T10079] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000007
[  400.707405][T10079] RBP: 00007f275b486090 R08: 0000000000000000 R09: 0000000000000000
[  400.715448][T10079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.723447][T10079] R13: 00007f275a816038 R14: 00007f275a815fa0 R15: 00007ffc90f50908
[  400.731550][T10079]  </TASK>
[  400.739296][T10079] ERROR: Out of memory at tomoyo_realpath_from_path.
[  401.490362][T10090] netlink: 'syz.2.1543': attribute type 4 has an invalid length.
[  401.510828][T10090] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1543'.
[  401.599520][T10102] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1547'.
[  401.617094][T10098] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1545'.
[  401.644875][T10102] netlink: 'syz.3.1547': attribute type 10 has an invalid length.
[  401.660731][T10102] team0: Device hsr_slave_0 failed to register rx_handler
[  401.949947][T10108] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1549'.
[  401.990500][T10108] netlink: 'syz.3.1549': attribute type 10 has an invalid length.
[  401.999985][T10108] team0: Device hsr_slave_0 failed to register rx_handler
[  402.110953][T10114] FAULT_INJECTION: forcing a failure.
[  402.110953][T10114] name failslab, interval 1, probability 0, space 0, times 0
[  402.124612][T10114] CPU: 1 PID: 10114 Comm: syz.0.1552 Not tainted syzkaller #0
[  402.132325][T10114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  402.142481][T10114] Call Trace:
[  402.145829][T10114]  <TASK>
[  402.148905][T10114]  dump_stack_lvl+0x18c/0x250
[  402.153674][T10114]  ? show_regs_print_info+0x20/0x20
[  402.159057][T10114]  ? load_image+0x420/0x420
[  402.163645][T10114]  ? __might_sleep+0xe0/0xe0
[  402.168319][T10114]  ? __lock_acquire+0x7d40/0x7d40
[  402.173417][T10114]  ? perf_swevent_event+0x1ca/0x570
[  402.178690][T10114]  ? perf_trace_buf_alloc+0x290/0x290
[  402.184140][T10114]  should_fail_ex+0x39d/0x4d0
[  402.188894][T10114]  should_failslab+0x9/0x20
[  402.193467][T10114]  slab_pre_alloc_hook+0x59/0x310
[  402.198609][T10114]  kmem_cache_alloc_node+0x60/0x320
[  402.203890][T10114]  ? __alloc_skb+0x103/0x2c0
[  402.208553][T10114]  __alloc_skb+0x103/0x2c0
[  402.213051][T10114]  alloc_skb_with_frags+0xca/0x7b0
[  402.218267][T10114]  sock_alloc_send_pskb+0x883/0x9a0
[  402.223598][T10114]  ? sock_kzfree_s+0x50/0x50
[  402.228295][T10114]  ? perf_trace_lock+0x304/0x3b0
[  402.233308][T10114]  __ip6_append_data+0x29f3/0x3c50
[  402.238544][T10114]  ? ip6_mtu+0x7d/0x3f0
[  402.242867][T10114]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  402.247794][T10114]  ? ip6_mtu+0x7d/0x3f0
[  402.252037][T10114]  ? ip6_setup_cork+0xfe0/0xfe0
[  402.256965][T10114]  ? ip6_setup_cork+0xa2f/0xfe0
[  402.262071][T10114]  ip6_make_skb+0x39c/0x520
[  402.266666][T10114]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  402.271588][T10114]  ? __ip6_flush_pending_frames+0x3a0/0x3a0
[  402.277584][T10114]  ? udpv6_sendmsg+0x1664/0x2390
[  402.282595][T10114]  udpv6_sendmsg+0x1c0e/0x2390
[  402.287443][T10114]  ? ip_skb_dst_mtu+0x9c0/0x9c0
[  402.292373][T10114]  ? udp_v6_early_demux+0xf80/0xf80
[  402.297653][T10114]  ? lock_chain_count+0x20/0x20
[  402.302592][T10114]  ? _local_bh_enable+0xa0/0xa0
[  402.307515][T10114]  ? inet_send_prepare+0x1b3/0x260
[  402.312823][T10114]  ? inet_send_prepare+0x1b3/0x260
[  402.318014][T10114]  ? inet6_sendmsg+0x5f/0xd0
[  402.322660][T10114]  ? inet6_compat_ioctl+0x3c0/0x3c0
[  402.327930][T10114]  ____sys_sendmsg+0x5ba/0x960
[  402.332760][T10114]  ? __lock_acquire+0x7d40/0x7d40
[  402.337943][T10114]  ? __asan_memset+0x22/0x40
[  402.342605][T10114]  ? __sys_sendmsg_sock+0x30/0x30
[  402.347682][T10114]  ? __import_iovec+0x3fa/0x850
[  402.352604][T10114]  ? import_iovec+0x73/0xa0
[  402.357197][T10114]  ___sys_sendmsg+0x2a6/0x360
[  402.361946][T10114]  ? __sys_sendmsg+0x2a0/0x2a0
[  402.366814][T10114]  ? __lock_acquire+0x7d40/0x7d40
[  402.371972][T10114]  __se_sys_sendmsg+0x1c2/0x2b0
[  402.376984][T10114]  ? __x64_sys_sendmsg+0x80/0x80
[  402.382662][T10114]  ? lockdep_hardirqs_on+0x98/0x150
[  402.387950][T10114]  do_syscall_64+0x55/0xa0
[  402.392461][T10114]  ? clear_bhb_loop+0x40/0x90
[  402.397207][T10114]  ? clear_bhb_loop+0x40/0x90
[  402.402052][T10114]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  402.408100][T10114] RIP: 0033:0x7fbf0459c819
[  402.412577][T10114] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  402.432521][T10114] RSP: 002b:00007fbf053cc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  402.441013][T10114] RAX: ffffffffffffffda RBX: 00007fbf04815fa0 RCX: 00007fbf0459c819
[  402.449064][T10114] RDX: 0000000060040000 RSI: 00002000000002c0 RDI: 0000000000000009
[  402.457102][T10114] RBP: 00007fbf053cc090 R08: 0000000000000000 R09: 0000000000000000
[  402.465154][T10114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.473202][T10114] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  402.481317][T10114]  </TASK>
[  403.029290][T10129] netlink: 'syz.2.1559': attribute type 8 has an invalid length.
[  403.042318][T10129] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1559'.
[  403.058812][T10131] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1558'.
[  403.077694][T10130] netlink: 'syz.0.1556': attribute type 4 has an invalid length.
[  403.097068][T10131] netlink: 'syz.1.1558': attribute type 10 has an invalid length.
[  403.105923][T10131] team0: Device hsr_slave_0 failed to register rx_handler
[  403.672246][T10146] netlink: 'syz.2.1565': attribute type 4 has an invalid length.
[  403.732487][T10148] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  404.684115][T10158] netlink: 'syz.3.1569': attribute type 10 has an invalid length.
[  404.705737][T10158] team0: Device hsr_slave_0 failed to register rx_handler
[  405.090859][T10174] FAULT_INJECTION: forcing a failure.
[  405.090859][T10174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.122627][T10174] CPU: 1 PID: 10174 Comm: syz.1.1578 Not tainted syzkaller #0
[  405.130175][T10174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  405.140302][T10174] Call Trace:
[  405.143626][T10174]  <TASK>
[  405.146598][T10174]  dump_stack_lvl+0x18c/0x250
[  405.151340][T10174]  ? show_regs_print_info+0x20/0x20
[  405.156593][T10174]  ? load_image+0x420/0x420
[  405.161155][T10174]  ? __might_fault+0xaa/0x120
[  405.165888][T10174]  ? __lock_acquire+0x7d40/0x7d40
[  405.171002][T10174]  should_fail_ex+0x39d/0x4d0
[  405.175754][T10174]  _copy_to_user+0x2f/0xa0
[  405.180212][T10174]  bpf_verifier_vlog+0x50f/0x870
[  405.185208][T10174]  __btf_verifier_log+0xe3/0x140
[  405.190236][T10174]  ? btf_check_sec_info+0x350/0x350
[  405.195659][T10174]  btf_verifier_log_vsi+0x20a/0x3e0
[  405.200904][T10174]  ? sort_r+0x17d0/0x17f0
[  405.205269][T10174]  ? btf_datasec_show+0x960/0x960
[  405.210373][T10174]  btf_datasec_check_meta+0x994/0xb50
[  405.215827][T10174]  btf_check_all_metas+0x373/0xb00
[  405.221190][T10174]  ? sort_r+0x17f0/0x17f0
[  405.225562][T10174]  btf_parse_type_sec+0xf9/0x1930
[  405.230634][T10174]  ? btf_check_sec_info+0x29f/0x350
[  405.235872][T10174]  ? btf_verifier_log+0x1a0/0x1a0
[  405.240933][T10174]  ? btf_parse_str_sec+0x20d/0x2a0
[  405.246162][T10174]  btf_new_fd+0x440/0x9f0
[  405.250529][T10174]  ? bpf_btf_show_fdinfo+0x80/0x80
[  405.255759][T10174]  ? capable+0x88/0xe0
[  405.259931][T10174]  __sys_bpf+0x670/0x890
[  405.264207][T10174]  ? bpf_link_show_fdinfo+0x390/0x390
[  405.269625][T10174]  ? lock_chain_count+0x20/0x20
[  405.274513][T10174]  __x64_sys_bpf+0x7c/0x90
[  405.278957][T10174]  do_syscall_64+0x55/0xa0
[  405.283490][T10174]  ? clear_bhb_loop+0x40/0x90
[  405.288282][T10174]  ? clear_bhb_loop+0x40/0x90
[  405.293078][T10174]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  405.299399][T10174] RIP: 0033:0x7fec1019c819
[  405.303845][T10174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  405.323656][T10174] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.332191][T10174] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  405.340193][T10174] RDX: 0000000000000028 RSI: 0000200000000600 RDI: 0000000000000012
[  405.348274][T10174] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  405.356277][T10174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  405.364404][T10174] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  405.372439][T10174]  </TASK>
[  406.014224][T10189] __nla_validate_parse: 10 callbacks suppressed
[  406.014243][T10189] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1583'.
[  406.046455][T10189] validate_nla: 2 callbacks suppressed
[  406.046477][T10189] netlink: 'syz.2.1583': attribute type 10 has an invalid length.
[  406.076490][T10189] team0: Device hsr_slave_0 failed to register rx_handler
[  406.416112][T10201] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1588'.
[  406.900680][T10215] netlink: 'syz.0.1593': attribute type 10 has an invalid length.
[  407.564390][T10221] FAULT_INJECTION: forcing a failure.
