last executing test programs:

17.550810759s ago: executing program 2 (id=1030):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x11, 0x2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f8, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r0, 0x11b, 0x4, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000002180)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff814f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c36981edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ce852364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b00000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb4acff907560500ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ad72a89a7f6d74126f327bf7dfa718d3e1e9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d7462c080c159ce40c14089c82759106f425a2554644b2582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9c35f4259e3452b53ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788a25b5a6003b579b8f0e20d78be3d885557292971e65f4f1daefad2c5ccbca608b46406ffff25610c3cbae9c3d6d47678f482e2c1f7cdfc5ce2a67c1545c1192f2ac3990f9c850788401469fbca801e73cd9efbcc6ea52ff414cdff5c49e706d699b5bfa75526f700c4e32611b826b2787f99532c02262a9c60e4b07a09377c38747c7f05e38b6db5d8cc625873af8fc5a7d362334c509f6bb4e36e1c9e08949679e0ed9f84e668588b9f1b21069bd5ffe263b191d1a7f5d4e85de1a2a46579d497000000000000000000000000000085890d719cfd2eef4805fc5ebd790e94908d24a9002b0e658d593da7811e099e1c7c5699331e98eda4c706a90e22047fe27cae6994f70772815879c3d6a16e769eb6a745ca0ebcd90d81d109c1569129c0f26bb037806c424ae349391b4a5723afeffdb940ac1de55b1022c7d9aee805706e8fcdfaf3ab14ca4eae5b534fea2565d4dfa5a0fe38d7aa7d9f3c7bc6e895852a9035283b89ddbc41c54dbf9392c8dcc65178726eae650e"], &(0x7f0000000340)='syzkaller\x00'}, 0x44)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2f, 0x6000004d, &(0x7f0000000100)="b90000000044268cb89e14f088a865e0ffff01032c00631177fbac141416e000030a44079f030000000000000000000000222f050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa007346111960500000000000000000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000ac0)="4313a5e1de73ef94a52904aad04fce16f49604c1dc63d9c8cc35e6d2e21bad5f52f04dde32f51f1857b0a340996c2daaeef13787fa577badae0fbafd3f609eda08ec9ebbeddabc201ebe14f7634882897578faa4a3fc0438525683562027d26fe8d349e08100ac9f654e6e2e4b2dc800652266b0720296c690c6b47afecc028741048e97cfdd5a078b1ba3fde5b21f61b40bf334853a68f5", &(0x7f0000000a00), 0x0, 0x700}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x7c}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0xe, 0xfd90, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffe40}, 0x48)
socketpair(0x5, 0x800, 0x2, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0x12, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xa93, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@exit, @map_val={0x18, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0x2ae, 0xc3, &(0x7f0000000500)=""/195, 0x100, 0x12, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000380)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000600)=[{0x3, 0x1, 0x2, 0x5}, {0x2, 0x2, 0x3, 0x5}, {0x2, 0x4, 0xf, 0x1}, {0x4, 0x5, 0xa, 0x6}, {0x2, 0x2, 0x5, 0x7}, {0x5, 0x1, 0xc, 0x3}], 0x10, 0x6}, 0x94)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000740)=r4, 0x4)

17.280531054s ago: executing program 2 (id=1033):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0xff05, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x8, [@var={0x5, 0x0, 0x0, 0xe, 0x5, 0x2}]}, {0x0, [0x61, 0x61, 0x0, 0x2e, 0x61, 0x0]}}, &(0x7f0000000180)=""/252, 0x30, 0xfc, 0x1, 0x2, 0x10000, @value=r1}, 0x28)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socketpair(0x11, 0xa, 0x300, &(0x7f0000000000))

16.391086871s ago: executing program 2 (id=1035):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x42, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x4, @perf_config_ext={0xffffffffffffffff, 0x8001}, 0x106, 0xffffffff, 0x8001, 0x3, 0x40000002, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x9, 0x5, &(0x7f0000000740)=ANY=[@ANYRESOCT=r0], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x9, 0x5, &(0x7f0000000740)=ANY=[@ANYRESOCT=r0], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x4, 0x0, 0x1}, {0x2}]}, 0x94) (async)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x4, 0x0, 0x1}, {0x2}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000009c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) (async)
recvmsg$unix(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000940), 0x8}, 0x0, 0xe, 0x0, 0x5, 0x0, 0x2, 0x5, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r6 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$sock(r6, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000780)="90de300bf5ac1ed875a00f8b32b8bcf9c30341819fe4144c0c0e0454c1b3d0f234171442eecc7259664b3215732e5351a33b20936e675d79a30d7c8213da728d007653335526e959c5800d50a502102abca35f799ce4edbc824a6d0bc8d1", 0x5e}, {&(0x7f0000000800)="18ee5dbd96ad04e159eb5839ef7db4c23f823e82f5e5f3d291eab932ddf662b553bd3b896b61e812eb7736f927af74c390a05d56f23961fd540c79db596e59d91af0d8274dbcda844135abd3498853bba0", 0x51}], 0x2}, 0x80)
close(r8)
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x2040)
setsockopt$sock_attach_bpf(r6, 0x84, 0x18, &(0x7f0000000000)=r9, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r11, 0x1, 0x10, &(0x7f0000000000), 0x4) (async)
setsockopt$sock_attach_bpf(r11, 0x1, 0x10, &(0x7f0000000000), 0x4)
close(r10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r9}, &(0x7f00000001c0), &(0x7f0000000200)=r2}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r9, <r12=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000200)=r2}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r9, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x82, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xb, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r9, 0xe0, &(0x7f00000005c0)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r14=>0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r15=>0x0, 0x82, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xb, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b904021d080304000000e8fe03a1180015000600142603600e1208000f0000810401a80016040a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x8018)
r16 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup(r5, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
write$cgroup_subtree(r16, &(0x7f0000000900)=ANY=[@ANYRESOCT=r11, @ANYRESHEX=r13, @ANYRES16=r7], 0xfe33)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r12, @ANYBLOB="0a0000000dc800"/20, @ANYRES32=r14, @ANYRES32=r9, @ANYRES32=r15], 0x50)
sendmsg$inet(r11, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x8004) (async)
sendmsg$inet(r11, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x8004)
close(0xffffffffffffffff)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000)

16.30970225s ago: executing program 2 (id=1039):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000ac0)={0x6, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1005, 0x0, 0x0, 0x0, 0xa8000}}, 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48)
r2 = getpid()
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x6, 0x7, 0x10, 0x6, 0x0, 0x5, 0x40068, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x7, 0xf5ae}, 0x4802, 0x3, 0x3, 0x8, 0x401, 0x8, 0x7fff, 0x0, 0x3ff, 0x0, 0x3}, r2, 0x1, r0, 0x2)

16.121559484s ago: executing program 2 (id=1041):
r0 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x8, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x29, 0x46, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000001240)={&(0x7f0000000a00)=@generic={0xa, "8ab77fa26849ff263ef30c98b353011a5990650042e2dacdc165ececece6be1862e2adacd2737d00ad6f9fa9f3d7145e15dd9fb1a7adc211220963ad5def53b911ba5b9da13641f982757012a7496de0b3a36f5849f260c603dbc317f54b901ee80ea6132ca6e88c776553e1833052ca376304313c5637786a36a4b83857"}, 0x80, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x8183, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_config_ext, 0x40, 0x0, 0x0, 0x0, 0xc360, 0xfffffffe}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r5}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r4}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000540)={r5, &(0x7f0000000400)="a20de2", &(0x7f00000004c0)=""/66}, 0x20)
syz_open_procfs$namespace(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000300)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2101, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x0, 0x200}, 0x0, 0x2, r3, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1d, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x565}, {{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x44}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020, 0x90024, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}, 0x0)

15.831509082s ago: executing program 1 (id=1046):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{0x0}], 0x1}, 0x0)
r1 = socket$kcm(0x23, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x14, 0x4, 0x8, 0xc}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001480)={{r2}, &(0x7f0000001400), &(0x7f0000001440)='%ps    \x00'}, 0x20)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d000000000000000000000000000000000000000000000000fd000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000a02"], 0x0, 0x96, 0x0, 0x3}, 0x28)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x1}, 0x28)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r4, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0xd, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x5, &(0x7f00000000c0)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x8}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xd}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x1}, 0x10}, 0x94)

15.831075318s ago: executing program 2 (id=1047):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe93, 0x100000001}, 0x20, 0x4, 0x1, 0x2, 0xa}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8902, &(0x7f0000000080))
recvmsg$unix(r4, &(0x7f0000000dc0)={&(0x7f0000000980)=@abs, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000a00)=""/172, 0xac}, {&(0x7f0000000ac0)=""/76, 0x4c}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f0000000580)=""/36, 0x24}, {&(0x7f0000000b40)=""/233, 0xe9}, {&(0x7f0000000900)=""/39, 0x27}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/4096, 0x1000}], 0x8, &(0x7f0000000cc0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}, 0x30)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000340)='J', 0x1}], 0x1}, 0x1001)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r2, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x8, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xcb, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x6b, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
sendmsg$kcm(r3, &(0x7f0000000440)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r5, 0x21}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000780)="3d6ec64460d2a54e281b70092b4fcf7b3569f384812d510f4cba86b5a4c9bb41d1aa4b5843a4d99b1a525c0920dbaf63a2ac6df071cad45995f3a96f54b4a1477f3fca615131ca99d9392ff742", 0x4d}], 0x1, &(0x7f0000000800)=[{0xf0, 0x115, 0x4, "8c208ae0bbcab44a7aaa9defd368f78d2ef7051f2f33102b7f66f30ed64db712f2b1f88c23d8c77e1693bafe356ba86f5869670e181d4eb1496f3700a16b1ca715b696c49496eff345ab892a8463a8e1bcec88fe9eb4ec2a3d354b4037c1a700fdcbdae35b1200d7302739e96950c99b7ea011ce38eaa78618c380029062ea81471b9170afc7aca567298cba81b3b81bedd5c1785df7868f66f102577edd5f5375aa678bbcdbee3da59fb37bce09b1b9702c8ec02dbbc9fe6f301ac33df32dcd4f1e77412571ff18354446949bf939002760fc56a6c4adf52ca53447"}], 0xf0}, 0x8004)

15.749965022s ago: executing program 1 (id=1048):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYRES8=r1, @ANYRES8=r2], 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x58, &(0x7f0000000040)=ANY=[@ANYBLOB="ed5d5b68bfbb56677171793cfb33f401365d1b085af3d83eb31d9c49f68b78668cf631", @ANYRES64=r0, @ANYRES64=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe3f}, 0x80)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x1108)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x7, 0xfd, 0x6, 0x0, 0x5d31, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x3, 0x1}, 0x622, 0x0, 0xffffffff, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x10, r4, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x10, 0x0, 0x5d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x8}, 0x4202, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x4, 0x7, 0x6, 0x0, 0x0, 0x0, 0xa9e9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b00)={0x11, 0x1b, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1800000008000000000000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000185500000c000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000060000f60200000000f2000000000086000000182a110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000000000000850000008600000085200000030000008520000005000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000800)='GPL\x00', 0x1, 0x1000, &(0x7f0000000b00)=""/4096, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000900)={0x3, 0x2, 0x35, 0x4}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000940)=[r6], &(0x7f0000000980)=[{0x0, 0x3, 0xb, 0xa}, {0x2, 0x1, 0x9, 0x9}, {0x3, 0x1, 0xa, 0x6}, {0x4, 0x3, 0xd}, {0x4, 0x4, 0xb, 0x6}, {0x4, 0x2, 0xc, 0x7}, {0x3, 0x3, 0x3, 0xb}, {0x4, 0x3, 0x4, 0x6}, {0x4, 0x1, 0x0, 0x7}, {0x5, 0x1, 0x10, 0x1}], 0x10, 0x3ff}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000060000008000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000e2b1860e2aa"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r7}, 0x38)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x5, 0x82, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x9, 0x9}, 0x14105, 0x2e, 0xffffebff, 0x8, 0x2, 0x9, 0x6, 0x0, 0x87f4, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = gettid()
syz_open_procfs$namespace(r8, &(0x7f0000000580)='ns/pid_for_children\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000440)='ns/pid_for_children\x00')
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_config_ext={0x10000, 0x1}, 0x0, 0x0, 0x2, 0x0, 0x80, 0x0, 0xfffc, 0x0, 0x1fc000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$ITER_CREATE(0x21, &(0x7f0000000280)={r9}, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xb00c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

15.749337299s ago: executing program 0 (id=1049):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) (async)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000180)=ANY=[@ANYBLOB="0100"/20]) (async)
r1 = perf_event_open(0x0, 0x0, 0xb, r0, 0x0) (async)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000400)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x7}, 0x50)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1", 0x12}], 0x1}, 0x0) (async)
recvmsg$kcm(r3, &(0x7f0000001780)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000780)=""/4096, 0x1000}], 0x1, &(0x7f0000000580)=""/153, 0x99}, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) (async)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000280)=ANY=[@ANYBLOB='b *'], 0x9) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000005c00)=ANY=[@ANYBLOB="1e0000000700000008000000ffff000004000200", @ANYRES32, @ANYBLOB='\x00'/16, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/28], 0x50)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r7, 0x0, 0x30004001)
setsockopt$sock_attach_bpf(r7, 0x6, 0xd, 0x0, 0x0) (async)
setsockopt$sock_attach_bpf(r7, 0x1, 0x24, &(0x7f0000000000), 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x9, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xbb, 0x54}}, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x48) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.stat\x00', 0x26e1, 0x0) (async)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000001c0)={0x3, 0x4, 0x4, 0xa, 0x0, r8, 0x0, '\x00', 0x0, r8, 0x0, 0x5, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r10}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r9}, 0x10)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xd}, 0x2405, 0x0, 0x0, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x104}, 0x0, 0x0, 0xffffffffffffffff, 0xd) (async)
bpf$MAP_CREATE(0x300000000000000, &(0x7f00000017c0)=@bloom_filter={0x1e, 0x0, 0x80000001, 0x2, 0x2042, r6, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0xe}, 0x50) (async)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r11, &(0x7f0000001840)='ns/cgroup\x00') (async)
r12 = openat$cgroup_subtree(r8, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_subtree(r12, &(0x7f0000000100)={[{0x2b, 'net_prio'}, {0x2d, 'cpuacct'}, {0x16, 'net_cls'}, {0x2d, 'pids'}, {0x2b, 'pids'}]}, 0x28)

15.748800349s ago: executing program 0 (id=1050):
perf_event_open(&(0x7f0000004cc0)={0x1, 0x44, 0x8, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0xbbd0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100000, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="05000000001000006911320000000000184800e77f2f0e16c4d44cfe67bb6c00f9ffffff00264a3cbe4f26567cbe4024000000000000008500000005000000950000000000eadf86549e27b9034500"], &(0x7f00000000c0)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)

15.681377838s ago: executing program 0 (id=1051):
r0 = socket$kcm(0x11, 0x3, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_config_ext={0x9, 0x2}, 0x3000, 0x4, 0x0, 0x2, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x37)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="12000000020000000800000002"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='\a'], 0x10)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f00000000c0), &(0x7f00000002c0)=r2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001540)={{r3}, &(0x7f00000014c0), &(0x7f0000001500)=r2}, 0x20)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e105000000894f000f11c9ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b40000000000000061104c0000000000050000000000000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="b9ff05000000008c9c18ed0f6fd2", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)

15.39105027s ago: executing program 0 (id=1052):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000000)=@framed={{0xcd, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x15}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)="caf9e4a135fc9584521d361a78a49c0e831363a04857eb2f49544f2aed6c5d9340beed3aa7f5737e3ee091371dd882adb8fdc6d3cb381ea11d4e7e3bd94ad9bc565bb6d1aad60fab8d7d9a50bd17707a35363f814fdac62f84a99e3ed3384ca18b20924edb7e4334c4f0b2424e51f823a91fe2319a0e5407f9ab53124a3499f2e2b6be93bea60594056557d2baa79eea4a36441909719505957a9fa5733b", 0x9e}, {&(0x7f0000000140)="d16e4cac9fd097a01686ed4ffa35274bf22167604eff54194650b98ef7c53c6be8fcaf53d6b1e151902fac65c4e8f469a1da4e4b8883ae676b317e8ae2a85e69b8a7cadeba28f0b4f57b8875b644c132ec135d7bbb80c9b577f6c9344023a8762b006c08c2b089d54438db32f5e0d01cbbc77ef0be7e31da0ec1642d0414673ec06b4057c6ed208f228b6fcc34dc81e575f9846249489bdc2f341ec9f862e4f1efd92400796bef0c34367f2ac1414942bcd68e81630ec2b57278a07c9a5cc75e6205", 0xc2}, {&(0x7f0000000240)="7fd553199708efb713031feda24c3d2015cec39e7b56f52a6ff89ec6e5c9d7477d9d4d20002e2cbf86afddeb01f60709fe0f82b31b36084b7367e462b225b749599e43b2d3350792bfbb1cbcde689746ccd1ccadef540fffaef289e24bd9b3384c05f962952d9ce41b4a4ea90fc8f40e1397fa9a7e25b35a85c096460aa98cc7e5809a84c0ea617db3f90d0ad1fcc5055565203408141870de6a6548d5f6e90f627cf90bc1ed58df9ca5ea96667e644d63779faf8cc40a89f6d2f376d7db224270e999aeb31fdb42cd9a5866b0ce9b51f08fe13b6e5f19bef1e650a9ea1b0c29f351320e757c89d79d8b5cfa32302bab5d", 0xf1}, {&(0x7f0000000340)="a6136fe05f0c42275e0c8b17e761e0ec8cf14518a8e0dac2024d24dc20c829a34385744d4b53c20d284942b19f53ae55d6982f77d727f56599b101f6e89aeccb5cda78067cdc0a94bdabcd16b58b8c1c03d84d79c6a89d24e401007e78dd47e1f1a76d54334adcae0b", 0x69}], 0x4, &(0x7f0000000400)="91c27ff03da6082358126c13e5e8083f45b04c74df6135d7fe010d3cce6efaa219fd526d39cc5245d0f6db5f141a22cc7bfa392a3426c1d876cb7c567d9c959df67ca721580f4e972a5c87b03545e9637bc24ac54fe51e1b078de646ba55162eb507cf5cf188f27e5f73cdc42364a5f1d754ca2c3e0184a03653", 0x7a, 0x20008000}, 0x24006000)

15.388548943s ago: executing program 0 (id=1053):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x112120, 0x100006a, 0x0, 0x1, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202020c310f8ffa1000000bfa10000000000000701000000feffffb702000008000000b70300000000000085000000ca00"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x4, @perf_config_ext={0x407fff, 0xb51}, 0x14105, 0x32, 0xfffffbff, 0x2, 0x0, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
close(0xffffffffffffffff)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x0)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0x5000000}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)}], 0x1, 0x0, 0x0, 0x900}, 0x60)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0", 0x205}], 0x1, 0x0, 0x6b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x94)
perf_event_open(&(0x7f0000000680)={0x1, 0xb0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5d2d, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x352, 0x1, @perf_config_ext={0x9, 0xfffffffffffffff1}, 0x100e64, 0xc78, 0x0, 0x0, 0x1, 0x0, 0x10, 0x0, 0xb, 0x0, 0x1fffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
r4 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r4, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="020a000202000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000340)={'gre0\x00', 0x200})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r3}, &(0x7f0000000200), &(0x7f0000000640)=r2}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r3, &(0x7f00000004c0)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r0, @ANYBLOB="00000000000000007100000000000000950000000000000056be9c3b50afa5302ed16b6bfe63eb38a88adc6b28db0ee89c244f684195552b0a0874efd963743bf269424e4d481dc5574c2759467667d3572125047fdc0cd6bcf2c3d585b9a8"], &(0x7f0000000d40)='syzkaller\x00'}, 0x90)

15.239084411s ago: executing program 1 (id=1054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00000004000000080000000100000004000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000749100006d6e6c008f9572ba73d5f83e00"/40], 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f91624fc60100c214002000003050582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a80016000500014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x5, 0x3, 0x0, &(0x7f0000000500)="44faf9aae352180350d1fe16507d1b00e2f6e502cea134462c72bf07f13336f5423bfd1cbc487a5d3efc7942fc6bed57729421668ad92c9c0ba52f2e0b1c8de90aec8316e742101d4a9bd8d18ebe675f719623102fa7a406106f62955fee22d03c288a76c8bfe116bda983acc5b63ebe135ed8af3905a36e422aa0314a23ba74fba63e777c95b8e0d4d0a348faa5f2596fc44233c1a6f0516b50ee0ce707bb631e40db79899983112dd8e1424917381e290a23cf676f22585c77e88f3f4b38519857817d42586319894d2585170b66c555ab7ef78cd581314b24441b2bb296396cda97bc9b60f4500093d076abb1556f7e6ef2f5ad81abe392fa6ace350b6ab89725bdfc478fde6f5a0d363739c5d57d2ec789ddb89423d7817dec42d977312b62bf50d82d30046b07afa92c1f49714cab4abc74b3c8f5c35e7bb0812c942b9c1a04eeef43db765ac82c79e425f5ddcca160e454a1", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000001c0)='%##&[\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00000004000000080000000100000004000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000749100006d6e6c008f9572ba73d5f83e00"/40], 0x50) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
socket$kcm(0x10, 0x3, 0x10) (async)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f91624fc60100c214002000003050582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) (async)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a80016000500014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x5, 0x3, 0x0, &(0x7f0000000500)="44faf9aae352180350d1fe16507d1b00e2f6e502cea134462c72bf07f13336f5423bfd1cbc487a5d3efc7942fc6bed57729421668ad92c9c0ba52f2e0b1c8de90aec8316e742101d4a9bd8d18ebe675f719623102fa7a406106f62955fee22d03c288a76c8bfe116bda983acc5b63ebe135ed8af3905a36e422aa0314a23ba74fba63e777c95b8e0d4d0a348faa5f2596fc44233c1a6f0516b50ee0ce707bb631e40db79899983112dd8e1424917381e290a23cf676f22585c77e88f3f4b38519857817d42586319894d2585170b66c555ab7ef78cd581314b24441b2bb296396cda97bc9b60f4500093d076abb1556f7e6ef2f5ad81abe392fa6ace350b6ab89725bdfc478fde6f5a0d363739c5d57d2ec789ddb89423d7817dec42d977312b62bf50d82d30046b07afa92c1f49714cab4abc74b3c8f5c35e7bb0812c942b9c1a04eeef43db765ac82c79e425f5ddcca160e454a1", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000001c0)='%##&[\x00') (async)

15.236389418s ago: executing program 0 (id=1055):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000001ec0)=ANY=[@ANYBLOB="004000003a00913a74067388481f9c0e0a"], 0xfe33)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/111, 0x6f}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x282, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x1, 0xae9}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x5, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb2acc00917f29337c5e4c99010018000000000000000c000000ff00"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000009249e5b7009500000000000000cefed28d300f11cfa0b95f31bab3e2b7c73c00ea7edf01557cbea7570d980479f17c6a90219f108f76c9ef17fc6e7f8306c45c0bc32527ad49d7b315db744be8892071d341391daaebfb8366c615703f346edbb74b0775b1fd6bee9e5fe7cb39ce9c25412589b632e85333ab2313eb0985e64c914f31949b8129365daecb11ce8aee89933892b6b698a374dbf3bd07ae8b7bb43f5498b82900d783998004d5db864e"], &(0x7f0000000080)='GPL\x00', 0xa, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x1c}, 0x6d)
openat$ppp(0xffffffffffffff9c, 0x0, 0x20802, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x141001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000100006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4b}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000d0000000000000000000000850000000500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xb, 0x0, &(0x7f00000001c0)="581f9239658ea95ed371ea", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8912, &(0x7f0000000080))
sendmsg$kcm(r6, &(0x7f0000000400)={&(0x7f00000000c0)=@in6={0xa, 0x4e23, 0xfffff000, @private1, 0xc73}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000140)="5f64ee9d3dbf640523d83c3ca38496db5a2312d6684ea8d27552a992dfc514d59b8dab7afbc894974225ff9e9cf01f47322c34fd5452e78f137a04028b2d789646b6fc433473056e8a96c354f8f440178d12783352dacf336b284c30a494a9515010d8edfc27202616b7f3203d11f10be59b7603c31b744ab9576d0cfe10ffc95199c1a3d91cf09967295498d0cdd4d335411f788530d86aa8fe928c43344b9aec6ce6095430800f176a26628ed5", 0xae}, {&(0x7f0000000240)="b7876466958584640392d7b2174f17f70eb5036659dfc6017b68e434c162e641353c92b0d454ece1b59ee8b08943ff8f96a037e9f1035f6dfb25cc346800147c5684d7bf99b3a2c63a74e6e5afff12c97bc938d830465d835c3058b7f1", 0x5d}, {0x0}], 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="40000000000000000301000093c80000d9f8704a85576835349d6601b5b1945a141afdd87e9f9cfba6915429d31ad1321000d9359f9f8ff3f16ffd7d00000000"], 0x40}, 0x20008080)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e22, @multicast2}}, 0x80, 0x0}, 0x4000000)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x8000000, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r7 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="d80000001e0001054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a50254cca9e00360db798262f3d40fad95667e006dcdff11a49b1328d9dd74977efd563951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a9295", 0xd8}], 0x1}, 0x0)

15.128496325s ago: executing program 1 (id=1056):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x53, 0x1, 0xff, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x4, @perf_config_ext={0x5, 0x2000000014f}, 0x14105, 0x8, 0xfffffbff, 0x8, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e2}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xa) (async)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x80044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x2, 0xfffffffe, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="160000da00000000f0ffffff", @ANYRES16=r0, @ANYBLOB, @ANYRESOCT], 0x20) (async, rerun: 32)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 32)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10}, 0x0, 0xca, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffd, 0x0, 0x4}, 0x0, 0xd, 0xffffffffffffffff, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ed13000000000000000000"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000034000000bc00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xe, 0x0, &(0x7f0000000280)="432275e2065074ef2415f73227b2", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002940)="2000000020008107090f9becdb4cb96b0200000000fbff010000000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
close(r2) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0xff, 0xfa, 0x7, 0x0, 0xea, 0x9800, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfffffffd, 0x4, @perf_bp={0x0}, 0xc601, 0x10040, 0xfd84, 0x4, 0x10001, 0x1, 0xa33, 0x0, 0x8, 0x0, 0x5}, 0x0, 0xb, 0xffffffffffffffff, 0x8) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40305828, &(0x7f0000000040))
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2000000004000000020000000000000001020000", @ANYRES32, @ANYBLOB="009ee9f0e9924124ee226400000000000000000000000019000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00"/28], 0x50) (rerun: 64)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) (async)
setsockopt$sock_attach_bpf(r0, 0x84, 0x77, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
r8 = socket$kcm(0x10, 0x2, 0x10) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57) (async)
sendmsg$kcm(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000028000b05d25a806f8c6394f90524fc60", 0x14}], 0x1}, 0x40) (async, rerun: 64)
r9 = socket$kcm(0x10, 0x3, 0x10) (rerun: 64)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000003080)=ANY=[@ANYRES32], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

15.001308022s ago: executing program 1 (id=1057):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x9, [@struct={0x6, 0x1, 0x0, 0x4, 0x0, 0x6, [{0x9, 0x1, 0x5}]}]}, {0x0, [0x61, 0x0, 0x61, 0x61, 0x5f, 0x0, 0x30]}}, &(0x7f0000000040)=""/43, 0x39, 0x2b, 0x1, 0x6}, 0x28)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x3, 0x0, 0x4}, 0x50) (async)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b"], 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34}, 0x94) (async)
write$cgroup_subtree(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="364000001a00910069cdfb5cc682e02e0a"], 0xfe33)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r1}, &(0x7f00000002c0), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000d49d80007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r4}, 0xc)

