last executing test programs: 6.664855111s ago: executing program 3 (id=654): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random='c\b\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1e, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000000000000000fdffffff85000000d100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffac) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, &(0x7f0000000100)=""/186}, 0x20) perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x80260, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) 5.570533007s ago: executing program 3 (id=668): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random='c\b\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1e, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000000000000000fdffffff85000000d100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffac) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, &(0x7f0000000100)=""/186}, 0x20) perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x80260, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) 4.430514691s ago: executing program 3 (id=683): r0 = socket$kcm(0x2c, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x18000000000002a0, 0x1c, 0x0, &(0x7f00000002c0)="4b750fef868ec810c92373bc8906e44c115f31e4545336f98e225bd6", 0x0, 0x400600, 0x60000009, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) r4 = perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80344, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000001340)}, 0x2a, 0xca, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x3, r2, 0x8) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000791208000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x5, 0x0, 0x0) r6 = socket$kcm(0x10, 0x100000000002, 0x4) sendmsg$kcm(r6, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0xc00e}, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r5, 0x0, 0x27a}, 0x18) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x913f73d42e70e880) r7 = socket$kcm(0x2a, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x5411, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r8 = syz_clone(0x7fcef435fd0e43d3, &(0x7f00000011c0)="70af02aad990744c4c98f6a9c230e62a7ae6d125b247557375dcbd445e32046e864f1d5bc2903827ff89e60676524d64cabdb285bb306875b2b2a14a05aa271414aa6583c92623b03a6f7878c625c16c36f1f010ed434d0b27d5bf771b8bb1152e4c58feb3ca320ec2c55ac8d4c0a89611227fd03ac350ed6330e15c2337ffcf1a9468da8c124797662c0338352ec5d605afa5df92bb7794a17d5cd70381e5ae4ec476f237962d9a49760296e69ab51ba91131b9f7978aa854a21aed6c03638c2eb536b196f40379b7292e83237953aec30b35542e7b3048455059b422bbe006a329", 0xe2, &(0x7f0000000300), &(0x7f0000000440), &(0x7f00000012c0)="551877ac7e191f2b5ddaf0b0b2b9b3f658c521c105e8ee74108bd02dafbe6e814b560edb77896e38bb8a14ab3074befaaf25ad3afaeb0119c97b81d1e24bfdc093d88b8940415dd2d62652c055b0e7e026") perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4d31, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8000, 0xf}, 0x0, 0x2, 0xfffffffe, 0x8}, r8, 0xffffffffffffffff, r4, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="b402000000005b6420a213f1274c000005000000000000009500740000000000c7609d23f74b2e75bf8208d055787c9b0b9bffebac7746ad304d59d54b47f40304af07532aabdc7ac2ab92112b8e9737ad948a4f2fd66a329f254325029675c13436899d062ade1a2b3353282f2cd17855bd725ec063fa55391d66bdb87a017866f6e462b870a8724e66fdeb94d9e6d9e37baa3381a455612352458ebba193973228cfd64382b966df479ee12f7f8befa37138db8a680261ed0ff4a3578621bfdbb59789d71489a40fcbfbd03b4764a6e8830eec08dc7240acdfdf3f47706a33042886f75f34bc0f1f0ccd3bbb4af5bde1034e11a30805d91a252546cbc9a266304062dc2ada7cde"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x24}, 0x94) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000001400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@float={0x6, 0x0, 0x0, 0x10, 0x10}, @enum64={0x4, 0x2, 0x0, 0x13, 0x0, 0x18, [{0x9, 0x6, 0x9}, {0xf, 0xa}]}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x74}, @decl_tag={0x9, 0x0, 0x0, 0x11, 0x2, 0x7}]}}, 0x0, 0x6a}, 0x28) close(0xffffffffffffffff) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x94) write$cgroup_subtree(r9, &(0x7f0000000c00)=ANY=[@ANYBLOB], 0x12) setsockopt$sock_attach_bpf(r0, 0x11b, 0x6, &(0x7f0000000000)=r1, 0x4) 3.937236823s ago: executing program 4 (id=688): r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000c40), 0x12) 1.269475945s ago: executing program 4 (id=697): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000001000000000000008d080000711212000000000095"], &(0x7f0000000040)='syzkaller\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) 1.255292494s ago: executing program 3 (id=698): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x4925c) 1.175277347s ago: executing program 0 (id=699): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113900000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf150000000000003d650000000000006507000002000000070700004c0000001f750000000000006154000000000000070400000400f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff28}, 0x48) 1.124201086s ago: executing program 4 (id=701): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="bc0800000000000061106c000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2}, 0x48) 977.689335ms ago: executing program 1 (id=702): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000380)={&(0x7f0000000cc0)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000740)="27050200000b00000600002fb96d02000000000000008100", 0x18}, {&(0x7f0000000180)="ba8788a8", 0x4}], 0x2}, 0x20000000) 977.521254ms ago: executing program 4 (id=703): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a900000095"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 961.100408ms ago: executing program 0 (id=704): r0 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x14}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000340)="f4001100032b2c25fe8007000000007a2c080000000900"/40, 0x28}], 0x1}, 0x0) 917.857212ms ago: executing program 2 (id=705): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x3ec0, 0x0}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1500000010"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002a80)={{r0}, &(0x7f0000002a00), 0x0}, 0x20) 842.026277ms ago: executing program 1 (id=706): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000240), 0xa7c, r0}, 0x38) r1 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000300)='G', 0x1}], 0x1, &(0x7f0000000640)=[{0x18, 0x84, 0x0, 'b'}], 0x18}, 0x41) 840.895663ms ago: executing program 4 (id=707): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='contention_end\x00', r0, 0x0, 0x100000000}, 0x18) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0xfffffffffffffdec) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) 736.12373ms ago: executing program 0 (id=708): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003900000095"], &(0x7f0000000780)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @cgroup_sock_addr=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) 679.140012ms ago: executing program 2 (id=709): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000001200)=ANY=[@ANYRES16], 0x0, 0x5, 0x0, 0x0, 0x0, 0x26}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x1b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6002, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000002000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 678.80355ms ago: executing program 1 (id=710): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x6, 0x1, 0x0, 0xfffffffffffffffc, 0x51}]}, &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 640.581953ms ago: executing program 4 (id=711): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90) socket$kcm(0x2f, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x17, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x4d}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102032908000000000000000000000000ac14140a000000000000000000000000ac1414aa"], 0xfdef) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000000)={0x2, 0x80, 0x0, 0x1, 0x4, 0x2, 0x0, 0xede, 0x100, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x1, @perf_config_ext={0x10001, 0x6}, 0x10ea, 0xffffffffffff7fff, 0x2, 0x7, 0x10000, 0x400, 0x8, 0x0, 0x7}) r3 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e41, 0x0, 0x0, 0x5e, 0x0, 0x0}, 0x83) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18006daaed13ff00000000000000000028"], 0x0}, 0x90) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x34}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800110000000000000000000000ca6c9500000000000000ffdb360734076d08000d0ba8897489c522ba66c5439753d3e0c9b47bef3c2879fc55ce1649fcc6cff6b7eddc1ae3947efadabc0399ee4099902841e1c394783c541a69c0b2af1dcd8598b5c388992876d8e7858aed8e2f5308e47d9b93e38f092f022e25a098b85645ea1b65d5b5e38355cb7d53cb83ed9d6bc2756c81b8692e12b1b572660c0d83d23e57f5ffa19bad8b1feca88786116725e92d6d6e399a37a38899d361337c02c04a0dbda849dc41b918a60e7830677446f3280e"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r5, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94) r6 = socket$kcm(0x10, 0x2, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f00000004c0)=0x7) sendmsg$inet(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)=[{0x0}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x30, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe33, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x30, 0x25, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe33, 0xffffffffffffffef, 0x0, 0x0}, 0xa) 592.479023ms ago: executing program 0 (id=712): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x1d}, {0x6, 0x0, 0xfe}]}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) 551.978282ms ago: executing program 1 (id=713): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18) r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x20000000) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100000051d833483cc75dd6900000000000000004000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319e2e66d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) 483.134701ms ago: executing program 2 (id=714): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 390.214369ms ago: executing program 1 (id=715): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x2a, 0x0, 0x1}, 0x28) 366.759419ms ago: executing program 2 (id=716): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x1, 0x0, 0xa}, {0x1, 0x1, 0xffffffff}, {0x0, 0x80004, 0x810104, 0x4}], 0x10, 0x1}, 0x94) r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) 340.65548ms ago: executing program 0 (id=717): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x28, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 259.229295ms ago: executing program 3 (id=718): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000780)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020004000c00060003000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 168.032056ms ago: executing program 1 (id=719): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random='c\b\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1e, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000000000000000fdffffff85000000d100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffac) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, &(0x7f0000000100)=""/186}, 0x20) perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x80260, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) 159.000909ms ago: executing program 3 (id=720): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffd}, 0x39) 138.052711ms ago: executing program 2 (id=721): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r0) ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) 75.213728ms ago: executing program 0 (id=722): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000000401400e27f000001"], 0x48) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000000)={r0, &(0x7f0000000180), 0x0}, 0x20) 0s ago: executing program 2 (id=723): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='contention_end\x00', r0}, 0x18) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000540)="1400000024000b47564cb6288200eb1405000000", 0x14}], 0x1}, 0x4000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.190' (ED25519) to the list of known hosts. [ 84.994650][ T5816] cgroup: Unknown subsys name 'net' [ 85.166944][ T5816] cgroup: Unknown subsys name 'cpuset' [ 85.176257][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.865688][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.488461][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.503204][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.522819][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 90.530479][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.552972][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 90.559808][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.568501][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.577508][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.585404][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.589428][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.593699][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.608592][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.614327][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 90.616194][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.631251][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.639798][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.644352][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.648795][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.660047][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.664147][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.670681][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.675423][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 