[  407.564390][T10221] name failslab, interval 1, probability 0, space 0, times 0
[  407.592037][T10221] CPU: 0 PID: 10221 Comm: syz.1.1596 Not tainted syzkaller #0
[  407.599761][T10221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  407.609871][T10221] Call Trace:
[  407.613178][T10221]  <TASK>
[  407.616131][T10221]  dump_stack_lvl+0x18c/0x250
[  407.620872][T10221]  ? show_regs_print_info+0x20/0x20
[  407.626172][T10221]  ? load_image+0x420/0x420
[  407.630748][T10221]  ? verify_lock_unused+0x140/0x140
[  407.636217][T10221]  ? perf_trace_lock+0xfc/0x3b0
[  407.641150][T10221]  should_fail_ex+0x39d/0x4d0
[  407.645899][T10221]  should_failslab+0x9/0x20
[  407.650556][T10221]  slab_pre_alloc_hook+0x59/0x310
[  407.655652][T10221]  kmem_cache_alloc+0x5a/0x2d0
[  407.660487][T10221]  ? skb_clone+0x1eb/0x370
[  407.665008][T10221]  skb_clone+0x1eb/0x370
[  407.669490][T10221]  __netlink_deliver_tap+0x41c/0x830
[  407.675139][T10221]  ? netlink_deliver_tap+0x2e/0x1b0
[  407.680416][T10221]  netlink_deliver_tap+0x19c/0x1b0
[  407.685608][T10221]  netlink_sendskb+0x68/0x130
[  407.690360][T10221]  netlink_ack+0xce1/0x1180
[  407.694945][T10221]  ? netlink_dump+0xe50/0xe50
[  407.699699][T10221]  ? perf_trace_lock+0xfc/0x3b0
[  407.704619][T10221]  netlink_rcv_skb+0x2c5/0x4d0
[  407.709434][T10221]  ? rtnetlink_bind+0x80/0x80
[  407.714157][T10221]  ? netlink_ack+0x1180/0x1180
[  407.718978][T10221]  ? __lock_acquire+0x7d40/0x7d40
[  407.724040][T10221]  ? netlink_deliver_tap+0x2e/0x1b0
[  407.729289][T10221]  netlink_unicast+0x751/0x8d0
[  407.734109][T10221]  netlink_sendmsg+0x8d0/0xbf0
[  407.738929][T10221]  ? netlink_getsockopt+0x590/0x590
[  407.744267][T10221]  ? aa_sock_msg_perm+0x94/0x150
[  407.749345][T10221]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  407.754695][T10221]  ? security_socket_sendmsg+0x80/0xa0
[  407.760187][T10221]  ? netlink_getsockopt+0x590/0x590
[  407.765614][T10221]  ____sys_sendmsg+0x5ba/0x960
[  407.770519][T10221]  ? __asan_memset+0x22/0x40
[  407.775162][T10221]  ? __sys_sendmsg_sock+0x30/0x30
[  407.780310][T10221]  ? __import_iovec+0x5f2/0x850
[  407.785207][T10221]  ? import_iovec+0x73/0xa0
[  407.789756][T10221]  ___sys_sendmsg+0x2a6/0x360
[  407.794500][T10221]  ? __sys_sendmsg+0x2a0/0x2a0
[  407.799373][T10221]  ? __lock_acquire+0x7d40/0x7d40
[  407.804472][T10221]  __se_sys_sendmsg+0x1c2/0x2b0
[  407.809370][T10221]  ? __x64_sys_sendmsg+0x80/0x80
[  407.814455][T10221]  ? lockdep_hardirqs_on+0x98/0x150
[  407.819703][T10221]  do_syscall_64+0x55/0xa0
[  407.824358][T10221]  ? clear_bhb_loop+0x40/0x90
[  407.829079][T10221]  ? clear_bhb_loop+0x40/0x90
[  407.833804][T10221]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  407.839826][T10221] RIP: 0033:0x7fec1019c819
[  407.844324][T10221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  407.864064][T10221] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.872545][T10221] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  407.880650][T10221] RDX: 0000000004004004 RSI: 0000200000000040 RDI: 0000000000000003
[  407.888649][T10221] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  407.896647][T10221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.904649][T10221] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  407.912778][T10221]  </TASK>
[  408.141358][T10231] netlink: 'syz.1.1597': attribute type 29 has an invalid length.
[  408.156822][T10231] netlink: 'syz.1.1597': attribute type 3 has an invalid length.
[  408.171049][T10231] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1597'.
[  408.185345][T10231] netlink: 'syz.1.1597': attribute type 13 has an invalid length.
[  408.195087][T10231] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1597'.
[  408.215944][T10232] netlink: 'syz.0.1600': attribute type 8 has an invalid length.
[  408.244979][T10232] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1600'.
[  408.312317][T10232] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1600'.
[  409.990017][T10263] netlink: 'syz.3.1612': attribute type 8 has an invalid length.
[  409.998022][T10263] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1612'.
[  410.069186][T10265] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1613'.
[  410.104660][T10265] netlink: 'syz.2.1613': attribute type 10 has an invalid length.
[  410.130146][T10265] team0: Device hsr_slave_0 failed to register rx_handler
[  410.156337][T10263] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1612'.
[  411.182496][T10300] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1625'.
[  411.262908][T10300] netlink: 'syz.2.1625': attribute type 10 has an invalid length.
[  411.280649][T10300] team0: Device hsr_slave_0 failed to register rx_handler
[  411.790077][T10313] netlink: 'syz.1.1631': attribute type 8 has an invalid length.
[  411.809083][T10313] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1631'.
[  411.880618][T10313] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1631'.
[  411.996440][T10319] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1633'.
[  412.165568][T10325] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1636'.
[  412.186032][T10325] netlink: 'syz.3.1636': attribute type 10 has an invalid length.
[  412.195038][T10325] team0: Device hsr_slave_0 failed to register rx_handler
[  412.264172][T10323] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1635'.
[  412.985075][T10347] netlink: 'syz.3.1646': attribute type 8 has an invalid length.
[  412.993119][T10347] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1646'.
[  413.072261][T10348] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1646'.
[  413.224451][T10350] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1647'.
[  413.258842][T10352] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1648'.
[  413.328308][T10352] netlink: 'syz.2.1648': attribute type 10 has an invalid length.
[  413.348755][T10352] team0: Device hsr_slave_0 failed to register rx_handler
[  413.443681][T10356] netlink: 'syz.1.1650': attribute type 4 has an invalid length.
[  414.107348][T10381] netlink: 'syz.3.1658': attribute type 8 has an invalid length.
[  414.655065][T10389] netlink: 'syz.2.1662': attribute type 10 has an invalid length.
[  414.664022][T10389] team0: Device hsr_slave_0 failed to register rx_handler
[  414.702916][T10391] netlink: 'syz.3.1663': attribute type 4 has an invalid length.
[  415.096096][T10393] 
€Â0: renamed from batadv_slave_1 (while UP)
[  416.913986][T10425] netlink: 'syz.2.1674': attribute type 4 has an invalid length.
[  416.927266][T10425] __nla_validate_parse: 7 callbacks suppressed
[  416.927288][T10425] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1674'.
[  417.262082][T10438] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1678'.
[  417.346508][T10438] netlink: 'syz.0.1678': attribute type 10 has an invalid length.
[  417.378629][T10438] team0: Device hsr_slave_0 failed to register rx_handler
[  417.489601][T10440] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1680'.
[  417.749590][T10445] FAULT_INJECTION: forcing a failure.
[  417.749590][T10445] name failslab, interval 1, probability 0, space 0, times 0
[  417.808011][T10445] CPU: 0 PID: 10445 Comm: syz.1.1681 Not tainted syzkaller #0
[  417.815621][T10445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  417.825772][T10445] Call Trace:
[  417.829122][T10445]  <TASK>
[  417.832122][T10445]  dump_stack_lvl+0x18c/0x250
[  417.836909][T10445]  ? sctp_sendmsg+0x1575/0x28c0
[  417.841847][T10445]  ? ___sys_sendmsg+0x2a6/0x360
[  417.846879][T10445]  ? show_regs_print_info+0x20/0x20
[  417.852186][T10445]  ? load_image+0x420/0x420
[  417.856851][T10445]  should_fail_ex+0x39d/0x4d0
[  417.861649][T10445]  should_failslab+0x9/0x20
[  417.866251][T10445]  slab_pre_alloc_hook+0x59/0x310
[  417.871488][T10445]  ? sctp_add_bind_addr+0x8c/0x360
[  417.876694][T10445]  __kmem_cache_alloc_node+0x53/0x250
[  417.882197][T10445]  ? sctp_add_bind_addr+0x8c/0x360
[  417.887406][T10445]  kmalloc_trace+0x2a/0xe0
[  417.891946][T10445]  sctp_add_bind_addr+0x8c/0x360
[  417.896987][T10445]  sctp_copy_local_addr_list+0x315/0x4f0
[  417.902730][T10445]  ? sctp_copy_local_addr_list+0xa5/0x4f0
[  417.908637][T10445]  ? sctp_do_8_2_transport_strike+0x8a0/0x8a0
[  417.914899][T10445]  ? sctp_v6_is_any+0x64/0x70
[  417.919679][T10445]  ? sctp_copy_one_addr+0x8c/0x350
[  417.924910][T10445]  sctp_bind_addr_copy+0xb3/0x3c0
[  417.930213][T10445]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  417.936654][T10445]  sctp_connect_new_asoc+0x2f9/0x6a0
[  417.942049][T10445]  ? __sctp_connect+0xd80/0xd80
[  417.946995][T10445]  ? __local_bh_enable_ip+0x13a/0x1c0
[  417.952484][T10445]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  417.958150][T10445]  ? security_sctp_bind_connect+0x89/0xb0
[  417.963988][T10445]  sctp_sendmsg+0x1575/0x28c0
[  417.968819][T10445]  ? sctp_getsockopt+0xb60/0xb60
[  417.973861][T10445]  ? aa_sk_perm+0x83c/0x970
[  417.978507][T10445]  ? aa_af_perm+0x330/0x330
[  417.983102][T10445]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  417.989892][T10445]  ? sock_rps_record_flow+0x19/0x3f0
[  417.995281][T10445]  ? inet_sendmsg+0xe9/0x2f0
[  418.000059][T10445]  ? inet_send_prepare+0x260/0x260
[  418.005532][T10445]  ____sys_sendmsg+0x5ba/0x960
[  418.010389][T10445]  ? __lock_acquire+0x7d40/0x7d40
[  418.015528][T10445]  ? __asan_memset+0x22/0x40
[  418.020217][T10445]  ? __sys_sendmsg_sock+0x30/0x30
[  418.025312][T10445]  ? __import_iovec+0x5f2/0x850
[  418.030372][T10445]  ? import_iovec+0x73/0xa0
[  418.034972][T10445]  ___sys_sendmsg+0x2a6/0x360
[  418.039771][T10445]  ? __sys_sendmsg+0x2a0/0x2a0
[  418.044749][T10445]  ? trace_call_bpf+0xc3/0x6c0
[  418.049799][T10445]  __se_sys_sendmsg+0x1c2/0x2b0
[  418.054758][T10445]  ? __x64_sys_sendmsg+0x80/0x80
[  418.059841][T10445]  ? lockdep_hardirqs_on+0x98/0x150
[  418.065140][T10445]  do_syscall_64+0x55/0xa0
[  418.069628][T10445]  ? clear_bhb_loop+0x40/0x90
[  418.074393][T10445]  ? clear_bhb_loop+0x40/0x90
[  418.079158][T10445]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  418.085141][T10445] RIP: 0033:0x7fec1019c819
[  418.089636][T10445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  418.109337][T10445] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  418.117940][T10445] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  418.126115][T10445] RDX: 0000000000000851 RSI: 0000200000000000 RDI: 0000000000000003
[  418.134175][T10445] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  418.142222][T10445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  418.150281][T10445] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  418.158400][T10445]  </TASK>
[  418.509364][T10457] netlink: 'syz.0.1685': attribute type 8 has an invalid length.
[  418.529846][T10457] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1685'.
[  418.556570][T10455] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1684'.
[  418.659590][T10460] netlink: 'syz.3.1686': attribute type 8 has an invalid length.
[  418.688779][T10460] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1686'.
[  418.705994][T10457] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1685'.
[  418.815362][T10460] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1686'.
[  418.920583][T10463] netlink: 'syz.1.1688': attribute type 4 has an invalid length.
[  418.949087][T10463] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1688'.
[  418.983400][T10464] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1687'.
[  419.062783][T10469] netlink: 'syz.2.1687': attribute type 10 has an invalid length.
[  419.091645][T10469] team0: Device hsr_slave_0 failed to register rx_handler
[  419.428427][T10475] netlink: 'syz.1.1691': attribute type 10 has an invalid length.
[  419.455822][T10475] team0: Device hsr_slave_0 failed to register rx_handler
[  420.384796][T10494] netlink: 'syz.2.1697': attribute type 8 has an invalid length.
[  421.129302][T10501] netlink: 'syz.1.1700': attribute type 4 has an invalid length.
[  421.459177][T10505] netlink: 'syz.1.1703': attribute type 8 has an invalid length.
[  422.501888][T10520] FAULT_INJECTION: forcing a failure.
[  422.501888][T10520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.539124][T10520] CPU: 0 PID: 10520 Comm: syz.1.1709 Not tainted syzkaller #0
[  422.546673][T10520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  422.554023][T10522] FAULT_INJECTION: forcing a failure.