14.999534339s ago: executing program 1 (id=1058):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x40482, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x1, @perf_config_ext={0x407fff, 0x83}, 0x114115, 0x2e, 0xfffffbfe, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085e900000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x909d76cd3b8dcde0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1700000000000000040000000300000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="24b64c93000000000000000000000000348d4d56f3cb502a864074b554adcaca6a989e5600000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="e047d46f18ffd87db726227d743a5c21f8fbe7aec4a020eba5b0000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="5f751912f7e324cf0b3f76eb034f8fbecb00f6cdd41d949a757775f1ff30c7610fd5ea90f2a8ebd1b651f6c4fcfb46074844ab447e59432d5e77fe7410c04ad7ff0a145b24b8ff19662a1b9ed81f971faf0bf4efa1582aad14ed704e8ee3c8bcecaa702dddaa654a7c173393388394c802a0c9c5445d9d60801aac270714094ca7d48c52d40d3322dbe90b73bc8593745fb8289c1fbd79d020c42f1facc79b7caaad30b849462182a284d0b98e6d3b1e880b56b9cd2dced602d0be3faf90f05773edf5e785c4c2a53ad569afcc46302f0df10efd043c2cbb5c97ed2470f0b40b685ac56acfe50dd7b8b1ab96d4440242328356a5bf613b4c1f539984974b22ff37237f1565e455f93826d39a8168efd611b3aeab0ad295d273fd3421656e7c52b080e06d433ff1c928c3bd5bbd505a4da1838bc4d045ecfb3b9ac13bc3f0d2f1ebdc3682cec9026462705b8c066eb945e910bc38bc861fe02e248508545f41a0e79053c95f3c1c51c514c6ee05b505463026069226d992140e1d381e38e9ba831b75ae814b9787c8747fdc40491cd6eb261ef6e29b375be31e2bfb496db57ce1880ff5d21b1121996791b29e09d6f032bb636873735e9f03f90d3e16f50e84eeb105c4aff4952d1512f39d44fdc3db35d1ff8d6d92598a858dfca754c34b856d5f60d0dd335d61d9484dd89feee85d860b656d5fe5e735c7e84bd1cd5afd832eb9d7afc78264949798c5131a053de333a6d00bc3df94cbe8fddde423609639b3c310fb7ec935fdb7a39ea3c66937fc0fa533902cf301827b4eaf538407a2894897e1d5604f203c590da5f666b118916739c2d9a9a95a188b411efcf9d58b9119bb0223b41ce1552b1fa5108957e31d0da1de5d27e6f3d792c83b06c61ecd16141c1bb7f83b11aa486505e234197ff002c8c6ba2dda8ec5e54073f4ec0093f4d5f53b7a1b9a9b51c10e3acad36804d52ced7dff972b46be3687d8df4082d292dddc2c91461ed8a81c1b2ca0769a89d6878f7acb090c91f6ae2fbe1aa459060f82095e51617bc57b666f997064da56bfe52688fdef9aac2e829d776c84668a6508343b1eb6a60769d74cb8055f3b951c0c390f907cf5503a97675705c2abf59557209cb79087a13906be668cb06991c646a5d10effbaf5f05a4e90c314b71d43646a6b9e601100d93a2cf94628c80ae4bcccee8695c28a6d5bada72a8db1d418c98bb9d73f8dff5450b114b97e61c462a3cc69ad2e86b2b3c92854c775f7d336ce8d814ba167d7bdff568696c316791bb898a7e0883e280ce5e22640a624ec71dbdffe4888f7dcf227559b00fb5bbad9dde6b27437a1ba7c7fe693421f33aaa5bcbd40465ed44897834a4dc7e5f58718c304e2bfb71fb0ecb739544bd95f540df1fc3dfb17a0945a6a2d0cff64c12ff236a10041ed99d6a99a926ae2dd19573848f41c5b1800bb4696135016765a57bd216c9caf9115460a62e48acffa6dbf84cd12febe841222664d8a059c0286872b6756ad094aea1227c70265bb50fceffe26a776ae415d1cce38a7272fb1fc14a34ecad8cb834746c8c186fec7a0254c389d937bb609f957210620c1c12fcb9507bf9a967db6d359e8512e95371a159a7825b3c7e8776384695767cc1a30adf3e3dc011dae3ea3e9530bafa90b9e65a0c1b3996e082fa87a811a8ad98df2bfb653ab9db9a8f2e30f6834465294d586edd395e00a679118f6e59b25f61c9a0251b7469a1b672c51acdb60bf5014e6b20c9c34dfbcdbfbc8c9f852bd1c8865585056d5b7b66ad6a566799ade22f900f8b505e7721c1bdc89ea97b7d55c3e4be1ef8326c6f3b3865ebff2cd6ef2919848ed35994dfde3cd6abe62268f8501698344461347de07cb1608d0950ba5aaf608960a35c6a80f85106678966072c996a7bcd524aea46548ee8b9e6cb014ab963c621cd88ae88e728ab11d157a8b5e0236425972ac23f7ab5a33ee895d25836d2560ec285b522704580d5fa6b8ba46a1abdbe11df6c2c7a26c53deb8e72ae0d24df0584e47a07dc03f7c248004f5d1d3a8495c8da12003cbba16d52fc1b5673ec7d77fde6475f836f138601949ffd0f69ae990a0fe8e39ee43ccbf0ef0ec6b136e391f44c8e5bcce040eab31e755142a5fcdc435dcc0441923d5afdb78fec2ad51ca2b35d4003f61b3988dcf36de1e54bad293eb9ae753bd96056a7d4a187b72f686ab40660d5288cef6433d1b36d8862061b1397c0db4027d57769c7ada5e60be9135435142f5a85f7073fea20b096b25facdab350796a95bb9000b014350e3eddf05ca400abd66043421b1bcc78a06eef9838875397aa4b89513029f4a85cbc2ba0f6c706ba80acec080798efa270af450c843d6659c11177fd4610c740b4391a9018993a40424bf3b8c86df17dcdde6f13f22261223c507073eaa7ecc96f720e0e7ef095729fc22dc1cf6f083e432d4ce961a75e22bcb8fd9898eaf8019e591120e4468e7059c72ad2327db0a1d19075215216277245fb8581a5bdaf2f379ca21805da3e4f0ed93a4ef3ab405f08164a575c9ee7cf222711bcdd421cbb4a4428e6774f601786cb37ca1907367b27ec3adcd455cce3aa334a956028e2f1d8a92bd9590f658087dcc76a933b80340b7b01566ecf9bb199b0ed90b51219b0b02212ae23fc851e31f94f271d667408f31d27005cbbef4901c26f70290a44d60d2f32393d0855806e4621bbca387a0b3091009ce574b7737be129f568c1f39f030a0ff858eece6eaac77901634d4d50ab2ff66cdb02ef9edf2b05da73d9a8bae183f03c9c90ab584ae76251db936ddcecc397a5393130103833010667a1b73f00993c1f7f26c9ce784d9ee7f4249f622c4c1723005062f8972f051650b51bbdc6a095fa05dc2e03763dcdcd91f51acc69bc326af227da6afaa0369d3b1ef1b44b859e483da3fe7b3e35bd13516d3f1c14e8ed22f66032fefbc39738a917cdf7a21b7e3f2962b189d3eb2e0db3d57a25a7c5856f272513a712b527b5122317bb19181dc4b3bed381dcc349ca8412f3ff0c5d4b5167d261c0e7a24ff70bbefe3b285b87eb16cd8107c5f1269341ec77dd48033a45d0fde3a5a843cd8b8377ee601729a454c1f9a401f962f859df89729a5162b6dabbb9582904666789b187824b9f79204300ebbeb60f226d10f640424919c11c38c3e02845a3d438a27bc03bca9918748e6c3ffbc0bd143b08af575437de55a5b05ce5808adfe03ad508bb65439b36ec3fcc4aa0a5448ad7dd845232d99c35c4981c770e5a53f6b1b8758ebe7a3e77caa16b879a6a2d2871f5fc434d44e1986f0fef9bc6bb342bce55fe497edd752619c16974d09cc626a5c9a659c99f88273cd05540d50785597cc3bb6304b1c249ed9b49556412705d042b6052822fc1536f7a639b7df5b8ee70170c90ce3e432543b290d7e9f88c2f6c68fe322a161763286c40d3a12b3b109696bc24ee407673ec9355368e6b727fae60c713bbe9eb287013245dab3dc2e703bd6bf94a22bc6410ead730d79a22438d74e035807568c6898d0ee024b0786e92962b4b265f785c0a49312970969bc58002daf5db7c5b99a55a0323b367b1d709a3da92e65741ee4e0e9f1b443b5258f1ae22561c007391a3c732abe97fd04a655ba72d0d145d9c726128c7df5941b6488d4bd35b9b3dd61cf3e29b97c2ad2e3ed997b3725dde1db7ee26a95a3ef8c313c27a9dbbab298c492a11dc6d77bbcb4d068eb21780402e1142bc73445b3553270eb8d62f6e7e04b4efc313c06ec2a6ea4f3a5216cda56f9bad1e5216ac2b6601c1844bbcd32720483a12d3c6e5cc23580570cc39dc3195a241cef26d7516691e4a7c365a86160be303b868dd9110aa34b083eecec4f208ed23c1f7ef87f10ca187c06fe8468ff7c578bd48f1bf3c724a9933de60a8c0f0a1904a9fe7fab1af01d47293187e62b291db4724cf28da6951137ac955e2960fee7743a725bcdaaa30e92d5d2d37ca08c909b7f7444891c9d2b325a4a1bb8993d4b4a2e151e8a23d6b6babf97616e579c53651510d732d8a68b45d779de4b3a2648933ee5c44e6e836de20ebfb50b383ce04c3b7343a2f33982c8ddfd146e205cc0564c281b1f293a8c158b19bb3c604b63db9badda841f70b9c8d67406dd648a620676d8dfd9734ace6828796f866146f8b38d51d4ad7f9bc001af319320940f1b1bef3608d1c61ecfe6f3a6bb2036e75f792a409e2de933cd9bd70f81cdff3a72c692c7b5dee24d59513060e9028617350cf4fed98766113be189eae2b6bd3aa6640a7418dde98db38cb6df4880bf95ce273ebcb230b5835be0950d39ee24f55f711c580419878ca282726a3410b062312d4fed4e893de67acd2677fd9abdae3903a8f81669c2f4ec2e8a62a0a720320e394d7a1da5734c386a6c248ee62efb3066fc1e7a948bd8d43ba28e3f97e68fc67ace7460e2bf08c117117433d4f01826d2017e2968310d1ca72a9e054d885ccfeb14e4251fc67ff4fee65d5f9403875eef599041f5e9a84577fd9028e33f34c98bc0f302b2bc61e449a04d575061e0286249314060debcc269dc6ae32ce526b139e1c6b1c5859687ba076cabbd014b1327ae70f4f35f591e5afdcef661184d36a30399b4e04d8641ff739d3b3ffb40e91b2d5fc18fe783297f9d571d55bb41dcd3a179d0da126ae4c05054a362dae4b2be4d160e19c19a2a1f453e6e9aac5431e5fff56a0fbdd394e06f5fba549f829e50ab476c5e54566280ccabe0fc17143a0d93c4ecdd8d6b882a1595eeafb13a36b838cc2638959094629cf30aba104cb0a2b2eeac20299c1080d101b8a096cd0400ed2a420b86cd9b96e9e4f0d36080b4a546450746065d3f76f245569f8bd3a7fe01336e49f67c39b39648ccb63057ec740030c3199c75ed1df1dbdc630988c70771854170352944f30856588f8d412c64d68cd3339a6184a067f1d80488a67dfd61fce6dbff11ac12d4c2a80c096527aed588f513641821f5cf03ac5aec7a54ac7be272272a1bee6978e2239d85f3f4766c010c412ba784d9b13077b164d65ccb09aa4a97f9e250d8660b74d94a3a5ddcfeeb43f74c8f35022ec60b6ed41f1bc3adb4d44c5c1624c4415861416cd48f934f84ced3709038ec6baf619e37bd794481aca2d66a41f83e0a5e16ae4580617574ebfddcbbf1702970d6e22eaf70bdccfbb70833accc1f83ea05116802c7fb53ee3cb480f1009bc20ee77fae8299835d9e5cafc93af28bcad993ec77d1990df4791fd8e1962fe7a6d7242ffbb261bde8927ac44ff270b090ac3073c2f3cf03967cd2670079f64055673c2a48a8b3132de2fff50541b609ae3e6c3e6060589192e1871cac5af41092703357ac936854803f167edebca98f1f86f7e6eb8eb506149f7e942f890e648fb7d033847dae563ea7ad62ebfded106143955d5cd815103e91bb70cf2e809d584411c976245d620b4df2dfa2506be932d0242823bc0ac31e5d619421d39d1597617c975d8255f0bcf21014b6579a0fd54488041cdf13901abd5286b5404f014892adc1f193f73eae8b8204bf76e610b667de708f83e056bcc265c6c50741ac8ee2a55ab1eba018a69b5b9a08d65481686deee496c2bca717218b3a3c35c21ca160c8439eb1075245c1a0576d722a918499e1df3f47620370d73f9beeec02f1819164d00990f7d0f0c0bedeeece148d2a3a580f8ac95c595a73ea45fb62812cfbf3950bca34075792c64fd0122994a7a6da3ce987047fdc55b003301a53aac781fb625af07456bc7899"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf337be0fc4c", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2}, 0x50)
socket$kcm(0xa, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000004000000000000000000000d089bf3cc1078e7a"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f00000001c0)=0x7fffffffffffffff, 0x12)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffec, 0x0, &(0x7f00000008c0)="89", 0x0, 0xf, 0x0, 0x2}, 0x32)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="180000007600a9fe059f317a9dab00000000000340000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
socket$kcm(0x2, 0x1000000000000002, 0x0)
socket$kcm(0x10, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x183241, 0x0)
mkdir(&(0x7f0000000080)='./cgroup/../file0\x00', 0x152)
bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x2, 0x4, 0x7, 0x80, 0x0, 0x1}, 0x50)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfff9, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure\x00', 0x26e1, 0x0)
r7 = socket$kcm(0x2, 0x1000000000000005, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3e, &(0x7f00000002c0)=r6, 0x161)
sendmsg$inet(r7, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)}], 0x1, &(0x7f0000000980)=ANY=[@ANYBLOB="340000000000004000000000070000008923ac00000000ac141437ffffffffac1e01010a0101007f00005649634db0fc501101ac14140bffffffff00000000001c00000000000000000f00fd08000000", @ANYRES32=0x0, @ANYBLOB="e0004482d219b3ab5e0831000000000000000000", @ANYRES32=0x0, @ANYBLOB="0a0101000000000000000000110000000000000000000000010000006a000000000000001100000000000000000000000100"/60], 0xa8}, 0x0)