90.692253][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.702197][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.723547][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 91.260205][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 91.510064][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 91.553687][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.561007][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.569312][ T5830] bridge_slave_0: entered allmulticast mode [ 91.577187][ T5830] bridge_slave_0: entered promiscuous mode [ 91.590821][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.598449][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.606661][ T5830] bridge_slave_1: entered allmulticast mode [ 91.614678][ T5830] bridge_slave_1: entered promiscuous mode [ 91.649867][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 91.733959][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 91.779831][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.793727][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.942483][ T979] cfg80211: failed to load regulatory.db [ 91.975238][ T5830] team0: Port device team_slave_0 added [ 91.981535][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 92.006050][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.013666][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.020867][ T5828] bridge_slave_0: entered allmulticast mode [ 92.028635][ T5828] bridge_slave_0: entered promiscuous mode [ 92.037962][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.045206][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.052488][ T5828] bridge_slave_1: entered allmulticast mode [ 92.059776][ T5828] bridge_slave_1: entered promiscuous mode [ 92.073792][ T5830] team0: Port device team_slave_1 added [ 92.167912][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.175838][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.183171][ T5827] bridge_slave_0: entered allmulticast mode [ 92.190448][ T5827] bridge_slave_0: entered promiscuous mode [ 92.244253][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.251874][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.259754][ T5827] bridge_slave_1: entered allmulticast mode [ 92.268104][ T5827] bridge_slave_1: entered promiscuous mode [ 92.277705][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.300711][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.308091][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.334626][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.359180][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.409938][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.417602][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.426048][ T5834] bridge_slave_0: entered allmulticast mode [ 92.433570][ T5834] bridge_slave_0: entered promiscuous mode [ 92.442955][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.450032][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.476016][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.524288][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.537561][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.561828][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.569111][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.576650][ T5834] bridge_slave_1: entered allmulticast mode [ 92.584296][ T5834] bridge_slave_1: entered promiscuous mode [ 92.614411][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.621605][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.628954][ T5837] bridge_slave_0: entered allmulticast mode [ 92.637432][ T5837] bridge_slave_0: entered promiscuous mode [ 92.648032][ T5828] team0: Port device team_slave_0 added [ 92.657404][ T5828] team0: Port device team_slave_1 added [ 92.704014][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.711288][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.718800][ T5837] bridge_slave_1: entered allmulticast mode [ 92.726986][ T5837] bridge_slave_1: entered promiscuous mode [ 92.733310][ T5848] Bluetooth: hci1: command tx timeout [ 92.733315][ T5846] Bluetooth: hci3: command tx timeout [ 92.768718][ T5827] team0: Port device team_slave_0 added [ 92.778158][ T5827] team0: Port device team_slave_1 added [ 92.787942][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.800549][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.812289][ T5848] Bluetooth: hci2: command tx timeout [ 92.812523][ T5846] Bluetooth: hci4: command tx timeout [ 92.817868][ T5831] Bluetooth: hci0: command tx timeout [ 92.919952][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.930896][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.938263][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.964471][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.009444][ T5834] team0: Port device team_slave_0 added [ 93.018110][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.031045][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.038458][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.065488][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.077231][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.084563][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.110757][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.129236][ T5830] hsr_slave_0: entered promiscuous mode [ 93.135870][ T5830] hsr_slave_1: entered promiscuous mode [ 93.161740][ T5834] team0: Port device team_slave_1 added [ 93.202632][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.209639][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.236291][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.295203][ T5837] team0: Port device team_slave_0 added [ 93.330119][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.337800][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.363948][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.393928][ T5837] team0: Port device team_slave_1 added [ 93.420521][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.427745][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.454347][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.507132][ T5827] hsr_slave_0: entered promiscuous mode [ 93.516244][ T5827] hsr_slave_1: entered promiscuous mode [ 93.523290][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.531025][ T5827] Cannot create hsr debugfs directory [ 93.561790][ T5828] hsr_slave_0: entered promiscuous mode [ 93.568246][ T5828] hsr_slave_1: entered promiscuous mode [ 93.574706][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.582404][ T5828] Cannot create hsr debugfs directory [ 93.646081][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.653710][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.679988][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.739327][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.746607][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.773375][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.867718][ T5834] hsr_slave_0: entered promiscuous mode [ 93.874803][ T5834] hsr_slave_1: entered promiscuous mode [ 93.881004][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.888884][ T5834] Cannot create hsr debugfs directory [ 93.970386][ T5837] hsr_slave_0: entered promiscuous mode [ 93.977659][ T5837] hsr_slave_1: entered promiscuous mode [ 93.984144][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.991731][ T5837] Cannot create hsr debugfs directory [ 94.341233][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 94.355742][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 94.399772][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 94.427625][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 94.526826][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.538560][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.554002][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.596381][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.700351][ T5828] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 94.724542][ T5828] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 94.751351][ T5828] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 94.765473][ T5828] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 94.812536][ T5831] Bluetooth: hci3: command tx timeout [ 94.823363][ T5831] Bluetooth: hci1: command tx timeout [ 94.858676][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.883519][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.893069][ T5831] Bluetooth: hci4: command tx timeout [ 94.901218][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.909146][ T5831] Bluetooth: hci0: command tx timeout [ 94.914745][ T5848] Bluetooth: hci2: command tx timeout [ 94.932705][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.958712][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.077165][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.088867][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.101379][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.117329][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.128047][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.140451][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.181153][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.188539][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.232031][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.239691][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.261371][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.310262][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.317493][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.363137][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.383601][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.390737][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.470955][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.499904][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.529778][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.536945][ T3064] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.563658][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.570815][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.605049][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.668757][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.676371][ T3064] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.747920][ T3064] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.755189][ T3064] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.901369][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.077614][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.114506][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.128532][ T3503] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.135751][ T3503] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.179786][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.221233][ T3064] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.228515][ T3064] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.390412][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.480265][ T5830] veth0_vlan: entered promiscuous mode [ 96.526347][ T5830] veth1_vlan: entered promiscuous mode [ 96.600967][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.619737][ T5827] veth0_vlan: entered promiscuous mode [ 96.677462][ T5827] veth1_vlan: entered promiscuous mode [ 96.766405][ T5830] veth0_macvtap: entered promiscuous mode [ 96.807706][ T5830] veth1_macvtap: entered promiscuous mode [ 96.858712][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.870370][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.893607][ T5848] Bluetooth: hci1: command tx timeout [ 96.893666][ T5831] Bluetooth: hci3: command tx timeout [ 96.916618][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.947420][ T5834] veth0_vlan: entered promiscuous mode [ 96.972831][ T5831] Bluetooth: hci0: command tx timeout [ 96.972916][ T5848] Bluetooth: hci2: command tx timeout [ 96.978280][ T5846] Bluetooth: hci4: command tx timeout [ 96.999855][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.015088][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.024571][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.033443][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.049258][ T5827] veth0_macvtap: entered promiscuous mode [ 97.069878][ T5827] veth1_macvtap: entered promiscuous mode [ 97.097343][ T5834] veth1_vlan: entered promiscuous mode [ 97.187974][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.241941][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.253309][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.270541][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.281733][ T5827] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.291822][ T5827] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.301601][ T5827] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.313599][ T5827] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.328499][ T5837] veth0_vlan: entered promiscuous mode [ 97.390214][ T5837] veth1_vlan: entered promiscuous mode [ 97.398868][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.399999][ T5834] veth0_macvtap: entered promiscuous mode [ 97.410508][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.421887][ T5834] veth1_macvtap: entered promiscuous mode [ 97.446671][ T5828] veth0_vlan: entered promiscuous mode [ 97.481240][ T5828] veth1_vlan: entered