[  422.554023][T10522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.556759][T10520] Call Trace:
[  422.556771][T10520]  <TASK>
[  422.576186][T10520]  dump_stack_lvl+0x18c/0x250
[  422.580949][T10520]  ? show_regs_print_info+0x20/0x20
[  422.586218][T10520]  ? load_image+0x420/0x420
[  422.590862][T10520]  ? __might_fault+0xaa/0x120
[  422.595680][T10520]  ? __lock_acquire+0x7d40/0x7d40
[  422.600763][T10520]  should_fail_ex+0x39d/0x4d0
[  422.605601][T10520]  _copy_to_user+0x2f/0xa0
[  422.610065][T10520]  bpf_verifier_vlog+0x5db/0x870
[  422.615070][T10520]  __btf_verifier_log+0xe3/0x140
[  422.620075][T10520]  ? btf_check_sec_info+0x350/0x350
[  422.625338][T10520]  ? __lock_acquire+0x7d40/0x7d40
[  422.630446][T10520]  ? btf_parse_hdr+0x1f5/0x710
[  422.635265][T10520]  btf_parse_hdr+0x3b6/0x710
[  422.639924][T10520]  btf_new_fd+0x397/0x9f0
[  422.644309][T10520]  ? bpf_btf_show_fdinfo+0x80/0x80
[  422.649486][T10520]  ? capable+0x88/0xe0
[  422.653615][T10520]  __sys_bpf+0x670/0x890
[  422.657905][T10520]  ? bpf_link_show_fdinfo+0x390/0x390
[  422.663346][T10520]  ? lock_chain_count+0x20/0x20
[  422.668349][T10520]  __x64_sys_bpf+0x7c/0x90
[  422.672822][T10520]  do_syscall_64+0x55/0xa0
[  422.677281][T10520]  ? clear_bhb_loop+0x40/0x90
[  422.682012][T10520]  ? clear_bhb_loop+0x40/0x90
[  422.686772][T10520]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  422.692711][T10520] RIP: 0033:0x7fec1019c819
[  422.697171][T10520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  422.716914][T10520] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  422.725391][T10520] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  422.733431][T10520] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000012
[  422.741464][T10520] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  422.749520][T10520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  422.757621][T10520] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  422.765654][T10520]  </TASK>
[  422.768734][T10522] CPU: 1 PID: 10522 Comm: syz.3.1710 Not tainted syzkaller #0
[  422.776250][T10522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  422.786366][T10522] Call Trace:
[  422.789702][T10522]  <TASK>
[  422.792682][T10522]  dump_stack_lvl+0x18c/0x250
[  422.797430][T10522]  ? show_regs_print_info+0x20/0x20
[  422.802705][T10522]  ? load_image+0x420/0x420
[  422.807267][T10522]  ? __might_fault+0xaa/0x120
[  422.812005][T10522]  ? __lock_acquire+0x7d40/0x7d40
[  422.817089][T10522]  should_fail_ex+0x39d/0x4d0
[  422.822177][T10522]  _copy_from_iter+0x1d9/0x12e0
[  422.827088][T10522]  ? __might_fault+0xaa/0x120
[  422.831922][T10522]  ? _copy_from_iter+0x24e/0x12e0
[  422.837099][T10522]  ? __virt_addr_valid+0x18c/0x540
[  422.842267][T10522]  ? __lock_acquire+0x7d40/0x7d40
[  422.847450][T10522]  ? copyout_mc+0x70/0x70
[  422.851851][T10522]  ? copyout_mc+0x70/0x70
[  422.856248][T10522]  ? __virt_addr_valid+0x18c/0x540
[  422.861433][T10522]  ? page_copy_sane+0x16a/0x270
[  422.866347][T10522]  copy_page_from_iter+0x7b/0x100
[  422.871533][T10522]  skb_copy_datagram_from_iter+0x2e4/0x6e0
[  422.877418][T10522]  tun_get_user+0x15db/0x3ca0
[  422.882164][T10522]  ? aa_file_perm+0x11b/0xee0
[  422.883897][T10525] netlink: 'syz.0.1711': attribute type 8 has an invalid length.
[  422.886884][T10522]  ? rcu_read_unlock+0xa0/0xa0
[  422.899589][T10522]  ? tun_get+0x1c/0x2e0
[  422.903801][T10522]  ? __lock_acquire+0x7d40/0x7d40
[  422.908879][T10522]  ? tun_get+0x1c/0x2e0
[  422.913260][T10522]  tun_chr_write_iter+0x119/0x200
[  422.918436][T10522]  vfs_write+0x46c/0x990
[  422.919345][T10525] __nla_validate_parse: 9 callbacks suppressed
[  422.919380][T10525] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1711'.
[  422.922733][T10522]  ? file_end_write+0x250/0x250
[  422.942928][T10522]  ? __fget_files+0x43d/0x4b0
[  422.947686][T10522]  ? __fdget_pos+0x1d8/0x330
[  422.952357][T10522]  ? ksys_write+0x75/0x260
[  422.956858][T10522]  ksys_write+0x150/0x260
[  422.961408][T10522]  ? __ia32_sys_read+0x90/0x90
[  422.966242][T10522]  ? lockdep_hardirqs_on+0x98/0x150
[  422.971694][T10522]  do_syscall_64+0x55/0xa0
[  422.976171][T10522]  ? clear_bhb_loop+0x40/0x90
[  422.981007][T10522]  ? clear_bhb_loop+0x40/0x90
[  422.985842][T10522]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  422.991799][T10522] RIP: 0033:0x7fb6a739c819
[  422.996281][T10522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  423.016033][T10522] RSP: 002b:00007fb6a8338028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  423.024615][T10522] RAX: ffffffffffffffda RBX: 00007fb6a7615fa0 RCX: 00007fb6a739c819
[  423.032730][T10522] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 00000000000000c8
[  423.040984][T10522] RBP: 00007fb6a8338090 R08: 0000000000000000 R09: 0000000000000000
[  423.049000][T10522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  423.057027][T10522] R13: 00007fb6a7616038 R14: 00007fb6a7615fa0 R15: 00007fffd0529de8
[  423.065061][T10522]  </TASK>
[  423.105253][T10525] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1711'.
[  423.144357][T10524] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1708'.
[  423.267029][T10529] netlink: 'syz.1.1712': attribute type 4 has an invalid length.
[  423.280750][T10529] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1712'.
[  424.908120][T10548] mac80211_hwsim hwsim8 »»»»»»: renamed from wlan0
[  424.985844][T10553] netlink: 'syz.1.1721': attribute type 8 has an invalid length.
[  425.052065][T10553] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1721'.
[  425.069813][T10555] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1721'.
[  425.407733][T10564] netlink: 'syz.3.1725': attribute type 4 has an invalid length.
[  425.445258][T10564] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1725'.
[  425.621108][T10573] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1729'.
[  425.695641][T10573] netlink: 'syz.0.1729': attribute type 10 has an invalid length.
[  425.722236][T10573] team0: Device hsr_slave_0 failed to register rx_handler
[  426.039833][T10577] delete_channel: no stack
[  426.179636][T10584] netlink: 'syz.3.1733': attribute type 8 has an invalid length.
[  426.187659][T10584] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1733'.
[  426.381793][T10584] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1733'.
[  426.815922][T10601] netlink: 'syz.0.1739': attribute type 4 has an invalid length.
[  426.989325][T10603] netlink: 'syz.1.1741': attribute type 10 has an invalid length.
[  427.005178][T10603] team0: Device hsr_slave_0 failed to register rx_handler
[  427.188197][T10608] netlink: 'syz.0.1744': attribute type 12 has an invalid length.
[  427.261820][T10611] netlink: 'syz.1.1745': attribute type 4 has an invalid length.
[  427.712590][ T5775] Bluetooth: hci1: unexpected event 0x30 length: 15 > 3
[  427.823480][T10633] team0: Device hsr_slave_0 failed to register rx_handler
[  428.020256][T10640] __nla_validate_parse: 9 callbacks suppressed
[  428.020297][T10640] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1758'.
[  428.231133][T10646] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1760'.
[  428.316333][T10649] validate_nla: 3 callbacks suppressed
[  428.316391][T10649] netlink: 'syz.2.1761': attribute type 4 has an invalid length.
[  428.338976][T10649] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1761'.
[  428.482284][T10653] netlink: 'syz.2.1763': attribute type 8 has an invalid length.
[  428.491991][T10653] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1763'.
[  428.588603][T10653] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1763'.
[  428.814122][T10665] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1767'.
[  428.834691][T10665] netlink: 'syz.0.1767': attribute type 10 has an invalid length.
[  428.847315][T10665] team0: Device hsr_slave_0 failed to register rx_handler
[  428.899354][T10663] netlink: 'syz.2.1766': attribute type 2 has an invalid length.
[  428.916781][T10663] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1766'.
[  429.188198][T10673] netlink: 'syz.3.1771': attribute type 4 has an invalid length.
[  429.217618][T10673] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1771'.
[  429.251928][T10674] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1770'.
[  429.592147][T10684] netlink: 'syz.1.1775': attribute type 8 has an invalid length.
[  429.604707][T10684] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1775'.
[  429.937996][T10695] netlink: 'syz.0.1778': attribute type 10 has an invalid length.
[  429.987811][T10695] team0: Device hsr_slave_0 failed to register rx_handler
[  430.479574][T10701] netlink: 'syz.1.1779': attribute type 21 has an invalid length.
[  430.487605][T10701] netlink: 'syz.1.1779': attribute type 1 has an invalid length.
[  430.551489][T10704] netlink: 'syz.1.1779': attribute type 8 has an invalid length.
[  432.558629][T10764] team0: Device hsr_slave_0 failed to register rx_handler
[  433.105443][T10782] __nla_validate_parse: 12 callbacks suppressed
[  433.105462][T10782] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.1810'.
[  433.299992][T10784] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  433.308325][T10784] IPv6: NLM_F_CREATE should be set when creating new route
[  433.316692][T10784] IPv6: NLM_F_CREATE should be set when creating new route
[  433.324494][T10784] IPv6: NLM_F_CREATE should be set when creating new route
[  433.358328][T10786] validate_nla: 12 callbacks suppressed
[  433.358354][T10786] netlink: 'syz.2.1812': attribute type 4 has an invalid length.
[  433.399207][T10786] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1812'.
[  434.139303][T10800] netlink: 'syz.1.1816': attribute type 21 has an invalid length.
[  434.147423][T10800] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1816'.
[  434.266507][T10802] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1817'.
[  434.482003][T10808] netlink: 'syz.2.1820': attribute type 10 has an invalid length.
[  434.510323][T10808] hsr0: left promiscuous mode
[  434.516599][T10808] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  434.533099][T10809] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1820'.
[  434.578107][T10809] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1820'.
[  434.691350][T10813] netlink: 'syz.1.1824': attribute type 4 has an invalid length.
[  434.712074][T10813] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1824'.
[  434.858582][T10819] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.1826'.
[  434.874962][T10819] tc_dump_action: action bad kind
[  434.881527][T10815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  434.902875][ T5775] Bluetooth: hci3: unexpected event 0x06 length: 15 > 3
[  435.003472][T10823] netlink: 'syz.1.1827': attribute type 29 has an invalid length.
[  435.028648][T10823] netlink: 'syz.1.1827': attribute type 29 has an invalid length.
[  435.044400][T10823] netlink: 'syz.1.1827': attribute type 29 has an invalid length.
[  435.901636][T10840] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  435.909584][T10840] IPv6: NLM_F_CREATE should be set when creating new route
[  435.917863][T10840] IPv6: NLM_F_CREATE should be set when creating new route
[  435.925702][T10840] IPv6: NLM_F_CREATE should be set when creating new route
[  436.471524][T10848] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1838'.
[  436.563421][T10852] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1837'.
[  436.612185][T10852] tc_dump_action: action bad kind
[  436.689244][ T5775] Bluetooth: hci0: unexpected event 0x06 length: 15 > 3
[  436.982817][T10867] netlink: 'syz.2.1846': attribute type 10 has an invalid length.
[  437.030077][T10867] team0: Device hsr_slave_0 failed to register rx_handler
[  437.632000][T10885] FAULT_INJECTION: forcing a failure.