0s ago: executing program 32 (id=1055):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000001ec0)=ANY=[@ANYBLOB="004000003a00913a74067388481f9c0e0a"], 0xfe33)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/111, 0x6f}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x282, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x1, 0xae9}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x5, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb2acc00917f29337c5e4c99010018000000000000000c000000ff00"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000009249e5b7009500000000000000cefed28d300f11cfa0b95f31bab3e2b7c73c00ea7edf01557cbea7570d980479f17c6a90219f108f76c9ef17fc6e7f8306c45c0bc32527ad49d7b315db744be8892071d341391daaebfb8366c615703f346edbb74b0775b1fd6bee9e5fe7cb39ce9c25412589b632e85333ab2313eb0985e64c914f31949b8129365daecb11ce8aee89933892b6b698a374dbf3bd07ae8b7bb43f5498b82900d783998004d5db864e"], &(0x7f0000000080)='GPL\x00', 0xa, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r3, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x1c}, 0x6d)
openat$ppp(0xffffffffffffff9c, 0x0, 0x20802, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x141001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000100006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4b}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000d0000000000000000000000850000000500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xb, 0x0, &(0x7f00000001c0)="581f9239658ea95ed371ea", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8912, &(0x7f0000000080))
sendmsg$kcm(r6, &(0x7f0000000400)={&(0x7f00000000c0)=@in6={0xa, 0x4e23, 0xfffff000, @private1, 0xc73}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000140)="5f64ee9d3dbf640523d83c3ca38496db5a2312d6684ea8d27552a992dfc514d59b8dab7afbc894974225ff9e9cf01f47322c34fd5452e78f137a04028b2d789646b6fc433473056e8a96c354f8f440178d12783352dacf336b284c30a494a9515010d8edfc27202616b7f3203d11f10be59b7603c31b744ab9576d0cfe10ffc95199c1a3d91cf09967295498d0cdd4d335411f788530d86aa8fe928c43344b9aec6ce6095430800f176a26628ed5", 0xae}, {&(0x7f0000000240)="b7876466958584640392d7b2174f17f70eb5036659dfc6017b68e434c162e641353c92b0d454ece1b59ee8b08943ff8f96a037e9f1035f6dfb25cc346800147c5684d7bf99b3a2c63a74e6e5afff12c97bc938d830465d835c3058b7f1", 0x5d}, {0x0}], 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="40000000000000000301000093c80000d9f8704a85576835349d6601b5b1945a141afdd87e9f9cfba6915429d31ad1321000d9359f9f8ff3f16ffd7d00000000"], 0x40}, 0x20008080)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e22, @multicast2}}, 0x80, 0x0}, 0x4000000)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x8000000, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r7 = socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="d80000001e0001054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a50254cca9e00360db798262f3d40fad95667e006dcdff11a49b1328d9dd74977efd563951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a9295", 0xd8}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.042042][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.061087][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.063592][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.080015][  T704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.084833][  T704] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.698452][ T5831] Bluetooth: hci0: command tx timeout
[   50.700431][ T5827] Bluetooth: hci1: command tx timeout
[   50.787884][ T5827] Bluetooth: hci2: command tx timeout
[   51.000417][ T5945] : renamed from hsr0 (while UP)
[   51.876845][ T5968] netlink: 132 bytes leftover after parsing attributes in process `syz.1.21'.
[   52.013564][ T5975] netlink: 60 bytes leftover after parsing attributes in process `syz.1.24'.
[   52.017578][ T5972] netlink: 60 bytes leftover after parsing attributes in process `syz.1.24'.
[   52.034625][ T5976] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.23'.
[   52.045555][ T5974] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.23'.
[   52.050164][ T5976] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.23'.
[   52.092751][ T5974] netlink: 'syz.2.23': attribute type 29 has an invalid length.
[   52.108447][ T5981] netlink: 'syz.1.26': attribute type 1 has an invalid length.
[   52.111633][ T5981] netlink: 17 bytes leftover after parsing attributes in process `syz.1.26'.
[   52.116485][ T5974] netlink: 'syz.2.23': attribute type 29 has an invalid length.
[   52.136956][ T5974] netlink: 'syz.2.23': attribute type 29 has an invalid length.
[   52.148706][ T5974] netlink: 'syz.2.23': attribute type 29 has an invalid length.
[   52.160653][ T5980] netlink: 11562 bytes leftover after parsing attributes in process `syz.0.25'.
[   52.307508][ T5995] netlink: 56537 bytes leftover after parsing attributes in process `syz.1.30'.
[   52.445113][ T6007] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.459899][ T6004] netlink: 60 bytes leftover after parsing attributes in process `syz.2.33'.
[   52.674075][ T6023] netlink: 'syz.1.38': attribute type 10 has an invalid length.
[   52.676563][ T6023] team0: Device ip6_vti0 is of different type
[   52.778988][ T5827] Bluetooth: hci1: command tx timeout
[   52.780941][ T5827] Bluetooth: hci0: command tx timeout
[   52.793712][ T6036] netlink: 'syz.2.43': attribute type 27 has an invalid length.
[   52.796305][ T6036] netlink: 'syz.2.43': attribute type 3 has an invalid length.
[   52.867823][ T5827] Bluetooth: hci2: command tx timeout
[   53.514023][ T6076] netlink: 'syz.0.56': attribute type 3 has an invalid length.
[   53.667021][    C1] hrtimer: interrupt took 53907 ns
[   53.961714][ T6088] Zero length message leads to an empty skb
[   54.886419][ T5831] Bluetooth: hci1: command tx timeout
[   54.887335][ T5827] Bluetooth: hci0: command tx timeout
[   54.944719][ T5827] Bluetooth: hci2: command tx timeout
[   55.939538][ T6108] netlink: 'syz.0.66': attribute type 1 has an invalid length.
[   56.183256][ T6126] warning: `syz.2.72' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   56.406880][ T5827] Bluetooth: hci1: ISO packet for unknown connection handle 1325
[   57.066378][ T6182] Driver unsupported XDP return value 0 on prog  (id 73) dev N/A, expect packet loss!
[   57.143007][ T6188] validate_nla: 1 callbacks suppressed
[   57.143017][ T6188] netlink: 'syz.0.93': attribute type 29 has an invalid length.
[   57.148283][ T6188] netlink: 'syz.0.93': attribute type 29 has an invalid length.
[   57.162600][ T6188] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[   57.166304][ T6188] : renamed from hsr_slave_0 (while UP)
[   57.216177][ T6191] __nla_validate_parse: 14 callbacks suppressed
[   57.216189][ T6191] netlink: 132 bytes leftover after parsing attributes in process `syz.1.94'.
[   57.248970][ T6191] netlink: 'syz.1.94': attribute type 49 has an invalid length.
[   58.022406][ T6201] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.97'.
[   58.999189][ T6244] netlink: 'syz.2.110': attribute type 16 has an invalid length.
[   59.001926][ T6244] netlink: 168 bytes leftover after parsing attributes in process `syz.2.110'.
[   59.131416][ T6256] netlink: 14 bytes leftover after parsing attributes in process `syz.1.114'.
[   59.783423][ T6305] netlink: 'syz.2.126': attribute type 10 has an invalid length.
[   59.783434][ T6306] netlink: 'syz.2.126': attribute type 10 has an invalid length.
[   59.824007][ T6305] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.126'.
[   60.346773][ T6336] netlink: 60 bytes leftover after parsing attributes in process `syz.2.136'.
[   60.352526][ T6336] netlink: 60 bytes leftover after parsing attributes in process `syz.2.136'.
[   60.356025][ T6336] netlink: 60 bytes leftover after parsing attributes in process `syz.2.136'.
[   61.109388][ T6358] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   62.042756][ T6397] netlink: 'syz.2.155': attribute type 29 has an invalid length.
[   62.410357][ T6427] netlink: 763 bytes leftover after parsing attributes in process `syz.0.164'.
[   62.438884][ T6430] netlink: 'syz.0.165': attribute type 1 has an invalid length.
[   62.441457][ T6430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.165'.
[   62.512706][ T6431] netlink: 809 bytes leftover after parsing attributes in process `syz.1.162'.
[   62.515726][ T6431] netlink: 130160 bytes leftover after parsing attributes in process `syz.1.162'.
[   65.671474][ T6461] netlink: 'syz.1.175': attribute type 10 has an invalid length.
[   65.676288][ T6461] veth1_vlan: entered allmulticast mode
[   65.704689][ T6461] team0: Device veth1_vlan failed to register rx_handler
[   65.792605][ T6476] veth1_macvtap: left promiscuous mode
[   65.826355][ T6476] veth1_macvtap: entered promiscuous mode
[   65.830961][ T6476] macsec0: entered promiscuous mode
[   65.837478][ T6476] macsec0: entered allmulticast mode
[   65.842001][ T6476] veth1_macvtap: entered allmulticast mode
[   65.981656][ T6482] netlink: 'syz.1.183': attribute type 22 has an invalid length.
[   65.984342][ T6482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.183'.
[   67.257653][ T6519] netlink: 'syz.1.195': attribute type 1 has an invalid length.
[   67.269345][ T6519] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.195'.
[   67.600302][ T6530] netlink: 11562 bytes leftover after parsing attributes in process `syz.1.199'.
[   67.791148][ T6543] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.205'.
[   69.371090][ T6594] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.215'.
[   69.762919][ T6615] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.220'.
[   70.744924][ T6638] netlink: 'syz.1.229': attribute type 10 has an invalid length.
[   70.748922][ T6638] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.752255][ T6638] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.764555][ T6638] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.766960][ T6638] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.769980][ T6638] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.772592][ T6638] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.796766][ T6638] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   70.861029][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[   70.863908][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[   72.215674][ T6681] veth1_macvtap: left allmulticast mode
[   72.217835][ T6681] veth1_macvtap: left promiscuous mode
[   72.219865][ T6681] macsec0: left promiscuous mode
[   72.221984][ T6681] macsec0: left allmulticast mode
[   72.401677][ T6671] syz.0.235 (6671) used greatest stack depth: 18952 bytes left
[   72.492661][ T6572] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   72.498954][ T6572] CPU: 0 UID: 0 PID: 6572 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   72.498966][ T6572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.498971][ T6572] Call Trace:
[   72.498974][ T6572]  <TASK>
[   72.498977][ T6572]  dump_stack_lvl+0x189/0x250
[   72.498992][ T6572]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.499001][ T6572]  ? __pfx__printk+0x10/0x10
[   72.499018][ T6572]  dump_header+0xd3/0x480
[   72.499031][ T6572]  oom_kill_process+0x3b6/0x950
[   72.499043][ T6572]  out_of_memory+0xf09/0x12a0
[   72.499057][ T6572]  ? __pfx_out_of_memory+0x10/0x10
[   72.499070][ T6572]  mem_cgroup_out_of_memory+0x145/0x240
[   72.499081][ T6572]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   72.499095][ T6572]  ? _raw_spin_unlock+0x28/0x50
[   72.499105][ T6572]  ? memcg1_oom_prepare+0x37f/0x450
[   72.499113][ T6572]  try_charge_memcg+0xdff/0x1290
[   72.499128][ T6572]  ? __pfx_try_charge_memcg+0x10/0x10
[   72.499137][ T6572]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   72.499150][ T6572]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   72.499162][ T6572]  charge_memcg+0x9f/0x180
[   72.499171][ T6572]  __mem_cgroup_charge+0x25/0x80
[   72.499178][ T6572]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   72.499189][ T6572]  ? filemap_get_entry+0xad/0x2f0
[   72.499197][ T6572]  ? filemap_get_entry+0xad/0x2f0
[   72.499206][ T6572]  ? filemap_get_entry+0x28f/0x2f0
[   72.499216][ T6572]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   72.499225][ T6572]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   72.499236][ T6572]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[   72.499248][ T6572]  shmem_get_folio_gfp+0x59d/0x1660
[   72.499267][ T6572]  shmem_write_begin+0xf7/0x2b0
[   72.499276][ T6572]  generic_perform_write+0x2c7/0x910
[   72.499292][ T6572]  ? __pfx_generic_perform_write+0x10/0x10
[   72.499325][ T6572]  ? mnt_put_write_access_file+0xc0/0x100
[   72.499339][ T6572]  ? file_update_time+0x416/0x490
[   72.499351][ T6572]  shmem_file_write_iter+0xf8/0x120
[   72.499358][ T6572]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   72.499366][ T6572]  __kernel_write_iter+0x393/0x860
[   72.499374][ T6572]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   72.499382][ T6572]  ? __pfx___kernel_write_iter+0x10/0x10
[   72.499388][ T6572]  ? __up_read+0x280/0x680
[   72.499401][ T6572]  ? __asan_memset+0x22/0x50
[   72.499411][ T6572]  ? iov_iter_bvec+0xb8/0x180
[   72.499420][ T6572]  dump_user_range+0x873/0xc70
[   72.499434][ T6572]  ? __pfx_dump_user_range+0x10/0x10
[   72.499441][ T6572]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   72.499452][ T6572]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   72.499461][ T6572]  ? __kasan_kmalloc+0x93/0xb0
[   72.499469][ T6572]  ? dump_emit+0xa6/0xe0
[   72.499500][ T6572]  ? elf_core_dump+0x2c68/0x3900
[   72.499510][ T6572]  elf_core_dump+0x32ed/0x3900
[   72.499526][ T6572]  ? __pfx_elf_core_dump+0x10/0x10
[   72.499537][ T6572]  ? dump_vma_snapshot+0xc7a/0x10c0
[   72.499568][ T6572]  ? rcu_read_lock_any_held+0xb3/0x120
[   72.499578][ T6572]  ? 0xffffffffff600000
[   72.499591][ T6572]  do_coredump+0x2809/0x3440
[   72.499607][ T6572]  ? __pfx_do_coredump+0x10/0x10
[   72.499613][ T6572]  ? unwind_get_return_address+0x4d/0x90
[   72.499622][ T6572]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   72.499645][ T6572]  ? kasan_save_track+0x4f/0x80
[   72.499651][ T6572]  ? kasan_save_track+0x3e/0x80
[   72.499656][ T6572]  ? kasan_save_free_info+0x46/0x50
[   72.499665][ T6572]  ? __kasan_slab_free+0x62/0x70
[   72.499671][ T6572]  ? kmem_cache_free+0x18f/0x400
[   72.499678][ T6572]  ? get_signal+0xa4c/0x1340
[   72.499686][ T6572]  ? arch_do_signal_or_restart+0x9a/0x750
[   72.499697][ T6572]  ? irqentry_exit_to_user_mode+0x81/0x120
[   72.499708][ T6572]  ? exc_general_protection+0x171/0x200
[   72.499713][ T6572]  ? asm_exc_general_protection+0x26/0x30
[   72.499730][ T6572]  ? perf_trace_lock+0xec/0x3b0
[   72.499743][ T6572]  ? proc_coredump_connector+0x172/0x4b0
[   72.499750][ T6572]  ? __pfx_proc_coredump_connector+0x10/0x10
[   72.499758][ T6572]  ? get_signal+0x103e/0x1340
[   72.499768][ T6572]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.499777][ T6572]  ? lockdep_hardirqs_on+0x9c/0x150
[   72.499787][ T6572]  get_signal+0x1109/0x1340
[   72.499804][ T6572]  arch_do_signal_or_restart+0x9a/0x750
[   72.499817][ T6572]  ? perf_trace_preemptirq_template+0x280/0x340
[   72.499829][ T6572]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   72.499846][ T6572]  ? local_irq_enable_exit_to_user+0x5/0x10
[   72.499857][ T6572]  irqentry_exit_to_user_mode+0x81/0x120
[   72.499867][ T6572]  exc_general_protection+0x171/0x200
[   72.499878][ T6572]  ? exc_page_fault+0x9f/0xf0
[   72.499888][ T6572]  asm_exc_general_protection+0x26/0x30
[   72.499895][ T6572] RIP: 0033:0x7f7862b8e9b1
[   72.499904][ T6572] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   72.499910][ T6572] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   72.499917][ T6572] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   72.499922][ T6572] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   72.499927][ T6572] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   72.499931][ T6572] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   72.499936][ T6572] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   72.499947][ T6572]  </TASK>
[   72.500269][ T6572] memory: usage 307200kB, limit 307200kB, failcnt 12646
[   72.610237][ T6669] syz.0.235 (6669) used greatest stack depth: 17912 bytes left
[   72.702676][ T6572] memory+swap: usage 432040kB, limit 9007199254740988kB, failcnt 0
[   72.706350][ T6572] kmem: usage 7168kB, limit 9007199254740988kB, failcnt 0
[   72.715589][ T6572] Memory cgroup stats for /syz0:
[   72.715855][ T6572] cache 307130368
[   72.723591][ T6572] rss 65536
[   72.724676][ T6572] rss_huge 0
[   72.725735][ T6572] shmem 307130368
[   72.726921][ T6572] mapped_file 0
[   72.728713][ T6572] dirty 0
[   72.729713][ T6572] writeback 0
[   72.730809][ T6572] workingset_refault_anon 12
[   72.732314][ T6572] workingset_refault_file 27
[   72.733853][ T6572] swap 127836160
[   72.735030][ T6572] swapcached 49152
[   72.736244][ T6572] pgpgin 109047
[   72.737368][ T6572] pgpgout 34039
[   72.742977][ T6572] pgfault 13737
[   72.744163][ T6572] pgmajfault 13
[   72.745316][ T6572] inactive_anon 113311744
[   72.746716][ T6572] active_anon 193921024
[   72.748771][ T6572] inactive_file 0
[   72.749964][ T6572] active_file 0
[   72.751106][ T6572] unevictable 0
[   72.752232][ T6572] hierarchical_memory_limit 314572800
[   72.754020][ T6572] hierarchical_memsw_limit 9223372036854771712
[   72.755972][ T6572] total_cache 307130368
[   72.757321][ T6572] total_rss 65536
[   72.763747][ T6572] total_rss_huge 0
[   72.765017][ T6572] total_shmem 307130368
[   72.767505][ T6572] total_mapped_file 0
[   72.769442][ T6572] total_dirty 0
[   72.770626][ T6572] total_writeback 0
[   72.771921][ T6572] total_workingset_refault_anon 12
[   72.773600][ T6572] total_workingset_refault_file 27
[   72.775286][ T6572] total_swap 127836160
[   72.776824][ T6572] total_swapcached 49152
[   72.785064][ T6572] total_pgpgin 109047
[   72.786347][ T6572] total_pgpgout 34039
[   72.789075][ T6572] total_pgfault 13737
[   72.790431][ T6572] total_pgmajfault 13
[   72.796113][ T6572] total_inactive_anon 113311744
[   72.801821][ T6572] total_active_anon 193921024
[   72.803343][ T6572] total_inactive_file 0
[   72.804696][ T6572] total_active_file 0
[   72.806022][ T6572] total_unevictable 0
[   72.810896][ T6572] anon_cost 0
[   72.812030][ T6572] file_cost 0
[   72.813114][ T6572] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6572,uid=0
[   72.821729][ T6572] Memory cgroup out of memory: Killed process 6572 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53404kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   72.969809][ T6577] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   72.972928][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   72.972939][ T6577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.972944][ T6577] Call Trace:
[   72.972949][ T6577]  <TASK>
[   72.972952][ T6577]  dump_stack_lvl+0x189/0x250
[   72.972968][ T6577]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.972977][ T6577]  ? __pfx__printk+0x10/0x10
[   72.972995][ T6577]  dump_header+0xd3/0x480
[   72.973008][ T6577]  oom_kill_process+0x3b6/0x950
[   72.973021][ T6577]  out_of_memory+0xf09/0x12a0
[   72.973035][ T6577]  ? __pfx_out_of_memory+0x10/0x10
[   72.973048][ T6577]  mem_cgroup_out_of_memory+0x145/0x240
[   72.973060][ T6577]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   72.973075][ T6577]  ? _raw_spin_unlock+0x28/0x50
[   72.973085][ T6577]  ? memcg1_oom_prepare+0x37f/0x450
[   72.973094][ T6577]  try_charge_memcg+0xdff/0x1290
[   72.973109][ T6577]  ? __pfx_try_charge_memcg+0x10/0x10
[   72.973117][ T6577]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   72.973131][ T6577]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   72.973143][ T6577]  charge_memcg+0x9f/0x180
[   72.973152][ T6577]  __mem_cgroup_charge+0x25/0x80
[   72.973159][ T6577]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   72.973170][ T6577]  ? filemap_get_entry+0xad/0x2f0
[   72.973179][ T6577]  ? filemap_get_entry+0xad/0x2f0
[   72.973187][ T6577]  ? filemap_get_entry+0x28f/0x2f0
[   72.973197][ T6577]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   72.973206][ T6577]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   72.973220][ T6577]  shmem_get_folio_gfp+0x59d/0x1660
[   72.973236][ T6577]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   72.973250][ T6577]  shmem_write_begin+0xf7/0x2b0
[   72.973260][ T6577]  generic_perform_write+0x2c7/0x910
[   72.973275][ T6577]  ? __pfx_generic_perform_write+0x10/0x10
[   72.973285][ T6577]  ? down_write+0x162/0x1f0
[   72.973299][ T6577]  ? file_update_time+0x2da/0x490
[   72.973312][ T6577]  shmem_file_write_iter+0xf8/0x120
[   72.973318][ T6577]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   72.973327][ T6577]  __kernel_write_iter+0x393/0x860
[   72.973335][ T6577]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   72.973343][ T6577]  ? __pfx___kernel_write_iter+0x10/0x10
[   72.973349][ T6577]  ? __up_read+0x280/0x680
[   72.973362][ T6577]  ? __asan_memset+0x22/0x50
[   72.973373][ T6577]  ? iov_iter_bvec+0xb8/0x180
[   72.973388][ T6577]  dump_user_range+0x873/0xc70
[   72.973402][ T6577]  ? __pfx_dump_user_range+0x10/0x10
[   72.973408][ T6577]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   72.973420][ T6577]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   72.973429][ T6577]  ? __kasan_kmalloc+0x93/0xb0
[   72.973438][ T6577]  ? dump_emit+0xa6/0xe0
[   72.973444][ T6577]  ? elf_core_dump+0x2c68/0x3900
[   72.973453][ T6577]  elf_core_dump+0x32ed/0x3900
[   72.973489][ T6577]  ? __pfx_elf_core_dump+0x10/0x10
[   72.973500][ T6577]  ? mas_next_slot+0xc27/0xcf0
[   72.973530][ T6577]  ? rcu_read_lock_any_held+0xb3/0x120
[   72.973541][ T6577]  ? 0xffffffffff600000
[   72.973554][ T6577]  do_coredump+0x2809/0x3440
[   72.973570][ T6577]  ? __pfx_do_coredump+0x10/0x10
[   72.973576][ T6577]  ? unwind_get_return_address+0x4d/0x90
[   72.973585][ T6577]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   72.973608][ T6577]  ? kasan_save_track+0x4f/0x80
[   72.973614][ T6577]  ? kasan_save_track+0x3e/0x80
[   72.973619][ T6577]  ? kasan_save_free_info+0x46/0x50
[   72.973628][ T6577]  ? __kasan_slab_free+0x62/0x70
[   72.973634][ T6577]  ? kmem_cache_free+0x18f/0x400
[   72.973641][ T6577]  ? get_signal+0xa4c/0x1340
[   72.973649][ T6577]  ? arch_do_signal_or_restart+0x9a/0x750
[   72.973661][ T6577]  ? irqentry_exit_to_user_mode+0x81/0x120
[   72.973671][ T6577]  ? exc_general_protection+0x171/0x200
[   72.973677][ T6577]  ? asm_exc_general_protection+0x26/0x30
[   72.973699][ T6577]  ? proc_coredump_connector+0x172/0x4b0
[   72.973707][ T6577]  ? __pfx_proc_coredump_connector+0x10/0x10
[   72.973718][ T6577]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.973727][ T6577]  ? lockdep_hardirqs_on+0x9c/0x150
[   72.973737][ T6577]  get_signal+0x1109/0x1340
[   72.973754][ T6577]  arch_do_signal_or_restart+0x9a/0x750
[   72.973766][ T6577]  ? perf_trace_preemptirq_template+0x280/0x340
[   72.973779][ T6577]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   72.973796][ T6577]  ? local_irq_enable_exit_to_user+0x5/0x10
[   72.973807][ T6577]  irqentry_exit_to_user_mode+0x81/0x120
[   72.973817][ T6577]  exc_general_protection+0x171/0x200
[   72.973828][ T6577]  ? exc_page_fault+0x9f/0xf0
[   72.973838][ T6577]  asm_exc_general_protection+0x26/0x30
[   72.973845][ T6577] RIP: 0033:0x7f7862b8e9b1
[   72.973854][ T6577] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   72.973860][ T6577] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   72.973869][ T6577] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   72.973873][ T6577] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   72.973878][ T6577] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   72.973882][ T6577] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   72.973887][ T6577] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   72.973898][ T6577]  </TASK>
[   72.973901][ T6577] memory: usage 307200kB, limit 307200kB, failcnt 13382
[   73.145537][ T6577] memory+swap: usage 429888kB, limit 9007199254740988kB, failcnt 0
[   73.148221][ T6577] kmem: usage 6864kB, limit 9007199254740988kB, failcnt 0
[   73.150448][ T6577] Memory cgroup stats for /syz0:
[   73.150538][ T6577] cache 306577408
[   73.153286][ T6577] rss 40960
[   73.154359][ T6577] rss_huge 0
[   73.155385][ T6577] shmem 306577408
[   73.156577][ T6577] mapped_file 0
[   73.158262][ T6577] dirty 0
[   73.159296][ T6577] writeback 0
[   73.160408][ T6577] workingset_refault_anon 12
[   73.161914][ T6577] workingset_refault_file 27
[   73.163492][ T6577] swap 126652416
[   73.164741][ T6577] swapcached 45056
[   73.166017][ T6577] pgpgin 109836
[   73.180026][ T6577] pgpgout 34965
[   73.181237][ T6577] pgfault 13784
[   73.182391][ T6577] pgmajfault 14
[   73.183521][ T6577] inactive_anon 286482432
[   73.184921][ T6577] active_anon 19931136
[   73.186266][ T6577] inactive_file 0
[   73.187423][ T6577] active_file 0
[   73.189825][ T6577] unevictable 0
[   73.190984][ T6577] hierarchical_memory_limit 314572800
[   73.193775][ T6577] hierarchical_memsw_limit 9223372036854771712
[   73.195898][ T6577] total_cache 306577408
[   73.198080][ T6577] total_rss 40960
[   73.199493][ T6577] total_rss_huge 0
[   73.200834][ T6691] netlink: 60 bytes leftover after parsing attributes in process `syz.1.245'.
[   73.203842][ T6577] total_shmem 306577408
[   73.252064][ T6577] total_mapped_file 0
[   73.253463][ T6577] total_dirty 0
[   73.254641][ T6577] total_writeback 0
[   73.255904][ T6577] total_workingset_refault_anon 12
[   73.257593][ T6577] total_workingset_refault_file 27
[   73.260909][ T6577] total_swap 126652416
[   73.262791][ T6577] total_swapcached 45056
[   73.264191][ T6577] total_pgpgin 109836
[   73.265516][ T6577] total_pgpgout 34965
[   73.266789][ T6577] total_pgfault 13784
[   73.268683][ T6691] netlink: 16410 bytes leftover after parsing attributes in process `syz.1.245'.
[   73.271781][ T6577] total_pgmajfault 14
[   73.271821][ T6577] total_inactive_anon 286482432
[   73.271824][ T6577] total_active_anon 19931136
[   73.271828][ T6577] total_inactive_file 0
[   73.271831][ T6577] total_active_file 0
[   73.271834][ T6577] total_unevictable 0
[   73.271838][ T6577] anon_cost 0
[   73.271841][ T6577] file_cost 0
[   73.271845][ T6577] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6576,uid=0
[   73.357980][ T6577] Memory cgroup out of memory: Killed process 6576 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:52480kB, shmem-rss:0kB, UID:0 pgtables:176kB oom_score_adj:1000
[   73.540236][ T6572] syz.0.213 (6572) used greatest stack depth: 17336 bytes left
[   73.696750][ T6704] netlink: 'syz.2.250': attribute type 10 has an invalid length.
[   73.700237][ T6704] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.703556][ T6704] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.711390][ T6704] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.713693][ T6704] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.716144][ T6704] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.718507][ T6704] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.733740][ T6704] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   74.340769][ T6585] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   74.399440][ T6585] CPU: 0 UID: 0 PID: 6585 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   74.399454][ T6585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   74.399480][ T6585] Call Trace:
[   74.399485][ T6585]  <TASK>
[   74.399489][ T6585]  dump_stack_lvl+0x189/0x250
[   74.399504][ T6585]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.399514][ T6585]  ? __pfx__printk+0x10/0x10
[   74.399528][ T6585]  ? oom_kill_process+0x104/0x950
[   74.399542][ T6585]  dump_header+0xd3/0x480
[   74.399555][ T6585]  oom_kill_process+0x3b6/0x950
[   74.399567][ T6585]  out_of_memory+0xf09/0x12a0
[   74.399577][ T6585]  ? perf_trace_lock+0xec/0x3b0
[   74.399591][ T6585]  ? __pfx_out_of_memory+0x10/0x10
[   74.399604][ T6585]  mem_cgroup_out_of_memory+0x145/0x240
[   74.399616][ T6585]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   74.399631][ T6585]  ? _raw_spin_unlock+0x28/0x50
[   74.399640][ T6585]  ? memcg1_oom_prepare+0x37f/0x450
[   74.399649][ T6585]  try_charge_memcg+0xdff/0x1290
[   74.399665][ T6585]  ? __pfx_try_charge_memcg+0x10/0x10
[   74.399674][ T6585]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   74.399687][ T6585]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   74.399699][ T6585]  charge_memcg+0x9f/0x180
[   74.399708][ T6585]  __mem_cgroup_charge+0x25/0x80
[   74.399716][ T6585]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   74.399727][ T6585]  ? filemap_get_entry+0xad/0x2f0
[   74.399735][ T6585]  ? filemap_get_entry+0xad/0x2f0
[   74.399744][ T6585]  ? filemap_get_entry+0x28f/0x2f0
[   74.399754][ T6585]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   74.399764][ T6585]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   74.399778][ T6585]  shmem_get_folio_gfp+0x59d/0x1660
[   74.399795][ T6585]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   74.399808][ T6585]  shmem_write_begin+0xf7/0x2b0
[   74.399818][ T6585]  generic_perform_write+0x2c7/0x910
[   74.399835][ T6585]  ? __pfx_generic_perform_write+0x10/0x10
[   74.399845][ T6585]  ? down_write+0x162/0x1f0
[   74.399859][ T6585]  ? file_update_time+0x2da/0x490
[   74.399872][ T6585]  shmem_file_write_iter+0xf8/0x120
[   74.399879][ T6585]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   74.399887][ T6585]  __kernel_write_iter+0x393/0x860
[   74.399896][ T6585]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   74.399904][ T6585]  ? __pfx___kernel_write_iter+0x10/0x10
[   74.399910][ T6585]  ? __up_read+0x280/0x680
[   74.399923][ T6585]  ? __asan_memset+0x22/0x50
[   74.399934][ T6585]  ? iov_iter_bvec+0xb8/0x180
[   74.399943][ T6585]  dump_user_range+0x873/0xc70
[   74.399958][ T6585]  ? __pfx_dump_user_range+0x10/0x10
[   74.399964][ T6585]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   74.399976][ T6585]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   74.399985][ T6585]  ? __kasan_kmalloc+0x93/0xb0
[   74.399994][ T6585]  ? dump_emit+0xa6/0xe0
[   74.399999][ T6585]  ? elf_core_dump+0x2c68/0x3900
[   74.400009][ T6585]  elf_core_dump+0x32ed/0x3900
[   74.400026][ T6585]  ? __pfx_elf_core_dump+0x10/0x10
[   74.400034][ T6585]  ? mas_next_slot+0xc27/0xcf0
[   74.400068][ T6585]  ? rcu_read_lock_any_held+0xb3/0x120
[   74.400078][ T6585]  ? 0xffffffffff600000
[   74.400092][ T6585]  do_coredump+0x2809/0x3440
[   74.400109][ T6585]  ? __pfx_do_coredump+0x10/0x10
[   74.400116][ T6585]  ? unwind_get_return_address+0x4d/0x90
[   74.400124][ T6585]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   74.400149][ T6585]  ? kasan_save_track+0x4f/0x80
[   74.400155][ T6585]  ? kasan_save_track+0x3e/0x80
[   74.400160][ T6585]  ? kasan_save_free_info+0x46/0x50
[   74.400169][ T6585]  ? __kasan_slab_free+0x62/0x70
[   74.400175][ T6585]  ? kmem_cache_free+0x18f/0x400
[   74.400183][ T6585]  ? get_signal+0xa4c/0x1340
[   74.400190][ T6585]  ? arch_do_signal_or_restart+0x9a/0x750
[   74.400202][ T6585]  ? irqentry_exit_to_user_mode+0x81/0x120
[   74.400212][ T6585]  ? exc_general_protection+0x171/0x200
[   74.400217][ T6585]  ? asm_exc_general_protection+0x26/0x30
[   74.400242][ T6585]  ? proc_coredump_connector+0x172/0x4b0
[   74.400254][ T6585]  ? __pfx_proc_coredump_connector+0x10/0x10
[   74.400267][ T6585]  ? _raw_spin_unlock_irq+0x23/0x50
[   74.400276][ T6585]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.400286][ T6585]  get_signal+0x1109/0x1340
[   74.400305][ T6585]  arch_do_signal_or_restart+0x9a/0x750
[   74.400318][ T6585]  ? perf_trace_preemptirq_template+0x280/0x340
[   74.400335][ T6585]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   74.400361][ T6585]  ? local_irq_enable_exit_to_user+0x5/0x10
[   74.400376][ T6585]  irqentry_exit_to_user_mode+0x81/0x120
[   74.400391][ T6585]  exc_general_protection+0x171/0x200
[   74.400411][ T6585]  ? exc_page_fault+0x9f/0xf0
[   74.400428][ T6585]  asm_exc_general_protection+0x26/0x30
[   74.400438][ T6585] RIP: 0033:0x7f7862b8e9b1
[   74.400449][ T6585] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   74.400484][ T6585] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   74.400494][ T6585] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   74.400500][ T6585] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   74.400504][ T6585] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   74.400509][ T6585] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   74.400513][ T6585] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   74.400527][ T6585]  </TASK>
[   74.400530][ T6585] memory: usage 307200kB, limit 307200kB, failcnt 16647
[   74.588701][ T6585] memory+swap: usage 432152kB, limit 9007199254740988kB, failcnt 0
[   74.595614][ T6585] kmem: usage 5904kB, limit 9007199254740988kB, failcnt 0
[   74.598298][ T6585] Memory cgroup stats for /syz0:
[   74.599045][ T6585] cache 308342784
[   74.608433][ T6585] rss 151552
[   74.678282][ T6585] rss_huge 0
[   74.689834][ T6585] shmem 308342784
[   74.693444][ T6585] mapped_file 0
[   74.694595][ T6585] dirty 0
[   74.695585][ T6585] writeback 0
[   74.696650][ T6585] workingset_refault_anon 18
[   74.782991][ T6585] workingset_refault_file 58
[   74.813829][ T6585] swap 127950848
[   74.820917][ T6585] swapcached 45056
[   74.850481][ T6585] pgpgin 125816
[   74.851750][ T6585] pgpgout 50492
[   74.870761][ T6585] pgfault 14689
[   74.872047][ T6585] pgmajfault 29
[   74.882391][ T6585] inactive_anon 59011072
[   74.889512][ T6585] active_anon 246894592
[   74.890968][ T6585] inactive_file 0
[   74.892233][ T6585] active_file 0
[   74.893440][ T6585] unevictable 0
[   74.906331][ T6585] hierarchical_memory_limit 314572800
[   74.913810][ T6585] hierarchical_memsw_limit 9223372036854771712
[   74.916018][ T6585] total_cache 308342784
[   74.917438][ T6585] total_rss 151552
[   74.919208][ T6585] total_rss_huge 0
[   74.920528][ T6585] total_shmem 308342784
[   74.921930][ T6585] total_mapped_file 0
[   74.926250][ T6585] total_dirty 0
[   74.927486][ T6585] total_writeback 0
[   74.931009][ T6585] total_workingset_refault_anon 18
[   74.932842][ T6585] total_workingset_refault_file 58
[   74.934709][ T6585] total_swap 127950848
[   74.936088][ T6585] total_swapcached 45056
[   74.937660][ T6585] total_pgpgin 125816
[   74.940733][ T6585] total_pgpgout 50492
[   74.942452][ T6585] total_pgfault 14689
[   74.943956][ T6585] total_pgmajfault 29
[   74.945593][ T6585] total_inactive_anon 59011072
[   74.947260][ T6585] total_active_anon 246894592
[   74.950535][ T6585] total_inactive_file 0
[   74.951967][ T6585] total_active_file 0
[   74.953316][ T6585] total_unevictable 0
[   74.954671][ T6585] anon_cost 0
[   74.955919][ T6585] file_cost 0
[   74.958268][ T6585] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6575,uid=0
[   74.963261][ T6585] Memory cgroup out of memory: Killed process 6575 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   75.394856][ T6577] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   75.477209][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   75.477224][ T6577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   75.477229][ T6577] Call Trace:
[   75.477233][ T6577]  <TASK>
[   75.477238][ T6577]  dump_stack_lvl+0x189/0x250
[   75.477256][ T6577]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.477265][ T6577]  ? __pfx__printk+0x10/0x10
[   75.477285][ T6577]  dump_header+0xd3/0x480
[   75.477298][ T6577]  oom_kill_process+0x3b6/0x950
[   75.477312][ T6577]  out_of_memory+0xf09/0x12a0
[   75.477328][ T6577]  ? __pfx_out_of_memory+0x10/0x10
[   75.477342][ T6577]  mem_cgroup_out_of_memory+0x145/0x240
[   75.477354][ T6577]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   75.477370][ T6577]  ? _raw_spin_unlock+0x28/0x50
[   75.477379][ T6577]  ? memcg1_oom_prepare+0x37f/0x450
[   75.477389][ T6577]  try_charge_memcg+0xdff/0x1290
[   75.477405][ T6577]  ? __pfx_try_charge_memcg+0x10/0x10
[   75.477414][ T6577]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   75.477428][ T6577]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   75.477447][ T6577]  charge_memcg+0x9f/0x180
[   75.477478][ T6577]  __mem_cgroup_charge+0x25/0x80
[   75.477488][ T6577]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   75.477500][ T6577]  ? filemap_get_entry+0xad/0x2f0
[   75.477509][ T6577]  ? filemap_get_entry+0xad/0x2f0
[   75.477518][ T6577]  ? filemap_get_entry+0x28f/0x2f0