promiscuous mode [ 97.535693][ T5837] veth0_macvtap: entered promiscuous mode [ 97.547240][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.577475][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.633215][ T5837] veth1_macvtap: entered promiscuous mode [ 97.649737][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.721698][ T5828] veth0_macvtap: entered promiscuous mode [ 97.737391][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.750408][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.762412][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.771227][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.796318][ T5828] veth1_macvtap: entered promiscuous mode [ 97.814444][ T3503] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.831423][ T3503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.931572][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.934711][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.948065][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.970789][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.998633][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.016473][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.088648][ T5828] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.117436][ T5828] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.126554][ T5828] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.139897][ T5828] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.158902][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.167966][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.178824][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.188073][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.262078][ C0] hrtimer: interrupt took 44692 ns [ 98.337237][ T1085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.352283][ T1085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.438605][ T3064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.450461][ T3064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.571049][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.616315][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.712427][ T5955] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7'. [ 98.767560][ T5955] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7'. [ 98.779160][ T5957] mac80211_hwsim hwsim7 O3ãc¤±: renamed from wlan1 (while UP) [ 98.784010][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.796055][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.905638][ T5955] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7'. [ 98.922156][ T3503] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.937046][ T3503] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.973610][ T5846] Bluetooth: hci3: command tx timeout [ 98.979570][ T5831] Bluetooth: hci1: command tx timeout [ 98.996401][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.020099][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.053140][ T5846] Bluetooth: hci4: command tx timeout [ 99.059092][ T5831] Bluetooth: hci0: command tx timeout [ 99.059120][ T5848] Bluetooth: hci2: command tx timeout [ 99.348019][ T5957] syz.3.4 (5957) used greatest stack depth: 19640 bytes left [ 99.360381][ T5960] netlink: 763 bytes leftover after parsing attributes in process `syz.2.3'. [ 99.427324][ T5960] netlink: 'syz.2.3': attribute type 10 has an invalid length. [ 99.463142][ T5960] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3'. [ 99.534448][ T5960] team0: entered promiscuous mode [ 99.536992][ T5964] netlink: 'syz.4.5': attribute type 3 has an invalid length. [ 99.541303][ T5960] team_slave_0: entered promiscuous mode [ 99.580765][ T5964] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5'. [ 99.620103][ T5960] team_slave_1: entered promiscuous mode [ 99.644728][ T5960] team0: entered allmulticast mode [ 99.657226][ T5970] syz.3.10 uses obsolete (PF_INET,SOCK_PACKET) [ 99.711644][ T5960] team_slave_0: entered allmulticast mode [ 99.728895][ T5960] team_slave_1: entered allmulticast mode [ 99.729095][ T5971] netlink: 'syz.3.10': attribute type 10 has an invalid length. [ 99.765781][ T5960] bridge0: port 3(team0) entered blocking state [ 99.814610][ T5960] bridge0: port 3(team0) entered disabled state [ 100.310583][ T5960] bridge0: port 3(team0) entered blocking state [ 100.317698][ T5960] bridge0: port 3(team0) entered forwarding state [ 100.439059][ T5971] team0: Device ipvlan1 failed to register rx_handler [ 100.557312][ T5974] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 100.624013][ T5978] mac80211_hwsim hwsim3 O3ãc¤±: renamed from wlan1 (while UP) [ 100.721120][ T5982] netlink: 'syz.1.12': attribute type 10 has an invalid length. [ 100.731806][ T5981] netlink: 'syz.2.13': attribute type 10 has an invalid length. [ 101.727081][ T5981] team0: Device ipvlan1 failed to register rx_handler [ 101.780438][ T5988] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 102.733010][ T6009] netlink: 763 bytes leftover after parsing attributes in process `syz.3.20'. [ 102.874101][ T6009] netlink: 'syz.3.20': attribute type 10 has an invalid length. [ 102.905290][ T6009] netlink: 40 bytes leftover after parsing attributes in process `syz.3.20'. [ 103.008459][ T6009] team0: entered promiscuous mode [ 103.110843][ T6009] team_slave_0: entered promiscuous mode [ 103.131637][ T6009] team_slave_1: entered promiscuous mode [ 103.167217][ T6009] team0: entered allmulticast mode [ 103.229576][ T6009] team_slave_0: entered allmulticast mode [ 103.285013][ T6009] team_slave_1: entered allmulticast mode [ 103.406279][ T6009] bridge0: port 3(team0) entered blocking state [ 103.426898][ T6009] bridge0: port 3(team0) entered disabled state [ 103.446415][ T6009] bridge0: port 3(team0) entered blocking state [ 103.452968][ T6009] bridge0: port 3(team0) entered forwarding state [ 103.578059][ T6026] netlink: 763 bytes leftover after parsing attributes in process `syz.0.24'. [ 103.591889][ T6026] netlink: 'syz.0.24': attribute type 10 has an invalid length. [ 103.600051][ T6026] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24'. [ 103.648540][ T6028] mac80211_hwsim hwsim5 O3ãc¤±: renamed from wlan1 (while UP) [ 104.230144][ T6026] team0: entered promiscuous mode [ 104.289737][ T6026] team_slave_0: entered promiscuous mode [ 104.300671][ T6026] team_slave_1: entered promiscuous mode [ 104.313147][ T6026] team0: entered allmulticast mode [ 104.318345][ T6026] team_slave_0: entered allmulticast mode [ 104.327865][ T6026] team_slave_1: entered allmulticast mode [ 104.337853][ T6026] bridge0: port 3(team0) entered blocking state [ 104.358511][ T6026] bridge0: port 3(team0) entered disabled state [ 104.389074][ T6026] bridge0: port 3(team0) entered blocking state [ 104.395616][ T6026] bridge0: port 3(team0) entered forwarding state [ 104.585892][ T6036] mac80211_hwsim hwsim10 O3ãc¤±: renamed from wlan1 (while UP) [ 104.930412][ T6042] netlink: 763 bytes leftover after parsing attributes in process `syz.0.29'. [ 105.043985][ T6042] netlink: 'syz.0.29': attribute type 10 has an invalid length. [ 105.087844][ T6042] netlink: 40 bytes leftover after parsing attributes in process `syz.0.29'. [ 105.549470][ T6054] mac80211_hwsim hwsim11 O3ãc¤±: renamed from wlan1 (while UP) [ 105.941102][ T6061] netlink: 'syz.0.36': attribute type 10 has an invalid length. [ 106.237436][ T6061] team0: Device ipvlan1 failed to register rx_handler [ 106.501845][ T6067] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 106.691479][ T6075] netlink: 763 bytes leftover after parsing attributes in process `syz.2.40'. [ 106.761690][ T6075] netlink: 'syz.2.40': attribute type 10 has an invalid length. [ 106.770838][ T6075] netlink: 40 bytes leftover after parsing attributes in process `syz.2.40'. [ 107.649937][ T6061] syz.0.36 (6061) used greatest stack depth: 18744 bytes left [ 108.486003][ T6091] netlink: 'syz.3.44': attribute type 10 has an invalid length. [ 109.111611][ T6091] veth0_vlan: left promiscuous mode [ 109.198131][ T6091] veth0_vlan: entered promiscuous mode [ 109.371055][ T6091] team0: Device veth0_vlan failed to register rx_handler [ 109.468997][ T6103] netlink: 763 bytes leftover after parsing attributes in process `syz.0.47'. [ 109.570807][ T6103] netlink: 'syz.0.47': attribute type 10 has an invalid length. [ 109.636046][ T6103] netlink: 40 bytes leftover after parsing attributes in process `syz.0.47'. [ 109.742518][ T6091] syz.3.44 (6091) used greatest stack depth: 17976 bytes left [ 110.199945][ T6114] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.239459][ T6114] netlink: 'syz.0.50': attribute type 10 has an invalid length. [ 110.437746][ T6114] mac80211_hwsim hwsim3 O3ãc¤±: entered promiscuous mode [ 110.461241][ T6123] netlink: 'syz.2.52': attribute type 10 has an invalid length. [ 110.469760][ T6114] mac80211_hwsim hwsim3 O3ãc¤±: entered allmulticast mode [ 110.491129][ T6114] team0: Port device O3ãc¤± added [ 110.787412][ T6123] team0: Device ipvlan1 failed to register rx_handler [ 111.418981][ T6135] netlink: 'syz.0.56': attribute type 10 has an invalid length. [ 111.444482][ T6136] Driver unsupported XDP return value 0 on prog (id 33) dev N/A, expect packet loss! [ 111.501748][ T6135] team0: Device ipvlan1 failed to register rx_handler [ 111.618081][ T6135] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 113.672667][ T6159] netlink: 'syz.3.62': attribute type 7 has an invalid length. [ 113.765972][ T6160] netlink: 763 bytes leftover after parsing attributes in process `syz.2.61'. [ 113.867352][ T6159] netlink: 'syz.3.62': attribute type 1 has an invalid length. [ 113.967349][ T6159] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.62'. [ 113.993272][ T6160] netlink: 'syz.2.61': attribute type 10 has an invalid length. [ 114.001331][ T6160] netlink: 40 bytes leftover after parsing attributes in process `syz.2.61'. [ 114.387850][ T6163] bridge0: port 3(team0) entered disabled state [ 114.396055][ T6163] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.406128][ T6163] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.503722][ T6163] bridge0: entered allmulticast mode [ 114.803448][ T6176] netlink: 'syz.3.66': attribute type 10 has an invalid length. [ 114.896916][ T6176] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 115.151343][ T6181] netlink: 'syz.1.69': attribute type 10 has an invalid length. [ 115.341871][ T6181] veth0_vlan: left promiscuous mode [ 115.364640][ T6181] veth0_vlan: entered promiscuous mode [ 115.378368][ T6193] Zero length message leads to an empty skb [ 115.426406][ T6181] team0: Device veth0_vlan failed to register rx_handler [ 116.771770][ T6199] netlink: 'syz.0.73': attribute type 10 has an invalid length. [ 116.876527][ T6199] team0: Device ipvlan1 failed to register rx_handler [ 117.902191][ T6206] netlink: 26 bytes leftover after parsing attributes in process `syz.1.76'. [ 118.523684][ T6229] netlink: 'syz.2.82': attribute type 2 has an invalid length. [ 118.531333][ T6229] netlink: 17267 bytes leftover after parsing attributes in process `syz.2.82'. [ 118.800513][ T6241] netlink: 'syz.3.86': attribute type 10 has an invalid length. [ 118.964673][ T6241] bond0: (slave O3ãc¤±): Enslaving as an active interface with an up link [ 120.683940][ T6274] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.691802][ T6274] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.710486][ T6274] bridge0: entered allmulticast mode [ 120.723340][ T6276] netlink: 'syz.2.98': attribute type 10 has an invalid length. [ 120.809768][ T6276] bridge0: port 3(team0) entered disabled state [ 120.827306][ T6276] team0: left allmulticast mode [ 120.833484][ T6276] team_slave_0: left allmulticast mode [ 120.863272][ T6276] team_slave_1: left allmulticast mode [ 120.868880][ T6276] team0: left promiscuous mode [ 120.920874][ T6278] netlink: 'syz.0.99': attribute type 10 has an invalid length. [ 120.951153][ T6276] team_slave_0: left promiscuous mode [ 121.019175][ T6276] team_slave_1: left promiscuous mode [ 121.083250][ T6276] bridge0: port 3(team0) entered disabled state [ 121.168688][ T6276] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.189387][ T6276] bond0: (slave team0): Enslaving as an active interface with an up link [ 121.215988][ T6278] team0: Device ipvlan1 failed to register rx_handler [ 121.255435][ T6296] warning: `syz.3.103' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 121.824823][ T6310] netlink: 'syz.2.106': attribute type 21 has an invalid length. [ 121.844762][ T6307] netlink: 36207 bytes leftover after parsing attributes in process `syz.4.105'. [ 125.000594][ T6322] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.109'. [ 125.022853][ T6323] !