[  437.632000][T10885] name failslab, interval 1, probability 0, space 0, times 0
[  437.652763][T10885] CPU: 1 PID: 10885 Comm: syz.1.1853 Not tainted syzkaller #0
[  437.660321][T10885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  437.670523][T10885] Call Trace:
[  437.673851][T10885]  <TASK>
[  437.676947][T10885]  dump_stack_lvl+0x18c/0x250
[  437.681693][T10885]  ? show_regs_print_info+0x20/0x20
[  437.686954][T10885]  ? load_image+0x420/0x420
[  437.691514][T10885]  ? verify_lock_unused+0x140/0x140
[  437.696774][T10885]  should_fail_ex+0x39d/0x4d0
[  437.701518][T10885]  should_failslab+0x9/0x20
[  437.706073][T10885]  slab_pre_alloc_hook+0x59/0x310
[  437.711159][T10885]  kmem_cache_alloc+0x5a/0x2d0
[  437.716336][T10885]  ? skb_clone+0x1eb/0x370
[  437.720856][T10885]  skb_clone+0x1eb/0x370
[  437.725185][T10885]  __netlink_deliver_tap+0x41c/0x830
[  437.730666][T10885]  ? netlink_deliver_tap+0x2e/0x1b0
[  437.735976][T10885]  netlink_deliver_tap+0x19c/0x1b0
[  437.741154][T10885]  netlink_unicast+0x72c/0x8d0
[  437.746080][T10885]  netlink_sendmsg+0x8d0/0xbf0
[  437.751106][T10885]  ? netlink_getsockopt+0x590/0x590
[  437.756457][T10885]  ? aa_sock_msg_perm+0x94/0x150
[  437.761451][T10885]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  437.766878][T10885]  ? security_socket_sendmsg+0x80/0xa0
[  437.772396][T10885]  ? netlink_getsockopt+0x590/0x590
[  437.777658][T10885]  ____sys_sendmsg+0x5ba/0x960
[  437.782519][T10885]  ? __asan_memset+0x22/0x40
[  437.787172][T10885]  ? __sys_sendmsg_sock+0x30/0x30
[  437.792251][T10885]  ? __import_iovec+0x5f2/0x850
[  437.797184][T10885]  ? import_iovec+0x73/0xa0
[  437.801747][T10885]  ___sys_sendmsg+0x2a6/0x360
[  437.806469][T10885]  ? get_pid_task+0x20/0x1e0
[  437.811130][T10885]  ? __sys_sendmsg+0x2a0/0x2a0
[  437.815985][T10885]  ? __lock_acquire+0x7d40/0x7d40
[  437.817135][T10887] FAULT_INJECTION: forcing a failure.
[  437.817135][T10887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.821163][T10885]  __se_sys_sendmsg+0x1c2/0x2b0
[  437.821194][T10885]  ? __x64_sys_sendmsg+0x80/0x80
[  437.821238][T10885]  ? lockdep_hardirqs_on+0x98/0x150
[  437.821267][T10885]  do_syscall_64+0x55/0xa0
[  437.821285][T10885]  ? clear_bhb_loop+0x40/0x90
[  437.821312][T10885]  ? clear_bhb_loop+0x40/0x90
[  437.863879][T10885]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  437.869925][T10885] RIP: 0033:0x7fec1019c819
[  437.874476][T10885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  437.894152][T10885] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  437.902640][T10885] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  437.910690][T10885] RDX: 0000000004000844 RSI: 0000200000000940 RDI: 0000000000000003
[  437.918901][T10885] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  437.926937][T10885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.934965][T10885] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  437.943018][T10885]  </TASK>
[  437.946078][T10887] CPU: 0 PID: 10887 Comm: syz.2.1854 Not tainted syzkaller #0
[  437.953603][T10887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  437.963819][T10887] Call Trace:
[  437.967159][T10887]  <TASK>
[  437.970130][T10887]  dump_stack_lvl+0x18c/0x250
[  437.974959][T10887]  ? show_regs_print_info+0x20/0x20
[  437.980385][T10887]  ? load_image+0x420/0x420
[  437.984949][T10887]  ? __might_fault+0xaa/0x120
[  437.989678][T10887]  ? __lock_acquire+0x7d40/0x7d40
[  437.994740][T10887]  should_fail_ex+0x39d/0x4d0
[  437.999462][T10887]  _copy_from_iter+0x1d9/0x12e0
[  438.004364][T10887]  ? slab_post_alloc_hook+0x8a/0x4b0
[  438.009688][T10887]  ? __virt_addr_valid+0x18c/0x540
[  438.014837][T10887]  ? __lock_acquire+0x7d40/0x7d40
[  438.019892][T10887]  ? rcu_is_watching+0x15/0xb0
[  438.024716][T10887]  ? copyout_mc+0x70/0x70
[  438.029185][T10887]  ? __virt_addr_valid+0x18c/0x540
[  438.034422][T10887]  ? __virt_addr_valid+0x18c/0x540
[  438.039599][T10887]  ? __virt_addr_valid+0x469/0x540
[  438.044744][T10887]  ? __check_object_size+0x506/0xa20
[  438.050064][T10887]  netlink_sendmsg+0x76b/0xbf0
[  438.054877][T10887]  ? netlink_getsockopt+0x590/0x590
[  438.060292][T10887]  ? aa_sock_msg_perm+0x94/0x150
[  438.065356][T10887]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  438.070675][T10887]  ? security_socket_sendmsg+0x80/0xa0
[  438.076172][T10887]  ? netlink_getsockopt+0x590/0x590
[  438.081410][T10887]  ____sys_sendmsg+0x5ba/0x960
[  438.086298][T10887]  ? __asan_memset+0x22/0x40
[  438.090931][T10887]  ? __sys_sendmsg_sock+0x30/0x30
[  438.095985][T10887]  ? __import_iovec+0x5f2/0x850
[  438.100874][T10887]  ? import_iovec+0x73/0xa0
[  438.105427][T10887]  ___sys_sendmsg+0x2a6/0x360
[  438.110142][T10887]  ? get_pid_task+0x20/0x1e0
[  438.114774][T10887]  ? __sys_sendmsg+0x2a0/0x2a0
[  438.119583][T10887]  ? __lock_acquire+0x7d40/0x7d40
[  438.124671][T10887]  __se_sys_sendmsg+0x1c2/0x2b0
[  438.129560][T10887]  ? __x64_sys_sendmsg+0x80/0x80
[  438.134537][T10887]  ? lockdep_hardirqs_on+0x98/0x150
[  438.139780][T10887]  do_syscall_64+0x55/0xa0
[  438.144237][T10887]  ? clear_bhb_loop+0x40/0x90
[  438.148967][T10887]  ? clear_bhb_loop+0x40/0x90
[  438.153677][T10887]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  438.159687][T10887] RIP: 0033:0x7f275a59c819
[  438.164130][T10887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  438.184071][T10887] RSP: 002b:00007f275b486028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.192525][T10887] RAX: ffffffffffffffda RBX: 00007f275a815fa0 RCX: 00007f275a59c819
[  438.200523][T10887] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000003
[  438.208605][T10887] RBP: 00007f275b486090 R08: 0000000000000000 R09: 0000000000000000
[  438.216717][T10887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.224711][T10887] R13: 00007f275a816038 R14: 00007f275a815fa0 R15: 00007ffc90f50908
[  438.232723][T10887]  </TASK>
[  438.319379][T10885] __nla_validate_parse: 2 callbacks suppressed
[  438.319401][T10885] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1853'.
[  438.387416][T10885] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  438.430856][T10892] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.1856'.
[  438.446592][T10892] tc_dump_action: action bad kind
[  438.496412][ T5775] Bluetooth: hci3: unexpected event 0x06 length: 15 > 3
[  438.663950][T10894] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1858'.
[  438.772236][T10899] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1859'.
[  438.821729][T10899] netlink: 'syz.0.1859': attribute type 10 has an invalid length.
[  438.855968][T10899] team0: Device hsr_slave_0 failed to register rx_handler
[  438.996178][T10904] netlink: 'syz.1.1861': attribute type 21 has an invalid length.
[  439.004806][T10904] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1861'.
[  439.540639][T10920] netlink: 'syz.0.1866': attribute type 2 has an invalid length.
[  439.782685][T10923] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.1868'.
[  439.803027][T10923] tc_dump_action: action bad kind
[  440.044832][T10930] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1871'.
[  440.167532][T10935] netlink: 'syz.1.1874': attribute type 21 has an invalid length.
[  440.189482][T10935] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1874'.
[  440.291752][T10938] netlink: 'syz.2.1875': attribute type 4 has an invalid length.
[  440.314761][T10938] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1875'.
[  440.612625][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  440.620016][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  440.674211][T10952] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1882'.
[  440.683872][T10952] tc_dump_action: action bad kind
[  441.003582][T10963] netlink: 'syz.0.1887': attribute type 10 has an invalid length.
[  441.025696][T10963] team0: Device hsr_slave_0 failed to register rx_handler
[  441.097237][T10965] netlink: 'syz.1.1888': attribute type 8 has an invalid length.
[  441.400951][T10980] tc_dump_action: action bad kind
[  441.611507][T10989] netlink: 'syz.0.1898': attribute type 39 has an invalid length.
[  441.896836][T11000] netlink: 'syz.0.1903': attribute type 8 has an invalid length.
[  442.207307][T11011] tc_dump_action: action bad kind
[  442.239884][ T5775] Bluetooth: hci0: unexpected event 0x06 length: 15 > 3
[  442.435433][T11015] netlink: 'syz.1.1909': attribute type 39 has an invalid length.
[  443.287160][T11034] FAULT_INJECTION: forcing a failure.
[  443.287160][T11034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.304699][T11034] CPU: 0 PID: 11034 Comm: syz.1.1917 Not tainted syzkaller #0
[  443.312330][T11034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  443.322436][T11034] Call Trace:
[  443.325760][T11034]  <TASK>
[  443.328739][T11034]  dump_stack_lvl+0x18c/0x250
[  443.333479][T11034]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  443.339702][T11034]  ? show_regs_print_info+0x20/0x20
[  443.344964][T11034]  ? load_image+0x420/0x420
[  443.349565][T11034]  should_fail_ex+0x39d/0x4d0
[  443.354323][T11034]  _copy_to_user+0x2f/0xa0
[  443.358795][T11034]  put_user_ifreq+0x78/0xb0
[  443.363364][T11034]  sock_do_ioctl+0x268/0x310
[  443.368108][T11034]  ? sock_show_fdinfo+0xb0/0xb0
[  443.373198][T11034]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  443.379352][T11034]  ? lock_chain_count+0x20/0x20
[  443.384349][T11034]  sock_ioctl+0x5ba/0x7e0
[  443.388742][T11034]  ? sock_poll+0x3e0/0x3e0
[  443.393215][T11034]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  443.399449][T11034]  ? sock_poll+0x3e0/0x3e0
[  443.403955][T11034]  ? sock_poll+0x3e0/0x3e0
[  443.408445][T11034]  __se_sys_ioctl+0xfd/0x170
[  443.413219][T11034]  do_syscall_64+0x55/0xa0
[  443.417700][T11034]  ? clear_bhb_loop+0x40/0x90
[  443.422522][T11034]  ? clear_bhb_loop+0x40/0x90
[  443.427268][T11034]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  443.433307][T11034] RIP: 0033:0x7fec1019c819
[  443.437789][T11034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  443.457652][T11034] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  443.466150][T11034] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  443.474276][T11034] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000018
[  443.482318][T11034] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  443.490346][T11034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.498366][T11034] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  443.506516][T11034]  </TASK>
[  443.660084][T11042] __nla_validate_parse: 9 callbacks suppressed
[  443.660103][T11042] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.1920'.
[  443.692900][T11042] tc_dump_action: action bad kind
[  443.708593][ T5775] Bluetooth: hci2: unexpected event 0x06 length: 15 > 3
[  444.046133][T11064] validate_nla: 1 callbacks suppressed
[  444.046149][T11064] netlink: 'syz.1.1928': attribute type 4 has an invalid length.
[  444.067437][T11064] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1928'.
[  444.929723][T11077] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.1934'.
[  444.949184][T11077] tc_dump_action: action bad kind
[  444.974623][ T5775] Bluetooth: hci1: unexpected event 0x06 length: 15 > 3
[  445.020332][T11081] netlink: 'syz.0.1935': attribute type 8 has an invalid length.
[  445.076399][T11081] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1935'.
[  445.146322][T11081] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1935'.