[   75.477529][ T6577]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   75.477539][ T6577]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   75.477551][ T6577]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[   75.477565][ T6577]  shmem_get_folio_gfp+0x59d/0x1660
[   75.477586][ T6577]  shmem_write_begin+0xf7/0x2b0
[   75.477597][ T6577]  generic_perform_write+0x2c7/0x910
[   75.477614][ T6577]  ? __pfx_generic_perform_write+0x10/0x10
[   75.477626][ T6577]  ? mnt_put_write_access_file+0xc0/0x100
[   75.477639][ T6577]  ? file_update_time+0x416/0x490
[   75.477652][ T6577]  shmem_file_write_iter+0xf8/0x120
[   75.477659][ T6577]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   75.477668][ T6577]  __kernel_write_iter+0x393/0x860
[   75.477691][ T6577]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   75.477702][ T6577]  ? __pfx___kernel_write_iter+0x10/0x10
[   75.477708][ T6577]  ? __up_read+0x280/0x680
[   75.477722][ T6577]  ? __asan_memset+0x22/0x50
[   75.477734][ T6577]  ? iov_iter_bvec+0xb8/0x180
[   75.477744][ T6577]  dump_user_range+0x873/0xc70
[   75.477759][ T6577]  ? __pfx_dump_user_range+0x10/0x10
[   75.477766][ T6577]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   75.477778][ T6577]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   75.477787][ T6577]  ? __kasan_kmalloc+0x93/0xb0
[   75.477797][ T6577]  ? dump_emit+0xa6/0xe0
[   75.477802][ T6577]  ? elf_core_dump+0x2c68/0x3900
[   75.477812][ T6577]  elf_core_dump+0x32ed/0x3900
[   75.477830][ T6577]  ? __pfx_elf_core_dump+0x10/0x10
[   75.477838][ T6577]  ? mas_next_slot+0xc27/0xcf0
[   75.477875][ T6577]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.477887][ T6577]  ? 0xffffffffff600000
[   75.477901][ T6577]  do_coredump+0x2809/0x3440
[   75.477920][ T6577]  ? __pfx_do_coredump+0x10/0x10
[   75.477926][ T6577]  ? unwind_get_return_address+0x4d/0x90
[   75.477935][ T6577]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.477961][ T6577]  ? kasan_save_track+0x4f/0x80
[   75.477967][ T6577]  ? kasan_save_track+0x3e/0x80
[   75.477972][ T6577]  ? kasan_save_free_info+0x46/0x50
[   75.477981][ T6577]  ? __kasan_slab_free+0x62/0x70
[   75.477987][ T6577]  ? kmem_cache_free+0x18f/0x400
[   75.477995][ T6577]  ? get_signal+0xa4c/0x1340
[   75.478003][ T6577]  ? arch_do_signal_or_restart+0x9a/0x750
[   75.478014][ T6577]  ? irqentry_exit_to_user_mode+0x81/0x120
[   75.478024][ T6577]  ? exc_general_protection+0x171/0x200
[   75.478030][ T6577]  ? asm_exc_general_protection+0x26/0x30
[   75.478056][ T6577]  ? proc_coredump_connector+0x172/0x4b0
[   75.478064][ T6577]  ? __pfx_proc_coredump_connector+0x10/0x10
[   75.478077][ T6577]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.478085][ T6577]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.478096][ T6577]  get_signal+0x1109/0x1340
[   75.478115][ T6577]  arch_do_signal_or_restart+0x9a/0x750
[   75.478128][ T6577]  ? perf_trace_preemptirq_template+0x280/0x340
[   75.478142][ T6577]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   75.478161][ T6577]  ? local_irq_enable_exit_to_user+0x5/0x10
[   75.478172][ T6577]  irqentry_exit_to_user_mode+0x81/0x120
[   75.478183][ T6577]  exc_general_protection+0x171/0x200
[   75.478196][ T6577]  ? exc_page_fault+0x9f/0xf0
[   75.478206][ T6577]  asm_exc_general_protection+0x26/0x30
[   75.478213][ T6577] RIP: 0033:0x7f7862b8e9b1
[   75.478222][ T6577] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   75.478228][ T6577] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   75.478236][ T6577] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   75.478241][ T6577] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   75.478245][ T6577] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   75.478250][ T6577] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   75.478254][ T6577] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   75.478268][ T6577]  </TASK>
[   75.836334][ T6575] syz.0.213 (6575) used greatest stack depth: 17200 bytes left
[   75.874977][ T6776] netlink: 13951 bytes leftover after parsing attributes in process `syz.2.264'.
[   75.938883][ T6577] memory: usage 277204kB, limit 307200kB, failcnt 17901
[   75.957746][ T6577] memory+swap: usage 400216kB, limit 9007199254740988kB, failcnt 0
[   75.960271][ T6577] kmem: usage 5696kB, limit 9007199254740988kB, failcnt 0
[   75.962571][ T6577] Memory cgroup stats for /syz0:
[   75.962636][ T6577] cache 276561920
[   75.965414][ T6577] rss 180224
[   75.980563][ T6577] rss_huge 0
[   75.997016][ T6577] shmem 276234240
[   76.017748][ T6577] mapped_file 131072
[   76.019058][ T6577] dirty 0
[   76.020011][ T6577] writeback 0
[   76.021133][ T6577] workingset_refault_anon 20
[   76.022639][ T6577] workingset_refault_file 138
[   76.027309][ T6786] netlink: 'syz.2.267': attribute type 5 has an invalid length.
[   76.030273][ T6577] swap 126947328
[   76.031821][ T6577] swapcached 53248
[   76.033307][ T6577] pgpgin 128429
[   76.034431][ T6577] pgpgout 60855
[   76.035569][ T6577] pgfault 14853
[   76.073680][ T5827] Bluetooth: hci2: ISO packet for unknown connection handle 2622
[   76.098275][ T6577] pgmajfault 34
[   76.099543][ T6577] inactive_anon 75812864
[   76.101152][ T6577] active_anon 199983104
[   76.102655][ T6577] inactive_file 0
[   76.103898][ T6577] active_file 327680
[   76.105219][ T6577] unevictable 0
[   76.106423][ T6577] hierarchical_memory_limit 314572800
[   76.118271][ T6577] hierarchical_memsw_limit 9223372036854771712
[   76.124363][ T6577] total_cache 276561920
[   76.150862][ T6577] total_rss 180224
[   76.163910][ T6577] total_rss_huge 0
[   76.183620][ T6577] total_shmem 276234240
[   76.236548][ T6577] total_mapped_file 131072
[   76.256754][ T6577] total_dirty 0
[   76.279469][ T6577] total_writeback 0
[   76.295113][ T6577] total_workingset_refault_anon 20
[   76.325585][ T6577] total_workingset_refault_file 138
[   76.327373][ T6577] total_swap 126947328
[   76.363922][ T6577] total_swapcached 53248
[   76.365433][ T6577] total_pgpgin 128429
[   76.366777][ T6577] total_pgpgout 60855
[   76.399482][ T6577] total_pgfault 14853
[   76.401665][ T6577] total_pgmajfault 34
[   76.415241][ T6577] total_inactive_anon 75812864
[   76.416909][ T6577] total_active_anon 199983104
[   76.426981][ T6577] total_inactive_file 0
[   76.433022][ T6577] total_active_file 327680
[   76.434555][ T6577] total_unevictable 0
[   76.456339][ T6577] anon_cost 0
[   76.457542][ T6577] file_cost 0
[   76.459297][ T6577] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6573,uid=0
[   76.464101][ T6577] Memory cgroup out of memory: Killed process 6573 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53376kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   77.079614][ T6826] netlink: 'syz.2.280': attribute type 5 has an invalid length.
[   77.411031][ T6571] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   77.453160][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   77.453177][ T6571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   77.453182][ T6571] Call Trace:
[   77.453185][ T6571]  <TASK>
[   77.453189][ T6571]  dump_stack_lvl+0x189/0x250
[   77.453208][ T6571]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.453218][ T6571]  ? __pfx__printk+0x10/0x10
[   77.453235][ T6571]  dump_header+0xd3/0x480
[   77.453248][ T6571]  oom_kill_process+0x3b6/0x950
[   77.453262][ T6571]  out_of_memory+0xf09/0x12a0
[   77.453276][ T6571]  ? __pfx_out_of_memory+0x10/0x10
[   77.453289][ T6571]  mem_cgroup_out_of_memory+0x145/0x240
[   77.453303][ T6571]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   77.453317][ T6571]  ? _raw_spin_unlock+0x28/0x50
[   77.453327][ T6571]  ? memcg1_oom_prepare+0x37f/0x450
[   77.453336][ T6571]  try_charge_memcg+0xdff/0x1290
[   77.453351][ T6571]  ? __pfx_try_charge_memcg+0x10/0x10
[   77.453360][ T6571]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   77.453373][ T6571]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   77.453385][ T6571]  charge_memcg+0x9f/0x180
[   77.453394][ T6571]  __mem_cgroup_charge+0x25/0x80
[   77.453407][ T6571]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   77.453418][ T6571]  ? filemap_get_entry+0xad/0x2f0
[   77.453427][ T6571]  ? filemap_get_entry+0xad/0x2f0
[   77.453436][ T6571]  ? filemap_get_entry+0x28f/0x2f0
[   77.453471][ T6571]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   77.453480][ T6571]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   77.453495][ T6571]  shmem_get_folio_gfp+0x59d/0x1660
[   77.453511][ T6571]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   77.453525][ T6571]  shmem_write_begin+0xf7/0x2b0
[   77.453535][ T6571]  generic_perform_write+0x2c7/0x910
[   77.453551][ T6571]  ? __pfx_generic_perform_write+0x10/0x10
[   77.453560][ T6571]  ? down_write+0x162/0x1f0
[   77.453575][ T6571]  ? file_update_time+0x2da/0x490
[   77.453588][ T6571]  shmem_file_write_iter+0xf8/0x120
[   77.453595][ T6571]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   77.453603][ T6571]  __kernel_write_iter+0x393/0x860
[   77.453611][ T6571]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   77.453619][ T6571]  ? __pfx___kernel_write_iter+0x10/0x10
[   77.453625][ T6571]  ? __up_read+0x280/0x680
[   77.453639][ T6571]  ? __asan_memset+0x22/0x50
[   77.453650][ T6571]  ? iov_iter_bvec+0xb8/0x180
[   77.453660][ T6571]  dump_user_range+0x873/0xc70
[   77.453674][ T6571]  ? __pfx_dump_user_range+0x10/0x10
[   77.453680][ T6571]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   77.453693][ T6571]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   77.453701][ T6571]  ? __kasan_kmalloc+0x93/0xb0
[   77.453710][ T6571]  ? dump_emit+0xa6/0xe0
[   77.453716][ T6571]  ? elf_core_dump+0x2c68/0x3900
[   77.453724][ T6571]  elf_core_dump+0x32ed/0x3900
[   77.453740][ T6571]  ? __pfx_elf_core_dump+0x10/0x10
[   77.453751][ T6571]  ? dump_vma_snapshot+0xc7a/0x10c0
[   77.453776][ T6571]  ? rcu_read_lock_any_held+0xb3/0x120
[   77.453786][ T6571]  ? 0xffffffffff600000
[   77.453799][ T6571]  do_coredump+0x2809/0x3440
[   77.453815][ T6571]  ? __pfx_do_coredump+0x10/0x10
[   77.453821][ T6571]  ? unwind_get_return_address+0x4d/0x90
[   77.453830][ T6571]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   77.453853][ T6571]  ? kasan_save_track+0x4f/0x80
[   77.453860][ T6571]  ? kasan_save_track+0x3e/0x80
[   77.453865][ T6571]  ? kasan_save_free_info+0x46/0x50
[   77.453874][ T6571]  ? __kasan_slab_free+0x62/0x70
[   77.453896][ T6571]  ? kmem_cache_free+0x18f/0x400
[   77.453905][ T6571]  ? get_signal+0xa4c/0x1340
[   77.453912][ T6571]  ? arch_do_signal_or_restart+0x9a/0x750
[   77.453924][ T6571]  ? irqentry_exit_to_user_mode+0x81/0x120
[   77.453934][ T6571]  ? exc_general_protection+0x171/0x200
[   77.453940][ T6571]  ? asm_exc_general_protection+0x26/0x30
[   77.453957][ T6571]  ? perf_trace_lock+0xec/0x3b0
[   77.453970][ T6571]  ? proc_coredump_connector+0x172/0x4b0
[   77.453979][ T6571]  ? __pfx_proc_coredump_connector+0x10/0x10
[   77.453986][ T6571]  ? get_signal+0x103e/0x1340
[   77.453997][ T6571]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.454006][ T6571]  ? lockdep_hardirqs_on+0x9c/0x150
[   77.454017][ T6571]  get_signal+0x1109/0x1340
[   77.454033][ T6571]  arch_do_signal_or_restart+0x9a/0x750
[   77.454046][ T6571]  ? perf_trace_preemptirq_template+0x280/0x340
[   77.454059][ T6571]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   77.454076][ T6571]  ? local_irq_enable_exit_to_user+0x5/0x10
[   77.454087][ T6571]  irqentry_exit_to_user_mode+0x81/0x120
[   77.454097][ T6571]  exc_general_protection+0x171/0x200
[   77.454109][ T6571]  ? exc_page_fault+0x9f/0xf0
[   77.454119][ T6571]  asm_exc_general_protection+0x26/0x30
[   77.454126][ T6571] RIP: 0033:0x7f7862b8e9b1
[   77.454134][ T6571] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   77.454141][ T6571] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   77.454149][ T6571] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   77.454154][ T6571] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   77.454159][ T6571] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   77.454163][ T6571] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   77.454167][ T6571] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   77.454179][ T6571]  </TASK>
[   77.468038][ T6571] memory: usage 307200kB, limit 307200kB, failcnt 19480
[   77.638856][ T6571] memory+swap: usage 432176kB, limit 9007199254740988kB, failcnt 0
[   77.641483][ T6571] kmem: usage 5112kB, limit 9007199254740988kB, failcnt 0
[   77.643825][ T6571] Memory cgroup stats for /syz0:
[   77.643886][ T6571] cache 309207040
[   77.646781][ T6571] rss 122880
[   77.648008][ T6571] rss_huge 0
[   77.649127][ T6571] shmem 309207040
[   77.650369][ T6571] mapped_file 0
[   77.651975][ T6571] dirty 0
[   77.653302][ T6571] writeback 0
[   77.654496][ T6571] workingset_refault_anon 22
[   77.656044][ T6571] workingset_refault_file 180
[   77.657635][ T6571] swap 127975424
[   77.658973][ T6571] swapcached 20480
[   77.660258][ T6571] pgpgin 145316
[   77.661490][ T6571] pgpgout 69794
[   77.662674][ T6571] pgfault 15431
[   77.663863][ T6571] pgmajfault 39
[   77.665057][ T6571] inactive_anon 212815872
[   77.666521][ T6571] active_anon 96522240
[   77.668002][ T6571] inactive_file 0
[   77.669252][ T6571] active_file 0
[   77.670493][ T6571] unevictable 0
[   77.672070][ T6571] hierarchical_memory_limit 314572800
[   77.674005][ T6571] hierarchical_memsw_limit 9223372036854771712
[   77.676083][ T6571] total_cache 309207040
[   77.677515][ T6571] total_rss 122880
[   77.678893][ T6571] total_rss_huge 0
[   77.680189][ T6571] total_shmem 309207040
[   77.681634][ T6571] total_mapped_file 0
[   77.682999][ T6571] total_dirty 0
[   77.684204][ T6571] total_writeback 0
[   77.685530][ T6571] total_workingset_refault_anon 22
[   77.687242][ T6571] total_workingset_refault_file 180
[   77.689118][ T6571] total_swap 127975424
[   77.690584][ T6571] total_swapcached 20480
[   77.692485][ T6571] total_pgpgin 145316
[   77.693869][ T6571] total_pgpgout 69794
[   77.695213][ T6571] total_pgfault 15431
[   77.696602][ T6571] total_pgmajfault 39
[   77.698022][ T6571] total_inactive_anon 212815872
[   77.699698][ T6571] total_active_anon 96522240
[   77.701557][ T6571] total_inactive_file 0
[   77.702981][ T6571] total_active_file 0
[   77.704331][ T6571] total_unevictable 0
[   77.705687][ T6571] anon_cost 0
[   77.706827][ T6571] file_cost 0
[   77.708086][ T6571] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6574,uid=0
[   77.713524][ T6571] Memory cgroup out of memory: Killed process 6574 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   78.363928][ T6580] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   78.367152][ T6580] CPU: 1 UID: 0 PID: 6580 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   78.367166][ T6580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   78.367171][ T6580] Call Trace:
[   78.367175][ T6580]  <TASK>
[   78.367179][ T6580]  dump_stack_lvl+0x189/0x250
[   78.367195][ T6580]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.367205][ T6580]  ? __pfx__printk+0x10/0x10
[   78.367224][ T6580]  dump_header+0xd3/0x480
[   78.367238][ T6580]  oom_kill_process+0x3b6/0x950
[   78.367252][ T6580]  out_of_memory+0xf09/0x12a0
[   78.367268][ T6580]  ? __pfx_out_of_memory+0x10/0x10
[   78.367282][ T6580]  mem_cgroup_out_of_memory+0x145/0x240
[   78.367294][ T6580]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   78.367310][ T6580]  ? _raw_spin_unlock+0x28/0x50
[   78.367320][ T6580]  ? memcg1_oom_prepare+0x37f/0x450
[   78.367329][ T6580]  try_charge_memcg+0xdff/0x1290
[   78.367346][ T6580]  ? __pfx_try_charge_memcg+0x10/0x10
[   78.367359][ T6580]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   78.367373][ T6580]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   78.367386][ T6580]  charge_memcg+0x9f/0x180
[   78.367395][ T6580]  __mem_cgroup_charge+0x25/0x80
[   78.367404][ T6580]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   78.367415][ T6580]  ? filemap_get_entry+0xad/0x2f0
[   78.367423][ T6580]  ? filemap_get_entry+0xad/0x2f0
[   78.367433][ T6580]  ? filemap_get_entry+0x28f/0x2f0
[   78.367465][ T6580]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   78.367475][ T6580]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   78.367491][ T6580]  shmem_get_folio_gfp+0x59d/0x1660
[   78.367508][ T6580]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   78.367522][ T6580]  shmem_write_begin+0xf7/0x2b0
[   78.367533][ T6580]  generic_perform_write+0x2c7/0x910
[   78.367550][ T6580]  ? __pfx_generic_perform_write+0x10/0x10
[   78.367559][ T6580]  ? down_write+0x162/0x1f0
[   78.367574][ T6580]  ? file_update_time+0x2da/0x490
[   78.367588][ T6580]  shmem_file_write_iter+0xf8/0x120
[   78.367595][ T6580]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   78.367603][ T6580]  __kernel_write_iter+0x393/0x860
[   78.367612][ T6580]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   78.367620][ T6580]  ? __pfx___kernel_write_iter+0x10/0x10
[   78.367626][ T6580]  ? __up_read+0x280/0x680
[   78.367639][ T6580]  ? __asan_memset+0x22/0x50
[   78.367650][ T6580]  ? iov_iter_bvec+0xb8/0x180
[   78.367660][ T6580]  dump_user_range+0x873/0xc70
[   78.367690][ T6580]  ? __pfx_dump_user_range+0x10/0x10
[   78.367698][ T6580]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   78.367712][ T6580]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   78.367721][ T6580]  ? __kasan_kmalloc+0x93/0xb0
[   78.367730][ T6580]  ? dump_emit+0xa6/0xe0
[   78.367736][ T6580]  ? elf_core_dump+0x2c68/0x3900
[   78.367746][ T6580]  elf_core_dump+0x32ed/0x3900
[   78.367764][ T6580]  ? __pfx_elf_core_dump+0x10/0x10
[   78.367772][ T6580]  ? mas_next_slot+0xc27/0xcf0
[   78.367809][ T6580]  ? rcu_read_lock_any_held+0xb3/0x120
[   78.367819][ T6580]  ? 0xffffffffff600000
[   78.367834][ T6580]  do_coredump+0x2809/0x3440
[   78.367853][ T6580]  ? __pfx_do_coredump+0x10/0x10
[   78.367859][ T6580]  ? unwind_get_return_address+0x4d/0x90
[   78.367868][ T6580]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   78.367895][ T6580]  ? kasan_save_track+0x4f/0x80
[   78.367901][ T6580]  ? kasan_save_track+0x3e/0x80
[   78.367906][ T6580]  ? kasan_save_free_info+0x46/0x50
[   78.367915][ T6580]  ? __kasan_slab_free+0x62/0x70
[   78.367921][ T6580]  ? kmem_cache_free+0x18f/0x400
[   78.367929][ T6580]  ? get_signal+0xa4c/0x1340
[   78.367937][ T6580]  ? arch_do_signal_or_restart+0x9a/0x750
[   78.367948][ T6580]  ? irqentry_exit_to_user_mode+0x81/0x120
[   78.367958][ T6580]  ? exc_general_protection+0x171/0x200
[   78.367964][ T6580]  ? asm_exc_general_protection+0x26/0x30
[   78.367990][ T6580]  ? proc_coredump_connector+0x172/0x4b0
[   78.367999][ T6580]  ? __pfx_proc_coredump_connector+0x10/0x10
[   78.368012][ T6580]  ? _raw_spin_unlock_irq+0x23/0x50
[   78.368020][ T6580]  ? lockdep_hardirqs_on+0x9c/0x150
[   78.368031][ T6580]  get_signal+0x1109/0x1340
[   78.368050][ T6580]  arch_do_signal_or_restart+0x9a/0x750
[   78.368063][ T6580]  ? perf_trace_preemptirq_template+0x280/0x340
[   78.368077][ T6580]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   78.368095][ T6580]  ? local_irq_enable_exit_to_user+0x5/0x10
[   78.368106][ T6580]  irqentry_exit_to_user_mode+0x81/0x120
[   78.368117][ T6580]  exc_general_protection+0x171/0x200
[   78.368129][ T6580]  ? exc_page_fault+0x9f/0xf0
[   78.368140][ T6580]  asm_exc_general_protection+0x26/0x30
[   78.368147][ T6580] RIP: 0033:0x7f7862b8e9b1
[   78.368156][ T6580] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   78.368162][ T6580] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   78.368170][ T6580] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   78.368175][ T6580] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   78.368180][ T6580] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   78.368184][ T6580] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   78.368189][ T6580] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   78.368202][ T6580]  </TASK>
[   78.769108][ T6580] memory: usage 306148kB, limit 307200kB, failcnt 20748
[   78.771872][ T6580] memory+swap: usage 428508kB, limit 9007199254740988kB, failcnt 0
[   78.774866][ T6580] kmem: usage 5060kB, limit 9007199254740988kB, failcnt 0
[   78.798940][ T6580] Memory cgroup stats for /syz0:
[   78.799014][ T6580] cache 301461504
[   78.813874][ T6580] rss 122880
[   78.847772][ T6580] rss_huge 0
[   78.849574][ T6580] shmem 301330432
[   78.850903][ T6580] mapped_file 131072
[   78.852622][ T6580] dirty 0
[   78.853610][ T6580] writeback 0
[   78.854714][ T6580] workingset_refault_anon 22
[   78.856216][ T6580] workingset_refault_file 180
[   78.927868][ T6580] swap 125988864
[   78.929180][ T6580] swapcached 20480
[   78.930470][ T6580] pgpgin 154961
[   78.931670][ T6580] pgpgout 81330
[   78.932864][ T6580] pgfault 15733
[   78.934057][ T6580] pgmajfault 42
[   78.935269][ T6580] inactive_anon 189067264
[   78.936751][ T6580] active_anon 110915584
[   78.975411][ T6580] inactive_file 0
[   78.976775][ T6580] active_file 131072
[   78.988644][ T6580] unevictable 0
[   78.993104][ T6580] hierarchical_memory_limit 314572800
[   78.995024][ T6580] hierarchical_memsw_limit 9223372036854771712
[   78.997113][ T6580] total_cache 301461504
[   79.065936][ T6580] total_rss 122880
[   79.079495][ T6580] total_rss_huge 0
[   79.092564][ T6580] total_shmem 301330432
[   79.104377][ T6580] total_mapped_file 131072
[   79.118560][ T6580] total_dirty 0
[   79.122625][ T6580] total_writeback 0
[   79.131851][ T6580] total_workingset_refault_anon 22
[   79.137512][ T6580] total_workingset_refault_file 180
[   79.148608][ T6580] total_swap 125988864
[   79.153215][ T6580] total_swapcached 20480
[   79.160184][ T6580] total_pgpgin 154961
[   79.163517][ T6580] total_pgpgout 81330
[   79.166402][ T6580] total_pgfault 15733
[   79.168960][ T6580] total_pgmajfault 42
[   79.170424][ T6580] total_inactive_anon 189067264
[   79.172186][ T6580] total_active_anon 110915584
[   79.173876][ T6580] total_inactive_file 0
[   79.175421][ T6580] total_active_file 131072
[   79.176985][ T6580] total_unevictable 0
[   79.180780][ T6580] anon_cost 0
[   79.182116][ T6580] file_cost 0
[   79.183371][ T6580] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6570,uid=0
[   79.189583][ T6580] Memory cgroup out of memory: Killed process 6570 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   79.295650][ T6583] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   79.310259][ T6583] CPU: 1 UID: 0 PID: 6583 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   79.310274][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   79.310280][ T6583] Call Trace:
[   79.310283][ T6583]  <TASK>
[   79.310287][ T6583]  dump_stack_lvl+0x189/0x250
[   79.310305][ T6583]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.310314][ T6583]  ? __pfx__printk+0x10/0x10
[   79.310337][ T6583]  dump_header+0xd3/0x480
[   79.310350][ T6583]  oom_kill_process+0x3b6/0x950
[   79.310363][ T6583]  out_of_memory+0xf09/0x12a0
[   79.310378][ T6583]  ? __pfx_out_of_memory+0x10/0x10
[   79.310391][ T6583]  mem_cgroup_out_of_memory+0x145/0x240
[   79.310403][ T6583]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   79.310418][ T6583]  ? _raw_spin_unlock+0x28/0x50
[   79.310428][ T6583]  ? memcg1_oom_prepare+0x37f/0x450
[   79.310461][ T6583]  try_charge_memcg+0xdff/0x1290
[   79.310476][ T6583]  ? __pfx_try_charge_memcg+0x10/0x10
[   79.310484][ T6583]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   79.310498][ T6583]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   79.310510][ T6583]  charge_memcg+0x9f/0x180
[   79.310519][ T6583]  __mem_cgroup_charge+0x25/0x80
[   79.310527][ T6583]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   79.310537][ T6583]  ? filemap_get_entry+0xad/0x2f0
[   79.310546][ T6583]  ? filemap_get_entry+0xad/0x2f0
[   79.310555][ T6583]  ? filemap_get_entry+0x28f/0x2f0
[   79.310565][ T6583]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   79.310574][ T6583]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   79.310588][ T6583]  shmem_get_folio_gfp+0x59d/0x1660
[   79.310604][ T6583]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   79.310618][ T6583]  shmem_write_begin+0xf7/0x2b0
[   79.310628][ T6583]  generic_perform_write+0x2c7/0x910
[   79.310644][ T6583]  ? __pfx_generic_perform_write+0x10/0x10
[   79.310653][ T6583]  ? down_write+0x162/0x1f0
[   79.310668][ T6583]  ? file_update_time+0x2da/0x490
[   79.310681][ T6583]  shmem_file_write_iter+0xf8/0x120
[   79.310687][ T6583]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   79.310696][ T6583]  __kernel_write_iter+0x393/0x860
[   79.310704][ T6583]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   79.310712][ T6583]  ? __pfx___kernel_write_iter+0x10/0x10
[   79.310718][ T6583]  ? __up_read+0x280/0x680
[   79.310731][ T6583]  ? __asan_memset+0x22/0x50
[   79.310743][ T6583]  ? iov_iter_bvec+0xb8/0x180
[   79.310752][ T6583]  dump_user_range+0x873/0xc70
[   79.310766][ T6583]  ? __pfx_dump_user_range+0x10/0x10
[   79.310772][ T6583]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   79.310785][ T6583]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   79.310794][ T6583]  ? __kasan_kmalloc+0x93/0xb0
[   79.310803][ T6583]  ? dump_emit+0xa6/0xe0
[   79.310809][ T6583]  ? elf_core_dump+0x2c68/0x3900
[   79.310818][ T6583]  elf_core_dump+0x32ed/0x3900
[   79.310833][ T6583]  ? __pfx_elf_core_dump+0x10/0x10
[   79.310841][ T6583]  ? mas_next_slot+0xc27/0xcf0
[   79.310872][ T6583]  ? rcu_read_lock_any_held+0xb3/0x120
[   79.310883][ T6583]  ? 0xffffffffff600000
[   79.310896][ T6583]  do_coredump+0x2809/0x3440
[   79.310912][ T6583]  ? __pfx_do_coredump+0x10/0x10
[   79.310918][ T6583]  ? unwind_get_return_address+0x4d/0x90
[   79.310927][ T6583]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   79.310950][ T6583]  ? kasan_save_track+0x4f/0x80
[   79.310956][ T6583]  ? kasan_save_track+0x3e/0x80
[   79.310962][ T6583]  ? kasan_save_free_info+0x46/0x50
[   79.310970][ T6583]  ? __kasan_slab_free+0x62/0x70
[   79.310976][ T6583]  ? kmem_cache_free+0x18f/0x400
[   79.310984][ T6583]  ? get_signal+0xa4c/0x1340
[   79.310992][ T6583]  ? arch_do_signal_or_restart+0x9a/0x750
[   79.311004][ T6583]  ? irqentry_exit_to_user_mode+0x81/0x120
[   79.311014][ T6583]  ? exc_general_protection+0x171/0x200
[   79.311021][ T6583]  ? asm_exc_general_protection+0x26/0x30
[   79.311043][ T6583]  ? proc_coredump_connector+0x172/0x4b0
[   79.311052][ T6583]  ? __pfx_proc_coredump_connector+0x10/0x10
[   79.311063][ T6583]  ? _raw_spin_unlock_irq+0x23/0x50
[   79.311072][ T6583]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.311082][ T6583]  get_signal+0x1109/0x1340
[   79.311099][ T6583]  arch_do_signal_or_restart+0x9a/0x750
[   79.311111][ T6583]  ? perf_trace_preemptirq_template+0x280/0x340
[   79.311124][ T6583]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   79.311141][ T6583]  ? local_irq_enable_exit_to_user+0x5/0x10
[   79.311151][ T6583]  irqentry_exit_to_user_mode+0x81/0x120
[   79.311162][ T6583]  exc_general_protection+0x171/0x200
[   79.311173][ T6583]  ? exc_page_fault+0x9f/0xf0
[   79.311183][ T6583]  asm_exc_general_protection+0x26/0x30
[   79.311190][ T6583] RIP: 0033:0x7f7862b8e9b1
[   79.311213][ T6583] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   79.311219][ T6583] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   79.311226][ T6583] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   79.311231][ T6583] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   79.311236][ T6583] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   79.311241][ T6583] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   79.311245][ T6583] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   79.311256][ T6583]  </TASK>
[   79.311260][ T6583] memory: usage 306700kB, limit 307200kB, failcnt 21559
[   79.488628][ T6583] memory+swap: usage 430948kB, limit 9007199254740988kB, failcnt 0
[   79.491289][ T6583] kmem: usage 4972kB, limit 9007199254740988kB, failcnt 0
[   79.493610][ T6583] Memory cgroup stats for /syz0:
[   79.493678][ T6583] cache 307671040
[   79.496589][ T6583] rss 196608
[   79.497830][ T6583] rss_huge 0
[   79.498945][ T6583] shmem 306884608
[   79.500183][ T6583] mapped_file 651264
[   79.501520][ T6583] dirty 0
[   79.502528][ T6583] writeback 0
[   79.503976][ T6583] workingset_refault_anon 24
[   79.505617][ T6583] workingset_refault_file 258
[   79.507196][ T6583] swap 127852544
[   79.508541][ T6583] swapcached 24576
[   79.509808][ T6583] pgpgin 159971
[   79.511170][ T6583] pgpgout 84800
[   79.512385][ T6583] pgfault 15959
[   79.513598][ T6583] pgmajfault 51
[   79.514786][ T6583] inactive_anon 162562048
[   79.516344][ T6583] active_anon 143732736
[   79.517893][ T6583] inactive_file 786432
[   79.519255][ T6583] active_file 0
[   79.520458][ T6583] unevictable 0
[   79.521639][ T6583] hierarchical_memory_limit 314572800
[   79.523714][ T6583] hierarchical_memsw_limit 9223372036854771712
[   79.525758][ T6583] total_cache 307671040
[   79.527208][ T6583] total_rss 196608
[   79.528594][ T6583] total_rss_huge 0
[   79.529856][ T6583] total_shmem 306884608
[   79.531482][ T6583] total_mapped_file 651264
[   79.532972][ T6583] total_dirty 0
[   79.534195][ T6583] total_writeback 0
[   79.535502][ T6583] total_workingset_refault_anon 24
[   79.537357][ T6583] total_workingset_refault_file 258
[   79.551365][ T6583] total_swap 127852544
[   79.552907][ T6583] total_swapcached 24576
[   79.561019][ T6583] total_pgpgin 159971
[   79.562402][ T6583] total_pgpgout 84800
[   79.563758][ T6583] total_pgfault 15959
[   79.607803][ T6583] total_pgmajfault 51
[   79.609300][ T6583] total_inactive_anon 162562048
[   79.627776][ T6583] total_active_anon 143732736
[   79.629485][ T6583] total_inactive_file 786432
[   79.631038][ T6583] total_active_file 0
[   79.647786][ T6583] total_unevictable 0
[   79.660076][ T6583] anon_cost 0
[   79.661263][ T6583] file_cost 0
[   79.662407][ T6583] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6577,uid=0
[   79.697953][ T6583] Memory cgroup out of memory: Killed process 6577 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:55376kB, shmem-rss:0kB, UID:0 pgtables:196kB oom_score_adj:1000
[   80.515720][ T6582] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   80.530176][ T6582] CPU: 1 UID: 0 PID: 6582 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   80.530192][ T6582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   80.530197][ T6582] Call Trace:
[   80.530202][ T6582]  <TASK>
[   80.530205][ T6582]  dump_stack_lvl+0x189/0x250
[   80.530222][ T6582]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.530231][ T6582]  ? __pfx__printk+0x10/0x10
[   80.530249][ T6582]  dump_header+0xd3/0x480
[   80.530263][ T6582]  oom_kill_process+0x3b6/0x950
[   80.530275][ T6582]  out_of_memory+0xf09/0x12a0
[   80.530289][ T6582]  ? __pfx_out_of_memory+0x10/0x10
[   80.530302][ T6582]  mem_cgroup_out_of_memory+0x145/0x240
[   80.530314][ T6582]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   80.530329][ T6582]  ? _raw_spin_unlock+0x28/0x50
[   80.530344][ T6582]  ? memcg1_oom_prepare+0x37f/0x450
[   80.530354][ T6582]  try_charge_memcg+0xdff/0x1290
[   80.530368][ T6582]  ? __pfx_try_charge_memcg+0x10/0x10
[   80.530377][ T6582]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   80.530390][ T6582]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   80.530402][ T6582]  charge_memcg+0x9f/0x180
[   80.530411][ T6582]  __mem_cgroup_charge+0x25/0x80
[   80.530419][ T6582]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   80.530451][ T6582]  ? filemap_get_entry+0xad/0x2f0
[   80.530460][ T6582]  ? filemap_get_entry+0xad/0x2f0
[   80.530469][ T6582]  ? filemap_get_entry+0x28f/0x2f0
[   80.530479][ T6582]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   80.530488][ T6582]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   80.530499][ T6582]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[   80.530512][ T6582]  shmem_get_folio_gfp+0x59d/0x1660
[   80.530531][ T6582]  shmem_write_begin+0xf7/0x2b0
[   80.530541][ T6582]  generic_perform_write+0x2c7/0x910
[   80.530556][ T6582]  ? __pfx_generic_perform_write+0x10/0x10
[   80.530568][ T6582]  ? mnt_put_write_access_file+0xc0/0x100
[   80.530579][ T6582]  ? file_update_time+0x416/0x490
[   80.530592][ T6582]  shmem_file_write_iter+0xf8/0x120
[   80.530598][ T6582]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.530606][ T6582]  __kernel_write_iter+0x393/0x860
[   80.530614][ T6582]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.530622][ T6582]  ? __pfx___kernel_write_iter+0x10/0x10
[   80.530628][ T6582]  ? __up_read+0x280/0x680
[   80.530641][ T6582]  ? __asan_memset+0x22/0x50
[   80.530652][ T6582]  ? iov_iter_bvec+0xb8/0x180
[   80.530662][ T6582]  dump_user_range+0x873/0xc70
[   80.530675][ T6582]  ? __pfx_dump_user_range+0x10/0x10
[   80.530682][ T6582]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   80.530694][ T6582]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   80.530702][ T6582]  ? __kasan_kmalloc+0x93/0xb0
[   80.530711][ T6582]  ? dump_emit+0xa6/0xe0
[   80.530717][ T6582]  ? elf_core_dump+0x2c68/0x3900
[   80.530726][ T6582]  elf_core_dump+0x32ed/0x3900
[   80.530741][ T6582]  ? __pfx_elf_core_dump+0x10/0x10
[   80.530749][ T6582]  ? mas_next_slot+0xc27/0xcf0
[   80.530780][ T6582]  ? rcu_read_lock_any_held+0xb3/0x120
[   80.530791][ T6582]  ? 0xffffffffff600000
[   80.530804][ T6582]  do_coredump+0x2809/0x3440
[   80.530820][ T6582]  ? __pfx_do_coredump+0x10/0x10
[   80.530826][ T6582]  ? unwind_get_return_address+0x4d/0x90
[   80.530835][ T6582]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   80.530858][ T6582]  ? kasan_save_track+0x4f/0x80
[   80.530865][ T6582]  ? kasan_save_track+0x3e/0x80
[   80.530870][ T6582]  ? kasan_save_free_info+0x46/0x50
[   80.530879][ T6582]  ? __kasan_slab_free+0x62/0x70
[   80.530885][ T6582]  ? kmem_cache_free+0x18f/0x400
[   80.530892][ T6582]  ? get_signal+0xa4c/0x1340
[   80.530900][ T6582]  ? arch_do_signal_or_restart+0x9a/0x750
[   80.530912][ T6582]  ? irqentry_exit_to_user_mode+0x81/0x120
[   80.530923][ T6582]  ? exc_general_protection+0x171/0x200
[   80.530929][ T6582]  ? asm_exc_general_protection+0x26/0x30
[   80.530951][ T6582]  ? proc_coredump_connector+0x172/0x4b0
[   80.530959][ T6582]  ? __pfx_proc_coredump_connector+0x10/0x10
[   80.530970][ T6582]  ? _raw_spin_unlock_irq+0x23/0x50
[   80.530979][ T6582]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.530989][ T6582]  get_signal+0x1109/0x1340
[   80.531006][ T6582]  arch_do_signal_or_restart+0x9a/0x750
[   80.531018][ T6582]  ? perf_trace_preemptirq_template+0x280/0x340
[   80.531031][ T6582]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   80.531048][ T6582]  ? local_irq_enable_exit_to_user+0x5/0x10
[   80.531058][ T6582]  irqentry_exit_to_user_mode+0x81/0x120
[   80.531069][ T6582]  exc_general_protection+0x171/0x200
[   80.531080][ T6582]  ? exc_page_fault+0x9f/0xf0
[   80.531090][ T6582]  asm_exc_general_protection+0x26/0x30
[   80.531097][ T6582] RIP: 0033:0x7f7862b8e9b1
[   80.531106][ T6582] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   80.531112][ T6582] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   80.531120][ T6582] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   80.531125][ T6582] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   80.531130][ T6582] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   80.531134][ T6582] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   80.531139][ T6582] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   80.531150][ T6582]  </TASK>
[   80.531153][ T6582] memory: usage 307200kB, limit 307200kB, failcnt 22329
[   80.702491][ T6582] memory+swap: usage 432176kB, limit 9007199254740988kB, failcnt 0
[   80.705133][ T6582] kmem: usage 4740kB, limit 9007199254740988kB, failcnt 0
[   80.707475][ T6582] Memory cgroup stats for /syz0:
[   80.707538][ T6582] cache 309403648
[   80.710603][ T6582] rss 307200
[   80.711709][ T6582] rss_huge 0
[   80.712823][ T6582] shmem 309403648
[   80.714088][ T6582] mapped_file 0
[   80.715262][ T6582] dirty 0
[   80.716262][ T6582] writeback 0
[   80.717443][ T6582] workingset_refault_anon 28
[   80.719154][ T6582] workingset_refault_file 387
[   80.720726][ T6582] swap 127975424
[   80.721969][ T6582] swapcached 20480
[   80.723225][ T6582] pgpgin 184288
[   80.724467][ T6582] pgpgout 108673
[   80.725668][ T6582] pgfault 16647
[   80.726895][ T6582] pgmajfault 64
[   80.728152][ T6582] inactive_anon 147779584
[   80.729605][ T6582] active_anon 161939456
[   80.730961][ T6582] inactive_file 0
[   80.732229][ T6582] active_file 0
[   80.733384][ T6582] unevictable 0
[   80.734582][ T6582] hierarchical_memory_limit 314572800