€ÿ: renamed from bond_slave_0 (while UP) [ 125.037854][ T6327] netlink: 132 bytes leftover after parsing attributes in process `syz.4.110'. [ 126.643881][ T6369] netlink: 763 bytes leftover after parsing attributes in process `syz.1.121'. [ 126.676702][ T6369] netlink: 'syz.1.121': attribute type 10 has an invalid length. [ 126.706959][ T6369] netlink: 40 bytes leftover after parsing attributes in process `syz.1.121'. [ 126.717293][ T6369] team0: entered promiscuous mode [ 126.727537][ T6369] team_slave_0: entered promiscuous mode [ 126.736683][ T6369] team_slave_1: entered promiscuous mode [ 126.745457][ T6372] netlink: 'syz.0.122': attribute type 10 has an invalid length. [ 126.761730][ T6369] team0: entered allmulticast mode [ 126.770259][ T6369] team_slave_0: entered allmulticast mode [ 126.785044][ T6369] team_slave_1: entered allmulticast mode [ 126.827826][ T6369] bridge0: port 3(team0) entered blocking state [ 126.843388][ T6369] bridge0: port 3(team0) entered disabled state [ 127.202516][ T6372] veth0_vlan: left promiscuous mode [ 127.255355][ T6372] veth0_vlan: entered promiscuous mode [ 127.342380][ T6372] team0: Device veth0_vlan failed to register rx_handler [ 127.661343][ T6391] netlink: 'syz.1.128': attribute type 10 has an invalid length. [ 127.727388][ T6391] team0: Device ipvlan1 failed to register rx_handler [ 128.293646][ T6407] netlink: 'syz.1.133': attribute type 29 has an invalid length. [ 128.323335][ T6409] netlink: 'syz.1.133': attribute type 29 has an invalid length. [ 128.358952][ T6410] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.367757][ T6410] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.448877][ T6410] bridge0: entered allmulticast mode [ 128.709879][ T6423] netlink: 'syz.0.139': attribute type 29 has an invalid length. [ 128.720004][ T6423] netlink: 'syz.0.139': attribute type 29 has an invalid length. [ 129.114634][ T6437] netlink: 'syz.0.143': attribute type 16 has an invalid length. [ 129.133108][ T6437] netlink: 48 bytes leftover after parsing attributes in process `syz.0.143'. [ 129.625080][ T5848] Bluetooth: hci2: unexpected event 0x07 length: 15 < 255 [ 130.083228][ T6457] netlink: 'syz.3.150': attribute type 39 has an invalid length. [ 130.172939][ T6457] veth0_macvtap: left promiscuous mode [ 130.259422][ T6464] FAULT_INJECTION: forcing a failure. [ 130.259422][ T6464] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 130.276511][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.0.153 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 130.276541][ T6464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.276563][ T6464] Call Trace: [ 130.276575][ T6464] [ 130.276592][ T6464] dump_stack_lvl+0x189/0x250 [ 130.276644][ T6464] ? __pfx____ratelimit+0x10/0x10 [ 130.276681][ T6464] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.276719][ T6464] ? __pfx__printk+0x10/0x10 [ 130.276749][ T6464] ? __might_fault+0xb0/0x130 [ 130.276782][ T6464] ? __might_fault+0xb0/0x130 [ 130.276824][ T6464] should_fail_ex+0x414/0x560 [ 130.276871][ T6464] _copy_from_iter+0x1db/0x16f0 [ 130.276921][ T6464] ? rcu_is_watching+0x15/0xb0 [ 130.276963][ T6464] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 130.276993][ T6464] ? __pfx__copy_from_iter+0x10/0x10 [ 130.277034][ T6464] ? __build_skb_around+0x257/0x3e0 [ 130.277072][ T6464] ? netlink_sendmsg+0x642/0xb30 [ 130.277094][ T6464] ? skb_put+0x11b/0x210 [ 130.277134][ T6464] netlink_sendmsg+0x6b2/0xb30 [ 130.277192][ T6464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.277232][ T6464] ? aa_sock_msg_perm+0x94/0x160 [ 130.277280][ T6464] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 130.277309][ T6464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.277341][ T6464] __sock_sendmsg+0x219/0x270 [ 130.277389][ T6464] ____sys_sendmsg+0x505/0x830 [ 130.277438][ T6464] ? __pfx_____sys_sendmsg+0x10/0x10 [ 130.277498][ T6464] ? import_iovec+0x74/0xa0 [ 130.277534][ T6464] ___sys_sendmsg+0x21f/0x2a0 [ 130.277573][ T6464] ? __pfx____sys_sendmsg+0x10/0x10 [ 130.277671][ T6464] ? __fget_files+0x2a/0x420 [ 130.277738][ T6464] ? __fget_files+0x2a/0x420 [ 130.277761][ T6464] ? __fget_files+0x3a0/0x420 [ 130.277822][ T6464] __x64_sys_sendmsg+0x19b/0x260 [ 130.277862][ T6464] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 130.277923][ T6464] ? __pfx_ksys_write+0x10/0x10 [ 130.277940][ T6464] ? rcu_is_watching+0x15/0xb0 [ 130.277993][ T6464] ? do_syscall_64+0xbe/0x3b0 [ 130.278041][ T6464] do_syscall_64+0xfa/0x3b0 [ 130.278071][ T6464] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.278103][ T6464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.278125][ T6464] ? clear_bhb_loop+0x60/0xb0 [ 130.278161][ T6464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.278182][ T6464] RIP: 0033:0x7fa44d18e929 [ 130.278211][ T6464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.278229][ T6464] RSP: 002b:00007fa44dfe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 130.278251][ T6464] RAX: ffffffffffffffda RBX: 00007fa44d3b5fa0 RCX: 00007fa44d18e929 [ 130.278267][ T6464] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004 [ 130.278285][ T6464] RBP: 00007fa44dfe3090 R08: 0000000000000000 R09: 0000000000000000 [ 130.278298][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.278310][ T6464] R13: 0000000000000000 R14: 00007fa44d3b5fa0 R15: 00007fff424572e8 [ 130.278376][ T6464] [ 130.660950][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.668954][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.679155][ T6465] bridge0: entered allmulticast mode [ 130.714132][ T6468] netlink: 'syz.4.154': attribute type 29 has an invalid length. [ 130.734031][ T6469] netlink: 'syz.4.154': attribute type 29 has an invalid length. [ 130.753162][ T6468] netlink: 'syz.4.154': attribute type 29 has an invalid length. [ 131.386099][ T6473] veth0_vlan: left promiscuous mode [ 131.445772][ T6473] veth0_vlan: entered promiscuous mode [ 131.568787][ T6473] team0: Device veth0_vlan failed to register rx_handler [ 133.004628][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.011451][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.357656][ T6527] validate_nla: 2 callbacks suppressed [ 133.357681][ T6527] netlink: 'syz.1.167': attribute type 6 has an invalid length. [ 133.443692][ T6530] FAULT_INJECTION: forcing a failure. [ 133.443692][ T6530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.454499][ T6527] netlink: 168 bytes leftover after parsing attributes in process `syz.1.167'. [ 133.465655][ T6530] CPU: 1 UID: 0 PID: 6530 Comm: syz.2.171 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 133.465691][ T6530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 133.465706][ T6530] Call Trace: [ 133.465716][ T6530] [ 133.465726][ T6530] dump_stack_lvl+0x189/0x250 [ 133.465778][ T6530] ? __pfx____ratelimit+0x10/0x10 [ 133.465812][ T6530] ? __pfx_dump_stack_lvl+0x10/0x10 [ 133.465849][ T6530] ? __pfx__printk+0x10/0x10 [ 133.465880][ T6530] ? __might_fault+0xb0/0x130 [ 133.465911][ T6530] should_fail_ex+0x414/0x560 [ 133.465946][ T6530] _copy_to_user+0x31/0xb0 [ 133.465973][ T6530] simple_read_from_buffer+0xe1/0x170 [ 133.466004][ T6530] proc_fail_nth_read+0x1df/0x250 [ 133.466036][ T6530] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.466068][ T6530] ? rw_verify_area+0x258/0x650 [ 133.466103][ T6530] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.466131][ T6530] vfs_read+0x200/0x980 [ 133.466176][ T6530] ? __pfx___mutex_lock+0x10/0x10 [ 133.466207][ T6530] ? __pfx_vfs_read+0x10/0x10 [ 133.466238][ T6530] ? __fget_files+0x2a/0x420 [ 133.466265][ T6530] ? __fget_files+0x3a0/0x420 [ 133.466286][ T6530] ? __fget_files+0x2a/0x420 [ 133.466319][ T6530] ksys_read+0x145/0x250 [ 133.466353][ T6530] ? __pfx_ksys_read+0x10/0x10 [ 133.466380][ T6530] ? rcu_is_watching+0x15/0xb0 [ 133.466418][ T6530] ? do_syscall_64+0xbe/0x3b0 [ 133.466456][ T6530] do_syscall_64+0xfa/0x3b0 [ 133.466488][ T6530] ? lockdep_hardirqs_on+0x9c/0x150 [ 133.466522][ T6530] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.466544][ T6530] ? clear_bhb_loop+0x60/0xb0 [ 133.466574][ T6530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.466595][ T6530] RIP: 0033:0x7f34df18d33c [ 133.466619][ T6530] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 133.466639][ T6530] RSP: 002b:00007f34e0035030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 133.466663][ T6530] RAX: ffffffffffffffda RBX: 00007f34df3b5fa0 RCX: 00007f34df18d33c [ 133.466680][ T6530] RDX: 000000000000000f RSI: 00007f34e00350a0 RDI: 0000000000000004 [ 133.466693][ T6530] RBP: 00007f34e0035090 R08: 0000000000000000 R09: 0000000000000000 [ 133.466708][ T6530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.466721][ T6530] R13: 0000000000000000 R14: 00007f34df3b5fa0 R15: 00007ffef0c82898 [ 133.466775][ T6530] [ 133.799092][ T6536] FAULT_INJECTION: forcing a failure. [ 133.799092][ T6536] name failslab, interval 1, probability 0, space 0, times 0 [ 133.822527][ T6536] CPU: 0 UID: 0 PID: 6536 Comm: syz.2.173 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 133.822560][ T6536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 133.822572][ T6536] Call Trace: [ 133.822581][ T6536] [ 133.822591][ T6536] dump_stack_lvl+0x189/0x250 [ 133.822631][ T6536] ? __pfx____ratelimit+0x10/0x10 [ 133.822665][ T6536] ? __pfx_dump_stack_lvl+0x10/0x10 [ 133.822710][ T6536] ? __pfx__printk+0x10/0x10 [ 133.822745][ T6536] ? __pfx___might_resched+0x10/0x10 [ 133.822791][ T6536] should_fail_ex+0x414/0x560 [ 133.822829][ T6536] should_failslab+0xa8/0x100 [ 133.822855][ T6536] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 133.822891][ T6536] ? __d_alloc+0x31/0x6f0 [ 133.822929][ T6536] __d_alloc+0x31/0x6f0 [ 133.822957][ T6536] ? perf_trace_lock+0xec/0x3b0 [ 133.822998][ T6536] d_alloc_pseudo+0x1f/0xb0 [ 133.823026][ T6536] alloc_file_pseudo+0xcc/0x210 [ 133.823058][ T6536] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 133.823082][ T6536] ? __local_bh_enable_ip+0x12d/0x1c0 [ 133.823115][ T6536] ? idr_preload_end+0xe5/0x200 [ 133.823164][ T6536] anon_inode_getfile+0xc5/0x1a0 [ 133.823196][ T6536] bpf_link_prime+0xfc/0x220 [ 133.823227][ T6536] bpf_xdp_link_attach+0x214/0x8c0 [ 133.823261][ T6536] ? __pfx_perf_trace_lock+0x10/0x10 [ 133.823301][ T6536] ? __pfx_bpf_xdp_link_attach+0x10/0x10 [ 133.823329][ T6536] ? __fget_files+0x2a/0x420 [ 133.823377][ T6536] ? __fget_files+0x3a0/0x420 [ 133.823400][ T6536] ? __fget_files+0x2a/0x420 [ 133.823428][ T6536] ? attach_type_to_prog_type+0x40a/0x470 [ 133.823466][ T6536] ? bpf_prog_attach_check_attach_type+0x39c/0x540 [ 133.823506][ T6536] link_create+0x461/0x8a0 [ 133.823546][ T6536] __sys_bpf+0x599/0x860 [ 133.823580][ T6536] ? __pfx___sys_bpf+0x10/0x10 [ 133.823632][ T6536] ? ksys_write+0x22a/0x250 [ 133.823658][ T6536] ? __pfx_ksys_write+0x10/0x10 [ 133.823674][ T6536] ? rcu_is_watching+0x15/0xb0 [ 133.823728][ T6536] __x64_sys_bpf+0x7c/0x90 [ 133.823757][ T6536] do_syscall_64+0xfa/0x3b0 [ 133.823788][ T6536] ? lockdep_hardirqs_on+0x9c/0x150 [ 133.823818][ T6536] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.823839][ T6536] ? clear_bhb_loop+0x60/0xb0 [ 133.823869][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.823889][ T6536] RIP: 0033:0x7f34df18e929 [ 133.823910][ T6536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.823928][ T6536] RSP: 002b:00007f34e0035038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 133.823951][ T6536] RAX: ffffffffffffffda RBX: 00007f34df3b5fa0 RCX: 00007f34df18e929 [ 133.823967][ T6536] RDX: 0000000000000040 RSI: 0000200000000240 RDI: 000000000000001c [ 133.823981][ T6536] RBP: 00007f34e0035090 R08: 0000000000000000 R09: 0000000000000000 [ 133.823994][ T6536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.824006][ T6536] R13: 0000000000000000 R14: 00007f34df3b5fa0 R15: 00007ffef0c82898 [ 133.824049][ T6536] [ 134.292896][ T6541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.174'. [ 135.131436][ T6556] netlink: 'syz.2.179': attribute type 29 has an invalid length. [ 135.288499][ T6556] netlink: 'syz.2.179': attribute type 29 has an invalid length. [ 135.647951][ T6567] netlink: 763 bytes leftover after parsing attributes in process `syz.1.181'. [ 135.671218][ T6567] netlink: 'syz.1.181': attribute type 10 has an invalid length. [ 135.767566][ T6567] netlink: 40 bytes leftover after parsing attributes in process `syz.1.181'. [ 135.876975][ T6569] netlink: 96168 bytes leftover after parsing attributes in process `syz.0.183'. [ 135.974696][ T6580] netlink: 'syz.4.186': attribute type 10 has an invalid length. [ 136.036128][ T6580] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 136.190531][ T6580] netlink: 'syz.4.186': attribute type 33 has an invalid length. [ 136.224303][ T6580] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.186'. [ 136.734389][ T6597] netlink: 140 bytes leftover after parsing attributes in process `syz.3.191'. [ 136.747928][ T6597] netlink: 6 bytes leftover after parsing attributes in process `syz.3.191'. [ 137.281485][ T6606] netlink: 'syz.0.195': attribute type 10 has an invalid length. [ 137.290991][ T6606] veth0_vlan: left promiscuous mode [ 137.311360][ T6606] veth0_vlan: entered promiscuous mode [ 137.381713][ T6606] team0: Device veth0_vlan failed to register rx_handler [ 137.695998][ T6620] FAULT_INJECTION: forcing a failure. [ 137.695998][ T6620] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 137.710184][ T6620] CPU: 0 UID: 0 PID: 6620 Comm: syz.3.198 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 137.710213][ T6620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.710225][ T6620] Call Trace: [ 137.710233][ T6620] [ 137.710242][ T6620] dump_stack_lvl+0x189/0x250 [ 137.710303][ T6620] ? __pfx____ratelimit+0x10/0x10 [ 137.710334][ T6620] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.710366][ T6620] ? __pfx__printk+0x10/0x10 [ 137.710388][ T6620] ? __might_fault+0xb0/0x130 [ 137.710421][ T6620] should_fail_ex+0x414/0x560 [ 137.710451][ T6620] _copy_from_user+0x2d/0xb0 [ 137.710471][ T6620] __sys_bpf+0x1ed/0x860 [ 137.710510][ T6620] ? __pfx___sys_bpf+0x10/0x10 [ 137.710553][ T6620] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 137.710582][ T6620] ? __pfx_ksys_write+0x10/0x10 [ 137.710611][ T6620] __x64_sys_bpf+0x7c/0x90 [ 137.710636][ T6620] do_syscall_64+0xfa/0x3b0 [ 137.710665][ T6620] ? lockdep_hardirqs_on+0x9c/0x150 [ 137.710692][ T6620] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.710713][ T6620] ? clear_bhb_loop+0x60/0xb0 [ 137.710738][ T6620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.710757][ T6620] RIP: 0033:0x7ff247b8e929 [ 137.710776][ T6620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.710792][ T6620] RSP: 002b:00007ff248a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 137.710814][ T6620] RAX: ffffffffffffffda RBX: 00007ff247db5fa0 RCX: 00007ff247b8e929 [ 137.710829][ T6620] RDX: 0000000000000050 RSI: 0000200000000500 RDI: 0000000000000000 [ 137.710843][ T6620] RBP: 00007ff248a57090 R08: 0000000000000000 R09: 0000000000000000 [ 137.710855][ T6620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.710867][ T6620] R13: 0000000000000001 R14: 00007ff247db5fa0 R15: 00007ffd7d2a7d68 [ 137.710899][ T6620] [ 138.234024][ T6630] netlink: 763 bytes leftover after parsing attributes in process `syz.0.201'. [ 138.324241][ T6630] netlink: 'syz.0.201': attribute type 10 has an invalid length. [ 138.333859][ T6630] netlink: 40 bytes leftover after parsing attributes in process `syz.0.201'. [ 139.319081][ T6651] FAULT_INJECTION: forcing a failure. [ 139.319081][ T6651] name failslab, interval 1, probability 0, space 0, times 0 [ 139.336578][ T6651] CPU: 0 UID: 0 PID: 6651 Comm: syz.3.210 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 139.336610][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 139.336622][ T6651] Call Trace: [ 139.336631][ T6651] [ 139.336640][ T6651] dump_stack_lvl+0x189/0x250 [ 139.336679][ T6651] ? __pfx____ratelimit+0x10/0x10 [ 139.336710][ T6651] ? __pfx_dump_stack_lvl+0x10/0x10 [ 139.336742][ T6651] ? __pfx__printk+0x10/0x10 [ 139.336771][ T6651] ? __pfx___might_resched+0x10/0x10 [ 139.336801][ T6651] ? fs_reclaim_acquire+0x7d/0x100 [ 139.336831][ T6651] should_fail_ex+0x414/0x560 [ 139.336862][ T6651] should_failslab+0xa8/0x100 [ 139.336886][ T6651] __kmalloc_noprof+0xcb/0x4f0 [ 139.336905][ T6651] ? security_sk_alloc+0x52/0x390 [ 139.336942][ T6651] security_sk_alloc+0x52/0x390 [ 139.336977][ T6651] sk_prot_alloc+0x101/0x220 [ 139.336999][ T6651] ? sk_alloc+0x24/0x370 [ 139.337024][ T6651] sk_alloc+0x3a/0x370 [ 139.337046][ T6651] ? bpf_ctx_init+0x167/0x1d0 [ 139.337071][ T6651] bpf_prog_test_run_skb+0x2ed/0x1560 [ 139.337092][ T6651] ? __fget_files+0x2a/0x420 [ 139.337132][ T6651] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 139.337155][ T6651] bpf_prog_test_run+0x2c4/0x340 [ 139.337190][ T6651] __sys_bpf+0x4a4/0x860 [ 139.337220][ T6651] ? __pfx___sys_bpf+0x10/0x10 [ 139.337265][ T6651] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 139.337294][ T6651] ? __pfx_ksys_write+0x10/0x10 [ 139.337311][ T6651] ? rcu_is_watching+0x15/0xb0 [ 139.337352][ T6651] __x64_sys_bpf+0x7c/0x90 [ 139.337377][ T6651] do_syscall_64+0xfa/0x3b0 [ 139.337413][ T6651] ? lockdep_hardirqs_on+0x9c/0x150 [ 139.337441][ T6651] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.337461][ T6651] ? clear_bhb_loop+0x60/0xb0 [ 139.337487][ T6651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.337507][ T6651] RIP: 0033:0x7ff247b8e929 [ 139.337526][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.337543][ T6651] RSP: 002b:00007ff248a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 139.337565][ T6651] RAX: ffffffffffffffda RBX: 00007ff247db5fa0 RCX: 00007ff247b8e929 [ 139.337580][ T6651] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a [ 139.337593][ T6651] RBP: 00007ff248a57090 R08: 0000000000000000 R09: 0000000000000000 [ 139.337606][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.337618][ T6651] R13: 0000000000000000 R14: 00007ff247db5fa0 R15: 00007ffd7d2a7d68 [ 139.337650][ T6651] [ 139.726196][ T6663] netlink: 'syz.3.211': attribute type 10 has an invalid length. [ 139.734985][ T6663] veth0_vlan: left promiscuous mode [ 139.741677][ T6663] veth0_vlan: entered promiscuous mode [ 139.751407][ T6663] team0: Device veth0_vlan failed to register rx_handler [ 140.499217][ T6675] netlink: 'syz.3.216': attribute type 10 has an invalid length. [ 140.539454][ T6675] veth0_vlan: left promiscuous mode [ 140.668651][ T6675] veth0_vlan: entered promiscuous mode [ 140.700910][ T6674] netlink: 'syz.4.215': attribute type 10 has an invalid length. [ 141.298126][ T6675] team0: Device veth0_vlan failed to register rx_handler [ 142.640898][ T6710] netlink: 'syz.2.223': attribute type 4 has an invalid length. [ 142.681908][ T6710] netlink: 152 bytes leftover after parsing attributes in process `syz.2.223'. [ 142.863538][ T6710] : renamed from bond0 (while UP) [ 143.121403][ T6715] netlink: 'syz.3.226': attribute type 4 has an invalid length. [ 143.161523][ T6715] netlink: 152 bytes leftover after parsing attributes in process `syz.3.226'. [ 143.218230][ T6715] O3ãc¤±: mtu less than device minimum [ 143.454750][ T6722] netlink: 'syz.1.229': attribute type 1 has an invalid length. [ 143.504915][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.229'. [ 143.581748][ T6728] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.232'. [ 143.630115][ T6722] netlink: 'syz.1.229': attribute type 21 has an invalid length. [ 144.044078][ T6740] netlink: 'syz.0.235': attribute type 10 has an invalid length. [ 144.332745][ T6740] team0: Device ipvlan1 failed to register rx_handler [ 144.698700][ T6749] netlink: 763 bytes leftover after parsing attributes in process `syz.3.237'. [ 144.736617][ T6749] netlink: 'syz.3.237': attribute type 10 has an invalid length. [ 144.746122][ T6749] netlink: 40 bytes leftover after parsing attributes in process `syz.3.237'. [ 145.278469][ T6760] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 145.285424][ T6760] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.479739][ T6765] syzkaller1: tun_chr_ioctl cmd 1074025673 [ 146.618914][ T6768] netlink: 60 bytes leftover after parsing attributes in process `syz.1.243'. [ 146.988198][ T6778] netlink: 'syz.4.248': attribute type 10 has an invalid length. [ 147.003748][ T6782] netlink: 60 bytes leftover after parsing attributes in process `syz.3.249'. [ 147.040995][ T6778] veth0_vlan: left promiscuous mode [ 147.128475][ T6778] veth0_vlan: entered promiscuous mode [ 147.257996][ T6778] team0: Device veth0_vlan failed to register rx_handler [ 147.356940][ T6782] netlink: 60 bytes leftover after parsing attributes in process `syz.3.249'. [ 147.469127][ T6786] netlink: 60 bytes leftover after parsing attributes in process `syz.3.249'. [ 147.719499][ T6799] __nla_validate_parse: 2 callbacks suppressed [ 147.719621][ T6799] netlink: 763 bytes leftover after parsing attributes in process `syz.3.253'. [ 147.786478][ T6799] netlink: 'syz.3.253': attribute type 10 has an invalid length. [ 147.830275][ T6799] netlink: 40 bytes leftover after parsing attributes in process `syz.3.253'. [ 148.708704][ T6806] FAULT_INJECTION: forcing a failure. [ 148.708704][ T6806] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.774978][ T6806] CPU: 1 UID: 0 PID: 6806 Comm: syz.2.256 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 148.775008][ T6806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 148.775021][ T6806] Call Trace: [ 148.775029][ T6806] [ 148.775039][ T6806] dump_stack_lvl+0x189/0x250 [ 148.775077][ T6806] ? __pfx____ratelimit+0x10/0x10 [ 148.775107][ T6806] ? __pfx_dump_stack_lvl+0x10/0x10 [ 148.775140][ T6806] ? __pfx__printk+0x10/0x10 [ 148.775163][ T6806] ? __might_fault+0xb0/0x130 [ 148.775196][ T6806] should_fail_ex+0x414/0x560 [ 148.775228][ T6806] _copy_from_iter+0x1db/0x16f0 [ 148.775258][ T6806] ? rcu_is_watching+0x15/0xb0 [ 148.775292][ T6806] ? rcu_is_watching+0x15/0xb0 [ 148.775325][ T6806] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 148.775348][ T6806] ? __pfx__copy_from_iter+0x10/0x10 [ 148.775379][ T6806] ? __build_skb_around+0x257/0x3e0 [ 148.775403][ T6806] ? netlink_sendmsg+0x642/0xb30 [ 148.775424][ T6806] ? skb_put+0x11b/0x210 [ 148.775451][ T6806] netlink_sendmsg+0x6b2/0xb30 [ 148.775485][ T6806] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.775518][ T6806] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.775542][ T6806] __sock_sendmsg+0x219/0x270 [ 148.775573][ T6806] ____sys_sendmsg+0x505/0x830 [ 148.775602][ T6806] ? __pfx_____sys_sendmsg+0x10/0x10 [ 148.775634][ T6806] ? ___sys_sendmsg+0x205/0x2a0 [ 148.775666][ T6806] ___sys_sendmsg+0x21f/0x2a0 [ 148.775694][ T6806] ? __pfx____sys_sendmsg+0x10/0x10 [ 148.775734][ T6806] ? irqentry_enter+0x3d/0x60 [ 148.775799][ T6806] ? __x64_sys_sendmsg+0x180/0x260 [ 148.775833][ T6806] __x64_sys_sendmsg+0x19b/0x260 [ 148.775861][ T6806] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 148.775915][ T6806] do_syscall_64+0xfa/0x3b0 [ 148.775948][ T6806] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.775967][ T6806] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 148.775988][ T6806] ? clear_bhb_loop+0x60/0xb0 [ 148.776014][ T6806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.776034][ T6806] RIP: 0033:0x7f34df18e929 [ 148.776054][ T6806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.776071][ T6806] RSP: 002b:00007f34e0035038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 148.776093][ T6806] RAX: ffffffffffffffda RBX: 00007f34df3b5fa0 RCX: 00007f34df18e929 [ 148.776108][ T6806] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000c [ 148.776121][ T6806] RBP: 00007f34e0035090 R08: 0000000000000000 R09: 0000000000000000 [ 148.776133][ T6806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.776146][ T6806] R13: 0000000000000000 R14: 00007f34df3b5fa0 R15: 00007ffef0c82898 [ 148.776179][ T6806] [ 150.593720][ T6838] netlink: 'syz.4.267': attribute type 27 has an invalid length. [ 150.630934][ T6838] netlink: 164 bytes leftover after parsing attributes in process `syz.4.267'. [ 151.154125][ T6852] netlink: 2 bytes leftover after parsing attributes in process `syz.3.272'. [ 151.247687][ T6852] batadv_slave_1: entered promiscuous mode [ 151.660708][ T6859] netlink: 'syz.4.274': attribute type 2 has an invalid length. [ 151.781322][ T6859] netlink: 'syz.4.274': attribute type 1 has an invalid length. [ 151.831323][ T6859] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.274'. [ 151.931272][ T6859] nbd: must specify at least one socket [ 153.120467][ T6889] FAULT_INJECTION: forcing a failure. [ 153.120467][ T6889] name failslab, interval 1, probability 0, space 0, times 0 [ 153.143601][ T6889] CPU: 0 UID: 0 PID: 6889 Comm: syz.4.284 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 153.143630][ T6889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 153.143643][ T6889] Call Trace: [ 153.143651][ T6889] [ 153.143667][ T6889] dump_stack_lvl+0x189/0x250 [ 153.143704][ T6889] ? __pfx____ratelimit+0x10/0x10 [ 153.143735][ T6889] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.143766][ T6889] ? __pfx__printk+0x10/0x10 [ 153.143796][ T6889] ? __pfx___might_resched+0x10/0x10 [ 153.143833][ T6889] should_fail_ex+0x414/0x560 [ 153.143866][ T6889] should_failslab+0xa8/0x100 [ 153.143891][ T6889] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 153.143913][ T6889] ? __alloc_skb+0x112/0x2d0 [ 153.143940][ T6889] __alloc_skb+0x112/0x2d0 [ 153.143967][ T6889] netlink_sendmsg+0x5c6/0xb30 [ 153.144003][ T6889] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.144031][ T6889] ? aa_sock_msg_perm+0x94/0x160 [ 153.144059][ T6889] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 153.144085][ T6889] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.144109][ T6889] __sock_sendmsg+0x219/0x270 [ 153.144144][ T6889] ____sys_sendmsg+0x505/0x830 [ 153.144176][ T6889] ? __pfx_____sys_sendmsg+0x10/0x10 [ 153.144214][ T6889] ? import_iovec+0x74/0xa0 [ 153.144238][ T6889] ___sys_sendmsg+0x21f/0x2a0 [ 153.144266][ T6889] ? __pfx____sys_sendmsg+0x10/0x10 [ 153.144338][ T6889] ? __fget_files+0x2a/0x420 [ 153.144359][ T6889] ? __fget_files+0x3a0/0x420 [ 153.144396][ T6889] __x64_sys_sendmsg+0x19b/0x260 [ 153.144424][ T6889] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 153.144460][ T6889] ? __pfx_ksys_write+0x10/0x10 [ 153.144477][ T6889] ? rcu_is_watching+0x15/0xb0 [ 153.144514][ T6889] ? do_syscall_64+0xbe/0x3b0 [ 153.144549][ T6889] do_syscall_64+0xfa/0x3b0 [ 153.144576][ T6889] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.144605][ T6889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.144625][ T6889] ? clear_bhb_loop+0x60/0xb0 [ 153.144651][ T6889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.144677][ T6889] RIP: 0033:0x7fadab98e929 [ 153.144695][ T6889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.144711][ T6889] RSP: 002b:00007fadac743038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 153.144731][ T6889] RAX: ffffffffffffffda RBX: 00007fadabbb5fa0 RCX: 00007fadab98e929 [ 153.144745][ T6889] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 153.144757][ T6889] RBP: 00007fadac743090 R08: 0000000000000000 R09: 0000000000000000 [ 153.144769][ T6889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.144780][ T6889] R13: 0000000000000000 R14: 00007fadabbb5fa0 R15: 00007ffe7895ae98 [ 153.144815][ T6889] [ 153.486919][ T6893] FAULT_INJECTION: forcing a failure. [ 153.486919][ T6893] name failslab, interval 1, probability 0, space 0, times 0 [ 153.554536][ T6893] CPU: 1 UID: 0 PID: 6893 Comm: syz.0.285 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 153.554566][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 153.554579][ T6893] Call Trace: [ 153.554587][ T6893] [ 153.554596][ T6893] dump_stack_lvl+0x189/0x250 [ 153.554633][ T6893] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.554665][ T6893] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.554718][ T6893] should_fail_ex+0x414/0x560 [ 153.554750][ T6893] should_failslab+0xa8/0x100 [ 153.554775][ T6893] __kmalloc_cache_node_noprof+0x73/0x3d0 [ 153.554798][ T6893] ? __get_vm_area_node+0x13f/0x300 [ 153.554824][ T6893] __get_vm_area_node+0x13f/0x300 [ 153.554851][ T6893] __vmalloc_node_range_noprof+0x301/0x12f0 [ 153.554876][ T6893] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.554924][ T6893] ? perf_trace_preemptirq_template+0x280/0x340 [ 153.554957][ T6893] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 153.554990][ T6893] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 153.555015][ T6893] ? __pfx_aa_get_newest_label+0x10/0x10 [ 153.555050][ T6893] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.555077][ T6893] __vmalloc_noprof+0xb1/0xf0 [ 153.555100][ T6893] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.555133][ T6893] bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.555168][ T6893] bpf_prog_alloc+0x3c/0x1a0 [ 153.555200][ T6893] bpf_prog_load+0x735/0x1930 [ 153.555243][ T6893] ? __pfx_bpf_prog_load+0x10/0x10 [ 153.555298][ T6893] ? bpf_lsm_bpf+0x9/0x20 [ 153.555327][ T6893] ? security_bpf+0x7e/0x300 [ 153.555353][ T6893] __sys_bpf+0x5f1/0x860 [ 153.555391][ T6893] ? __pfx___sys_bpf+0x10/0x10 [ 153.555436][ T6893] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 153.555476][ T6893] __x64_sys_bpf+0x7c/0x90 [ 153.555501][ T6893] do_syscall_64+0xfa/0x3b0 [ 153.555533][ T6893] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.555552][ T6893] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 153.555573][ T6893] ? clear_bhb_loop+0x60/0xb0 [ 153.555598][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.555617][ T6893] RIP: 0033:0x7fa44d18e929 [ 153.555635][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.555652][ T6893] RSP: 002b:00007fa44dfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 153.555673][ T6893] RAX: ffffffffffffffda RBX: 00007fa44d3b5fa0 RCX: 00007fa44d18e929 [ 153.555688][ T6893] RDX: 0000000000000094 RSI: 00002000000002c0 RDI: 0000000000000005 [ 153.555701][ T6893] RBP: 00007fa44dfe3090 R08: 0000000000000000 R09: 0000000000000000 [ 153.555713][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.555725][ T6893] R13: 0000000000000000 R14: 00007fa44d3b5fa0 R15: 00007fff424572e8 [ 153.555757][ T6893] [ 153.835933][ T6893] syz.0.285: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 153.853287][ T6893] CPU: 0 UID: 0 PID: 6893 Comm: syz.0.285 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 153.853315][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 153.853327][ T6893] Call Trace: [ 153.853335][ T6893] [ 153.853343][ T6893] dump_stack_lvl+0x189/0x250 [ 153.853390][ T6893] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.853421][ T6893] ? __pfx__printk+0x10/0x10 [ 153.853443][ T6893] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 153.853465][ T6893] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 153.853489][ T6893] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 153.853514][ T6893] warn_alloc+0x214/0x310 [ 153.853543][ T6893] ? __pfx_warn_alloc+0x10/0x10 [ 153.853568][ T6893] ? __get_vm_area_node+0x13f/0x300 [ 153.853592][ T6893] ? __get_vm_area_node+0x2b5/0x300 [ 153.853620][ T6893] __vmalloc_node_range_noprof+0x326/0x12f0 [ 153.853658][ T6893] ? perf_trace_preemptirq_template+0x280/0x340 [ 153.853690][ T6893] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 153.853718][ T6893] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 153.853742][ T6893] ? __pfx_aa_get_newest_label+0x10/0x10 [ 153.853776][ T6893] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.853802][ T6893] __vmalloc_noprof+0xb1/0xf0 [ 153.853822][ T6893] ? bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.853853][ T6893] bpf_prog_alloc_no_stats+0x4a/0x4e0 [ 153.853887][ T6893] bpf_prog_alloc+0x3c/0x1a0 [ 153.853917][ T6893] bpf_prog_load+0x735/0x1930 [ 153.853957][ T6893] ? __pfx_bpf_prog_load+0x10/0x10 [ 153.854008][ T6893] ? bpf_lsm_bpf+0x9/0x20 [ 153.854035][ T6893] ? security_bpf+0x7e/0x300 [ 153.854060][ T6893] __sys_bpf+0x5f1/0x860 [ 153.854088][ T6893] ? __pfx___sys_bpf+0x10/0x10 [ 153.854131][ T6893] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 153.854170][ T6893] __x64_sys_bpf+0x7c/0x90 [ 153.854194][ T6893] do_syscall_64+0xfa/0x3b0 [ 153.854224][ T6893] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.854243][ T6893] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 153.854263][ T6893] ? clear_bhb_loop+0x60/0xb0 [ 153.854287][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.854306][ T6893] RIP: 0033:0x7fa44d18e929 [ 153.854323][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.854340][ T6893] RSP: 002b:00007fa44dfe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 153.854366][ T6893] RAX: ffffffffffffffda RBX: 00007fa44d3b5fa0 RCX: 00007fa44d18e929 [ 153.854380][ T6893] RDX: 0000000000000094 RSI: 00002000000002c0 RDI: 0000000000000005 [ 153.854392][ T6893] RBP: 00007fa44dfe3090 R08: 0000000000000000 R09: 0000000000000000 [ 153.854404][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.854416][ T6893] R13: 0000000000000000 R14: 00007fa44d3b5fa0 R15: 00007fff424572e8 [ 153.854447][ T6893] [ 153.854495][ T6893] Mem-Info: [ 153.932315][ T6896] netlink: 763 bytes leftover after parsing attributes in process `syz.2.287'. [ 153.939089][ T6893] active_anon:5274 inactive_anon:0 isolated_anon:0 [ 153.939089][ T6893] active_file:13775 inactive_file:39847 isolated_file:0 [ 153.939089][ T6893] unevictable:768 dirty:472 writeback:0 [ 153.939089][ T6893] slab_reclaimable:10896 slab_unreclaimable:104005 [ 153.939089][ T6893] mapped:29617 shmem:1362 pagetables:1180 [ 153.939089][ T6893] sec_pagetables:0 bounce:0 [ 153.939089][ T6893] kernel_misc_reclaimable:0 [ 153.939089][ T6893] free:1313186 free_pcp:15402 free_cma:0 [ 153.939188][ T6893] Node 0 active_anon:21096kB inactive_anon:0kB active_file:55100kB inactive_file:159184kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118468kB dirty:1888kB writeback:0kB shmem:3912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12068kB pagetables:4560kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 153.939283][ T6893] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 153.939356][ T6893] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 153.939475][ T6893] lowmem_reserve[]: 0 2500 2502 2502 2502 [ 153.939760][ T6893] Node 0 DMA32 free:1337024kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21052kB inactive_anon:0kB active_file:55100kB inactive_file:157352kB unevictable:1536kB writepending:1888kB present:3129332kB managed:2560992kB mlocked:0kB bounce:0kB free_pcp:42176kB local_pcp:21412kB free_cma:0kB [ 153.939880][ T6893] lowmem_reserve[]: 0 0 1 1 1 [ 153.940118][ T6893] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 153.940221][ T6893] lowmem_reserve[]: 0 0 0 0 0 [ 153.940453][ T6893] Node 1 Normal free:3900344kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19424kB local_pcp:9440kB free_cma:0kB [ 153.940571][ T6893] lowmem_reserve[]: 0 0 0 0 0 [ 153.940835][ T6893] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 153.941551][ T6893] Node 0 DMA32: 398*4kB (UME) 827*8kB (UME) 638*16kB (UME) 730*32kB (UME) 268*64kB (UME) 55*128kB (UME) 45*256kB (UME) 16*512kB (UM) 10*1024kB (UM) 6*2048kB (UM) 300*4096kB (M) = 1337008kB [ 153.943159][ T6893] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 153.943803][ T6893] Node 1 Normal: 176*4kB (UE) 51*8kB (UME) 44*16kB (UME) 89*32kB (UME) 28*64kB (UME) 7*128kB (UME) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3900344kB [ 153.944826][ T6893] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.944872][ T6893] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 153.944918][ T6893] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.944971][ T6893] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 153.945010][ T6893] 54980 total pagecache pages [ 153.945047][ T6893] 0 pages in swap cache [ 153.945090][ T6893] Free swap = 124996kB [ 153.945135][ T6893] Total swap = 124996kB [ 153.945181][ T6893] 2097051 pages RAM [ 153.945210][ T6893] 0 pages HighMem/MovableOnly [ 153.945256][ T6893] 424697 pages reserved [ 153.945301][ T6893] 0 pages cma reserved [ 153.995875][ T6900] netlink: 'syz.4.288': attribute type 10 has an invalid length. [ 154.008621][ T6896] netlink: 'syz.2.287': attribute type 10 has an invalid length. [ 154.038684][ T6900] veth0_vlan: left promiscuous mode [ 154.039886][ T6900] veth0_vlan: entered promiscuous mode [ 154.042814][ T6900] team0: Device veth0_vlan failed to register rx_handler [ 154.672747][ T6896] netlink: 40 bytes leftover after parsing attributes in process `syz.2.287'. [ 154.718522][ T6896] team0: entered promiscuous mode [ 154.753757][ T6896] team_slave_0: entered promiscuous mode [ 154.777426][ T6896] team_slave_1: entered promiscuous mode [ 154.798030][ T6896] team0: entered allmulticast mode [ 154.808223][ T6896] team_slave_0: entered allmulticast mode [ 154.815345][ T6896] team_slave_1: entered allmulticast mode [ 154.824848][ T6896] : (slave team0): Releasing backup interface [ 154.848973][ T6896] bridge0: port 3(team0) entered blocking state [ 154.860508][ T6896] bridge0: port 3(team0) entered disabled state [ 154.870054][ T6907] netlink: 60 bytes leftover after parsing attributes in process `syz.3.290'. [ 154.903089][ T6910] FAULT_INJECTION: forcing a failure. [ 154.903089][ T6910] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.966868][ T6910] CPU: 0 UID: 0 PID: 6910 Comm: syz.3.290 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 154.966898][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.966910][ T6910] Call Trace: [ 154.966918][ T6910] [ 154.966927][ T6910] dump_stack_lvl+0x189/0x250 [ 154.966963][ T6910] ? __pfx____ratelimit+0x10/0x10 [ 154.966994][ T6910] ? __pfx_dump_stack_lvl+0x10/0x10 [ 154.967025][ T6910] ? __pfx__printk+0x10/0x10 [ 154.967047][ T6910] ? __might_fault+0xb0/0x130 [ 154.967079][ T6910] should_fail_ex+0x414/0x560 [ 154.967110][ T6910] _copy_to_iter+0x3f5/0x16f0 [ 154.967150][ T6910] ? __pfx__copy_to_iter+0x10/0x10 [ 154.967175][ T6910] ? __skb_try_recv_from_queue+0x2b2/0x730 [ 154.967210][ T6910] ? __skb_try_recv_datagram+0x3da/0x4e0 [ 154.967244][ T6910] __skb_datagram_iter+0xf8/0x990 [ 154.967273][ T6910] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 154.967310][ T6910] skb_copy_datagram_iter+0xc5/0x230 [ 154.967342][ T6910] netlink_recvmsg+0x2ab/0xa30 [ 154.967376][ T6910] ? __pfx_netlink_recvmsg+0x10/0x10 [ 154.967404][ T6910] ? aa_sock_msg_perm+0x94/0x160 [ 154.967432][ T6910] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 154.967456][ T6910] ? security_socket_recvmsg+0x7e/0x2e0 [ 154.967487][ T6910] ? __pfx_netlink_recvmsg+0x10/0x10 [ 154.967509][ T6910] sock_recvmsg+0x229/0x270 [ 154.967551][ T6910] ____sys_recvmsg+0x1c9/0x460 [ 154.967586][ T6910] ? __pfx_____sys_recvmsg+0x10/0x10 [ 154.967629][ T6910] ? import_iovec+0x74/0xa0 [ 154.967652][ T6910] ___sys_recvmsg+0x1b5/0x510 [ 154.967683][ T6910] ? __pfx____sys_recvmsg+0x10/0x10 [ 154.967736][ T6910] ? __fget_files+0x3a0/0x420 [ 154.967771][ T6910] __x64_sys_recvmsg+0x198/0x260 [ 154.967800][ T6910] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 154.967836][ T6910] ? __pfx_ksys_write+0x10/0x10 [ 154.967866][ T6910] ? do_syscall_64+0xbe/0x3b0 [ 154.967900][ T6910] do_syscall_64+0xfa/0x3b0 [ 154.967928][ T6910] ? lockdep_hardirqs_on+0x9c/0x150 [ 154.967957][ T6910] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.967977][ T6910] ? clear_bhb_loop+0x60/0xb0 [ 154.968001][ T6910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.968019][ T6910] RIP: 0033:0x7ff247b8e929 [ 154.968038][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.968054][ T6910] RSP: 002b:00007ff248a36038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 154.968076][ T6910] RAX: ffffffffffffffda RBX: 00007ff247db6080 RCX: 00007ff247b8e929 [ 154.968090][ T6910] RDX: 0000000040012100 RSI: 0000200000000040 RDI: 0000000000000003 [ 154.968102][ T6910] RBP: 00007ff248a36090 R08: 0000000000000000 R09: 0000000000000000 [ 154.968114][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.968125][ T6910] R13: 0000000000000001 R14: 00007ff247db6080 R15: 00007ffd7d2a7d68 [ 154.968156][ T6910] [ 155.257192][ T6910] netlink: 60 bytes leftover after parsing attributes in process `syz.3.290'. [ 155.348219][ T6919] netlink: 60 bytes leftover after parsing attributes in process `syz.4.293'. [ 155.360033][ T6919] netlink: 60 bytes leftover after parsing attributes in process `syz.4.293'. [ 155.575480][ T6933] netlink: 'syz.4.298': attribute type 13 has an invalid length. [ 155.607969][ T6933] netlink: 188 bytes leftover after parsing attributes in process `syz.4.298'. [ 156.449195][ T6955] netlink: 'syz.3.305': attribute type 21 has an invalid length. [ 156.464513][ T6955] netlink: 132 bytes leftover after parsing attributes in process `syz.3.305'. [ 156.706818][ T6966] netlink: 'syz.0.307': attribute type 10 has an invalid length. [ 156.721343][ T6966] veth0_vlan: left promiscuous mode [ 156.747302][ T6966] veth0_vlan: entered promiscuous mode [ 156.774981][ T6966] team0: Device veth0_vlan failed to register rx_handler [ 157.680589][ T6978] bridge0: port 3(team0) entered disabled state [ 157.687413][ T6978] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.695164][ T6978] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.746077][ T6978] bridge0: entered allmulticast mode [ 158.322919][ T7011] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f [ 158.541430][ T7023] netlink: 60 bytes leftover after parsing attributes in process `syz.3.324'. [ 158.556889][ T7018] netlink: 60 bytes leftover after parsing attributes in process `syz.3.324'. [ 159.757080][ T7046] netlink: 'syz.2.337': attribute type 10 has an invalid length. [ 159.959098][ T7054] netlink: 763 bytes leftover after parsing attributes in process `syz.0.335'. [ 160.015295][ T7054] netlink: 'syz.0.335': attribute type 10 has an invalid length. [ 160.070876][ T7046] veth0_vlan: left promiscuous