[  445.252678][T11088] netlink: 'syz.1.1940': attribute type 4 has an invalid length.
[  445.278942][T11088] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1940'.
[  445.598128][T11096] netlink: 'syz.1.1944': attribute type 39 has an invalid length.
[  445.640609][T11098] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1943'.
[  445.721019][T11098] netlink: 'syz.2.1943': attribute type 10 has an invalid length.
[  445.739702][T11098] team0: Device hsr_slave_0 failed to register rx_handler
[  445.806336][T11102] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.1946'.
[  445.841748][T11102] tc_dump_action: action bad kind
[  445.870473][ T5775] Bluetooth: hci1: unexpected event 0x06 length: 15 > 3
[  446.014656][T11110] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1950'.
[  446.136342][T11114] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1952'.
[  446.180568][T11114] netlink: 'syz.0.1952': attribute type 10 has an invalid length.
[  446.194440][T11114] team0: Device hsr_slave_0 failed to register rx_handler
[  446.319974][T11121] netlink: 'syz.1.1954': attribute type 5 has an invalid length.
[  446.597678][T11126] netlink: 'syz.0.1956': attribute type 10 has an invalid length.
[  446.614305][T11126] team0: Device hsr_slave_0 failed to register rx_handler
[  446.760450][T11130] tc_dump_action: action bad kind
[  446.771575][ T5775] Bluetooth: hci0: unexpected event 0x06 length: 15 > 3
[  447.120606][T11142] netlink: 'syz.0.1964': attribute type 10 has an invalid length.
[  447.142710][T11142] team0: Device hsr_slave_0 failed to register rx_handler
[  447.349815][T11152] tc_dump_action: action bad kind
[  447.377566][ T5775] Bluetooth: hci2: unexpected event 0x06 length: 15 > 3
[  447.395128][ T5775] Bluetooth: hci3: unexpected event 0x14 length: 15 > 6
[  447.697437][T11167] FAULT_INJECTION: forcing a failure.
[  447.697437][T11167] name failslab, interval 1, probability 0, space 0, times 0
[  447.725806][T11167] CPU: 1 PID: 11167 Comm: syz.3.1976 Not tainted syzkaller #0
[  447.733550][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  447.743846][T11167] Call Trace:
[  447.747188][T11167]  <TASK>
[  447.750275][T11167]  dump_stack_lvl+0x18c/0x250
[  447.755222][T11167]  ? show_regs_print_info+0x20/0x20
[  447.760510][T11167]  ? load_image+0x420/0x420
[  447.765092][T11167]  ? __might_sleep+0xe0/0xe0
[  447.769785][T11167]  ? __lock_acquire+0x7d40/0x7d40
[  447.774985][T11167]  should_fail_ex+0x39d/0x4d0
[  447.779856][T11167]  should_failslab+0x9/0x20
[  447.784467][T11167]  slab_pre_alloc_hook+0x59/0x310
[  447.789774][T11167]  ? __get_vm_area_node+0x125/0x370
[  447.795235][T11167]  __kmem_cache_alloc_node+0x53/0x250
[  447.800873][T11167]  ? __get_vm_area_node+0x125/0x370
[  447.806168][T11167]  kmalloc_node_trace+0x26/0xe0
[  447.811117][T11167]  __get_vm_area_node+0x125/0x370
[  447.816235][T11167]  __vmalloc_node_range+0x36e/0x1330
[  447.821763][T11167]  ? netlink_sendmsg+0x602/0xbf0
[  447.826778][T11167]  ? netlink_insert+0x109f/0x13a0
[  447.831915][T11167]  ? netlink_data_ready+0x10/0x10
[  447.837033][T11167]  ? free_vm_area+0x50/0x50
[  447.841637][T11167]  ? netlink_sendmsg+0x602/0xbf0
[  447.846942][T11167]  vmalloc+0x79/0x90
[  447.851087][T11167]  ? netlink_sendmsg+0x602/0xbf0
[  447.856192][T11167]  netlink_sendmsg+0x602/0xbf0
[  447.861046][T11167]  ? netlink_getsockopt+0x590/0x590
[  447.866315][T11167]  ? aa_sock_msg_perm+0x94/0x150
[  447.871614][T11167]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  447.877049][T11167]  ? security_socket_sendmsg+0x80/0xa0
[  447.882565][T11167]  ? netlink_getsockopt+0x590/0x590
[  447.887919][T11167]  ____sys_sendmsg+0x5ba/0x960
[  447.892758][T11167]  ? __asan_memset+0x22/0x40
[  447.897407][T11167]  ? __sys_sendmsg_sock+0x30/0x30
[  447.902486][T11167]  ? __import_iovec+0x5f2/0x850
[  447.907421][T11167]  ? import_iovec+0x73/0xa0
[  447.912078][T11167]  ___sys_sendmsg+0x2a6/0x360
[  447.916843][T11167]  ? get_pid_task+0x20/0x1e0
[  447.921496][T11167]  ? __sys_sendmsg+0x2a0/0x2a0
[  447.926468][T11167]  ? __lock_acquire+0x7d40/0x7d40
[  447.931614][T11167]  __se_sys_sendmsg+0x1c2/0x2b0
[  447.936712][T11167]  ? __x64_sys_sendmsg+0x80/0x80
[  447.941997][T11167]  ? lockdep_hardirqs_on+0x98/0x150
[  447.948070][T11167]  do_syscall_64+0x55/0xa0
[  447.952848][T11167]  ? clear_bhb_loop+0x40/0x90
[  447.957649][T11167]  ? clear_bhb_loop+0x40/0x90
[  447.962460][T11167]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  447.968430][T11167] RIP: 0033:0x7fb6a739c819
[  447.972929][T11167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  447.992725][T11167] RSP: 002b:00007fb6a8338028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  448.001216][T11167] RAX: ffffffffffffffda RBX: 00007fb6a7615fa0 RCX: 00007fb6a739c819
[  448.009264][T11167] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  448.017314][T11167] RBP: 00007fb6a8338090 R08: 0000000000000000 R09: 0000000000000000
[  448.025360][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.033738][T11167] R13: 00007fb6a7616038 R14: 00007fb6a7615fa0 R15: 00007fffd0529de8
[  448.041988][T11167]  </TASK>
[  448.071106][T11167] syz.3.1976: vmalloc error: size 213312, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  448.093218][T11167] CPU: 0 PID: 11167 Comm: syz.3.1976 Not tainted syzkaller #0
[  448.100859][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  448.111242][T11167] Call Trace:
[  448.114591][T11167]  <TASK>
[  448.117672][T11167]  dump_stack_lvl+0x18c/0x250
[  448.122527][T11167]  ? show_regs_print_info+0x20/0x20
[  448.127899][T11167]  ? load_image+0x420/0x420
[  448.132572][T11167]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  448.139062][T11167]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  448.145831][T11167]  warn_alloc+0x246/0x340
[  448.150264][T11167]  ? __get_vm_area_node+0x125/0x370
[  448.155646][T11167]  ? zone_watermark_ok_safe+0x230/0x230
[  448.161284][T11167]  ? rcu_is_watching+0x15/0xb0
[  448.166264][T11167]  ? __get_vm_area_node+0x356/0x370
[  448.171863][T11167]  __vmalloc_node_range+0x393/0x1330
[  448.177235][T11167]  ? netlink_insert+0x109f/0x13a0
[  448.182480][T11167]  ? netlink_data_ready+0x10/0x10
[  448.187684][T11167]  ? free_vm_area+0x50/0x50
[  448.192380][T11167]  ? netlink_sendmsg+0x602/0xbf0
[  448.197403][T11167]  vmalloc+0x79/0x90
[  448.201375][T11167]  ? netlink_sendmsg+0x602/0xbf0
[  448.206393][T11167]  netlink_sendmsg+0x602/0xbf0
[  448.211237][T11167]  ? netlink_getsockopt+0x590/0x590
[  448.216583][T11167]  ? aa_sock_msg_perm+0x94/0x150
[  448.221673][T11167]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  448.227002][T11167]  ? security_socket_sendmsg+0x80/0xa0
[  448.232507][T11167]  ? netlink_getsockopt+0x590/0x590
[  448.237786][T11167]  ____sys_sendmsg+0x5ba/0x960
[  448.242653][T11167]  ? __asan_memset+0x22/0x40
[  448.247387][T11167]  ? __sys_sendmsg_sock+0x30/0x30
[  448.252502][T11167]  ? __import_iovec+0x5f2/0x850
[  448.257429][T11167]  ? import_iovec+0x73/0xa0
[  448.261983][T11167]  ___sys_sendmsg+0x2a6/0x360
[  448.266720][T11167]  ? get_pid_task+0x20/0x1e0
[  448.271367][T11167]  ? __sys_sendmsg+0x2a0/0x2a0
[  448.276299][T11167]  ? __lock_acquire+0x7d40/0x7d40
[  448.281681][T11167]  __se_sys_sendmsg+0x1c2/0x2b0
[  448.286589][T11167]  ? __x64_sys_sendmsg+0x80/0x80
[  448.291681][T11167]  ? lockdep_hardirqs_on+0x98/0x150
[  448.296934][T11167]  do_syscall_64+0x55/0xa0
[  448.301397][T11167]  ? clear_bhb_loop+0x40/0x90
[  448.306290][T11167]  ? clear_bhb_loop+0x40/0x90
[  448.311019][T11167]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  448.317202][T11167] RIP: 0033:0x7fb6a739c819
[  448.321651][T11167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.341654][T11167] RSP: 002b:00007fb6a8338028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  448.350126][T11167] RAX: ffffffffffffffda RBX: 00007fb6a7615fa0 RCX: 00007fb6a739c819
[  448.358226][T11167] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  448.366231][T11167] RBP: 00007fb6a8338090 R08: 0000000000000000 R09: 0000000000000000
[  448.374323][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.382327][T11167] R13: 00007fb6a7616038 R14: 00007fb6a7615fa0 R15: 00007fffd0529de8
[  448.390480][T11167]  </TASK>
[  448.429014][T11167] Mem-Info:
[  448.433287][T11167] active_anon:13360 inactive_anon:0 isolated_anon:0
[  448.433287][T11167]  active_file:19317 inactive_file:40067 isolated_file:0
[  448.433287][T11167]  unevictable:768 dirty:217 writeback:0
[  448.433287][T11167]  slab_reclaimable:11085 slab_unreclaimable:91168
[  448.433287][T11167]  mapped:24826 shmem:1361 pagetables:510
[  448.433287][T11167]  sec_pagetables:0 bounce:0
[  448.433287][T11167]  kernel_misc_reclaimable:0
[  448.433287][T11167]  free:1332995 free_pcp:12138 free_cma:0
[  448.480372][T11167] Node 0 active_anon:53424kB inactive_anon:0kB active_file:77268kB inactive_file:160068kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99316kB dirty:872kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10324kB pagetables:2088kB sec_pagetables:0kB all_unreclaimable? no
[  448.529645][T11167] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  448.594598][T11167] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  448.644961][T11167] lowmem_reserve[]: 0 2521 2522 2522 2522
[  448.654209][T11172] netlink: 'syz.1.1978': attribute type 10 has an invalid length.
[  448.669871][T11172] team0: Device hsr_slave_0 failed to register rx_handler
[  448.684533][T11167] Node 0 DMA32 free:1423296kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:53388kB inactive_anon:0kB active_file:77268kB inactive_file:159240kB unevictable:1536kB writepending:872kB present:3129332kB managed:2586956kB mlocked:0kB bounce:0kB free_pcp:29224kB local_pcp:17060kB free_cma:0kB
[  448.758943][T11167] lowmem_reserve[]: 0 0 0 0 0
[  448.763784][T11167] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  448.801355][T11176] __nla_validate_parse: 7 callbacks suppressed
[  448.801377][T11176] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1980'.