[   80.736344][ T6582] hierarchical_memsw_limit 9223372036854771712
[   80.738507][ T6582] total_cache 309403648
[   80.739829][ T6582] total_rss 307200
[   80.741127][ T6582] total_rss_huge 0
[   80.742387][ T6582] total_shmem 309403648
[   80.743783][ T6582] total_mapped_file 0
[   80.745143][ T6582] total_dirty 0
[   80.746290][ T6582] total_writeback 0
[   80.747605][ T6582] total_workingset_refault_anon 28
[   80.749384][ T6582] total_workingset_refault_file 387
[   80.751074][ T6582] total_swap 127975424
[   80.752488][ T6582] total_swapcached 20480
[   80.753889][ T6582] total_pgpgin 184288
[   80.755281][ T6582] total_pgpgout 108673
[   80.756643][ T6582] total_pgfault 16647
[   80.758068][ T6582] total_pgmajfault 64
[   80.759413][ T6582] total_inactive_anon 147779584
[   80.761059][ T6582] total_active_anon 161939456
[   80.762640][ T6582] total_inactive_file 0
[   80.764066][ T6582] total_active_file 0
[   80.765414][ T6582] total_unevictable 0
[   80.766791][ T6582] anon_cost 0
[   80.768025][ T6582] file_cost 0
[   80.769144][ T6582] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6589,uid=0
[   80.773967][ T6582] Memory cgroup out of memory: Killed process 6589 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   80.906150][ T6584] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   80.920855][ T6584] CPU: 0 UID: 0 PID: 6584 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   80.920869][ T6584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   80.920874][ T6584] Call Trace:
[   80.920877][ T6584]  <TASK>
[   80.920880][ T6584]  dump_stack_lvl+0x189/0x250
[   80.920896][ T6584]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.920905][ T6584]  ? __pfx__printk+0x10/0x10
[   80.920923][ T6584]  dump_header+0xd3/0x480
[   80.920936][ T6584]  oom_kill_process+0x3b6/0x950
[   80.920948][ T6584]  out_of_memory+0xf09/0x12a0
[   80.920963][ T6584]  ? __pfx_out_of_memory+0x10/0x10
[   80.920975][ T6584]  mem_cgroup_out_of_memory+0x145/0x240
[   80.920987][ T6584]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   80.921002][ T6584]  ? _raw_spin_unlock+0x28/0x50
[   80.921011][ T6584]  ? memcg1_oom_prepare+0x37f/0x450
[   80.921020][ T6584]  try_charge_memcg+0xdff/0x1290
[   80.921035][ T6584]  ? __pfx_try_charge_memcg+0x10/0x10
[   80.921043][ T6584]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   80.921057][ T6584]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   80.921068][ T6584]  charge_memcg+0x9f/0x180
[   80.921077][ T6584]  __mem_cgroup_charge+0x25/0x80
[   80.921085][ T6584]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   80.921096][ T6584]  ? filemap_get_entry+0xad/0x2f0
[   80.921104][ T6584]  ? filemap_get_entry+0xad/0x2f0
[   80.921113][ T6584]  ? filemap_get_entry+0x28f/0x2f0
[   80.921123][ T6584]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   80.921132][ T6584]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   80.921146][ T6584]  shmem_get_folio_gfp+0x59d/0x1660
[   80.921162][ T6584]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[   80.921175][ T6584]  shmem_write_begin+0xf7/0x2b0
[   80.921185][ T6584]  generic_perform_write+0x2c7/0x910
[   80.921200][ T6584]  ? __pfx_generic_perform_write+0x10/0x10
[   80.921210][ T6584]  ? down_write+0x162/0x1f0
[   80.921229][ T6584]  ? file_update_time+0x2da/0x490
[   80.921244][ T6584]  shmem_file_write_iter+0xf8/0x120
[   80.921250][ T6584]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.921258][ T6584]  __kernel_write_iter+0x393/0x860
[   80.921266][ T6584]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.921274][ T6584]  ? __pfx___kernel_write_iter+0x10/0x10
[   80.921280][ T6584]  ? __up_read+0x280/0x680
[   80.921293][ T6584]  ? __asan_memset+0x22/0x50
[   80.921304][ T6584]  ? iov_iter_bvec+0xb8/0x180
[   80.921313][ T6584]  dump_user_range+0x873/0xc70
[   80.921328][ T6584]  ? __pfx_dump_user_range+0x10/0x10
[   80.921334][ T6584]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   80.921346][ T6584]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   80.921354][ T6584]  ? __kasan_kmalloc+0x93/0xb0
[   80.921363][ T6584]  ? dump_emit+0xa6/0xe0
[   80.921368][ T6584]  ? elf_core_dump+0x2c68/0x3900
[   80.921378][ T6584]  elf_core_dump+0x32ed/0x3900
[   80.921393][ T6584]  ? __pfx_elf_core_dump+0x10/0x10
[   80.921401][ T6584]  ? mas_next_slot+0xc27/0xcf0
[   80.921467][ T6584]  ? rcu_read_lock_any_held+0xb3/0x120
[   80.921480][ T6584]  ? 0xffffffffff600000
[   80.921492][ T6584]  do_coredump+0x2809/0x3440
[   80.921508][ T6584]  ? __pfx_do_coredump+0x10/0x10
[   80.921514][ T6584]  ? unwind_get_return_address+0x4d/0x90
[   80.921523][ T6584]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   80.921546][ T6584]  ? kasan_save_track+0x4f/0x80
[   80.921552][ T6584]  ? kasan_save_track+0x3e/0x80
[   80.921558][ T6584]  ? kasan_save_free_info+0x46/0x50
[   80.921567][ T6584]  ? __kasan_slab_free+0x62/0x70
[   80.921572][ T6584]  ? kmem_cache_free+0x18f/0x400
[   80.921580][ T6584]  ? get_signal+0xa4c/0x1340
[   80.921587][ T6584]  ? arch_do_signal_or_restart+0x9a/0x750
[   80.921599][ T6584]  ? irqentry_exit_to_user_mode+0x81/0x120
[   80.921609][ T6584]  ? exc_general_protection+0x171/0x200
[   80.921615][ T6584]  ? asm_exc_general_protection+0x26/0x30
[   80.921637][ T6584]  ? proc_coredump_connector+0x172/0x4b0
[   80.921646][ T6584]  ? __pfx_proc_coredump_connector+0x10/0x10
[   80.921657][ T6584]  ? _raw_spin_unlock_irq+0x23/0x50
[   80.921666][ T6584]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.921676][ T6584]  get_signal+0x1109/0x1340
[   80.921693][ T6584]  arch_do_signal_or_restart+0x9a/0x750
[   80.921705][ T6584]  ? perf_trace_preemptirq_template+0x280/0x340
[   80.921718][ T6584]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   80.921735][ T6584]  ? local_irq_enable_exit_to_user+0x5/0x10
[   80.921746][ T6584]  irqentry_exit_to_user_mode+0x81/0x120
[   80.921756][ T6584]  exc_general_protection+0x171/0x200
[   80.921767][ T6584]  ? exc_page_fault+0x9f/0xf0
[   80.921777][ T6584]  asm_exc_general_protection+0x26/0x30
[   80.921784][ T6584] RIP: 0033:0x7f7862b8e9b1
[   80.921792][ T6584] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   80.921798][ T6584] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   80.921806][ T6584] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   80.921811][ T6584] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   80.921816][ T6584] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   80.921820][ T6584] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   80.921824][ T6584] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   80.921836][ T6584]  </TASK>
[   80.923820][ T6584] memory: usage 307200kB, limit 307200kB, failcnt 22826
[   81.103858][ T6584] memory+swap: usage 418556kB, limit 9007199254740988kB, failcnt 0
[   81.106451][ T6584] kmem: usage 4716kB, limit 9007199254740988kB, failcnt 0
[   81.108859][ T6584] Memory cgroup stats for /syz0:
[   81.108925][ T6584] cache 295231488
[   81.111794][ T6584] rss 303104
[   81.112878][ T6584] rss_huge 0
[   81.113971][ T6584] shmem 295231488
[   81.115187][ T6584] mapped_file 0
[   81.116348][ T6584] dirty 0
[   81.117332][ T6584] writeback 0
[   81.118549][ T6584] workingset_refault_anon 28
[   81.120611][   T47] cfg80211: failed to load regulatory.db
[   81.123305][ T6584] workingset_refault_file 387
[   81.124885][ T6584] swap 127975424
[   81.126089][ T6584] swapcached 20480
[   81.127328][ T6584] pgpgin 184552
[   81.128633][ T6584] pgpgout 112398
[   81.130036][ T6584] pgfault 16648
[   81.131277][ T6584] pgmajfault 64
[   81.132456][ T6584] inactive_anon 165105664
[   81.133875][ T6584] active_anon 130134016
[   81.135251][ T6584] inactive_file 0
[   81.136472][ T6584] active_file 0
[   81.137641][ T6584] unevictable 0
[   81.178023][ T6584] hierarchical_memory_limit 314572800
[   81.179835][ T6584] hierarchical_memsw_limit 9223372036854771712
[   81.182240][ T6584] total_cache 295231488
[   81.183670][ T6584] total_rss 303104
[   81.184911][ T6584] total_rss_huge 0
[   81.186123][ T6584] total_shmem 295231488
[   81.187456][ T6584] total_mapped_file 0
[   81.237835][ T6584] total_dirty 0
[   81.239051][ T6584] total_writeback 0
[   81.240328][ T6584] total_workingset_refault_anon 28
[   81.242033][ T6584] total_workingset_refault_file 387
[   81.243652][ T6584] total_swap 127975424
[   81.244970][ T6584] total_swapcached 20480
[   81.246364][ T6584] total_pgpgin 184552
[   81.247654][ T6584] total_pgpgout 112398
[   81.259260][ T6589] syz.0.213 (6589) used greatest stack depth: 16816 bytes left
[   81.277753][ T6584] total_pgfault 16648
[   81.279115][ T6584] total_pgmajfault 64
[   81.280466][ T6584] total_inactive_anon 165105664
[   81.282068][ T6584] total_active_anon 130134016
[   81.283636][ T6584] total_inactive_file 0
[   81.284986][ T6584] total_active_file 0
[   81.286304][ T6584] total_unevictable 0
[   81.287647][ T6584] anon_cost 0
[   81.311096][ T6584] file_cost 0
[   81.312300][ T6584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6587,uid=0
[   81.317052][ T6584] Memory cgroup out of memory: Killed process 6587 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   81.394901][ T6582] syz.0.213 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   81.433278][ T6582] CPU: 1 UID: 0 PID: 6582 Comm: syz.0.213 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[   81.433294][ T6582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   81.433300][ T6582] Call Trace:
[   81.433304][ T6582]  <TASK>
[   81.433309][ T6582]  dump_stack_lvl+0x189/0x250
[   81.433334][ T6582]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.433344][ T6582]  ? __pfx__printk+0x10/0x10
[   81.433361][ T6582]  dump_header+0xd3/0x480
[   81.433374][ T6582]  oom_kill_process+0x3b6/0x950
[   81.433387][ T6582]  out_of_memory+0xf09/0x12a0
[   81.433401][ T6582]  ? __pfx_out_of_memory+0x10/0x10
[   81.433414][ T6582]  mem_cgroup_out_of_memory+0x145/0x240
[   81.433449][ T6582]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[   81.433464][ T6582]  ? _raw_spin_unlock+0x28/0x50
[   81.433473][ T6582]  ? memcg1_oom_prepare+0x37f/0x450
[   81.433482][ T6582]  try_charge_memcg+0xdff/0x1290
[   81.433497][ T6582]  ? __pfx_try_charge_memcg+0x10/0x10
[   81.433506][ T6582]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   81.433519][ T6582]  ? get_mem_cgroup_from_mm+0x38/0x2a0
[   81.433531][ T6582]  charge_memcg+0x9f/0x180
[   81.433540][ T6582]  __mem_cgroup_charge+0x25/0x80
[   81.433548][ T6582]  shmem_alloc_and_add_folio+0x7c1/0xf60
[   81.433559][ T6582]  ? filemap_get_entry+0xad/0x2f0
[   81.433568][ T6582]  ? filemap_get_entry+0xad/0x2f0
[   81.433577][ T6582]  ? filemap_get_entry+0x28f/0x2f0
[   81.433586][ T6582]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[   81.433595][ T6582]  ? shmem_allowable_huge_orders+0x1f8/0x420
[   81.433608][ T6582]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[   81.433621][ T6582]  shmem_get_folio_gfp+0x59d/0x1660
[   81.433640][ T6582]  shmem_write_begin+0xf7/0x2b0
[   81.433650][ T6582]  generic_perform_write+0x2c7/0x910
[   81.433667][ T6582]  ? __pfx_generic_perform_write+0x10/0x10
[   81.433678][ T6582]  ? mnt_put_write_access_file+0xc0/0x100
[   81.433691][ T6582]  ? file_update_time+0x416/0x490
[   81.433704][ T6582]  shmem_file_write_iter+0xf8/0x120
[   81.433711][ T6582]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   81.433719][ T6582]  __kernel_write_iter+0x393/0x860
[   81.433727][ T6582]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   81.433735][ T6582]  ? __pfx___kernel_write_iter+0x10/0x10
[   81.433741][ T6582]  ? __up_read+0x280/0x680
[   81.433755][ T6582]  ? __asan_memset+0x22/0x50
[   81.433766][ T6582]  ? iov_iter_bvec+0xb8/0x180
[   81.433775][ T6582]  dump_user_range+0x873/0xc70
[   81.433789][ T6582]  ? __pfx_dump_user_range+0x10/0x10
[   81.433796][ T6582]  ? elf_coredump_extra_notes_write+0x127/0x4b0
[   81.433808][ T6582]  ? __pfx_elf_coredump_extra_notes_write+0x10/0x10
[   81.433816][ T6582]  ? __kasan_kmalloc+0x93/0xb0
[   81.433825][ T6582]  ? dump_emit+0xa6/0xe0
[   81.433831][ T6582]  ? elf_core_dump+0x2c68/0x3900
[   81.433840][ T6582]  elf_core_dump+0x32ed/0x3900
[   81.433856][ T6582]  ? __pfx_elf_core_dump+0x10/0x10
[   81.433864][ T6582]  ? mas_next_slot+0xc27/0xcf0
[   81.433894][ T6582]  ? rcu_read_lock_any_held+0xb3/0x120
[   81.433905][ T6582]  ? 0xffffffffff600000
[   81.433918][ T6582]  do_coredump+0x2809/0x3440
[   81.433934][ T6582]  ? __pfx_do_coredump+0x10/0x10
[   81.433940][ T6582]  ? unwind_get_return_address+0x4d/0x90
[   81.433949][ T6582]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   81.433973][ T6582]  ? kasan_save_track+0x4f/0x80
[   81.433979][ T6582]  ? kasan_save_track+0x3e/0x80
[   81.433984][ T6582]  ? kasan_save_free_info+0x46/0x50
[   81.433993][ T6582]  ? __kasan_slab_free+0x62/0x70
[   81.433999][ T6582]  ? kmem_cache_free+0x18f/0x400
[   81.434008][ T6582]  ? get_signal+0xa4c/0x1340
[   81.434016][ T6582]  ? arch_do_signal_or_restart+0x9a/0x750
[   81.434027][ T6582]  ? irqentry_exit_to_user_mode+0x81/0x120
[   81.434037][ T6582]  ? exc_general_protection+0x171/0x200
[   81.434043][ T6582]  ? asm_exc_general_protection+0x26/0x30
[   81.434065][ T6582]  ? proc_coredump_connector+0x172/0x4b0
[   81.434073][ T6582]  ? __pfx_proc_coredump_connector+0x10/0x10
[   81.434084][ T6582]  ? _raw_spin_unlock_irq+0x23/0x50
[   81.434093][ T6582]  ? lockdep_hardirqs_on+0x9c/0x150
[   81.434103][ T6582]  get_signal+0x1109/0x1340
[   81.434120][ T6582]  arch_do_signal_or_restart+0x9a/0x750
[   81.434133][ T6582]  ? perf_trace_preemptirq_template+0x280/0x340
[   81.434146][ T6582]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   81.434162][ T6582]  ? local_irq_enable_exit_to_user+0x5/0x10
[   81.434174][ T6582]  irqentry_exit_to_user_mode+0x81/0x120
[   81.434185][ T6582]  exc_general_protection+0x171/0x200
[   81.434196][ T6582]  ? exc_page_fault+0x9f/0xf0
[   81.434206][ T6582]  asm_exc_general_protection+0x26/0x30
[   81.434213][ T6582] RIP: 0033:0x7f7862b8e9b1
[   81.434220][ T6582] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   81.434226][ T6582] RSP: 002b:00002000000001b0 EFLAGS: 00010217
[   81.434234][ T6582] RAX: 0000000000000000 RBX: 00007f7862db6080 RCX: 00007f7862b8e9a9
[   81.434239][ T6582] RDX: 0000200000000080 RSI: 00002000000001b0 RDI: 0000000000001080
[   81.434243][ T6582] RBP: 00007f7862c10d69 R08: 0000200000000500 R09: 0000200000000500
[   81.434248][ T6582] R10: 0000200000000200 R11: 0000000000000202 R12: 0000000000000000
[   81.434252][ T6582] R13: 0000000000000000 R14: 00007f7862db6080 R15: 00007fffd426bd18
[   81.434264][ T6582]  </TASK>
[   81.434267][ T6582] memory: usage 303500kB, limit 307200kB, failcnt 23146
[   81.609191][ T6582] memory+swap: usage 416664kB, limit 9007199254740988kB, failcnt 0
[   81.611828][ T6582] kmem: usage 4260kB, limit 9007199254740988kB, failcnt 0
[   81.614943][ T6582] Memory cgroup stats for /syz0:
[   81.615016][ T6582] cache 294141952
[   81.618360][ T6582] rss 270336
[   81.619504][ T6582] rss_huge 0
[   81.620615][ T6582] shmem 294141952
[   81.622155][ T6582] mapped_file 0
[   81.623923][ T6582] dirty 0
[   81.625223][ T6582] writeback 0
[   81.626365][ T6582] workingset_refault_anon 28
[   81.628620][ T6582] workingset_refault_file 387
[   81.630193][ T6582] swap 127737856
[   81.631562][ T6582] swapcached 16384
[   81.632840][ T6582] pgpgin 194521
[   81.634018][ T6582] pgpgout 122640
[   81.635277][ T6582] pgfault 16648
[   81.636489][ T6582] pgmajfault 64
[   81.637815][ T6582] inactive_anon 142598144
[   81.639504][ T6582] active_anon 150470656
[   81.640900][ T6582] inactive_file 0
[   81.642186][ T6582] active_file 0
[   81.643381][ T6582] unevictable 0
[   81.644571][ T6582] hierarchical_memory_limit 314572800
[   81.646411][ T6582] hierarchical_memsw_limit 9223372036854771712
[   81.648825][ T6582] total_cache 294141952
[   81.650558][ T6582] total_rss 270336
[   81.651879][ T6582] total_rss_huge 0
[   81.653241][ T6582] total_shmem 294141952
[   81.654662][ T6582] total_mapped_file 0
[   81.656012][ T6582] total_dirty 0
[   81.657202][ T6582] total_writeback 0
[   81.658733][ T6582] total_workingset_refault_anon 28
[   81.660682][ T6582] total_workingset_refault_file 387
[   81.662471][ T6582] total_swap 127737856
[   81.663870][ T6582] total_swapcached 16384
[   81.665351][ T6582] total_pgpgin 194521
[   81.666693][ T6582] total_pgpgout 122640
[   81.668173][ T6582] total_pgfault 16648
[   81.669735][ T6582] total_pgmajfault 64
[   81.671081][ T6582] total_inactive_anon 142598144
[   81.672714][ T6582] total_active_anon 150470656
[   81.674304][ T6582] total_inactive_file 0
[   81.675791][ T6582] total_active_file 0
[   81.677132][ T6582] total_unevictable 0
[   81.697794][ T6582] anon_cost 0
[   81.698979][ T6582] file_cost 0
[   81.709280][ T6582] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.213,pid=6585,uid=0
[   81.738335][ T6582] Memory cgroup out of memory: Killed process 6585 (syz.0.213) total-vm:98116kB, anon-rss:956kB, file-rss:53504kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[   83.027806][ T6586] syz.0.213 (6586) used greatest stack depth: 16312 bytes left
[   83.690809][ T6876] netlink: 188 bytes leftover after parsing attributes in process `syz.2.295'.
[   83.881398][ T6885] tap0: tun_chr_ioctl cmd 1074025673
[   83.936521][    C1] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[   84.000971][ T6892] netlink: 'syz.2.299': attribute type 39 has an invalid length.
[   84.062509][ T6895] netlink: 156 bytes leftover after parsing attributes in process `syz.2.300'.
[   84.397104][ T6909] netlink: 'syz.1.304': attribute type 6 has an invalid length.
[   84.400242][ T6909] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.304'.
[   84.404645][ T6911] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.305'.
[   84.409083][ T6911] netlink: 4595 bytes leftover after parsing attributes in process `syz.2.305'.
[   84.414766][ T6911] netlink: 'syz.2.305': attribute type 29 has an invalid length.
[   84.444296][ T6918] netlink: 'syz.2.307': attribute type 29 has an invalid length.
[   84.453864][ T6918] netlink: 'syz.2.307': attribute type 29 has an invalid length.
[   86.479239][ T6957] netlink: 14 bytes leftover after parsing attributes in process `syz.2.318'.
[   86.612733][ T6961] netlink: 'syz.1.319': attribute type 21 has an invalid length.
[   86.615386][ T6961] netlink: 168 bytes leftover after parsing attributes in process `syz.1.319'.
[   86.668291][ T6957] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.674962][ T6957] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.681600][ T6957] bond0 (unregistering): (slave bridge0): Releasing backup interface
[   86.684979][ T6957] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.687575][ T6957] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.692230][ T6957] bond0 (unregistering): Released all slaves
[   86.925993][ T6969] syz.1.321 uses obsolete (PF_INET,SOCK_PACKET)
[   87.443118][ T6990] netlink: 'syz.2.327': attribute type 10 has an invalid length.
[   87.446699][ T6990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.530216][ T6990] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.588818][ T6990] : renamed from gre0 (while UP)
[   88.615992][ T7022] netlink: 188 bytes leftover after parsing attributes in process `syz.2.336'.
[   91.343206][ T7073] netlink: 'syz.2.349': attribute type 1 has an invalid length.
[   91.346686][ T7073] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.349'.
[   91.504450][ T7080] netlink: 'syz.2.351': attribute type 15 has an invalid length.
[   91.507224][ T7080] netlink: 'syz.2.351': attribute type 7 has an invalid length.
[   91.510522][ T7080] netlink: 52 bytes leftover after parsing attributes in process `syz.2.351'.
[   92.099823][ T7120] netlink: 14 bytes leftover after parsing attributes in process `syz.1.362'.
[   95.267785][ T7234] netlink: 132 bytes leftover after parsing attributes in process `syz.2.401'.
[   95.362078][ T7243] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.405'.
[   96.260516][ T7257] netlink: 17279 bytes leftover after parsing attributes in process `syz.2.407'.
[   96.264546][ T7257] netlink: 'syz.2.407': attribute type 29 has an invalid length.
[   96.267434][ T7257] netlink: 'syz.2.407': attribute type 29 has an invalid length.
[   96.525500][ T7272] netlink: 10 bytes leftover after parsing attributes in process `syz.1.414'.
[   97.346125][ T7276] sit0: entered allmulticast mode
[   97.399943][ T7280] sit0: entered promiscuous mode
[   97.536088][ T7293] dummy0: entered promiscuous mode
[   97.540513][ T7293] dummy0: entered allmulticast mode
[   97.595862][ T7297] netlink: 'syz.1.421': attribute type 29 has an invalid length.
[   97.626473][ T7299] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.422'.
[   97.866392][ T7310] netlink: 'syz.1.426': attribute type 5 has an invalid length.
[   97.871528][ T7310] netlink: 176 bytes leftover after parsing attributes in process `syz.1.426'.
[   98.469128][ T7336] netlink: 'syz.2.435': attribute type 3 has an invalid length.
[   99.372625][ T7347] sock: sock_timestamping_bind_phc: sock not bind to device
[  100.025159][ T7359] netlink: 1057 bytes leftover after parsing attributes in process `syz.2.442'.
[  100.196613][ T7361] netlink: 152 bytes leftover after parsing attributes in process `syz.0.443'.
[  100.200594][ T7361] netlink: 6 bytes leftover after parsing attributes in process `syz.0.443'.
[  100.286783][ T7367] netlink: 60 bytes leftover after parsing attributes in process `syz.0.444'.
[  100.290654][ T7366] netlink: 60 bytes leftover after parsing attributes in process `syz.0.444'.
[  100.386102][ T7375] netlink: 60 bytes leftover after parsing attributes in process `syz.1.446'.
[  100.390202][ T7374] netlink: 60 bytes leftover after parsing attributes in process `syz.1.446'.
[  101.787480][ T7441] pim6reg1: entered promiscuous mode
[  101.791724][ T7441] pim6reg1: entered allmulticast mode
[  101.949258][ T7447] netlink: 'syz.2.465': attribute type 10 has an invalid length.
[  101.952008][ T7447] __nla_validate_parse: 1 callbacks suppressed
[  101.952016][ T7447] netlink: 168 bytes leftover after parsing attributes in process `syz.2.465'.
[  101.958947][ T7447] netlink: 'syz.2.465': attribute type 29 has an invalid length.
[  101.961945][ T7447] netlink: 'syz.2.465': attribute type 29 has an invalid length.
[  102.075564][ T7449] syzkaller0: entered promiscuous mode
[  102.078357][ T7449] syzkaller0: entered allmulticast mode
[  102.428686][ T7468] netlink: 'syz.2.472': attribute type 2 has an invalid length.
[  102.431277][ T7468] netlink: 164 bytes leftover after parsing attributes in process `syz.2.472'.
[  102.435469][ T7468] netlink: 'syz.2.472': attribute type 2 has an invalid length.
[  102.439450][ T7468] netlink: 164 bytes leftover after parsing attributes in process `syz.2.472'.
[  102.517662][ T7476] syzkaller0: entered promiscuous mode
[  102.520859][ T7476] syzkaller0: entered allmulticast mode
[  103.064723][ T7488] sock: sock_set_timeout: `syz.0.478' (pid 7488) tries to set negative timeout
[  103.114911][ T7490] netlink: 'syz.0.479': attribute type 21 has an invalid length.
[  103.119857][ T7490] netlink: 168 bytes leftover after parsing attributes in process `syz.0.479'.
[  104.221031][ T7522] bridge_slave_1: left allmulticast mode
[  104.222969][ T7522] bridge_slave_1: left promiscuous mode
[  104.225027][ T7522] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.249176][ T7522] bridge_slave_0: left allmulticast mode
[  104.251099][ T7522] bridge_slave_0: left promiscuous mode
[  104.253027][ T7522] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.303553][ T7524] netlink: 'syz.1.490': attribute type 10 has an invalid length.
[  104.325014][ T7524] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.330218][ T7524] team0: Port device bond0 added
[  104.425358][ T7541] netlink: 60 bytes leftover after parsing attributes in process `syz.2.491'.
[  104.429840][ T7535] netlink: 60 bytes leftover after parsing attributes in process `syz.2.491'.
[  104.576928][ T7553] netlink: 'syz.1.493': attribute type 33 has an invalid length.
[  104.580788][ T7553] netlink: 'syz.1.493': attribute type 3 has an invalid length.
[  104.583345][ T7553] netlink: 153952 bytes leftover after parsing attributes in process `syz.1.493'.
[  105.380490][ T7574] netlink: 144 bytes leftover after parsing attributes in process `syz.1.501'.
[  105.438443][ T7584] netlink: 'syz.1.504': attribute type 33 has an invalid length.
[  105.949753][ T7612] netlink: 'syz.0.510': attribute type 21 has an invalid length.
[  105.952473][ T7612] netlink: 156 bytes leftover after parsing attributes in process `syz.0.510'.
[  106.934475][ T7657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.525'.
[  106.973682][ T7661] syzkaller0: entered allmulticast mode
[  107.342953][ T7682] netlink: 14566 bytes leftover after parsing attributes in process `syz.2.531'.
[  107.364086][ T7682] netlink: 'syz.2.531': attribute type 6 has an invalid length.
[  107.366906][ T7682] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.531'.
[  107.518329][ T7690] netlink: 'syz.2.535': attribute type 2 has an invalid length.
[  107.522063][ T7690] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.535'.
[  107.525764][ T7690] nbd: must specify at least one socket
[  108.573569][ T7720] netlink: 'syz.1.545': attribute type 29 has an invalid length.
[  108.583864][ T7720] netlink: 'syz.1.545': attribute type 29 has an invalid length.
[  109.435045][ T7777] netlink: 'syz.2.558': attribute type 29 has an invalid length.
[  109.441691][ T7776] netlink: 'syz.0.561': attribute type 7 has an invalid length.
[  109.453757][ T7777] netlink: 'syz.2.558': attribute type 29 has an invalid length.
[  109.469173][ T7777] netlink: 'syz.2.558': attribute type 29 has an invalid length.
[  109.514847][ T7777] netlink: 'syz.2.558': attribute type 29 has an invalid length.
[  109.656780][ T7782] netlink: 'syz.0.563': attribute type 2 has an invalid length.
[  109.659625][ T7782] netlink: 119 bytes leftover after parsing attributes in process `syz.0.563'.
[  109.692709][ T7782] netlink: 'syz.0.563': attribute type 21 has an invalid length.
[  109.695454][ T7782] netlink: 'syz.0.563': attribute type 15 has an invalid length.
[  109.698410][ T7782] netlink: 156 bytes leftover after parsing attributes in process `syz.0.563'.
[  109.701482][ T7782] IPv6: NLM_F_CREATE should be specified when creating new route
[  109.704371][ T7782] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  109.706976][ T7782] IPv6: NLM_F_CREATE should be set when creating new route
[  109.709506][ T7782] IPv6: NLM_F_CREATE should be set when creating new route
[  109.711934][ T7782] IPv6: NLM_F_CREATE should be set when creating new route
[  110.353998][ T7789] netlink: 188 bytes leftover after parsing attributes in process `syz.1.565'.
[  117.024050][ T7827] validate_nla: 2 callbacks suppressed
[  117.024064][ T7827] netlink: 'syz.2.576': attribute type 46 has an invalid length.
[  118.008342][ T7856] netlink: 'syz.1.585': attribute type 46 has an invalid length.
[  118.133640][ T7867] netlink: 'syz.0.588': attribute type 21 has an invalid length.
[  118.655764][ T7894] netlink: 'syz.2.595': attribute type 21 has an invalid length.
[  118.659371][ T7894] netlink: 132 bytes leftover after parsing attributes in process `syz.2.595'.
[  118.771890][ T7901] netlink: 128 bytes leftover after parsing attributes in process `syz.0.597'.
[  118.775006][ T7901] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  118.866409][ T7901] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  119.153424][ T7915] netlink: 'syz.0.602': attribute type 13 has an invalid length.
[  119.157809][ T7915] netlink: 'syz.0.602': attribute type 58 has an invalid length.
[  119.160541][ T7915] netlink: 152 bytes leftover after parsing attributes in process `syz.0.602'.
[  119.739424][ T7939] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.609'.
[  119.742364][ T7939] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  119.744974][ T7939] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  119.806639][ T7944] netlink: 168 bytes leftover after parsing attributes in process `syz.1.611'.
[  120.082789][ T7968] netlink: 'syz.1.619': attribute type 7 has an invalid length.
[  120.085329][ T7969] netlink: 'syz.1.619': attribute type 7 has an invalid length.
[  120.101482][ T7969] netlink: 'syz.1.619': attribute type 3 has an invalid length.
[  120.103908][ T7969] netlink: 169664 bytes leftover after parsing attributes in process `syz.1.619'.
[  120.250723][ T7988] openvswitch: netlink: Flow actions attr not present in new flow.
[  120.254840][ T7988] syzkaller0: entered promiscuous mode
[  120.353612][ T7992] netlink: 'syz.1.625': attribute type 5 has an invalid length.
[  120.895629][ T7999] netlink: 132 bytes leftover after parsing attributes in process `syz.1.627'.
[  121.995320][ T8029] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.640'.
[  122.080880][ T8037] netlink: 17279 bytes leftover after parsing attributes in process `syz.1.643'.
[  122.092015][ T8034] validate_nla: 2 callbacks suppressed
[  122.092024][ T8034] netlink: 'syz.0.642': attribute type 13 has an invalid length.
[  122.096222][ T8034] netlink: 'syz.0.642': attribute type 58 has an invalid length.
[  122.098954][ T8034] netlink: 152 bytes leftover after parsing attributes in process `syz.0.642'.
[  122.112168][ T8034] netlink: 'syz.0.642': attribute type 29 has an invalid length.
[  123.420808][ T8093] netlink: 'syz.2.659': attribute type 28 has an invalid length.
[  123.427139][ T8093] netlink: 'syz.2.659': attribute type 29 has an invalid length.
[  123.442599][ T8093] netlink: 'syz.2.659': attribute type 10 has an invalid length.
[  123.473662][ T8093] batman_adv: batadv0: Adding interface: netdevsim0
[  123.476311][ T8093] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.485047][ T8093] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  123.558609][ T8096] netlink: 'syz.2.660': attribute type 2 has an invalid length.
[  123.758245][ T8106] syzkaller0: entered promiscuous mode
[  123.760071][ T8106] syzkaller0: entered allmulticast mode
[  123.765520][ T8105] __nla_validate_parse: 2 callbacks suppressed
[  123.765529][ T8105] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.662'.
[  125.071078][ T8129] syzkaller1: tun_chr_ioctl cmd 1074025676
[  125.073469][ T8129] syzkaller1: owner set to 778
[  125.585434][ T8141] tap0: tun_chr_ioctl cmd 1074025672
[  125.587410][ T8141] tap0: ignored: set checksum enabled
[  125.880425][ T8158] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.680'.
[  125.895716][ T8160] netlink: 20 bytes leftover after parsing attributes in process `syz.1.681'.
[  127.419345][ T8191] netlink: 60 bytes leftover after parsing attributes in process `syz.2.690'.
[  127.431180][ T8191] netlink: 60 bytes leftover after parsing attributes in process `syz.2.690'.
[  127.437357][ T8191] netlink: 60 bytes leftover after parsing attributes in process `syz.2.690'.
[  127.813621][ T8198] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.691'.
[  128.084111][ T8216] netlink: 'syz.1.699': attribute type 12 has an invalid length.
[  128.086752][ T8216] netlink: 132 bytes leftover after parsing attributes in process `syz.1.699'.
[  128.116787][ T8218] netlink: 61211 bytes leftover after parsing attributes in process `syz.1.700'.
[  128.256918][ T8223] netlink: 188 bytes leftover after parsing attributes in process `syz.1.702'.
[  129.666842][ T8236] netlink: 'syz.0.707': attribute type 4 has an invalid length.
[  129.677894][ T8236] netlink: 14345 bytes leftover after parsing attributes in process `syz.0.707'.
[  130.828466][ T8269] netlink: 180 bytes leftover after parsing attributes in process `syz.1.717'.
[  130.837383][ T8269] netlink: 164 bytes leftover after parsing attributes in process `syz.1.717'.
[  130.847118][ T8269] netlink: 164 bytes leftover after parsing attributes in process `syz.1.717'.
[  130.911890][ T8272] netlink: 'syz.2.718': attribute type 2 has an invalid length.
[  130.919711][ T8272] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.718'.
[  130.922794][ T8272] nbd: must specify a device to reconfigure
[  130.966571][ T8281] netlink: 149044 bytes leftover after parsing attributes in process `syz.0.721'.
[  132.302493][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  132.304630][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  132.310606][ T8322] netlink: 60 bytes leftover after parsing attributes in process `syz.0.734'.
[  132.318151][ T8324] netlink: 60 bytes leftover after parsing attributes in process `syz.0.734'.
[  132.321347][ T8321] netlink: 60 bytes leftover after parsing attributes in process `syz.0.734'.
[  132.326926][ T8324] netlink: 60 bytes leftover after parsing attributes in process `syz.0.734'.
[  132.376655][ T8329] netlink: 'syz.2.737': attribute type 2 has an invalid length.
[  132.376735][ T8330] netlink: 'syz.2.737': attribute type 2 has an invalid length.
[  132.590931][ T8335] netlink: 'syz.1.738': attribute type 1 has an invalid length.
[  133.313347][ T8356] netlink: 'syz.2.745': attribute type 21 has an invalid length.
[  134.537028][ T8431] netlink: 'syz.0.768': attribute type 39 has an invalid length.
[  134.851860][ T8437] netlink: 'syz.0.771': attribute type 1 has an invalid length.
[  134.854543][ T8437] __nla_validate_parse: 4 callbacks suppressed
[  134.854549][ T8437] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.771'.
[  134.882048][ T8438] netlink: 731 bytes leftover after parsing attributes in process `syz.1.770'.
[  134.891141][ T8438] netlink: 830 bytes leftover after parsing attributes in process `syz.1.770'.
[  135.025508][ T8454] netlink: 'syz.0.775': attribute type 10 has an invalid length.
[  135.029287][ T8454] netlink: 40 bytes leftover after parsing attributes in process `syz.0.775'.
[  135.033910][ T8454] batman_adv: batadv0: Adding interface: vlan1
[  135.036060][ T8454] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.053573][ T8454] batman_adv: batadv0: Interface activated: vlan1
[  135.056537][ T8456] netlink: 'syz.1.776': attribute type 33 has an invalid length.
[  135.059839][ T8456] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.776'.
[  135.063898][ T8454] netlink: 'syz.0.775': attribute type 10 has an invalid length.
[  135.066984][ T8454] netlink: 40 bytes leftover after parsing attributes in process `syz.0.775'.
[  135.193303][ T8458] team0: Port device team_slave_0 removed
[  135.196872][ T8458] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  135.260607][ T8463] netlink: 149044 bytes leftover after parsing attributes in process `syz.1.779'.
[  135.300871][ T8465] delete_channel: no stack
[  135.303527][ T8465] delete_channel: no stack
[  135.355369][ T8472] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.782'.
[  135.586229][ T8484] netlink: 'syz.0.786': attribute type 19 has an invalid length.
[  135.588963][ T8484] netlink: 40 bytes leftover after parsing attributes in process `syz.0.786'.
[  135.955862][ T8517] netlink: 'syz.0.797': attribute type 46 has an invalid length.
[  136.071642][ T8532] netlink: 'syz.1.801': attribute type 10 has an invalid length.
[  136.106888][ T5827] Bluetooth: hci2: unexpected subevent 0x01 length: 150 > 18
[  136.246552][ T8554] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.807'.
[  136.313530][ T8556] netlink: 'syz.2.808': attribute type 29 has an invalid length.
[  136.368409][ T8559] syz.0.809: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  136.375888][ T8559] CPU: 1 UID: 0 PID: 8559 Comm: syz.0.809 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  136.375900][ T8559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  136.375906][ T8559] Call Trace:
[  136.375913][ T8559]  <TASK>
[  136.375920][ T8559]  dump_stack_lvl+0x189/0x250
[  136.375960][ T8559]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.375979][ T8559]  ? __pfx__printk+0x10/0x10
[  136.376005][ T8559]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  136.376023][ T8559]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  136.376050][ T8559]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  136.376081][ T8559]  warn_alloc+0x214/0x310
[  136.376126][ T8559]  ? stack_depot_save_flags+0x429/0x900
[  136.376166][ T8559]  ? __pfx_warn_alloc+0x10/0x10
[  136.376196][ T8559]  ? kasan_save_track+0x4f/0x80
[  136.376214][ T8559]  ? xskq_create+0x56/0x170
[  136.376225][ T8559]  ? xsk_init_queue+0xb0/0x110
[  136.376234][ T8559]  ? xsk_setsockopt+0x4de/0x710
[  136.376242][ T8559]  ? do_sock_setsockopt+0x17c/0x1b0
[  136.376252][ T8559]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  136.376259][ T8559]  ? do_syscall_64+0xfa/0x3b0
[  136.376269][ T8559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.376314][ T8559]  __vmalloc_node_range_noprof+0x125/0x12f0
[  136.376500][ T8559]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  136.376549][ T8559]  ? __kasan_kmalloc+0x93/0xb0
[  136.376583][ T8559]  vmalloc_user_noprof+0xad/0xf0
[  136.376601][ T8559]  ? xskq_create+0xbf/0x170
[  136.376625][ T8559]  xskq_create+0xbf/0x170
[  136.376656][ T8559]  xsk_init_queue+0xb0/0x110
[  136.376687][ T8559]  xsk_setsockopt+0x4de/0x710
[  136.376717][ T8559]  ? __pfx_xsk_setsockopt+0x10/0x10
[  136.376750][ T8559]  ? __fget_files+0x2a/0x420
[  136.376765][ T8559]  ? aa_sock_opt_perm+0x74/0x110
[  136.376792][ T8559]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  136.376803][ T8559]  ? __pfx_xsk_setsockopt+0x10/0x10
[  136.376828][ T8559]  do_sock_setsockopt+0x17c/0x1b0
[  136.376865][ T8559]  __x64_sys_setsockopt+0x13f/0x1b0
[  136.376906][ T8559]  do_syscall_64+0xfa/0x3b0
[  136.376917][ T8559]  ? lockdep_hardirqs_on+0x9c/0x150
[  136.376933][ T8559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.376943][ T8559]  ? exc_page_fault+0x9f/0xf0
[  136.376973][ T8559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.376981][ T8559] RIP: 0033:0x7f7862b8e9a9
[  136.376997][ T8559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.377004][ T8559] RSP: 002b:00007f7863a31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  136.377013][ T8559] RAX: ffffffffffffffda RBX: 00007f7862db5fa0 RCX: 00007f7862b8e9a9
[  136.377018][ T8559] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000008
[  136.377023][ T8559] RBP: 00007f7862c10d69 R08: 0000000000000004 R09: 0000000000000000
[  136.377027][ T8559] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  136.377032][ T8559] R13: 0000000000000000 R14: 00007f7862db5fa0 R15: 00007fffd426bd18
[  136.377137][ T8559]  </TASK>
[  136.377143][ T8559] Mem-Info:
[  136.381088][ T6131] wlan1: Trigger new scan to find an IBSS to join
[  136.386776][ T8559] active_anon:5351 inactive_anon:2 isolated_anon:0
[  136.386776][ T8559]  active_file:13365 inactive_file:39048 isolated_file:0
[  136.386776][ T8559]  unevictable:1768 dirty:82 writeback:0
[  136.386776][ T8559]  slab_reclaimable:9420 slab_unreclaimable:53043
[  136.386776][ T8559]  mapped:18078 shmem:2430 pagetables:1028
[  136.386776][ T8559]  sec_pagetables:0 bounce:0
[  136.386776][ T8559]  kernel_misc_reclaimable:0
[  136.386776][ T8559]  free:285372 free_pcp:19571 free_cma:0
[  136.506836][ T8559] Node 0 active_anon:12336kB inactive_anon:8kB active_file:30636kB inactive_file:25324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:37456kB dirty:228kB writeback:0kB shmem:4732kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5168kB pagetables:2320kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  136.517822][ T8559] Node 1 active_anon:9000kB inactive_anon:0kB active_file:22824kB inactive_file:130868kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:34992kB dirty:100kB writeback:0kB shmem:4988kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6820kB pagetables:1792kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  136.528641][ T8559] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  136.538860][ T8559] lowmem_reserve[]: 0 812 812 812 812
[  136.540778][ T8559] Node 0 DMA32 free:376788kB boost:0kB min:33656kB low:42068kB high:50480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12336kB inactive_anon:8kB active_file:30636kB inactive_file:25324kB unevictable:3536kB writepending:228kB present:1556484kB managed:831912kB mlocked:0kB bounce:0kB free_pcp:28012kB local_pcp:13864kB free_cma:0kB
[  136.551397][ T8559] lowmem_reserve[]: 0 0 0 0 0
[  136.553126][ T8559] Node 1 DMA32 free:458616kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  136.563268][ T8559] lowmem_reserve[]: 0 0 854 854 854
[  136.565025][ T8559] Node 1 Normal free:290788kB boost:0kB min:36616kB low:45768kB high:54920kB reserved_highatomic:0KB free_highatomic:0KB active_anon:9000kB inactive_anon:0kB active_file:22824kB inactive_file:130868kB unevictable:3536kB writepending:100kB present:1048576kB managed:875016kB mlocked:0kB bounce:0kB free_pcp:50928kB local_pcp:28108kB free_cma:0kB
[  136.584022][ T8559] lowmem_reserve[]: 0 0 0 0 0
[  136.586597][ T8559] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  136.591525][ T8559] Node 0 DMA32: 907*4kB (UM) 561*8kB (UME) 516*16kB (UME) 597*32kB (UME) 447*64kB (UME) 139*128kB (UME) 102*256kB (UM) 79*512kB (UM) 41*1024kB (UM) 11*2048kB (U) 40*4096kB (U) = 376788kB
[  136.598090][ T8559] Node 1 DMA32: 2*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 1*128kB (M) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 110*4096kB (M) = 458616kB
[  136.604888][ T8559] Node 1 Normal: 479*4kB (ME) 507*8kB (ME) 619*16kB (UME) 790*32kB (UME) 454*64kB (UM) 213*128kB (UME) 83*256kB (UM) 88*512kB (UME) 38*1024kB (UME) 25*2048kB (M) 9*4096kB (M) = 290756kB
[  136.612710][ T8559] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  136.615889][ T8559] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  136.620245][ T8559] 54843 total pagecache pages
[  136.621847][ T8559] 0 pages in swap cache
[  136.623397][ T8559] Free swap  = 124996kB
[  136.624827][ T8559] Total swap = 124996kB
[  136.626245][ T8559] 786301 pages RAM
[  136.631213][ T8559] 0 pages HighMem/MovableOnly
[  136.634090][ T8559] 241075 pages reserved
[  136.635544][ T8559] 0 pages cma reserved
[  136.738291][ T8569] syzkaller1: tun_chr_ioctl cmd 1074025677
[  136.741130][ T8569] syzkaller1: linktype set to 823
[  138.676258][ T8649] validate_nla: 2 callbacks suppressed
[  138.676360][ T8649] netlink: 'syz.0.837': attribute type 11 has an invalid length.
[  139.338969][   T53] wlan1: Trigger new scan to find an IBSS to join
[  139.666851][ T8672] syzkaller0: entered promiscuous mode
[  139.670352][ T8672] syzkaller0: entered allmulticast mode
[  140.175119][ T8682] __nla_validate_parse: 2 callbacks suppressed
[  140.175130][ T8682] netlink: 10 bytes leftover after parsing attributes in process `syz.1.849'.
[  140.291740][ T8689] netlink: 'syz.0.848': attribute type 29 has an invalid length.
[  140.294806][ T8689] netlink: 'syz.0.848': attribute type 29 has an invalid length.
[  140.299238][ T8689] netlink: 'syz.0.848': attribute type 29 has an invalid length.
[  140.407478][ T8692] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.851'.
[  140.418940][ T8692] netlink: 6320 bytes leftover after parsing attributes in process `syz.1.851'.
[  140.423197][ T8692] netlink: 'syz.1.851': attribute type 21 has an invalid length.
[  140.425881][ T8692] netlink: 132 bytes leftover after parsing attributes in process `syz.1.851'.
[  140.842536][ T8713] netlink: 16386 bytes leftover after parsing attributes in process `syz.1.857'.
[  141.276211][ T8729] netlink: 132 bytes leftover after parsing attributes in process `syz.0.861'.
[  141.454123][ T8739] netlink: 'syz.0.864': attribute type 1 has an invalid length.
[  141.456986][ T8739] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.864'.
[  141.478812][ T8739] netlink: 830 bytes leftover after parsing attributes in process `syz.0.864'.
[  141.566133][ T8746] sctp: [Deprecated]: syz.2.863 (pid 8746) Use of struct sctp_assoc_value in delayed_ack socket option.
[  141.566133][ T8746] Use struct sctp_sack_info instead
[  141.714128][ T8749] netlink: 'syz.0.866': attribute type 13 has an invalid length.
[  141.716910][ T8749] netlink: 'syz.0.866': attribute type 58 has an invalid length.
[  141.719832][ T8749] netlink: 152 bytes leftover after parsing attributes in process `syz.0.866'.
[  142.387855][   T53] wlan1: Trigger new scan to find an IBSS to join
[  142.502524][ T8760] netlink: 'syz.1.871': attribute type 21 has an invalid length.
[  142.505358][ T8760] netlink: 'syz.1.871': attribute type 1 has an invalid length.
[  142.517277][ T8758] veth0_macvtap: left promiscuous mode
[  142.727611][ T8777] netlink: 132 bytes leftover after parsing attributes in process `syz.0.875'.
[  143.298529][   T53] wlan1: Creating new IBSS network, BSSID ca:cd:c6:7d:81:9f
[  146.745889][ T8867] validate_nla: 7 callbacks suppressed
[  146.745901][ T8867] netlink: 'syz.1.903': attribute type 21 has an invalid length.
[  147.113776][ T8877] vxcan1: entered allmulticast mode
[  147.564883][ T8893] __nla_validate_parse: 3 callbacks suppressed
[  147.564896][ T8893] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.912'.
[  148.019456][ T8914] netlink: 'syz.1.920': attribute type 7 has an invalid length.
[  148.260582][ T8928] netlink: 'syz.2.925': attribute type 29 has an invalid length.
[  148.280706][ T8930] netlink: 17 bytes leftover after parsing attributes in process `syz.1.926'.
[  148.283711][ T8930] netlink: zone id is out of range
[  148.285427][ T8930] netlink: zone id is out of range
[  148.287430][ T8930] netlink: zone id is out of range
[  148.289584][ T8930] netlink: zone id is out of range
[  148.291329][ T8930] netlink: zone id is out of range
[  148.293048][ T8930] netlink: zone id is out of range
[  148.294740][ T8930] netlink: zone id is out of range
[  148.296454][ T8930] netlink: zone id is out of range
[  148.300208][ T8930] netlink: zone id is out of range
[  148.301985][ T8930] netlink: zone id is out of range
[  148.313324][ T8930] GPL: port 1(erspan0) entered blocking state
[  148.315514][ T8930] GPL: port 1(erspan0) entered disabled state
[  148.317631][ T8930] erspan0: entered allmulticast mode
[  148.320411][ T8930] erspan0: entered promiscuous mode
[  148.324749][ T8930] GPL: port 1(erspan0) entered blocking state
[  148.326836][ T8930] GPL: port 1(erspan0) entered forwarding state
[  148.352377][ T8933] netlink: 60 bytes leftover after parsing attributes in process `syz.2.927'.
[  148.355661][ T8932] netlink: 60 bytes leftover after parsing attributes in process `syz.2.927'.
[  148.360430][ T8933] netlink: 60 bytes leftover after parsing attributes in process `syz.2.927'.
[  148.612930][ T8950] netlink: 'syz.1.932': attribute type 21 has an invalid length.
[  150.375936][ T8969] netlink: 830 bytes leftover after parsing attributes in process `syz.1.938'.
[  150.497495][ T8988] netlink: 'syz.0.943': attribute type 29 has an invalid length.
[  150.500384][ T8988] netlink: 'syz.0.943': attribute type 29 has an invalid length.
[  150.503034][ T8988] netlink: 'syz.0.943': attribute type 29 has an invalid length.
[  150.507293][ T8989] netlink: 'syz.0.943': attribute type 29 has an invalid length.
[  151.732459][ T9042] netlink: 'syz.2.959': attribute type 25 has an invalid length.
[  151.735693][ T9042] netlink: 2418 bytes leftover after parsing attributes in process `syz.2.959'.
[  152.063167][ T9060] syzkaller0: entered promiscuous mode
[  152.065426][ T9060] syzkaller0: entered allmulticast mode
[  152.585946][ T9066] netlink: 15231 bytes leftover after parsing attributes in process `syz.1.965'.
[  152.733991][ T9073] netlink: 188 bytes leftover after parsing attributes in process `syz.1.968'.
[  152.765036][ T9073] netlink: 188 bytes leftover after parsing attributes in process `syz.1.968'.
[  153.642941][ T9088] netlink: 'syz.2.972': attribute type 2 has an invalid length.
[  153.645580][ T9088] netlink: 137592 bytes leftover after parsing attributes in process `syz.2.972'.
[  154.614906][ T9115] syzkaller0: entered promiscuous mode
[  154.616741][ T9115] syzkaller0: entered allmulticast mode
[  155.415326][ T9131] netlink: 'syz.1.986': attribute type 10 has an invalid length.
[  155.449079][ T9131] team0: Port device geneve1 added
[  155.480093][ T9131] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.986'.
[  155.580351][ T9144] syzkaller0: entered promiscuous mode
[  155.582204][ T9144] syzkaller0: entered allmulticast mode
[  155.630140][ T9146] caif0: entered promiscuous mode
[  155.632239][ T9146] caif0: entered allmulticast mode
[  158.066702][ T9218] netlink: 'syz.0.1014': attribute type 29 has an invalid length.
[  158.069963][ T9217] netlink: 'syz.0.1014': attribute type 10 has an invalid length.
[  158.073395][ T9217] bond0: (slave wlan1): Opening slave failed
[  158.219425][ T9228] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.1017'.
[  158.327844][ T9231] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1018'.
[  159.522645][ T9248] netlink: 'syz.1.1023': attribute type 13 has an invalid length.
[  159.525303][ T9248] netlink: 'syz.1.1023': attribute type 58 has an invalid length.
[  159.528486][ T9248] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1023'.
[  159.785521][ T9255] netlink: 'syz.2.1026': attribute type 16 has an invalid length.
[  159.789418][ T9255] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1026'.
[  161.942926][ T9314] netlink: 1041 bytes leftover after parsing attributes in process `syz.0.1044'.
[  162.532794][ T9347] netlink: 'syz.1.1054': attribute type 33 has an invalid length.
[  162.535719][ T9347] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1054'.
[  162.557289][ T9347] netlink: 'syz.1.1054': attribute type 17 has an invalid length.
[  162.690000][ T9354] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1056'.
[  162.695575][ T9349] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1055'.
[  162.759981][ T9359] netlink: 'syz.1.1057': attribute type 27 has an invalid length.
[  162.759999][ T9359] netlink: 2418 bytes leftover after parsing attributes in process `syz.1.1057'.
[  170.222336][ T5831] Bluetooth: hci2: command 0x0406 tx timeout
[  170.222387][ T5831] Bluetooth: hci0: command 0x0406 tx timeout
[  193.741604][   T53] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  193.743250][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  193.743309][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  197.431310][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  197.436838][ T5831] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  197.437350][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  197.441403][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  197.441727][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  197.572349][ T9375] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  197.572993][ T9375] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  197.573312][ T9375] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  197.573831][ T9375] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  197.574146][ T9375] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  197.575015][ T9381] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  197.575794][ T9381] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  197.576257][ T9381] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  197.576771][ T9381] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  197.577078][ T9381] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  197.653640][ T9369] chnl_net:caif_netlink_parms(): no params data found
[  239.406825][ T9402] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  239.408882][ T9402] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  239.409598][ T9402] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  239.410113][ T9402] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  239.410578][ T9402] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  239.411200][ T9402] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  239.411531][ T9402] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  239.411700][ T9402] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  239.411857][ T9402] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  239.413124][ T9402] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  239.413291][ T9402] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  239.413457][ T9402] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  239.414315][ T9402] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  239.414485][ T9402] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  239.414674][ T9402] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  255.186117][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  255.186172][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  267.687742][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  267.687759][    C1] rcu: 	1-....: (10499 ticks this GP) idle=199c/1/0x4000000000000000 softirq=45843/45845 fqs=4760
[  267.688173][    C1] rcu: 	         hardirqs   softirqs   csw/system
[  267.688178][    C1] rcu: 	 number:  1033096          0            0
[  267.688184][    C1] rcu: 	cputime:    23889      28590           85   ==> 52480(ms)
[  267.688190][    C1] rcu: 	(t=10500 jiffies g=20389 q=2741 ncpus=2)
[  267.688200][    C1] CPU: 1 UID: 0 PID: 9349 Comm: syz.0.1055 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  267.688210][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  267.688215][    C1] RIP: 0010:kasan_quarantine_put+0x88/0x220
[  267.688233][    C1] Code: e8 1d 5a a4 ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 88 00 00 00 41 f7 c7 00 02 00 00 74 01 fb 31 c0 <48> 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 8d 80
[  267.688239][    C1] RSP: 0018:ffffc900001e0b58 EFLAGS: 00000206
[  267.688247][    C1] RAX: 074e494c5db19d01 RBX: ffff88803312fbe8 RCX: 074e494c5db19d00
[  267.688253][    C1] RDX: 0000000000000002 RSI: ffffffff8d998874 RDI: ffffffff8be29f40
[  267.688257][    C1] RBP: 0000000000000000 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  267.688268][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffea0000cc4b80
[  267.688273][    C1] R13: 0000000000000000 R14: 00000000000a8178 R15: 0000000000000286
[  267.688278][    C1] FS:  00007f7863a316c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  267.688284][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  267.688288][    C1] CR2: 00007f57f9b802d8 CR3: 0000000105e10000 CR4: 00000000000006f0
[  267.688317][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  267.688323][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  267.688327][    C1] Call Trace:
[  267.688331][    C1]  <IRQ>
[  267.688372][    C1]  ? rcu_core+0xca8/0x1710
[  267.688383][    C1]  kmem_cache_free+0x18f/0x400
[  267.688392][    C1]  ? __pfx___d_free+0x10/0x10
[  267.688399][    C1]  ? rcu_core+0xc34/0x1710
[  267.688406][    C1]  rcu_core+0xca8/0x1710
[  267.688421][    C1]  ? __pfx_rcu_core+0x10/0x10
[  267.688428][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  267.688437][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  267.688447][    C1]  ? irqentry_exit+0x74/0x90
[  267.688462][    C1]  ? __pfx_rcu_core_si+0x10/0x10
[  267.688476][    C1]  handle_softirqs+0x286/0x870
[  267.688486][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  267.688496][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  267.688506][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  267.688518][    C1]  __irq_exit_rcu+0xca/0x1f0
[  267.688525][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  267.688537][    C1]  irq_exit_rcu+0x9/0x30
[  267.688544][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  267.688552][    C1]  </IRQ>
[  267.688554][    C1]  <TASK>
[  267.688557][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  267.688565][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  267.688575][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 1a 0b 82 00 48 8b 1b 48 8b 44 24
[  267.688581][    C1] RSP: 0018:ffffc900092bea60 EFLAGS: 00000287
[  267.688587][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  267.688592][    C1] RDX: ffffc900041c2000 RSI: 00000000000024b3 RDI: 00000000000024b4
[  267.688596][    C1] RBP: ffffc900092bebb0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  267.688600][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  267.688605][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  267.688619][    C1]  ? console_flush_all+0x13a/0xc40
[  267.688631][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  267.688644][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  267.688656][    C1]  console_unlock+0xc4/0x270
[  267.688666][    C1]  ? __pfx_console_unlock+0x10/0x10
[  267.688673][    C1]  ? _printk+0xcf/0x120
[  267.688683][    C1]  ? vprintk_emit+0x3cc/0x7a0
[  267.688694][    C1]  vprintk_emit+0x5b7/0x7a0
[  267.688703][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  267.688711][    C1]  ? perf_trace_preemptirq_template+0x280/0x340
[  267.688722][    C1]  ? irqentry_enter+0x3d/0x60
[  267.688731][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  267.688746][    C1]  _printk+0xcf/0x120
[  267.688757][    C1]  ? __pfx__printk+0x10/0x10
[  267.688771][    C1]  __nla_validate_parse+0x2563/0x2d40
[  267.688792][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  267.688801][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  267.688813][    C1]  ? __pfx_trace_call_bpf+0x10/0x10
[  267.688819][    C1]  ? trace_call_bpf+0xb7/0x850
[  267.688828][    C1]  ? irqentry_exit+0x74/0x90
[  267.688836][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.688850][    C1]  __nla_parse+0x40/0x60
[  267.688861][    C1]  neigh_dump_info+0x2f4/0x1990
[  267.688875][    C1]  ? irqentry_exit+0x74/0x90
[  267.688883][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.688896][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  267.688910][    C1]  ? __build_skb_around+0x257/0x3e0
[  267.688920][    C1]  ? __alloc_skb+0x1bc/0x2d0
[  267.688929][    C1]  netlink_dump+0x6de/0xe60
[  267.688941][    C1]  ? __pfx_netlink_dump+0x10/0x10
[  267.688955][    C1]  ? __netlink_dump_start+0x3b0/0x7e0
[  267.688964][    C1]  __netlink_dump_start+0x5cb/0x7e0
[  267.688974][    C1]  rtnetlink_rcv_msg+0x9eb/0xb70
[  267.688985][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  267.688993][    C1]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  267.689002][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  267.689012][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  267.689021][    C1]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  267.689035][    C1]  netlink_rcv_skb+0x208/0x470
[  267.689041][    C1]  ? rcu_is_watching+0x7f/0xb0
[  267.689049][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  267.689060][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  267.689072][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  267.689083][    C1]  netlink_unicast+0x75c/0x8e0
[  267.689098][    C1]  netlink_sendmsg+0x805/0xb30
[  267.689109][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.689117][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  267.689128][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  267.689138][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.689145][    C1]  __sock_sendmsg+0x21c/0x270
[  267.689156][    C1]  ____sys_sendmsg+0x505/0x830
[  267.689167][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  267.689179][    C1]  ? import_iovec+0x74/0xa0
[  267.689188][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  267.689197][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  267.689207][    C1]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  267.689229][    C1]  ? __fget_files+0x2a/0x420
[  267.689236][    C1]  ? __fget_files+0x3a0/0x420
[  267.689248][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  267.689257][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  267.689278][    C1]  ? do_syscall_64+0xbe/0x3b0
[  267.689288][    C1]  do_syscall_64+0xfa/0x3b0
[  267.689298][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.689304][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  267.689313][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.689319][    C1] RIP: 0033:0x7f7862b8e9a9
[  267.689327][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.689351][    C1] RSP: 002b:00007f7863a31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.689359][    C1] RAX: ffffffffffffffda RBX: 00007f7862db5fa0 RCX: 00007f7862b8e9a9
[  267.689364][    C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000e
[  267.689368][    C1] RBP: 00007f7862c10d69 R08: 0000000000000000 R09: 0000000000000000
[  267.689372][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  267.689376][    C1] R13: 0000000000000000 R14: 00007f7862db5fa0 R15: 00007fffd426bd18
[  267.689388][    C1]  </TASK>
[  296.139374][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-.... } 13336 jiffies s: 19993 root: 0x2/.
[  296.139411][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  296.139424][   T18] Sending NMI from CPU 0 to CPUs 1:
[  296.139478][    C1] NMI backtrace for cpu 1
[  296.139494][    C1] CPU: 1 UID: 0 PID: 9349 Comm: syz.0.1055 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  296.139504][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  296.139509][    C1] RIP: 0010:native_apic_msr_eoi+0xf/0x20
[  296.139527][    C1] Code: f8 c3 cc cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 0b 08 00 00 31 c0 31 d2 0f 30 <e9> 8c 14 00 0a cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  296.139534][    C1] RSP: 0018:ffffc900001e0a70 EFLAGS: 00000046
[  296.139541][    C1] RAX: 0000000000000000 RBX: ffffc900001e0aa8 RCX: 000000000000080b
[  296.139546][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  296.139550][    C1] RBP: 0000000000000000 R08: ffff888136623b0f R09: 1ffff11026cc4761
[  296.139554][    C1] R10: dffffc0000000000 R11: ffffed1026cc4762 R12: 0000000000000000
[  296.139559][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.139563][    C1] FS:  00007f7863a316c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  296.139569][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  296.139573][    C1] CR2: 00007f57f9b802d8 CR3: 0000000105e10000 CR4: 00000000000006f0
[  296.139598][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  296.139604][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  296.139608][    C1] Call Trace:
[  296.139613][    C1]  <IRQ>
[  296.139617][    C1]  __sysvec_irq_work+0x11/0x3d0
[  296.139628][    C1]  sysvec_irq_work+0x4f/0xc0
[  296.139638][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  296.139646][    C1] RIP: 0010:kasan_quarantine_put+0x88/0x220
[  296.139658][    C1] Code: e8 1d 5a a4 ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 88 00 00 00 41 f7 c7 00 02 00 00 74 01 fb 31 c0 <48> 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 8d 80
[  296.139663][    C1] RSP: 0018:ffffc900001e0b58 EFLAGS: 00000206
[  296.139669][    C1] RAX: 074e494c5db19d01 RBX: ffff88803312fbe8 RCX: 074e494c5db19d00
[  296.139674][    C1] RDX: 0000000000000002 RSI: ffffffff8d998874 RDI: ffffffff8be29f40
[  296.139678][    C1] RBP: 0000000000000000 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  296.139682][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffea0000cc4b80
[  296.139687][    C1] R13: 0000000000000000 R14: 00000000000a8178 R15: 0000000000000286
[  296.139695][    C1]  ? rcu_core+0xca8/0x1710
[  296.139704][    C1]  kmem_cache_free+0x18f/0x400
[  296.139713][    C1]  ? __pfx___d_free+0x10/0x10
[  296.139720][    C1]  ? rcu_core+0xc34/0x1710
[  296.139726][    C1]  rcu_core+0xca8/0x1710
[  296.139737][    C1]  ? __pfx_rcu_core+0x10/0x10
[  296.139744][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  296.139753][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  296.139760][    C1]  ? irqentry_exit+0x74/0x90
[  296.139770][    C1]  ? __pfx_rcu_core_si+0x10/0x10
[  296.139782][    C1]  handle_softirqs+0x286/0x870
[  296.139791][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  296.139798][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  296.139806][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  296.139818][    C1]  __irq_exit_rcu+0xca/0x1f0
[  296.139825][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  296.139833][    C1]  irq_exit_rcu+0x9/0x30
[  296.139840][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  296.139849][    C1]  </IRQ>
[  296.139851][    C1]  <TASK>
[  296.139853][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  296.139860][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  296.139870][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 1a 0b 82 00 48 8b 1b 48 8b 44 24
[  296.139875][    C1] RSP: 0018:ffffc900092bea60 EFLAGS: 00000287
[  296.139880][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  296.139885][    C1] RDX: ffffc900041c2000 RSI: 00000000000024b3 RDI: 00000000000024b4
[  296.139889][    C1] RBP: ffffc900092bebb0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  296.139894][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  296.139898][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  296.139907][    C1]  ? console_flush_all+0x13a/0xc40
[  296.139916][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  296.139926][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  296.139937][    C1]  console_unlock+0xc4/0x270
[  296.139945][    C1]  ? __pfx_console_unlock+0x10/0x10
[  296.139953][    C1]  ? _printk+0xcf/0x120
[  296.139962][    C1]  ? vprintk_emit+0x3cc/0x7a0
[  296.139971][    C1]  vprintk_emit+0x5b7/0x7a0
[  296.139979][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  296.139986][    C1]  ? perf_trace_preemptirq_template+0x280/0x340
[  296.139997][    C1]  ? irqentry_enter+0x3d/0x60
[  296.140005][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  296.140017][    C1]  _printk+0xcf/0x120
[  296.140026][    C1]  ? __pfx__printk+0x10/0x10
[  296.140036][    C1]  __nla_validate_parse+0x2563/0x2d40
[  296.140052][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  296.140061][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  296.140071][    C1]  ? __pfx_trace_call_bpf+0x10/0x10
[  296.140078][    C1]  ? trace_call_bpf+0xb7/0x850
[  296.140085][    C1]  ? irqentry_exit+0x74/0x90
[  296.140093][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.140102][    C1]  __nla_parse+0x40/0x60
[  296.140117][    C1]  neigh_dump_info+0x2f4/0x1990
[  296.140128][    C1]  ? irqentry_exit+0x74/0x90
[  296.140135][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.140145][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  296.140155][    C1]  ? __build_skb_around+0x257/0x3e0
[  296.140162][    C1]  ? __alloc_skb+0x1bc/0x2d0
[  296.140203][    C1]  netlink_dump+0x6de/0xe60
[  296.140212][    C1]  ? __pfx_netlink_dump+0x10/0x10
[  296.140221][    C1]  ? __netlink_dump_start+0x3b0/0x7e0
[  296.140227][    C1]  __netlink_dump_start+0x5cb/0x7e0
[  296.140235][    C1]  rtnetlink_rcv_msg+0x9eb/0xb70
[  296.140246][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  296.140253][    C1]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  296.140262][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  296.140272][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  296.140280][    C1]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  296.140291][    C1]  netlink_rcv_skb+0x208/0x470
[  296.140297][    C1]  ? rcu_is_watching+0x7f/0xb0
[  296.140305][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  296.140314][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  296.140323][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  296.140330][    C1]  netlink_unicast+0x75c/0x8e0
[  296.140342][    C1]  netlink_sendmsg+0x805/0xb30
[  296.140350][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.140357][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  296.140367][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  296.140377][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.140383][    C1]  __sock_sendmsg+0x21c/0x270
[  296.140394][    C1]  ____sys_sendmsg+0x505/0x830
[  296.140403][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.140412][    C1]  ? import_iovec+0x74/0xa0
[  296.140420][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  296.140427][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.140435][    C1]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  296.140449][    C1]  ? __fget_files+0x2a/0x420
[  296.140458][    C1]  ? __fget_files+0x3a0/0x420
[  296.140466][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  296.140474][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  296.140484][    C1]  ? do_syscall_64+0xbe/0x3b0
[  296.140494][    C1]  do_syscall_64+0xfa/0x3b0
[  296.140503][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.140509][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  296.140517][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.140523][    C1] RIP: 0033:0x7f7862b8e9a9
[  296.140531][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.140536][    C1] RSP: 002b:00007f7863a31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.140543][    C1] RAX: ffffffffffffffda RBX: 00007f7862db5fa0 RCX: 00007f7862b8e9a9
[  296.140548][    C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000e
[  296.140552][    C1] RBP: 00007f7862c10d69 R08: 0000000000000000 R09: 0000000000000000
[  296.140556][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  296.140560][    C1] R13: 0000000000000000 R14: 00007f7862db5fa0 R15: 00007fffd426bd18
[  296.140568][    C1]  </TASK>
[  298.558340][ T9403] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  298.560936][ T9403] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  298.565808][ T9403] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  298.566349][ T9403] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  298.567048][ T9403] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  298.626363][ T9397] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  298.627256][ T9397] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  298.627586][ T9397] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  298.628637][ T9397] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  298.629132][ T9397] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  298.677198][ T9417] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  298.678670][ T9417] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  298.680455][ T9417] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  298.680911][ T9417] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  298.681257][ T9417] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  307.669460][   T34] INFO: task rcu_tasks_trace:32 blocked for more than 143 seconds.
[  307.669479][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.669486][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.669491][   T34] task:rcu_tasks_trace state:D stack:26160 pid:32    tgid:32    ppid:2      task_flags:0x208040 flags:0x00004000
[  307.669517][   T34] Call Trace:
[  307.669523][   T34]  <TASK>
[  307.669530][   T34]  __schedule+0x16f5/0x4d00
[  307.669552][   T34]  ? do_raw_spin_lock+0x121/0x290
[  307.669566][   T34]  ? schedule+0x165/0x360
[  307.669577][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.669587][   T34]  ? __pfx___schedule+0x10/0x10
[  307.669605][   T34]  ? schedule+0x91/0x360
[  307.669617][   T34]  schedule+0x165/0x360
[  307.669629][   T34]  synchronize_rcu_expedited+0x583/0x730
[  307.669644][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  307.669662][   T34]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  307.669673][   T34]  ? __pfx___might_resched+0x10/0x10
[  307.669686][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  307.669705][   T34]  synchronize_rcu+0x11a/0x310
[  307.669716][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  307.669727][   T34]  ? __pfx_rcu_tasks_trace_pregp_step+0x10/0x10
[  307.669741][   T34]  ? rcu_is_watching+0x15/0xb0
[  307.669751][   T34]  ? trace_contention_end+0x39/0x120
[  307.669763][   T34]  ? __mutex_lock+0x330/0xe80
[  307.669777][   T34]  rcu_tasks_wait_gp+0x490/0xac0
[  307.669794][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  307.669806][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  307.669817][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.669830][   T34]  ? __pfx_rcu_tasks_wait_gp+0x10/0x10
[  307.669843][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  307.669858][   T34]  rcu_tasks_one_gp+0xc19/0xdf0
[  307.669899][   T34]  ? rcu_tasks_one_gp+0xe9/0xdf0
[  307.669921][   T34]  rcu_tasks_kthread+0x195/0x1c0
[  307.669941][   T34]  kthread+0x711/0x8a0
[  307.669960][   T34]  ? __pfx_rcu_tasks_kthread+0x10/0x10
[  307.669977][   T34]  ? __pfx_kthread+0x10/0x10
[  307.669994][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  307.670007][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.670020][   T34]  ? __pfx_kthread+0x10/0x10
[  307.670037][   T34]  ret_from_fork+0x3fc/0x770
[  307.670052][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  307.670068][   T34]  ? __switch_to_asm+0x39/0x70
[  307.670084][   T34]  ? __switch_to_asm+0x33/0x70
[  307.670097][   T34]  ? __pfx_kthread+0x10/0x10
[  307.670148][   T34]  ret_from_fork_asm+0x1a/0x30
[  307.670171][   T34]  </TASK>
[  307.670259][   T34] INFO: task syz.2.1047:9322 blocked for more than 143 seconds.