[  448.817553][T11167] lowmem_reserve[]: 0 0 0 0 0
[  448.822741][T11176] tc_dump_action: action bad kind
[  448.829598][T11167] Node 1 Normal free:3893316kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20004kB local_pcp:8100kB free_cma:0kB
[  448.874758][T11167] lowmem_reserve[]: 0 0 0 0 0
[  448.878692][ T5775] Bluetooth: hci0: unexpected event 0x06 length: 15 > 3
[  448.883793][T11167] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  448.954762][T11167] Node 0 DMA32: 3304*4kB (UME) 1720*8kB (UME) 1974*16kB (UM) 830*32kB (UM) 403*64kB (UM) 205*128kB (UM) 134*256kB (UME) 49*512kB (UME) 32*1024kB (UME) 21*2048kB (UME) 281*4096kB (UM) = 1423296kB
[  448.999062][T11167] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  449.033770][T11167] Node 1 Normal: 223*4kB (UME) 55*8kB (UME) 51*16kB (UME) 49*32kB (UME) 23*64kB (UME) 4*128kB (UM) 2*256kB (ME) 0*512kB 2*1024kB (UE) 1*2048kB (E) 948*4096kB (M) = 3893316kB
[  449.064539][T11167] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  449.075174][T11167] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  449.089389][T11167] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  449.118189][T11167] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  449.128363][T11167] 60745 total pagecache pages
[  449.137942][T11167] 0 pages in swap cache
[  449.142753][T11167] Free swap  = 124996kB
[  449.147565][T11167] Total swap = 124996kB
[  449.155430][T11167] 2097051 pages RAM
[  449.161204][T11167] 0 pages HighMem/MovableOnly
[  449.166129][T11167] 416926 pages reserved
[  449.182781][T11167] 0 pages cma reserved
[  449.307285][T11192] netlink: 207496 bytes leftover after parsing attributes in process `syz.3.1987'.
[  449.526076][T11201] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1991'.
[  449.552720][T11201] netlink: 'syz.0.1991': attribute type 10 has an invalid length.
[  449.573344][T11201] team0: Device hsr_slave_0 failed to register rx_handler
[  449.986189][T11211] FAULT_INJECTION: forcing a failure.
[  449.986189][T11211] name failslab, interval 1, probability 0, space 0, times 0
[  450.006137][T11211] CPU: 1 PID: 11211 Comm: syz.0.1996 Not tainted syzkaller #0
[  450.013779][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  450.023996][T11211] Call Trace:
[  450.027356][T11211]  <TASK>
[  450.030349][T11211]  dump_stack_lvl+0x18c/0x250
[  450.035272][T11211]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  450.041626][T11211]  ? show_regs_print_info+0x20/0x20
[  450.046898][T11211]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  450.053129][T11211]  ? dump_stack+0x9/0x20
[  450.057459][T11211]  should_fail_ex+0x39d/0x4d0
[  450.062296][T11211]  should_failslab+0x9/0x20
[  450.066863][T11211]  slab_pre_alloc_hook+0x59/0x310
[  450.071956][T11211]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  450.077575][T11211]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  450.083190][T11211]  __kmem_cache_alloc_node+0x53/0x250
[  450.088734][T11211]  ? bpf_prog_test_run_skb+0x238/0x12b0
[  450.094344][T11211]  __kmalloc+0xa4/0x230
[  450.098575][T11211]  bpf_prog_test_run_skb+0x238/0x12b0
[  450.104181][T11211]  ? __fget_files+0x28/0x4b0
[  450.108840][T11211]  ? __fget_files+0x28/0x4b0
[  450.113503][T11211]  ? __fget_files+0x43d/0x4b0
[  450.118343][T11211]  ? cpu_online+0x60/0x60
[  450.122828][T11211]  bpf_prog_test_run+0x321/0x390
[  450.127831][T11211]  __sys_bpf+0x49d/0x890
[  450.132230][T11211]  ? bpf_link_show_fdinfo+0x390/0x390
[  450.137728][T11211]  ? lock_chain_count+0x20/0x20
[  450.142635][T11211]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  450.148941][T11211]  __x64_sys_bpf+0x7c/0x90
[  450.153423][T11211]  do_syscall_64+0x55/0xa0
[  450.158252][T11211]  ? clear_bhb_loop+0x40/0x90
[  450.162999][T11211]  ? clear_bhb_loop+0x40/0x90
[  450.167838][T11211]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  450.173887][T11211] RIP: 0033:0x7fbf0459c819
[  450.178458][T11211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  450.198407][T11211] RSP: 002b:00007fbf053cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  450.207065][T11211] RAX: ffffffffffffffda RBX: 00007fbf04815fa0 RCX: 00007fbf0459c819
[  450.215162][T11211] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 000000000000000a
[  450.223187][T11211] RBP: 00007fbf053cc090 R08: 0000000000000000 R09: 0000000000000000
[  450.231207][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.239406][T11211] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  450.247641][T11211]  </TASK>
[  450.339119][T11214] IPv6: NLM_F_CREATE should be specified when creating new route
[  450.347534][T11214] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1997'.
[  450.701869][T11231] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.2005'.
[  450.711791][T11231] tc_dump_action: action bad kind
[  450.749411][ T5775] Bluetooth: hci1: unexpected event 0x06 length: 15 > 3
[  450.872455][T11235] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2007'.
[  450.928032][T11239] FAULT_INJECTION: forcing a failure.
[  450.928032][T11239] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.978098][T11239] CPU: 0 PID: 11239 Comm: syz.1.2009 Not tainted syzkaller #0
[  450.985680][T11239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  450.996019][T11239] Call Trace:
[  450.999347][T11239]  <TASK>
[  451.002332][T11239]  dump_stack_lvl+0x18c/0x250
[  451.007068][T11239]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  451.013359][T11239]  ? show_regs_print_info+0x20/0x20
[  451.018607][T11239]  ? load_image+0x420/0x420
[  451.023173][T11239]  should_fail_ex+0x39d/0x4d0
[  451.027905][T11239]  _copy_to_user+0x2f/0xa0
[  451.032417][T11239]  simple_read_from_buffer+0xe7/0x150
[  451.038077][T11239]  proc_fail_nth_read+0x1e8/0x260
[  451.043190][T11239]  ? proc_fault_inject_write+0x360/0x360
[  451.049056][T11239]  ? fsnotify_perm+0x271/0x5e0
[  451.054056][T11239]  ? proc_fault_inject_write+0x360/0x360
[  451.059827][T11239]  vfs_read+0x28b/0x970
[  451.064295][T11239]  ? kernel_read+0x1e0/0x1e0
[  451.068937][T11239]  ? __fget_files+0x28/0x4b0
[  451.073585][T11239]  ? __fget_files+0x28/0x4b0
[  451.078236][T11239]  ? __fget_files+0x43d/0x4b0
[  451.082972][T11239]  ? __fdget_pos+0x2a3/0x330
[  451.087601][T11239]  ? ksys_read+0x75/0x260
[  451.091996][T11239]  ksys_read+0x150/0x260
[  451.096294][T11239]  ? vfs_write+0x990/0x990
[  451.100860][T11239]  ? lockdep_hardirqs_on+0x98/0x150
[  451.106243][T11239]  do_syscall_64+0x55/0xa0
[  451.110930][T11239]  ? clear_bhb_loop+0x40/0x90
[  451.116031][T11239]  ? clear_bhb_loop+0x40/0x90
[  451.120764][T11239]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  451.126786][T11239] RIP: 0033:0x7fec1015d04e
[  451.131243][T11239] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  451.150912][T11239] RSP: 002b:00007fec110a4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  451.159635][T11239] RAX: ffffffffffffffda RBX: 00007fec110a56c0 RCX: 00007fec1015d04e
[  451.167639][T11239] RDX: 000000000000000f RSI: 00007fec110a50a0 RDI: 0000000000000012
[  451.175754][T11239] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  451.183861][T11239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.191860][T11239] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  451.199885][T11239]  </TASK>
[  451.476607][T11254] netlink: 'syz.1.2013': attribute type 29 has an invalid length.
[  451.487554][T11254] netlink: 'syz.1.2013': attribute type 3 has an invalid length.
[  451.501824][T11254] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2013'.
[  452.026036][T11307] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.2018'.
[  452.039023][T11307] tc_dump_action: action bad kind
[  452.259231][T11317] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2021'.
[  452.282798][T11321] IPv6: Can't replace route, no match found
[  452.832418][T11336] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.2028'.
[  452.842177][T11336] tc_dump_action: action bad kind
[  453.025010][T11344] netlink: 'syz.3.2031': attribute type 46 has an invalid length.
[  453.036767][T11344] netlink: 'syz.3.2031': attribute type 46 has an invalid length.
[  453.549534][T11358] netlink: 'syz.3.2038': attribute type 10 has an invalid length.
[  453.571303][T11358] team0: Device hsr_slave_0 failed to register rx_handler
[  453.650583][T11360] tc_dump_action: action bad kind
[  454.515585][T11381] FAULT_INJECTION: forcing a failure.
[  454.515585][T11381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.534812][T11381] CPU: 1 PID: 11381 Comm: syz.1.2048 Not tainted syzkaller #0
[  454.542444][T11381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  454.552636][T11381] Call Trace:
[  454.556050][T11381]  <TASK>
[  454.559096][T11381]  dump_stack_lvl+0x18c/0x250
[  454.564023][T11381]  ? show_regs_print_info+0x20/0x20
[  454.569286][T11381]  ? load_image+0x420/0x420
[  454.573883][T11381]  ? __might_fault+0xaa/0x120
[  454.579227][T11381]  ? __lock_acquire+0x7d40/0x7d40
[  454.584322][T11381]  should_fail_ex+0x39d/0x4d0
[  454.589176][T11381]  _copy_from_iter+0x1d9/0x12e0
[  454.594097][T11381]  ? __virt_addr_valid+0x18c/0x540
[  454.599366][T11381]  ? __lock_acquire+0x7d40/0x7d40
[  454.604449][T11381]  ? sock_alloc_send_pskb+0x8a1/0x9a0
[  454.609893][T11381]  ? copyout_mc+0x70/0x70
[  454.614286][T11381]  ? __virt_addr_valid+0x18c/0x540
[  454.619475][T11381]  ? __virt_addr_valid+0x18c/0x540
[  454.624648][T11381]  ? __virt_addr_valid+0x469/0x540
[  454.629957][T11381]  ? __check_object_size+0x506/0xa20
[  454.635506][T11381]  skb_copy_datagram_from_iter+0xf4/0x6e0
[  454.641417][T11381]  ? dev_get_by_index+0x22/0x2d0
[  454.646423][T11381]  ? skb_put+0x11b/0x210
[  454.650746][T11381]  packet_sendmsg+0x3566/0x4d70
[  454.655696][T11381]  ? verify_lock_unused+0x140/0x140
[  454.660972][T11381]  ? perf_trace_lock_acquire+0x104/0x410
[  454.666797][T11381]  ? aa_sk_perm+0x83c/0x970
[  454.671505][T11381]  ? packet_getsockopt+0xad0/0xad0
[  454.676980][T11381]  ? aa_sock_msg_perm+0x94/0x150
[  454.682004][T11381]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  454.687463][T11381]  ? security_socket_sendmsg+0x80/0xa0
[  454.693000][T11381]  ? packet_getsockopt+0xad0/0xad0
[  454.698213][T11381]  ____sys_sendmsg+0x5ba/0x960
[  454.703118][T11381]  ? __lock_acquire+0x7d40/0x7d40
[  454.708212][T11381]  ? __asan_memset+0x22/0x40
[  454.712916][T11381]  ? __sys_sendmsg_sock+0x30/0x30
[  454.718025][T11381]  ? __import_iovec+0x5f2/0x850
[  454.723037][T11381]  ? import_iovec+0x73/0xa0
[  454.727600][T11381]  ___sys_sendmsg+0x2a6/0x360
[  454.732420][T11381]  ? get_pid_task+0x20/0x1e0
[  454.737080][T11381]  ? __sys_sendmsg+0x2a0/0x2a0
[  454.741918][T11381]  ? __lock_acquire+0x7d40/0x7d40
[  454.747033][T11381]  __se_sys_sendmsg+0x1c2/0x2b0
[  454.751944][T11381]  ? __x64_sys_sendmsg+0x80/0x80
[  454.756964][T11381]  ? lockdep_hardirqs_on+0x98/0x150
[  454.762340][T11381]  do_syscall_64+0x55/0xa0
[  454.767071][T11381]  ? clear_bhb_loop+0x40/0x90
[  454.771807][T11381]  ? clear_bhb_loop+0x40/0x90
[  454.776588][T11381]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  454.782547][T11381] RIP: 0033:0x7fec1019c819
[  454.787019][T11381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  454.806957][T11381] RSP: 002b:00007fec110a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  454.815543][T11381] RAX: ffffffffffffffda RBX: 00007fec10415fa0 RCX: 00007fec1019c819
[  454.823595][T11381] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  454.831616][T11381] RBP: 00007fec110a5090 R08: 0000000000000000 R09: 0000000000000000
[  454.839830][T11381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.848063][T11381] R13: 00007fec10416038 R14: 00007fec10415fa0 R15: 00007fff63b0a358
[  454.856154][T11381]  </TASK>
[  454.994829][T11388] __nla_validate_parse: 3 callbacks suppressed
[  454.994853][T11388] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2049'.