[  307.670269][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.670277][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.670284][   T34] task:syz.2.1047      state:D stack:25096 pid:9322  tgid:9322  ppid:5835   task_flags:0x400040 flags:0x00004004
[  307.670317][   T34] Call Trace:
[  307.670323][   T34]  <TASK>
[  307.670331][   T34]  __schedule+0x16f5/0x4d00
[  307.670348][   T34]  ? trace_call_bpf+0xb7/0x850
[  307.670366][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  307.670381][   T34]  ? schedule+0x165/0x360
[  307.670395][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.670407][   T34]  ? __pfx___schedule+0x10/0x10
[  307.670430][   T34]  ? schedule+0x91/0x360
[  307.670445][   T34]  schedule+0x165/0x360
[  307.670461][   T34]  schedule_timeout+0x9a/0x270
[  307.670473][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  307.670493][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  307.670506][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.670521][   T34]  __wait_for_common+0x3da/0x710
[  307.670540][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  307.670549][   T34]  ? __pfx___wait_for_common+0x10/0x10
[  307.670562][   T34]  ? __raw_spin_lock_init+0x45/0x100
[  307.670576][   T34]  ? __init_swait_queue_head+0xa9/0x150
[  307.670590][   T34]  wait_for_completion_state+0x1c/0x40
[  307.670601][   T34]  __wait_rcu_gp+0x24c/0x280
[  307.670615][   T34]  synchronize_rcu_tasks_generic+0x132/0x220
[  307.670629][   T34]  ? __pfx_synchronize_rcu_tasks_generic+0x10/0x10
[  307.670640][   T34]  ? rcu_read_lock_any_held+0xb3/0x120
[  307.670650][   T34]  ? __pfx_call_rcu_tasks_trace+0x10/0x10
[  307.670663][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  307.670684][   T34]  perf_trace_event_unreg+0xbe/0x1b0
[  307.670696][   T34]  perf_trace_destroy+0xa4/0x150
[  307.670706][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  307.670718][   T34]  __free_event+0x316/0x7b0
[  307.670728][   T34]  ? __pfx_perf_release+0x10/0x10
[  307.670740][   T34]  perf_event_release_kernel+0x45b/0x510
[  307.670751][   T34]  ? __pfx_perf_release+0x10/0x10
[  307.670763][   T34]  perf_release+0x38/0x50
[  307.670775][   T34]  __fput+0x44c/0xa70
[  307.670793][   T34]  task_work_run+0x1d4/0x260
[  307.670808][   T34]  ? __pfx_task_work_run+0x10/0x10
[  307.670824][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  307.670836][   T34]  exit_to_user_mode_loop+0xec/0x110
[  307.670845][   T34]  do_syscall_64+0x2bd/0x3b0
[  307.670857][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.670870][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.670880][   T34]  ? exc_page_fault+0x9f/0xf0
[  307.670892][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.670901][   T34] RIP: 0033:0x7f34b758e9a9
[  307.670910][   T34] RSP: 002b:00007ffcfbbfe698 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  307.670921][   T34] RAX: 0000000000000000 RBX: 00007f34b77b7ba0 RCX: 00007f34b758e9a9
[  307.670928][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  307.670935][   T34] RBP: 00007f34b77b7ba0 R08: 00000000000000e8 R09: 0000000dfbbfe98f
[  307.670942][   T34] R10: 00007f34b77b7ac0 R11: 0000000000000246 R12: 0000000000027b69
[  307.670949][   T34] R13: 00007f34b77b6160 R14: ffffffffffffffff R15: 00007ffcfbbfe7b0
[  307.670963][   T34]  </TASK>
[  307.670968][   T34] INFO: task syz.0.1055:9348 blocked for more than 143 seconds.
[  307.670975][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.670981][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.670986][   T34] task:syz.0.1055      state:D stack:26920 pid:9348  tgid:9348  ppid:5828   task_flags:0x400040 flags:0x00004004
[  307.671008][   T34] Call Trace:
[  307.671012][   T34]  <TASK>
[  307.671019][   T34]  __schedule+0x16f5/0x4d00
[  307.671035][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.671045][   T34]  ? schedule+0x165/0x360
[  307.671058][   T34]  ? __pfx___schedule+0x10/0x10
[  307.671075][   T34]  ? schedule+0x91/0x360
[  307.671087][   T34]  schedule+0x165/0x360
[  307.671127][   T34]  schedule_preempt_disabled+0x13/0x30
[  307.671140][   T34]  __mutex_lock+0x724/0xe80
[  307.671153][   T34]  ? __mutex_lock+0x51b/0xe80
[  307.671168][   T34]  ? perf_trace_destroy+0x2e/0x150
[  307.671179][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  307.671193][   T34]  ? security_perf_event_free+0x40/0x70
[  307.671206][   T34]  ? rcu_is_watching+0x15/0xb0
[  307.671218][   T34]  ? rcu_is_watching+0x15/0xb0
[  307.671228][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  307.671239][   T34]  perf_trace_destroy+0x2e/0x150
[  307.671250][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  307.671260][   T34]  __free_event+0x316/0x7b0
[  307.671270][   T34]  ? __pfx_perf_release+0x10/0x10
[  307.671283][   T34]  perf_event_release_kernel+0x45b/0x510
[  307.671293][   T34]  ? __pfx_perf_release+0x10/0x10
[  307.671305][   T34]  perf_release+0x38/0x50
[  307.671316][   T34]  __fput+0x44c/0xa70
[  307.671332][   T34]  task_work_run+0x1d4/0x260
[  307.671347][   T34]  ? __pfx_task_work_run+0x10/0x10
[  307.671362][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  307.671373][   T34]  exit_to_user_mode_loop+0xec/0x110
[  307.671383][   T34]  do_syscall_64+0x2bd/0x3b0
[  307.671395][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.671406][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.671415][   T34]  ? exc_page_fault+0x9f/0xf0
[  307.671427][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.671436][   T34] RIP: 0033:0x7f7862b8e9a9
[  307.671444][   T34] RSP: 002b:00007fffd426be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  307.671455][   T34] RAX: 0000000000000000 RBX: 00007f7862db7ba0 RCX: 00007f7862b8e9a9
[  307.671462][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  307.671468][   T34] RBP: 00007f7862db7ba0 R08: 000000000000021c R09: 0000001ed426c16f
[  307.671475][   T34] R10: 00007f7862db7ac0 R11: 0000000000000246 R12: 0000000000027dc6
[  307.671481][   T34] R13: 00007fffd426bf70 R14: ffffffffffffffff R15: 00007fffd426bf90
[  307.671495][   T34]  </TASK>
[  307.671500][   T34] INFO: task syz.1.1058:9361 blocked for more than 143 seconds.
[  307.671507][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.671513][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.671517][   T34] task:syz.1.1058      state:D stack:25096 pid:9361  tgid:9361  ppid:5824   task_flags:0x400040 flags:0x00004004
[  307.671540][   T34] Call Trace:
[  307.671544][   T34]  <TASK>
[  307.671550][   T34]  __schedule+0x16f5/0x4d00
[  307.671566][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.671577][   T34]  ? schedule+0x165/0x360
[  307.671589][   T34]  ? __pfx___schedule+0x10/0x10
[  307.671606][   T34]  ? schedule+0x91/0x360
[  307.671618][   T34]  schedule+0x165/0x360
[  307.671630][   T34]  schedule_preempt_disabled+0x13/0x30
[  307.671640][   T34]  __mutex_lock+0x724/0xe80
[  307.671653][   T34]  ? __mutex_lock+0x51b/0xe80
[  307.671667][   T34]  ? synchronize_rcu_expedited+0x3b9/0x730
[  307.671680][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  307.671697][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  307.671711][   T34]  synchronize_rcu_expedited+0x3b9/0x730
[  307.671724][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  307.671743][   T34]  ? __pfx___might_resched+0x10/0x10
[  307.671761][   T34]  synchronize_rcu+0x11a/0x310
[  307.671772][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  307.671783][   T34]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  307.671799][   T34]  packet_release+0xa05/0xce0
[  307.671813][   T34]  ? __pfx_packet_release+0x10/0x10
[  307.671822][   T34]  ? down_write+0x162/0x1f0
[  307.671840][   T34]  sock_close+0xc3/0x240
[  307.671854][   T34]  ? __pfx_sock_close+0x10/0x10
[  307.671867][   T34]  __fput+0x44c/0xa70
[  307.671884][   T34]  task_work_run+0x1d4/0x260
[  307.671898][   T34]  ? __pfx_task_work_run+0x10/0x10
[  307.671914][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  307.671925][   T34]  exit_to_user_mode_loop+0xec/0x110
[  307.671934][   T34]  do_syscall_64+0x2bd/0x3b0
[  307.671947][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.671956][   T34]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.671967][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.671976][   T34] RIP: 0033:0x7f57f998e9a9
[  307.671983][   T34] RSP: 002b:00007fff46aece38 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  307.671994][   T34] RAX: 0000000000000000 RBX: 00007f57f9bb7ba0 RCX: 00007f57f998e9a9
[  307.672000][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  307.672007][   T34] RBP: 00007f57f9bb7ba0 R08: 000000000000021c R09: 0000001d46aed12f
[  307.672013][   T34] R10: 00007f57f9bb7ac0 R11: 0000000000000246 R12: 0000000000027eb0
[  307.672020][   T34] R13: 00007f57f9bb6160 R14: ffffffffffffffff R15: 00007fff46aecf50
[  307.672034][   T34]  </TASK>
[  307.672038][   T34] INFO: task syz.1.1058:9362 blocked for more than 143 seconds.
[  307.672045][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.672051][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.672055][   T34] task:syz.1.1058      state:D stack:27000 pid:9362  tgid:9361  ppid:5824   task_flags:0x400140 flags:0x00004004
[  307.672076][   T34] Call Trace:
[  307.672081][   T34]  <TASK>
[  307.672087][   T34]  __schedule+0x16f5/0x4d00
[  307.672129][   T34]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  307.672144][   T34]  ? schedule+0x165/0x360
[  307.672157][   T34]  ? __pfx___schedule+0x10/0x10
[  307.672174][   T34]  ? schedule+0x91/0x360
[  307.672186][   T34]  schedule+0x165/0x360
[  307.672198][   T34]  schedule_preempt_disabled+0x13/0x30
[  307.672209][   T34]  __mutex_lock+0x724/0xe80
[  307.672221][   T34]  ? __mutex_lock+0x51b/0xe80
[  307.672235][   T34]  ? perf_trace_init+0x50/0x2d0
[  307.672246][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  307.672262][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.672274][   T34]  perf_trace_init+0x50/0x2d0
[  307.672283][   T34]  ? perf_tp_event_init+0x7c/0x120
[  307.672295][   T34]  perf_tp_event_init+0x8d/0x120
[  307.672306][   T34]  perf_try_init_event+0x17f/0x870
[  307.672319][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672332][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672343][   T34]  perf_event_alloc+0x1357/0x2bb0
[  307.672355][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.672364][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672383][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  307.672397][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672409][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672419][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672432][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  307.672445][   T34]  ? perf_trace_preemptirq_template+0x280/0x340
[  307.672459][   T34]  ? irqentry_enter+0x3d/0x60
[  307.672473][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  307.672496][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  307.672509][   T34]  do_syscall_64+0xfa/0x3b0
[  307.672521][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.672532][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.672541][   T34]  ? exc_page_fault+0x9f/0xf0
[  307.672553][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.672561][   T34] RIP: 0033:0x7f57f998e9a9
[  307.672569][   T34] RSP: 002b:00007f57fa8c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  307.672580][   T34] RAX: ffffffffffffffda RBX: 00007f57f9bb5fa0 RCX: 00007f57f998e9a9
[  307.672587][   T34] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  307.672594][   T34] RBP: 00007f57f9a10d69 R08: 0000000000000009 R09: 0000000000000000
[  307.672600][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  307.672607][   T34] R13: 0000000000000000 R14: 00007f57f9bb5fa0 R15: 00007fff46aeccd8
[  307.672620][   T34]  </TASK>
[  307.672625][   T34] INFO: task syz.1.1058:9363 blocked for more than 143 seconds.
[  307.672631][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  307.672637][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.672642][   T34] task:syz.1.1058      state:D stack:25896 pid:9363  tgid:9361  ppid:5824   task_flags:0x400140 flags:0x00004004
[  307.672664][   T34] Call Trace:
[  307.672668][   T34]  <TASK>
[  307.672674][   T34]  __schedule+0x16f5/0x4d00
[  307.672690][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.672700][   T34]  ? schedule+0x165/0x360
[  307.672713][   T34]  ? __pfx___schedule+0x10/0x10
[  307.672730][   T34]  ? schedule+0x91/0x360
[  307.672742][   T34]  schedule+0x165/0x360
[  307.672753][   T34]  schedule_preempt_disabled+0x13/0x30
[  307.672764][   T34]  __mutex_lock+0x724/0xe80
[  307.672777][   T34]  ? __mutex_lock+0x51b/0xe80
[  307.672791][   T34]  ? perf_trace_init+0x50/0x2d0
[  307.672801][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  307.672817][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.672829][   T34]  perf_trace_init+0x50/0x2d0
[  307.672838][   T34]  ? perf_tp_event_init+0x7c/0x120
[  307.672850][   T34]  perf_tp_event_init+0x8d/0x120
[  307.672861][   T34]  perf_try_init_event+0x17f/0x870
[  307.672875][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672887][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672899][   T34]  perf_event_alloc+0x1357/0x2bb0
[  307.672910][   T34]  ? __lock_acquire+0xab9/0xd20
[  307.672919][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  307.672938][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  307.672952][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672964][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672975][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  307.672987][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  307.673005][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  307.673023][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  307.673037][   T34]  ? rcu_is_watching+0x15/0xb0
[  307.673049][   T34]  ? do_syscall_64+0xbe/0x3b0
[  307.673060][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  307.673073][   T34]  do_syscall_64+0xfa/0x3b0
[  307.673085][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.673096][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.673129][   T34]  ? exc_page_fault+0x9f/0xf0
[  307.673142][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.673150][   T34] RIP: 0033:0x7f57f998e9a9
[  307.673158][   T34] RSP: 002b:00007f57fa8a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  307.673169][   T34] RAX: ffffffffffffffda RBX: 00007f57f9bb6080 RCX: 00007f57f998e9a9
[  307.673176][   T34] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000500
[  307.673182][   T34] RBP: 00007f57f9a10d69 R08: 0000000000000009 R09: 0000000000000000
[  307.673189][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  307.673195][   T34] R13: 0000000000000000 R14: 00007f57f9bb6080 R15: 00007fff46aeccd8
[  307.673208][   T34]  </TASK>
[  307.673221][   T34] 
[  307.673221][   T34] Showing all locks held in the system:
[  307.673228][   T34] 3 locks held by kworker/u9:0/26:
[  307.673234][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673265][   T34]  #1: ffffc900001efbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673295][   T34]  #2: ffff888123fc0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x460
[  307.673328][   T34] 3 locks held by kworker/u9:1/29:
[  307.673334][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673363][   T34]  #1: ffffc9000062fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673391][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  307.673422][   T34] 2 locks held by rcu_tasks_trace/32:
[  307.673428][   T34]  #0: ffffffff8e13fe10 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{4:4}, at: rcu_tasks_one_gp+0xaf9/0xdf0
[  307.673459][   T34]  #1: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  307.673489][   T34] 1 lock held by khungtaskd/34:
[  307.673495][   T34]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  307.673527][   T34] 3 locks held by kworker/u9:2/53:
[  307.673533][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673562][   T34]  #1: ffffc900007bfbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673590][   T34]  #2: ffff888123d90768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x460
[  307.673622][   T34] 6 locks held by kworker/u11:0/55:
[  307.673628][   T34]  #0: ffff88802b0dd948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673656][   T34]  #1: ffffc900007dfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673685][   T34]  #2: ffff8880275f0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  307.673715][   T34]  #3: ffff8880275f00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  307.673747][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  307.673774][   T34]  #5: ffff888023c13338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  307.673807][   T34] 2 locks held by kworker/0:1H/61:
[  307.673813][   T34]  #0: ffff888100ea5d48 ((wq_completion)kblockd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673842][   T34]  #1: ffffc90000eefbc0 ((work_completion)(&q->timeout_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673890][   T34] 4 locks held by kworker/u11:1/5216:
[  307.673896][   T34]  #0: ffff88803becd948 ((wq_completion)hci3#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.673928][   T34]  #1: ffffc900080d7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.673957][   T34]  #2: ffff88812fd3c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.673987][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.674018][   T34] 2 locks held by getty/5655:
[  307.674024][   T34]  #0: ffff88802261b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  307.674052][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  307.674084][   T34] 5 locks held by kworker/u11:2/5827:
[  307.674089][   T34]  #0: ffff88802749f148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.674143][   T34]  #1: ffffc90003fbfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.674173][   T34]  #2: ffff8881071dcdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  307.674202][   T34]  #3: ffff8881071dc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  307.674233][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  307.674261][   T34] 4 locks held by kworker/u11:3/5830:
[  307.674267][   T34]  #0: ffff88803beca148 ((wq_completion)hci5#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.674299][   T34]  #1: ffffc90003fefbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.674328][   T34]  #2: ffff888110f340b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.674358][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.674388][   T34] 4 locks held by kworker/u11:4/5831:
[  307.674393][   T34]  #0: ffff8880425a1948 ((wq_completion)hci8#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.674425][   T34]  #1: ffffc90003fffbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.674454][   T34]  #2: ffff888000da40b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.674484][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.674514][   T34] 3 locks held by kworker/u8:2/5837:
[  307.674520][   T34]  #0: ffff888107803148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.674549][   T34]  #1: ffffc9000404fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.674578][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  307.674612][   T34] 1 lock held by syz.2.1047/9322:
[  307.674618][   T34]  #0: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  307.674646][   T34] 1 lock held by syz.0.1055/9348:
[  307.674652][   T34]  #0: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  307.674680][   T34] 4 locks held by syz.0.1055/9349:
[  307.674686][   T34] 2 locks held by syz.1.1058/9361:
[  307.674691][   T34]  #0: ffff8880331bbe08 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  307.674725][   T34]  #1: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  307.674755][   T34] 3 locks held by syz.1.1058/9362:
[  307.674761][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  307.674792][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  307.674821][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  307.674849][   T34] 3 locks held by syz.1.1058/9363:
[  307.674855][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  307.674887][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  307.674916][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  307.674944][   T34] 2 locks held by syz-executor/9369:
[  307.674950][   T34]  #0: ffffffff8eca43a0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  307.674982][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  307.675008][   T34] 2 locks held by syz-executor/9370:
[  307.675014][   T34]  #0: ffffffff8f5101d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  307.675041][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  307.675073][   T34] 2 locks held by syz-executor/9372:
[  307.675078][   T34]  #0: ffffffff8f5101d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  307.675132][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1c/0x1d0
[  307.675163][   T34] 4 locks held by kworker/u11:5/9375:
[  307.675169][   T34]  #0: ffff88803250d948 ((wq_completion)hci7#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.675201][   T34]  #1: ffffc90008d77bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.675230][   T34]  #2: ffff888000da00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.675260][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.675290][   T34] 4 locks held by kworker/u11:6/9381:
[  307.675296][   T34]  #0: ffff88803becc148 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.675328][   T34]  #1: ffffc90008befbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.675356][   T34]  #2: ffff88812fd380b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.675386][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.675416][   T34] 1 lock held by dhcpcd/9384:
[  307.675422][   T34]  #0: ffff888032be6258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675452][   T34] 1 lock held by dhcpcd/9385:
[  307.675457][   T34]  #0: ffff88803223a258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675486][   T34] 1 lock held by dhcpcd/9386:
[  307.675492][   T34]  #0: ffff88803e842258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675522][   T34] 1 lock held by dhcpcd/9387:
[  307.675528][   T34]  #0: ffff88803e872258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675556][   T34] 1 lock held by dhcpcd/9388:
[  307.675562][   T34]  #0: ffff888036616258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675591][   T34] 1 lock held by dhcpcd/9389:
[  307.675596][   T34]  #0: ffff888041aa0258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  307.675625][   T34] 1 lock held by syz-executor/9393:
[  307.675631][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.675661][   T34] 1 lock held by syz-executor/9394:
[  307.675667][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.675696][   T34] 1 lock held by syz-executor/9398:
[  307.675702][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.675732][   T34] 4 locks held by kworker/u11:8/9402:
[  307.675737][   T34]  #0: ffff88803250e148 ((wq_completion)hci6#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.675769][   T34]  #1: ffffc90007d3fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.675798][   T34]  #2: ffff88802788c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.675827][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.675866][   T34] 4 locks held by kworker/u11:9/9403:
[  307.675876][   T34]  #0: ffff888027817948 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.675909][   T34]  #1: ffffc900049bfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.675941][   T34]  #2: ffff88810825c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.675971][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.676001][   T34] 4 locks held by kworker/u11:10/9404:
[  307.676007][   T34]  #0: ffff88803341a948 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.676039][   T34]  #1: ffffc900049afbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.676068][   T34]  #2: ffff88812c48c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.676124][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.676158][   T34] 1 lock held by syz-executor/9409:
[  307.676164][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.676193][   T34] 1 lock held by syz-executor/9412:
[  307.676199][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.676228][   T34] 1 lock held by syz-executor/9413:
[  307.676234][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  307.676264][   T34] 4 locks held by kworker/u11:12/9417:
[  307.676269][   T34]  #0: ffff888032681948 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  307.676301][   T34]  #1: ffffc900048efbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  307.676330][   T34]  #2: ffff888130cf80b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  307.676359][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  307.676390][   T34] 
[  307.676393][   T34] =============================================
[  307.676393][   T34] 
[  307.676399][   T34] NMI backtrace for cpu 0
[  307.676405][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  307.676413][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  307.676417][   T34] Call Trace:
[  307.676421][   T34]  <TASK>
[  307.676424][   T34]  dump_stack_lvl+0x189/0x250
[  307.676434][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.676443][   T34]  ? __pfx__printk+0x10/0x10
[  307.676457][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  307.676467][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  307.676474][   T34]  ? _printk+0xcf/0x120
[  307.676485][   T34]  ? __pfx__printk+0x10/0x10
[  307.676495][   T34]  ? debug_show_all_locks+0x2e/0x180
[  307.676503][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  307.676512][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  307.676521][   T34]  watchdog+0xfee/0x1030
[  307.676529][   T34]  ? watchdog+0x1de/0x1030
[  307.676538][   T34]  kthread+0x711/0x8a0
[  307.676550][   T34]  ? __pfx_watchdog+0x10/0x10
[  307.676556][   T34]  ? __pfx_kthread+0x10/0x10
[  307.676566][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  307.676575][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.676583][   T34]  ? __pfx_kthread+0x10/0x10
[  307.676594][   T34]  ret_from_fork+0x3fc/0x770
[  307.676603][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  307.676612][   T34]  ? __switch_to_asm+0x39/0x70
[  307.676622][   T34]  ? __switch_to_asm+0x33/0x70
[  307.676631][   T34]  ? __pfx_kthread+0x10/0x10
[  307.676641][   T34]  ret_from_fork_asm+0x1a/0x30
[  307.676656][   T34]  </TASK>
[  307.676659][   T34] Sending NMI from CPU 0 to CPUs 1:
[  307.676716][    C1] NMI backtrace for cpu 1
[  307.676731][    C1] CPU: 1 UID: 0 PID: 9349 Comm: syz.0.1055 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  307.676741][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  307.676747][    C1] RIP: 0010:native_apic_msr_eoi+0xf/0x20
[  307.676763][    C1] Code: f8 c3 cc cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 0b 08 00 00 31 c0 31 d2 0f 30 <e9> 8c 14 00 0a cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  307.676770][    C1] RSP: 0018:ffffc900001e0a60 EFLAGS: 00000046
[  307.676777][    C1] RAX: 0000000000000000 RBX: ffffc900001e0aa8 RCX: 000000000000080b
[  307.676782][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  307.676786][    C1] RBP: 0000000000000000 R08: ffff888136623b0f R09: 1ffff11026cc4761
[  307.676791][    C1] R10: dffffc0000000000 R11: ffffed1026cc4762 R12: dffffc0000000000
[  307.676795][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.676800][    C1] FS:  00007f7863a316c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  307.676805][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.676810][    C1] CR2: 00007f57f9b802d8 CR3: 0000000105e10000 CR4: 00000000000006f0
[  307.676836][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  307.676841][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  307.676846][    C1] Call Trace:
[  307.676850][    C1]  <IRQ>
[  307.676853][    C1]  __sysvec_apic_timer_interrupt+0x45/0x410
[  307.676867][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[  307.676877][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.676885][    C1] RIP: 0010:kasan_quarantine_put+0x88/0x220
[  307.676896][    C1] Code: e8 1d 5a a4 ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 88 00 00 00 41 f7 c7 00 02 00 00 74 01 fb 31 c0 <48> 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 8d 80
[  307.676901][    C1] RSP: 0018:ffffc900001e0b58 EFLAGS: 00000206
[  307.676907][    C1] RAX: 074e494c5db19d01 RBX: ffff88803312fbe8 RCX: 074e494c5db19d00
[  307.676912][    C1] RDX: 0000000000000002 RSI: ffffffff8d998874 RDI: ffffffff8be29f40
[  307.676916][    C1] RBP: 0000000000000000 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  307.676920][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffea0000cc4b80
[  307.676925][    C1] R13: 0000000000000000 R14: 00000000000a8178 R15: 0000000000000286
[  307.676933][    C1]  ? rcu_core+0xca8/0x1710
[  307.676942][    C1]  kmem_cache_free+0x18f/0x400
[  307.676950][    C1]  ? __pfx___d_free+0x10/0x10
[  307.676957][    C1]  ? rcu_core+0xc34/0x1710
[  307.676963][    C1]  rcu_core+0xca8/0x1710
[  307.676973][    C1]  ? __pfx_rcu_core+0x10/0x10
[  307.676980][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  307.676988][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  307.676996][    C1]  ? irqentry_exit+0x74/0x90
[  307.677006][    C1]  ? __pfx_rcu_core_si+0x10/0x10
[  307.677022][    C1]  handle_softirqs+0x286/0x870
[  307.677030][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  307.677038][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  307.677046][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  307.677056][    C1]  __irq_exit_rcu+0xca/0x1f0
[  307.677064][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  307.677072][    C1]  irq_exit_rcu+0x9/0x30
[  307.677079][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  307.677087][    C1]  </IRQ>
[  307.677089][    C1]  <TASK>
[  307.677091][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.677130][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  307.677141][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 1a 0b 82 00 48 8b 1b 48 8b 44 24
[  307.677146][    C1] RSP: 0018:ffffc900092bea60 EFLAGS: 00000287
[  307.677153][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  307.677157][    C1] RDX: ffffc900041c2000 RSI: 00000000000024b3 RDI: 00000000000024b4
[  307.677162][    C1] RBP: ffffc900092bebb0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  307.677166][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  307.677171][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  307.677180][    C1]  ? console_flush_all+0x13a/0xc40
[  307.677190][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  307.677200][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  307.677211][    C1]  console_unlock+0xc4/0x270
[  307.677220][    C1]  ? __pfx_console_unlock+0x10/0x10
[  307.677228][    C1]  ? _printk+0xcf/0x120
[  307.677237][    C1]  ? vprintk_emit+0x3cc/0x7a0
[  307.677246][    C1]  vprintk_emit+0x5b7/0x7a0
[  307.677254][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  307.677261][    C1]  ? perf_trace_preemptirq_template+0x280/0x340
[  307.677272][    C1]  ? irqentry_enter+0x3d/0x60
[  307.677280][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  307.677291][    C1]  _printk+0xcf/0x120
[  307.677300][    C1]  ? __pfx__printk+0x10/0x10
[  307.677310][    C1]  __nla_validate_parse+0x2563/0x2d40
[  307.677325][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  307.677334][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  307.677344][    C1]  ? __pfx_trace_call_bpf+0x10/0x10
[  307.677351][    C1]  ? trace_call_bpf+0xb7/0x850
[  307.677358][    C1]  ? irqentry_exit+0x74/0x90
[  307.677366][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.677376][    C1]  __nla_parse+0x40/0x60
[  307.677386][    C1]  neigh_dump_info+0x2f4/0x1990
[  307.677397][    C1]  ? irqentry_exit+0x74/0x90
[  307.677405][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.677415][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  307.677424][    C1]  ? __build_skb_around+0x257/0x3e0
[  307.677433][    C1]  ? __alloc_skb+0x1bc/0x2d0
[  307.677440][    C1]  netlink_dump+0x6de/0xe60
[  307.677450][    C1]  ? __pfx_netlink_dump+0x10/0x10
[  307.677458][    C1]  ? __netlink_dump_start+0x3b0/0x7e0
[  307.677465][    C1]  __netlink_dump_start+0x5cb/0x7e0
[  307.677473][    C1]  rtnetlink_rcv_msg+0x9eb/0xb70
[  307.677484][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  307.677491][    C1]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  307.677500][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.677510][    C1]  ? __pfx_neigh_dump_info+0x10/0x10
[  307.677518][    C1]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  307.677529][    C1]  netlink_rcv_skb+0x208/0x470
[  307.677535][    C1]  ? rcu_is_watching+0x7f/0xb0
[  307.677542][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.677552][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.677560][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.677568][    C1]  netlink_unicast+0x75c/0x8e0
[  307.677580][    C1]  netlink_sendmsg+0x805/0xb30
[  307.677588][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.677595][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  307.677606][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.677615][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.677621][    C1]  __sock_sendmsg+0x21c/0x270
[  307.677632][    C1]  ____sys_sendmsg+0x505/0x830
[  307.677641][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.677650][    C1]  ? import_iovec+0x74/0xa0
[  307.677657][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  307.677665][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.677673][    C1]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  307.677687][    C1]  ? __fget_files+0x2a/0x420
[  307.677694][    C1]  ? __fget_files+0x3a0/0x420
[  307.677703][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  307.677711][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.677721][    C1]  ? do_syscall_64+0xbe/0x3b0
[  307.677731][    C1]  do_syscall_64+0xfa/0x3b0
[  307.677740][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.677746][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.677753][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.677760][    C1] RIP: 0033:0x7f7862b8e9a9
[  307.677767][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.677773][    C1] RSP: 002b:00007f7863a31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.677779][    C1] RAX: ffffffffffffffda RBX: 00007f7862db5fa0 RCX: 00007f7862b8e9a9
[  307.677784][    C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000e
[  307.677788][    C1] RBP: 00007f7862c10d69 R08: 0000000000000000 R09: 0000000000000000
[  307.677792][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.677796][    C1] R13: 0000000000000000 R14: 00007f7862db5fa0 R15: 00007fffd426bd18
[  307.677803][    C1]  </TASK>
[  307.691289][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  307.691301][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  307.691312][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  307.691317][   T34] Call Trace:
[  307.691320][   T34]  <TASK>
[  307.691324][   T34]  dump_stack_lvl+0x99/0x250
[  307.691337][   T34]  ? __asan_memcpy+0x40/0x70
[  307.691349][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.691358][   T34]  ? __pfx__printk+0x10/0x10
[  307.691373][   T34]  panic+0x2db/0x790
[  307.691383][   T34]  ? __pfx_panic+0x10/0x10
[  307.691391][   T34]  ? nmi_backtrace_stall_check+0x433/0x440
[  307.691405][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  307.691413][   T34]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  307.691424][   T34]  watchdog+0x102d/0x1030
[  307.691432][   T34]  ? watchdog+0x1de/0x1030
[  307.691442][   T34]  kthread+0x711/0x8a0
[  307.691454][   T34]  ? __pfx_watchdog+0x10/0x10
[  307.691460][   T34]  ? __pfx_kthread+0x10/0x10
[  307.691471][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  307.691481][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.691490][   T34]  ? __pfx_kthread+0x10/0x10
[  307.691501][   T34]  ret_from_fork+0x3fc/0x770
[  307.691510][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  307.691520][   T34]  ? __switch_to_asm+0x39/0x70
[  307.691529][   T34]  ? __switch_to_asm+0x33/0x70
[  307.691538][   T34]  ? __pfx_kthread+0x10/0x10
[  307.691549][   T34]  ret_from_fork_asm+0x1a/0x30
[  307.691564][   T34]  </TASK>
[  307.692270][   T34] Kernel Offset: disabled

VM DIAGNOSIS:
12:21:41  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f7b0
R8 =ffff888021010237 R9 =1ffff11004202046 R10=dffffc0000000000 R11=ffffffff85472aa0
R12=dffffc0000000000 R13=ffffffff99af58d3 R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff85472b1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055b760e75e08 CR3=0000000028a2e000 CR4=000006f0
DR0=0000200000000300 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=00ff000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000ff0000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81680ea6 RBX=0000000000000000 RCX=ffff888034778000 RDX=0000000000010100
RSI=0000000000000008 RDI=ffffffff92a52460 RBP=ffffc900001e0a78 RSP=ffffc900001e09e0
R8 =ffffffff92a52467 R9 =1ffffffff254a48c R10=dffffc0000000000 R11=fffffbfff254a48d
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81680ea7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7863a316c0 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f57f9b802d8 CR3=0000000105e10000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=6756d9fa403d2f26 98b70d36009eca4c
XMM02=d5ef7749d79d8d32 b1491af1dfdc06e0 XMM03=ed81cecae1d509d9 9abbe35c211f9563
XMM04=e4d60dd4cce60002 ca9e2ab4e0ecff0b XMM05=95922a45933defed e4d60dd4cce60002
XMM06=ca9e2ab4e0ecff0b ed81cecae1d509d9 XMM07=9abbe35c211f9563 d5ef7749d79d8d32
XMM08=b1491af1dfdc06e0 6756d9fa403d2f26 XMM09=0000000000000000 00007f7862c11ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