[  455.022895][T11388] netlink: 'syz.3.2049': attribute type 10 has an invalid length.
[  455.035080][T11388] team0: Device hsr_slave_0 failed to register rx_handler
[  455.076633][T11391] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.2050'.
[  455.086482][T11391] tc_dump_action: action bad kind
[  455.099950][ T5775] Bluetooth: hci1: unexpected event 0x04 length: 15 > 10
[  455.371862][T11404] netlink: 'syz.1.2057': attribute type 8 has an invalid length.
[  455.389225][T11404] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2057'.
[  455.496460][T11404] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2057'.
[  455.606296][T11412] netlink: 'syz.0.2060': attribute type 3 has an invalid length.
[  455.619010][T11412] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2060'.
[  455.642035][T11412] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  455.842942][T11417] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.2062'.
[  455.859154][T11417] tc_dump_action: action bad kind
[  455.882661][ T5775] Bluetooth: hci0: unexpected event 0x04 length: 15 > 10
[  455.884927][T11418] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2061'.
[  455.943001][T11418] netlink: 'syz.1.2061': attribute type 10 has an invalid length.
[  455.979875][T11418] team0: Device hsr_slave_0 failed to register rx_handler
[  456.992390][T11436] netlink: 'syz.1.2069': attribute type 8 has an invalid length.
[  457.034515][T11436] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2069'.
[  457.169213][ T5775] Bluetooth: hci1: command 0x0406 tx timeout
[  457.183484][T11436] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2069'.
[  457.382362][T11441] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.2071'.
[  457.431587][T11441] tc_dump_action: action bad kind
[  457.509036][ T5775] Bluetooth: hci3: unexpected event 0x04 length: 15 > 10
[  457.889622][ T5775] Bluetooth: hci0: command 0x0406 tx timeout
[  458.485321][T11466] netlink: 'syz.3.2082': attribute type 8 has an invalid length.
[  459.546884][T11484] FAULT_INJECTION: forcing a failure.
[  459.546884][T11484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.569130][ T5775] Bluetooth: hci3: command 0x0406 tx timeout
[  459.575014][T11484] CPU: 0 PID: 11484 Comm: syz.2.2085 Not tainted syzkaller #0
[  459.582958][T11484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  459.593235][T11484] Call Trace:
[  459.596593][T11484]  <TASK>
[  459.599604][T11484]  dump_stack_lvl+0x18c/0x250
[  459.604490][T11484]  ? show_regs_print_info+0x20/0x20
[  459.609890][T11484]  ? load_image+0x420/0x420
[  459.615025][T11484]  ? __might_fault+0xaa/0x120
[  459.619973][T11484]  ? __lock_acquire+0x7d40/0x7d40
[  459.625110][T11484]  should_fail_ex+0x39d/0x4d0
[  459.629905][T11484]  _copy_from_user+0x2f/0xe0
[  459.634680][T11484]  __sys_bpf+0x23e/0x890
[  459.639011][T11484]  ? bpf_link_show_fdinfo+0x390/0x390
[  459.644696][T11484]  ? lock_chain_count+0x20/0x20
[  459.649673][T11484]  __x64_sys_bpf+0x7c/0x90
[  459.654313][T11484]  do_syscall_64+0x55/0xa0
[  459.658812][T11484]  ? clear_bhb_loop+0x40/0x90
[  459.663656][T11484]  ? clear_bhb_loop+0x40/0x90
[  459.668511][T11484]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  459.674762][T11484] RIP: 0033:0x7f275a59c819
[  459.679272][T11484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  459.699236][T11484] RSP: 002b:00007f275b465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  459.707939][T11484] RAX: ffffffffffffffda RBX: 00007f275a816090 RCX: 00007f275a59c819
[  459.716010][T11484] RDX: 0000000000000020 RSI: 0000200000000a80 RDI: 0000000000000002
[  459.724192][T11484] RBP: 00007f275b465090 R08: 0000000000000000 R09: 0000000000000000
[  459.732344][T11484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  459.740481][T11484] R13: 00007f275a816128 R14: 00007f275a816090 R15: 00007ffc90f50908
[  459.748635][T11484]  </TASK>
[  460.493628][T11503] netlink: 'syz.0.2091': attribute type 8 has an invalid length.
[  460.509113][T11503] __nla_validate_parse: 5 callbacks suppressed
[  460.509132][T11503] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2091'.
[  460.626443][T11503] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2091'.
[  460.988075][T11518] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2097'.
[  461.185692][T11522] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2098'.
[  461.494348][T11534] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2103'.
[  461.567943][T11531] netlink: 'syz.2.2102': attribute type 4 has an invalid length.
[  461.597322][T11531] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2102'.
[  461.630375][T11534] netlink: 'syz.3.2103': attribute type 10 has an invalid length.
[  461.655769][T11534] team0: Device hsr_slave_0 failed to register rx_handler
[  461.762323][T11539] netlink: 'syz.1.2104': attribute type 8 has an invalid length.
[  461.782782][T11539] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2104'.
[  461.906902][T11539] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2104'.
[  462.194151][T11546] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2108'.
[  462.590825][T11559] GPL: port 1(syz_tun) entered blocking state
[  462.600379][T11559] GPL: port 1(syz_tun) entered disabled state
[  462.606716][T11559] syz_tun: entered allmulticast mode
[  462.634828][T11559] syz_tun: entered promiscuous mode
[  462.645835][T11563] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.2114'.
[  462.656605][T11563] netlink: 'syz.2.2114': attribute type 2 has an invalid length.
[  462.693605][T11561] netlink: 'syz.0.2115': attribute type 4 has an invalid length.
[  462.825643][T11567] FAULT_INJECTION: forcing a failure.
[  462.825643][T11567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  462.868672][T11567] CPU: 0 PID: 11567 Comm: syz.0.2117 Not tainted syzkaller #0
[  462.876413][T11567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  462.886748][T11567] Call Trace:
[  462.890173][T11567]  <TASK>
[  462.893246][T11567]  dump_stack_lvl+0x18c/0x250
[  462.898043][T11567]  ? show_regs_print_info+0x20/0x20
[  462.903312][T11567]  ? load_image+0x420/0x420
[  462.907885][T11567]  ? __lock_acquire+0x7d40/0x7d40
[  462.912974][T11567]  ? __virt_addr_valid+0x18c/0x540
[  462.918255][T11567]  should_fail_ex+0x39d/0x4d0
[  462.923023][T11567]  _copy_from_user+0x2f/0xe0
[  462.927692][T11567]  bpf_vlog_reverse_ubuf+0xda/0x3c0
[  462.932975][T11567]  bpf_vlog_finalize+0x132/0x3f0
[  462.938177][T11567]  btf_new_fd+0x4ca/0x9f0
[  462.942676][T11567]  ? bpf_btf_show_fdinfo+0x80/0x80
[  462.948010][T11567]  ? capable+0x88/0xe0
[  462.952395][T11567]  __sys_bpf+0x670/0x890
[  462.956710][T11567]  ? bpf_link_show_fdinfo+0x390/0x390
[  462.962155][T11567]  ? lock_chain_count+0x20/0x20
[  462.967152][T11567]  __x64_sys_bpf+0x7c/0x90
[  462.971622][T11567]  do_syscall_64+0x55/0xa0
[  462.976105][T11567]  ? clear_bhb_loop+0x40/0x90
[  462.980898][T11567]  ? clear_bhb_loop+0x40/0x90
[  462.985628][T11567]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  462.991569][T11567] RIP: 0033:0x7fbf0459c819
[  462.996037][T11567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  463.015807][T11567] RSP: 002b:00007fbf053cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  463.024285][T11567] RAX: ffffffffffffffda RBX: 00007fbf04815fa0 RCX: 00007fbf0459c819
[  463.032621][T11567] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000012
[  463.040646][T11567] RBP: 00007fbf053cc090 R08: 0000000000000000 R09: 0000000000000000
[  463.048749][T11567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  463.056767][T11567] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  463.064828][T11567]  </TASK>
[  463.764319][T11589] netlink: 'syz.0.2126': attribute type 4 has an invalid length.
[  464.151808][T11601] netlink: 'syz.0.2132': attribute type 8 has an invalid length.
[  465.064924][T11599] netlink: 'syz.3.2131': attribute type 1 has an invalid length.
[  465.157034][T11599] netlink: 'syz.3.2131': attribute type 4 has an invalid length.
[  465.455083][T11624] FAULT_INJECTION: forcing a failure.
[  465.455083][T11624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  465.503965][T11624] CPU: 0 PID: 11624 Comm: syz.3.2138 Not tainted syzkaller #0
[  465.511690][T11624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  465.521869][T11624] Call Trace:
[  465.525218][T11624]  <TASK>
[  465.528213][T11624]  dump_stack_lvl+0x18c/0x250
[  465.533005][T11624]  ? show_regs_print_info+0x20/0x20
[  465.538309][T11624]  ? load_image+0x420/0x420
[  465.543007][T11624]  ? __might_fault+0xaa/0x120
[  465.547793][T11624]  ? __lock_acquire+0x7d40/0x7d40
[  465.552925][T11624]  should_fail_ex+0x39d/0x4d0
[  465.557734][T11624]  _copy_from_user+0x2f/0xe0
[  465.562426][T11624]  ___sys_sendmsg+0x1c7/0x360
[  465.567196][T11624]  ? __sys_sendmsg+0x2a0/0x2a0
[  465.572105][T11624]  ? __lock_acquire+0x7d40/0x7d40
[  465.577269][T11624]  __se_sys_sendmsg+0x1c2/0x2b0
[  465.582227][T11624]  ? __x64_sys_sendmsg+0x80/0x80
[  465.587288][T11624]  ? lockdep_hardirqs_on+0x98/0x150
[  465.592598][T11624]  do_syscall_64+0x55/0xa0
[  465.597584][T11624]  ? clear_bhb_loop+0x40/0x90
[  465.602457][T11624]  ? clear_bhb_loop+0x40/0x90
[  465.607230][T11624]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  465.613426][T11624] RIP: 0033:0x7fb6a739c819
[  465.617989][T11624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  465.637984][T11624] RSP: 002b:00007fb6a8338028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.646848][T11624] RAX: ffffffffffffffda RBX: 00007fb6a7615fa0 RCX: 00007fb6a739c819
[  465.654929][T11624] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  465.663095][T11624] RBP: 00007fb6a8338090 R08: 0000000000000000 R09: 0000000000000000
[  465.671372][T11624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.679959][T11624] R13: 00007fb6a7616038 R14: 00007fb6a7615fa0 R15: 00007fffd0529de8
[  465.688159][T11624]  </TASK>
[  465.810337][T11630] GPL: port 1(syz_tun) entered blocking state
[  465.827924][T11630] GPL: port 1(syz_tun) entered disabled state
[  465.836013][T11630] syz_tun: entered allmulticast mode
[  465.846890][T11630] syz_tun: entered promiscuous mode
[  465.859077][T11635] validate_nla: 3 callbacks suppressed
[  465.859098][T11635] netlink: 'syz.1.2141': attribute type 8 has an invalid length.
[  465.874966][T11630] __nla_validate_parse: 10 callbacks suppressed
[  465.874988][T11630] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.2139'.
[  465.891660][T11635] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2141'.
[  465.909657][T11630] netlink: 'syz.0.2139': attribute type 2 has an invalid length.
[  465.918550][T11634] netlink: 'syz.3.2142': attribute type 4 has an invalid length.
[  465.984742][T11634] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2142'.
[  466.001602][T11635] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2141'.
[  466.018576][T11628] netlink: 'syz.2.2140': attribute type 4 has an invalid length.
[  466.027449][T11628] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2140'.
[  466.088332][T11628] netlink: 'syz.2.2140': attribute type 10 has an invalid length.
[  466.110859][T11628] team0: Device ipvlan1 failed to register rx_handler
[  466.188613][T11639] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2144'.
[  466.272850][T11639] netlink: 'syz.0.2144': attribute type 10 has an invalid length.
[  466.288792][T11639] team0: Device hsr_slave_0 failed to register rx_handler
[  466.494818][T11649] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2148'.
[  466.742233][T11663] netlink: 'syz.3.2152': attribute type 4 has an invalid length.
[  466.773445][T11663] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2152'.
[  466.793934][T11665] netlink: 'syz.0.2153': attribute type 8 has an invalid length.
[  466.809020][T11665] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2153'.
[  466.894350][T11667] GPL: port 1(syz_tun) entered blocking state
[  466.905944][T11667] GPL: port 1(syz_tun) entered disabled state
[  466.913081][T11667] syz_tun: entered allmulticast mode
[  466.922205][T11667] syz_tun: entered promiscuous mode
[  466.936324][T11665] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2153'.
[  466.959592][T11667] netlink: 'syz.1.2154': attribute type 2 has an invalid length.
[  508.339504][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  508.346024][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  568.626394][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  568.632881][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  572.388892][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  572.395706][    C1] rcu: 	1-....: (9957 ticks this GP) idle=2d2c/1/0x4000000000000000 softirq=35724/35724 fqs=4150
[  572.407517][    C1] rcu: 	         hardirqs   softirqs   csw/system
[  572.413966][    C1] rcu: 	 number:  1154192          0            0
[  572.420591][    C1] rcu: 	cputime:    15048      33277           64   ==> 48340(ms)
[  572.428489][    C1] rcu: 	(t=10501 jiffies g=48409 q=408 ncpus=2)
[  572.434973][    C1] CPU: 1 PID: 11675 Comm: syz.0.2157 Not tainted syzkaller #0
[  572.442642][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  572.452962][    C1] RIP: 0010:kasan_quarantine_put+0x88/0x220
[  572.458914][    C1] Code: e8 fd 2f ae ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 83 00 00 00 41 f7 c7 00 02 00 00 74 01 fb 31 c0 <48> 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f c3 48 8d 80 c0 7a 03 00 45
[  572.478927][    C1] RSP: 0018:ffffc900001efc08 EFLAGS: 00000206
[  572.485132][    C1] RAX: e17684ed2ec08b01 RBX: ffff88802ba86780 RCX: e17684ed2ec08b00
[  572.493226][    C1] RDX: dffffc0000000000 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8de0
[  572.501251][    C1] RBP: ffff88802ba86780 R08: ffffffff911c45cf R09: 1ffffffff22388b9
[  572.509696][    C1] R10: dffffc0000000000 R11: fffffbfff22388ba R12: 0000000000000000
[  572.517782][    C1] R13: ffffc900001efca0 R14: 00000000000e8fe8 R15: 0000000000000282
[  572.525865][    C1] FS:  00007fbf053cc6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  572.534997][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  572.541604][    C1] CR2: 0000200000001240 CR3: 000000005f248000 CR4: 00000000003506e0
[  572.549603][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  572.557943][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  572.566029][    C1] Call Trace:
[  572.569341][    C1]  <IRQ>
[  572.572224][    C1]  slab_free_freelist_hook+0x130/0x1a0
[  572.577846][    C1]  ? tcp_data_queue+0x1c26/0x5ac0
[  572.582967][    C1]  kmem_cache_free+0xf8/0x270
[  572.587699][    C1]  tcp_data_queue+0x1c26/0x5ac0
[  572.592839][    C1]  ? tcp_rcv_established+0x1d20/0x1d20
[  572.598510][    C1]  ? tcp_urg+0x10c/0x410
[  572.602874][    C1]  ? tcp_urg+0x410/0x410
[  572.607233][    C1]  ? tcp_validate_incoming+0x2250/0x2250
[  572.612990][    C1]  ? read_tsc+0x9/0x20
[  572.617240][    C1]  tcp_rcv_established+0xa3f/0x1d20
[  572.622480][    C1]  ? rt_is_expired+0x1c/0x2d0
[  572.627207][    C1]  ? tcp_check_space+0xad0/0xad0
[  572.632555][    C1]  ? rt_is_expired+0x1c/0x2d0
[  572.637374][    C1]  ? rt_is_expired+0x250/0x2d0
[  572.642178][    C1]  tcp_v4_do_rcv+0x4ed/0xb80
[  572.646849][    C1]  tcp_v4_rcv+0x23bf/0x2af0
[  572.651426][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  572.656518][    C1]  ? tcp_filter+0x90/0x90
[  572.660957][    C1]  ip_protocol_deliver_rcu+0x20e/0x3f0
[  572.666452][    C1]  ? ip_local_deliver_finish+0x1cb/0x510
[  572.672131][    C1]  ip_local_deliver_finish+0x2ca/0x510
[  572.677725][    C1]  NF_HOOK+0x32d/0x3b0
[  572.681884][    C1]  ? NF_HOOK+0x3b0/0x3b0
[  572.686416][    C1]  ? NF_HOOK+0x9f/0x3b0
[  572.690642][    C1]  ? ip_local_deliver+0x1b0/0x1b0
[  572.695702][    C1]  ? NF_HOOK+0x3b0/0x3b0
[  572.699982][    C1]  ? ip_rcv_finish_core+0xd92/0x1bd0
[  572.705402][    C1]  ? ip_local_deliver+0x122/0x1b0
[  572.710466][    C1]  ip_sublist_rcv+0xa4c/0xd70
[  572.715179][    C1]  ? packet_rcv+0x16b/0x13d0
[  572.723375][    C1]  ? ip_list_rcv+0x440/0x440
[  572.728147][    C1]  ? ip_rcv_core+0xdb0/0xdb0
[  572.732832][    C1]  ip_list_rcv+0x3f2/0x440
[  572.737313][    C1]  ? ip_rcv_finish+0x250/0x250
[  572.742459][    C1]  ? arp_rcv+0x2f0/0x4e0
[  572.746735][    C1]  ? ip_rcv_finish+0x250/0x250
[  572.751726][    C1]  __netif_receive_skb_list_core+0x2da/0x750
[  572.757781][    C1]  ? set_rps_cpu+0x6a0/0x6a0
[  572.762693][    C1]  ? netif_receive_skb_list_internal+0x608/0xca0
[  572.769171][    C1]  netif_receive_skb_list_internal+0x943/0xca0
[  572.775492][    C1]  ? netif_receive_skb_list_internal+0x4b1/0xca0
[  572.781869][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  572.787112][    C1]  ? netif_receive_skb_core+0x230/0x230
[  572.792709][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  572.798905][    C1]  ? napi_gro_receive+0x392/0xb00
[  572.803967][    C1]  napi_gro_receive+0x565/0xb00
[  572.808985][    C1]  receive_buf+0x2203/0x3820
[  572.813700][    C1]  ? virtnet_poll_tx+0x530/0x530
[  572.818850][    C1]  ? virtqueue_get_buf_ctx+0x697/0xd10
[  572.824729][    C1]  virtnet_poll+0x5dd/0x1280
[  572.829392][    C1]  ? refill_work+0x220/0x220
[  572.834082][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  572.840302][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  572.845563][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  572.851776][    C1]  __napi_poll+0xc0/0x460
[  572.856149][    C1]  net_rx_action+0x616/0xc40
[  572.860782][    C1]  ? net_tx_action+0x980/0x980
[  572.865584][    C1]  ? detach_timer+0x2b0/0x2b0
[  572.870307][    C1]  handle_softirqs+0x280/0x820
[  572.875198][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  572.879995][    C1]  ? do_softirq+0x1a0/0x1a0
[  572.884531][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  572.889943][    C1]  __irq_exit_rcu+0xd3/0x190
[  572.894585][    C1]  ? irq_exit_rcu+0x20/0x20
[  572.899174][    C1]  irq_exit_rcu+0x9/0x20
[  572.903567][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  572.909259][    C1]  </IRQ>
[  572.912430][    C1]  <TASK>
[  572.915384][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  572.921397][    C1] RIP: 0010:generic_exec_single+0x481/0x4f0
[  572.927324][    C1] Code: 75 11 e8 42 05 0b 00 48 85 db 75 16 e8 38 05 0b 00 eb 15 e8 31 05 0b 00 e8 bc 08 0a 09 48 85 db 74 ea e8 22 05 0b 00 fb 31 c0 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 2c 00 00 00 00 43 c7 44 2c 08
[  572.947675][    C1] RSP: 0018:ffffc90019c2f860 EFLAGS: 00000246
[  572.953875][    C1] RAX: 0000000000000000 RBX: 0000000000000200 RCX: ffff888077f85a00
[  572.961901][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  572.970087][    C1] RBP: ffffc90019c2f930 R08: ffffffff911c45ff R09: 1ffffffff22388bf
[  572.978097][    C1] R10: dffffc0000000000 R11: fffffbfff22388c0 R12: 1ffff92003385f10
[  572.986449][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92003385f31
[  572.994641][    C1]  ? event_function+0x300/0x300
[  572.999930][    C1]  ? smp_call_function_single+0x5a0/0x5a0
[  573.005918][    C1]  ? mark_lock+0x94/0x320
[  573.010280][    C1]  ? smp_call_function_single+0xb0/0x5a0
[  573.016393][    C1]  smp_call_function_single+0x36d/0x5a0
[  573.022054][    C1]  ? event_function+0x300/0x300
[  573.026989][    C1]  ? flush_smp_call_function_queue+0x250/0x250
[  573.033280][    C1]  ? event_function+0x300/0x300
[  573.038170][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  573.043503][    C1]  event_function_call+0x359/0x650
[  573.048654][    C1]  ? __perf_event_read+0x990/0x990
[  573.053831][    C1]  ? perf_event_ctx_lock_nested+0x490/0x490
[  573.059900][    C1]  ? event_function_call+0x650/0x650
[  573.065226][    C1]  ? __might_fault+0xaa/0x120
[  573.070019][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  573.075163][    C1]  ? __perf_event_read+0x990/0x990
[  573.080389][    C1]  ? __might_fault+0xaa/0x120
[  573.085121][    C1]  ? __might_fault+0xc6/0x120
[  573.089839][    C1]  ? __might_fault+0xaa/0x120
[  573.094576][    C1]  perf_ioctl+0x1fdc/0x24a0
[  573.099148][    C1]  ? tomoyo_path_number_perm+0x217/0x620
[  573.104849][    C1]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  573.110357][    C1]  ? perf_poll+0x1b0/0x1b0
[  573.115210][    C1]  ? __fget_files+0x28/0x4b0
[  573.119856][    C1]  ? __fget_files+0x28/0x4b0
[  573.125130][    C1]  ? bpf_lsm_file_ioctl+0x9/0x10
[  573.130201][    C1]  ? security_file_ioctl+0x80/0xa0
[  573.135547][    C1]  ? perf_poll+0x1b0/0x1b0
[  573.140016][    C1]  __se_sys_ioctl+0xfd/0x170
[  573.144664][    C1]  do_syscall_64+0x55/0xa0
[  573.149195][    C1]  ? clear_bhb_loop+0x40/0x90
[  573.154023][    C1]  ? clear_bhb_loop+0x40/0x90
[  573.158753][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  573.164697][    C1] RIP: 0033:0x7fbf0459c819
[  573.169318][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  573.189140][    C1] RSP: 002b:00007fbf053cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  573.197591][    C1] RAX: ffffffffffffffda RBX: 00007fbf04815fa0 RCX: 00007fbf0459c819
[  573.205596][    C1] RDX: 0000200000000040 RSI: 0000000040082404 RDI: 0000000000000003
[  573.213950][    C1] RBP: 00007fbf04632c91 R08: 0000000000000000 R09: 0000000000000000
[  573.221953][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  573.229996][    C1] R13: 00007fbf04816038 R14: 00007fbf04815fa0 R15: 00007ffc056ec138
[  573.238017][    C1]  </TASK>