mode [ 160.081234][ T7054] netlink: 40 bytes leftover after parsing attributes in process `syz.0.335'. [ 160.111187][ T7046] veth0_vlan: entered promiscuous mode [ 160.192445][ T7046] team0: Device veth0_vlan failed to register rx_handler [ 160.399107][ T7059] netlink: 'syz.1.339': attribute type 10 has an invalid length. [ 160.435278][ T7059] veth0_vlan: left promiscuous mode [ 160.530776][ T7059] veth0_vlan: entered promiscuous mode [ 160.656765][ T7059] team0: Device veth0_vlan failed to register rx_handler [ 161.072551][ T7073] FAULT_INJECTION: forcing a failure. [ 161.072551][ T7073] name failslab, interval 1, probability 0, space 0, times 0 [ 161.099795][ T7073] CPU: 1 UID: 0 PID: 7073 Comm: syz.2.344 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 161.099826][ T7073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.099846][ T7073] Call Trace: [ 161.099855][ T7073] [ 161.099865][ T7073] dump_stack_lvl+0x189/0x250 [ 161.099903][ T7073] ? __pfx____ratelimit+0x10/0x10 [ 161.099932][ T7073] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.099963][ T7073] ? __pfx__printk+0x10/0x10 [ 161.099992][ T7073] ? __pfx___might_resched+0x10/0x10 [ 161.100029][ T7073] should_fail_ex+0x414/0x560 [ 161.100059][ T7073] should_failslab+0xa8/0x100 [ 161.100082][ T7073] __kmalloc_cache_noprof+0x70/0x3d0 [ 161.100102][ T7073] ? rtnl_newlink+0xed/0x1c70 [ 161.100119][ T7073] ? kasan_save_free_info+0x46/0x50 [ 161.100149][ T7073] rtnl_newlink+0xed/0x1c70 [ 161.100166][ T7073] ? netlink_sendmsg+0x805/0xb30 [ 161.100186][ T7073] ? __sock_sendmsg+0x219/0x270 [ 161.100213][ T7073] ? sock_write_iter+0x258/0x330 [ 161.100237][ T7073] ? vfs_write+0x54b/0xa90 [ 161.100264][ T7073] ? ksys_write+0x145/0x250 [ 161.100279][ T7073] ? do_syscall_64+0xfa/0x3b0 [ 161.100307][ T7073] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.100335][ T7073] ? __pfx_rtnl_newlink+0x10/0x10 [ 161.100359][ T7073] ? perf_trace_preemptirq_template+0xa3/0x340 [ 161.100384][ T7073] ? kasan_quarantine_put+0x3d/0x220 [ 161.100415][ T7073] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 161.100457][ T7073] ? perf_trace_preemptirq_template+0xa3/0x340 [ 161.100495][ T7073] ? __local_bh_enable_ip+0xce/0x1c0 [ 161.100527][ T7073] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 161.100553][ T7073] ? perf_trace_lock+0xec/0x3b0 [ 161.100582][ T7073] ? nlmon_xmit+0xb0/0x100 [ 161.100621][ T7073] ? __local_bh_enable_ip+0x12d/0x1c0 [ 161.100651][ T7073] ? lockdep_hardirqs_on+0x9c/0x150 [ 161.100681][ T7073] ? __local_bh_enable_ip+0x12d/0x1c0 [ 161.100711][ T7073] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 161.100745][ T7073] ? __dev_queue_xmit+0x27e/0x3a70 [ 161.100778][ T7073] ? perf_trace_lock+0xec/0x3b0 [ 161.100815][ T7073] ? __pfx_perf_trace_lock+0x10/0x10 [ 161.100865][ T7073] ? rcu_read_unlock+0x87/0xa0 [ 161.100909][ T7073] ? __pfx_rtnl_newlink+0x10/0x10 [ 161.100928][ T7073] rtnetlink_rcv_msg+0x7cc/0xb70 [ 161.100953][ T7073] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 161.100972][ T7073] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 161.100989][ T7073] ? ref_tracker_free+0x63a/0x7d0 [ 161.101014][ T7073] ? __copy_skb_header+0xa7/0x550 [ 161.101042][ T7073] ? __pfx_ref_tracker_free+0x10/0x10 [ 161.101067][ T7073] ? __skb_clone+0x63/0x7a0 [ 161.101101][ T7073] netlink_rcv_skb+0x205/0x470 [ 161.101124][ T7073] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 161.101150][ T7073] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 161.101187][ T7073] ? netlink_deliver_tap+0x2e/0x1b0 [ 161.101208][ T7073] ? netlink_deliver_tap+0x2e/0x1b0 [ 161.101237][ T7073] netlink_unicast+0x758/0x8d0 [ 161.101269][ T7073] netlink_sendmsg+0x805/0xb30 [ 161.101302][ T7073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.101329][ T7073] ? aa_sock_msg_perm+0x94/0x160 [ 161.101357][ T7073] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 161.101383][ T7073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.101407][ T7073] __sock_sendmsg+0x219/0x270 [ 161.101440][ T7073] sock_write_iter+0x258/0x330 [ 161.101472][ T7073] ? __pfx_sock_write_iter+0x10/0x10 [ 161.101497][ T7073] ? perf_trace_lock+0xec/0x3b0 [ 161.101539][ T7073] ? bpf_lsm_file_permission+0x9/0x20 [ 161.101567][ T7073] ? security_file_permission+0x75/0x290 [ 161.101597][ T7073] vfs_write+0x54b/0xa90 [ 161.101634][ T7073] ? __pfx_sock_write_iter+0x10/0x10 [ 161.101662][ T7073] ? __pfx_vfs_write+0x10/0x10 [ 161.101705][ T7073] ? __fget_files+0x2a/0x420 [ 161.101739][ T7073] ksys_write+0x145/0x250 [ 161.101760][ T7073] ? __pfx_ksys_write+0x10/0x10 [ 161.101776][ T7073] ? rcu_is_watching+0x15/0xb0 [ 161.101814][ T7073] ? do_syscall_64+0xbe/0x3b0 [ 161.101874][ T7073] do_syscall_64+0xfa/0x3b0 [ 161.101904][ T7073] ? lockdep_hardirqs_on+0x9c/0x150 [ 161.101932][ T7073] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.101952][ T7073] ? clear_bhb_loop+0x60/0xb0 [ 161.101978][ T7073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.101998][ T7073] RIP: 0033:0x7f34df18e929 [ 161.102017][ T7073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.102033][ T7073] RSP: 002b:00007f34e0035038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.102054][ T7073] RAX: ffffffffffffffda RBX: 00007f34df3b5fa0 RCX: 00007f34df18e929 [ 161.102068][ T7073] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003 [ 161.102080][ T7073] RBP: 00007f34e0035090 R08: 0000000000000000 R09: 0000000000000000 [ 161.102091][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.102103][ T7073] R13: 0000000000000000 R14: 00007f34df3b5fa0 R15: 00007ffef0c82898 [ 161.102135][ T7073] [ 161.937263][ T5948] page_pool_release_retry() stalled pool shutdown: id 24, 1 inflight 60 sec [ 162.199404][ T7091] netlink: 'syz.2.351': attribute type 2 has an invalid length. [ 162.207447][ T7091] netlink: 119 bytes leftover after parsing attributes in process `syz.2.351'. [ 162.308353][ T7093] netlink: 2 bytes leftover after parsing attributes in process `syz.4.350'. [ 162.392647][ T7093] batadv_slave_1: entered promiscuous mode [ 162.750671][ T7106] FAULT_INJECTION: forcing a failure. [ 162.750671][ T7106] name failslab, interval 1, probability 0, space 0, times 0 [ 162.812661][ T7106] CPU: 1 UID: 0 PID: 7106 Comm: syz.1.356 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 162.812689][ T7106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.812700][ T7106] Call Trace: [ 162.812708][ T7106] [ 162.812716][ T7106] dump_stack_lvl+0x189/0x250 [ 162.812763][ T7106] ? __pfx____ratelimit+0x10/0x10 [ 162.812789][ T7106] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.812817][ T7106] ? __pfx__printk+0x10/0x10 [ 162.812843][ T7106] ? ref_tracker_alloc+0x318/0x460 [ 162.812869][ T7106] should_fail_ex+0x414/0x560 [ 162.812895][ T7106] should_failslab+0xa8/0x100 [ 162.812915][ T7106] kmem_cache_alloc_noprof+0x73/0x3c0 [ 162.812944][ T7106] ? skb_clone+0x212/0x3a0 [ 162.812972][ T7106] skb_clone+0x212/0x3a0 [ 162.813002][ T7106] __netlink_deliver_tap+0x404/0x850 [ 162.813041][ T7106] ? netlink_deliver_tap+0x2e/0x1b0 [ 162.813066][ T7106] netlink_deliver_tap+0x19c/0x1b0 [ 162.813090][ T7106] netlink_unicast+0x72f/0x8d0 [ 162.813122][ T7106] netlink_sendmsg+0x805/0xb30 [ 162.813158][ T7106] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.813185][ T7106] ? aa_sock_msg_perm+0x94/0x160 [ 162.813214][ T7106] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 162.813240][ T7106] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.813264][ T7106] __sock_sendmsg+0x219/0x270 [ 162.813299][ T7106] ____sys_sendmsg+0x505/0x830 [ 162.813331][ T7106] ? __pfx_____sys_sendmsg+0x10/0x10 [ 162.813369][ T7106] ? import_iovec+0x74/0xa0 [ 162.813394][ T7106] ___sys_sendmsg+0x21f/0x2a0 [ 162.813423][ T7106] ? __pfx____sys_sendmsg+0x10/0x10 [ 162.813494][ T7106] ? __fget_files+0x2a/0x420 [ 162.813517][ T7106] ? __fget_files+0x3a0/0x420 [ 162.813564][ T7106] __x64_sys_sendmsg+0x19b/0x260 [ 162.813593][ T7106] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 162.813631][ T7106] ? __pfx_ksys_write+0x10/0x10 [ 162.813648][ T7106] ? rcu_is_watching+0x15/0xb0 [ 162.813688][ T7106] ? do_syscall_64+0xbe/0x3b0 [ 162.813735][ T7106] do_syscall_64+0xfa/0x3b0 [ 162.813764][ T7106] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.813794][ T7106] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.813815][ T7106] ? clear_bhb_loop+0x60/0xb0 [ 162.813841][ T7106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.813862][ T7106] RIP: 0033:0x7fc616f8e929 [ 162.813881][ T7106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.813898][ T7106] RSP: 002b:00007fc617df2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 162.813922][ T7106] RAX: ffffffffffffffda RBX: 00007fc6171b5fa0 RCX: 00007fc616f8e929 [ 162.813937][ T7106] RDX: 0000000000008000 RSI: 0000200000000600 RDI: 0000000000000003 [ 162.813950][ T7106] RBP: 00007fc617df2090 R08: 0000000000000000 R09: 0000000000000000 [ 162.814057][ T7106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.814081][ T7106] R13: 0000000000000000 R14: 00007fc6171b5fa0 R15: 00007fff7645d118 [ 162.814116][ T7106] [ 163.169417][ T7117] FAULT_INJECTION: forcing a failure. [ 163.169417][ T7117] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.219784][ T7117] CPU: 1 UID: 0 PID: 7117 Comm: syz.2.360 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 163.219815][ T7117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.219827][ T7117] Call Trace: [ 163.219837][ T7117] [ 163.219846][ T7117] dump_stack_lvl+0x189/0x250 [ 163.219886][ T7117] ? __pfx____ratelimit+0x10/0x10 [ 163.219918][ T7117] ? __pfx_dump_stack_lvl+0x10/0x10 [ 163.219977][ T7117] ? __pfx__printk+0x10/0x10 [ 163.220001][ T7117] ? __might_fault+0xb0/0x130 [ 163.220028][ T7117] should_fail_ex+0x414/0x560 [ 163.220053][ T7117] _copy_from_user+0x2d/0xb0 [ 163.220071][ T7117] inet6_ioctl+0x180/0x280 [ 163.220098][ T7117] ? __pfx_inet6_ioctl+0x10/0x10 [ 163.220122][ T7117] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 163.220147][ T7117] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 163.220178][ T7117] sock_do_ioctl+0xd9/0x300 [ 163.220206][ T7117] ? __pfx_sock_do_ioctl+0x10/0x10 [ 163.220229][ T7117] ? __lock_acquire+0xab9/0xd20 [ 163.220266][ T7117] sock_ioctl+0x576/0x790 [ 163.220291][ T7117] ? __pfx_sock_ioctl+0x10/0x10 [ 163.220313][ T7117] ? __fget_files+0x2a/0x420 [ 163.220329][ T7117] ? __fget_files+0x3a0/0x420 [ 163.220345][ T7117] ? __fget_files+0x2a/0x420 [ 163.220366][ T7117] ? bpf_lsm_file_ioctl+0x9/0x20 [ 163.220389][ T7117] ? __pfx_sock_ioctl+0x10/0x10 [ 163.220411][ T7117] __se_sys_ioctl+0xf9/0x170 [ 163.220438][ T7117] do_syscall_64+0xfa/0x3b0 [ 163.220461][ T7117] ? lockdep_hardirqs_on+0x9c/0x150 [ 163.220483][ T7117] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.220498][ T7117] ? clear_bhb_loop+0x60/0xb0 [ 163.220518][ T7117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.220533][ T7117] RIP: 0033:0x7f34df18e929 [ 163.220549][ T7117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.220564][ T7117] RSP: 002b:00007f34e0014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.220584][ T7117] RAX: ffffffffffffffda RBX: 00007f34df3b6080 RCX: 00007f34df18e929 [ 163.220597][ T7117] RDX: 0000200000000000 RSI: 000000000000890b RDI: 0000000000000005 [ 163.220607][ T7117] RBP: 00007f34e0014090 R08: 0000000000000000 R09: 0000000000000000 [ 163.220617][ T7117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 163.220627][ T7117] R13: 0000000000000000 R14: 00007f34df3b6080 R15: 00007ffef0c82898 [ 163.220653][ T7117] [ 163.745537][ T7127] netlink: 763 bytes leftover after parsing attributes in process `syz.3.362'. [ 163.889114][ T7127] netlink: 'syz.3.362': attribute type 10 has an invalid length. [ 163.910225][ T7127] netlink: 40 bytes leftover after parsing attributes in process `syz.3.362'. [ 164.131719][ T7138] netlink: 763 bytes leftover after parsing attributes in process `syz.2.363'. [ 164.232605][ T7142] netlink: 'syz.2.363': attribute type 10 has an invalid length. [ 164.278977][ T7142] netlink: 40 bytes leftover after parsing attributes in process `syz.2.363'. [ 164.291845][ T7142] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.171119][ T7184] FAULT_INJECTION: forcing a failure. [ 166.171119][ T7184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 166.231114][ T7184] CPU: 1 UID: 0 PID: 7184 Comm: syz.3.383 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 166.231145][ T7184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.231158][ T7184] Call Trace: [ 166.231168][ T7184] [ 166.231179][ T7184] dump_stack_lvl+0x189/0x250 [ 166.231222][ T7184] ? __pfx____ratelimit+0x10/0x10 [ 166.231258][ T7184] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.231295][ T7184] ? __pfx__printk+0x10/0x10 [ 166.231324][ T7184] ? __might_fault+0xb0/0x130 [ 166.231356][ T7184] ? __might_fault+0xb0/0x130 [ 166.231397][ T7184] should_fail_ex+0x414/0x560 [ 166.231443][ T7184] _copy_from_iter+0x1db/0x16f0 [ 166.231489][ T7184] ? sock_alloc_send_pskb+0x875/0x990 [ 166.231547][ T7184] ? __pfx__copy_from_iter+0x10/0x10 [ 166.231609][ T7184] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 166.231653][ T7184] skb_copy_datagram_from_iter+0xf5/0x720 [ 166.231700][ T7184] ? skb_put+0x11b/0x210 [ 166.231740][ T7184] unix_stream_sendmsg+0x5a1/0xc90 [ 166.231819][ T7184] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 166.231858][ T7184] ? perf_trace_run_bpf_submit+0xee/0x170 [ 166.231889][ T7184] ? aa_sock_msg_perm+0x94/0x160 [ 166.231925][ T7184] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 166.231952][ T7184] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 166.231983][ T7184] __sock_sendmsg+0x219/0x270 [ 166.232033][ T7184] ____sys_sendmsg+0x505/0x830 [ 166.232081][ T7184] ? __pfx_____sys_sendmsg+0x10/0x10 [ 166.232140][ T7184] ? import_iovec+0x74/0xa0 [ 166.232177][ T7184] ___sys_sendmsg+0x21f/0x2a0 [ 166.232215][ T7184] ? __pfx____sys_sendmsg+0x10/0x10 [ 166.232311][ T7184] ? __fget_files+0x2a/0x420 [ 166.232376][ T7184] ? __fget_files+0x2a/0x420 [ 166.232399][ T7184] ? __fget_files+0x3a0/0x420 [ 166.232458][ T7184] __x64_sys_sendmsg+0x19b/0x260 [ 166.232497][ T7184] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 166.232564][ T7184] ? __pfx_ksys_write+0x10/0x10 [ 166.232581][ T7184] ? rcu_is_watching+0x15/0xb0 [ 166.232632][ T7184] ? do_syscall_64+0xbe/0x3b0 [ 166.232678][ T7184] do_syscall_64+0xfa/0x3b0 [ 166.232709][ T7184] ? lockdep_hardirqs_on+0x9c/0x150 [ 166.232741][ T7184] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.232764][ T7184] ? clear_bhb_loop+0x60/0xb0 [ 166.232799][ T7184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.232820][ T7184] RIP: 0033:0x7ff247b8e929 [ 166.232842][ T7184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.232859][ T7184] RSP: 002b:00007ff248a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 166.232881][ T7184] RAX: ffffffffffffffda RBX: 00007ff247db5fa0 RCX: 00007ff247b8e929 [ 166.232896][ T7184] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000005 [ 166.232908][ T7184] RBP: 00007ff248a57090 R08: 0000000000000000 R09: 0000000000000000 [ 166.232921][ T7184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 166.232933][ T7184] R13: 0000000000000000 R14: 00007ff247db5fa0 R15: 00007ffd7d2a7d68 [ 166.232998][ T7184] [ 166.634045][ T7191] @ÿ: renamed from veth0_vlan [ 166.840173][ T7195] Dead loop on virtual device ip6_vti0, fix it urgently! [ 167.498801][ T7214] netlink: 'syz.4.394': attribute type 10 has an invalid length. [ 167.631201][ T7214] team0 (unregistering): Port device team_slave_0 removed [ 167.651423][ T7214] team0 (unregistering): Port device team_slave_1 removed [ 167.925431][ T7225] netlink: 2 bytes leftover after parsing attributes in process `syz.1.396'. [ 167.955881][ T7225] batadv_slave_1: entered promiscuous mode [ 167.982679][ T7228] netlink: 'syz.2.397': attribute type 6 has an invalid length. [ 167.993780][ T7228] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.397'. [ 168.265465][ T7236] netlink: 763 bytes leftover after parsing attributes in process `syz.1.399'. [ 168.303916][ T7236] netlink: 'syz.1.399': attribute type 10 has an invalid length. [ 168.341817][ T7236] netlink: 40 bytes leftover after parsing attributes in process `syz.1.399'. [ 168.359814][ T7238] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f [ 168.451883][ T7235] FAULT_INJECTION: forcing a failure. [ 168.451883][ T7235] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 168.474799][ T7235] CPU: 1 UID: 0 PID: 7235 Comm: syz.4.400 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 168.474830][ T7235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 168.474842][ T7235] Call Trace: [ 168.474851][ T7235] [ 168.474860][ T7235] dump_stack_lvl+0x189/0x250 [ 168.474899][ T7235] ? __pfx____ratelimit+0x10/0x10 [ 168.474930][ T7235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 168.474962][ T7235] ? __pfx__printk+0x10/0x10 [ 168.474999][ T7235] should_fail_ex+0x414/0x560 [ 168.475030][ T7235] _copy_to_user+0x31/0xb0 [ 168.475052][ T7235] simple_read_from_buffer+0xe1/0x170 [ 168.475080][ T7235] proc_fail_nth_read+0x1df/0x250 [ 168.475108][ T7235] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.475137][ T7235] ? rw_verify_area+0x258/0x650 [ 168.475167][ T7235] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.475194][ T7235] vfs_read+0x200/0x980 [ 168.475231][ T7235] ? __pfx___mutex_lock+0x10/0x10 [ 168.475262][ T7235] ? __pfx_vfs_read+0x10/0x10 [ 168.475296][ T7235] ? __fget_files+0x2a/0x420 [ 168.475324][ T7235] ? __fget_files+0x3a0/0x420 [ 168.475352][ T7235] ? __fget_files+0x2a/0x420 [ 168.475386][ T7235] ksys_read+0x145/0x250 [ 168.475424][ T7235] ? __pfx_ksys_read+0x10/0x10 [ 168.475452][ T7235] ? rcu_is_watching+0x15/0xb0 [ 168.475490][ T7235] ? do_syscall_64+0xbe/0x3b0 [ 168.475525][ T7235] do_syscall_64+0xfa/0x3b0 [ 168.475553][ T7235] ? lockdep_hardirqs_on+0x9c/0x150 [ 168.475581][ T7235] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.475602][ T7235] ? clear_bhb_loop+0x60/0xb0 [ 168.475627][ T7235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.475647][ T7235] RIP: 0033:0x7fadab98d33c [ 168.475665][ T7235] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 168.475681][ T7235] RSP: 002b:00007fadac743030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 168.475703][ T7235] RAX: ffffffffffffffda RBX: 00007fadabbb5fa0 RCX: 00007fadab98d33c [ 168.475717][ T7235] RDX: 000000000000000f RSI: 00007fadac7430a0 RDI: 0000000000000005 [ 168.475730][ T7235] RBP: 00007fadac743090 R08: 0000000000000000 R09: 0000000000000000 [ 168.475742][ T7235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.475753][ T7235] R13: 0000000000000000 R14: 00007fadabbb5fa0 R15: 00007ffe7895ae98 [ 168.475787][ T7235] [ 169.129675][ T7249] netlink: 2 bytes leftover after parsing attributes in process `syz.0.406'. [ 169.150739][ T7249] batadv_slave_1: entered promiscuous mode [ 169.410484][ T7262] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.410'. [ 169.435750][ T7261] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.412'. [ 170.419967][ T7288] netlink: 'syz.1.421': attribute type 10 has an invalid length. [ 170.767822][ T7305] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.426'. [ 170.777884][ T7301] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.426'. [ 170.789428][ T7305] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.426'. [ 170.886642][ T7310] netlink: 'syz.1.428': attribute type 17 has an invalid length. [ 170.897995][ T7310] netlink: 'syz.1.428': attribute type 16 has an invalid length. [ 171.723493][ T7332] netlink: 'syz.4.437': attribute type 11 has an invalid length. [ 171.769889][ T7332] netlink: 'syz.4.437': attribute type 10 has an invalid length. [ 172.000266][ T7332] bond0: (slave O3ãc¤±): Enslaving as an active interface with an up link [ 172.057810][ T7330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 173.100059][ T7366] netlink: 'syz.0.449': attribute type 10 has an invalid length. [ 173.182105][ T7366] veth0_vlan: left promiscuous mode [ 173.218531][ T7366] veth0_vlan: entered promiscuous mode [ 173.294842][ T7366] team0: Device veth0_vlan failed to register rx_handler [ 175.768489][ T5848] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 175.985454][ T7418] netlink: 'syz.4.467': attribute type 10 has an invalid length. [ 176.005776][ T7418] __nla_validate_parse: 11 callbacks suppressed [ 176.005850][ T7418] netlink: 40 bytes leftover after parsing attributes in process `syz.4.467'. [ 176.061986][ T7425] netlink: 'syz.2.468': attribute type 10 has an invalid length. [ 176.100664][ T7425] netlink: 40 bytes leftover after parsing attributes in process `syz.2.468'. [ 176.629776][ T7438] netlink: 'syz.0.475': attribute type 10 has an invalid length. [ 176.919819][ T7438] geneve1: entered promiscuous mode [ 176.920693][ T7448] netlink: 'syz.3.478': attribute type 10 has an invalid length. [ 176.956053][ T7438] geneve1: entered allmulticast mode [ 176.992462][ T7438] team0: Port device geneve1 added [ 177.090716][ T7448] team0: left allmulticast mode [ 177.108269][ T7448] team_slave_0: left allmulticast mode [ 177.149765][ T7448] team_slave_1: left allmulticast mode [ 177.155974][ T7448] team0: left promiscuous mode [ 177.161013][ T7448] team_slave_0: left promiscuous mode [ 177.169952][ T7448] team_slave_1: left promiscuous mode [ 177.187329][ T7448] bridge0: port 3(team0) entered disabled state [ 177.198946][ T7448] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.209627][ T7448] bond0: (slave team0): Enslaving as an active interface with an up link [ 177.270469][ T7456] pim6reg1: entered allmulticast mode [ 178.028089][ T7482] netlink: 'syz.0.488': attribute type 10 has an invalid length. [ 178.036994][ T7482] netlink: 40 bytes leftover after parsing attributes in process `syz.0.488'. [ 178.183168][ T7485] veth1_macvtap: left promiscuous mode [ 178.671097][ T7498] netlink: 64859 bytes leftover after parsing attributes in process `syz.4.494'. [ 178.723416][ T7501] FAULT_INJECTION: forcing a failure. [ 178.723416][ T7501] name failslab, interval 1, probability 0, space 0, times 0 [ 178.744801][ T7501] CPU: 1 UID: 0 PID: 7501 Comm: syz.2.495 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 178.744831][ T7501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.744843][ T7501] Call Trace: [ 178.744852][ T7501] [ 178.744860][ T7501] dump_stack_lvl+0x189/0x250 [ 178.744911][ T7501] ? __pfx____ratelimit+0x10/0x10 [ 178.744937][ T7501] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.744965][ T7501] ? __pfx__printk+0x10/0x10 [ 178.744994][ T7501] ? __pfx___might_resched+0x10/0x10 [ 178.745020][ T7501] ? fs_reclaim_acquire+0x7d/0x100 [ 178.745048][ T7501] should_fail_ex+0x414/0x560 [ 178.745093][ T7501] should_failslab+0xa8/0x100 [ 178.745115][ T7501] __kmalloc_cache_noprof+0x70/0x3d0 [ 178.745133][ T7501] ? alloc_netdev_mqs+0xbd5/0x11e0 [ 178.745173][ T7501] ? __xdp_rxq_info_reg+0x189/0x2a0 [ 178.745200][ T7501] alloc_netdev_mqs+0xbd5/0x11e0 [ 178.745237][ T7501] vti6_locate+0x5a6/0x750 [ 178.745275][ T7501] ? __pfx_vti6_locate+0x10/0x10 [ 178.745300][ T7501] ? vti6_siocdevprivate+0x508/0x700 [ 178.745330][ T7501] vti6_siocdevprivate+0x52c/0x700 [ 178.745356][ T7501] ? __pfx_vti6_siocdevprivate+0x10/0x10 [ 178.745374][ T7501] ? rcu_is_watching+0x15/0xb0 [ 178.745444][ T7501] ? netdev_name_node_lookup+0xdf/0x120 [ 178.745476][ T7501] dev_ifsioc+0xb54/0xf00 [ 178.745509][ T7501] dev_ioctl+0x84c/0x1150 [ 178.745533][ T7501] sock_ioctl+0x719/0x790 [ 178.745563][ T7501] ? __pfx_sock_ioctl+0x10/0x10 [ 178.745592][ T7501] ? __fget_files+0x3a0/0x420 [ 178.745611][ T7501] ? __fget_files+0x2a/0x420 [ 178.745637][ T7501] ? bpf_lsm_file_ioctl+0x9/0x20 [ 178.745665][ T7501] ? __pfx_sock_ioctl+0x10/0x10 [ 178.745690][ T7501] __se_sys_ioctl+0xf9/0x170 [ 178.745721][ T7501] do_syscall_64+0xfa/0x3b0 [ 178.745750][ T7501] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.745766][ T7501] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 178.745783][ T7501] ? clear_bhb_loop+0x60/0xb0 [ 178.745807][ T7501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.745824][ T7501] RIP: 0033:0x7f34df18e929 [ 178.745845][ T7501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.745858][ T7501] RSP: 002b:00007f34e0014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.745880][ T7501] RAX: ffffffffffffffda RBX: 00007f34df3b6080 RCX: 00007f34df18e929 [ 178.745898][ T7501] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000006 [ 178.745908][ T7501] RBP: 00007f34e0014090 R08: 0000000000000000 R09: 0000000000000000 [ 178.745919][ T7501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 178.745928][ T7501] R13: 0000000000000000 R14: 00007f34df3b6080 R15: 00007ffef0c82898 [ 178.745967][ T7501] [ 179.236640][ T7509] netlink: 188 bytes leftover after parsing attributes in process `syz.1.498'. [ 179.700221][ T7525] netlink: 'syz.3.505': attribute type 21 has an invalid length. [ 180.033475][ T7534] netlink: 'syz.0.509': attribute type 10 has an invalid length. [ 180.066442][ T7534] veth0_vlan: left promiscuous mode [ 180.145879][ T7534] veth0_vlan: entered promiscuous mode [ 180.190208][ T7534] team0: Device veth0_vlan failed to register rx_handler [ 181.074379][ T7544] netlink: 132 bytes leftover after parsing attributes in process `syz.3.511'. [ 181.431684][ T7565] netlink: 20 bytes leftover after parsing attributes in process `syz.0.520'. [ 181.503707][ T7561] netlink: 2 bytes leftover after parsing attributes in process `syz.1.519'. [ 182.105264][ T7587] FAULT_INJECTION: forcing a failure. [ 182.105264][ T7587] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.121333][ T7587] CPU: 1 UID: 0 PID: 7587 Comm: syz.1.526 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 182.121354][ T7587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.121363][ T7587] Call Trace: [ 182.121369][ T7587] [ 182.121375][ T7587] dump_stack_lvl+0x189/0x250 [ 182.121403][ T7587] ? irqentry_exit+0x74/0x90 [ 182.121428][ T7587] ? __pfx_dump_stack_lvl+0x10/0x10 [ 182.121477][ T7587] should_fail_ex+0x414/0x560 [ 182.121508][ T7587] _copy_from_iter+0x1db/0x16f0 [ 182.121553][ T7587] ? __pfx__copy_from_iter+0x10/0x10 [ 182.121583][ T7587] ? alloc_pages_noprof+0xbe/0x190 [ 182.121608][ T7587] ? skb_page_frag_refill+0x199/0x320 [ 182.121635][ T7587] kcm_sendmsg+0xeb2/0x2a70 [ 182.121704][ T7587] ? __pfx_kcm_sendmsg+0x10/0x10 [ 182.121723][ T7587] ? aa_sock_msg_perm+0x94/0x160 [ 182.121747][ T7587] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 182.121766][ T7587] ? __pfx_kcm_sendmsg+0x10/0x10 [ 182.121786][ T7587] __sock_sendmsg+0x219/0x270 [ 182.121811][ T7587] ____sys_sendmsg+0x505/0x830 [ 182.121834][ T7587] ? __pfx_____sys_sendmsg+0x10/0x10 [ 182.121859][ T7587] ? import_iovec+0x74/0xa0 [ 182.121875][ T7587] ___sys_sendmsg+0x21f/0x2a0 [ 182.121895][ T7587] ? __pfx____sys_sendmsg+0x10/0x10 [ 182.121943][ T7587] ? __fget_files+0x2a/0x420 [ 182.121959][ T7587] ? __fget_files+0x3a0/0x420 [ 182.121984][ T7587] __x64_sys_sendmsg+0x19b/0x260 [ 182.122009][ T7587] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 182.122045][ T7587] ? __pfx_ksys_write+0x10/0x10 [ 182.122071][ T7587] ? do_syscall_64+0xbe/0x3b0 [ 182.122106][ T7587] do_syscall_64+0xfa/0x3b0 [ 182.122137][ T7587] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.122156][ T7587] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 182.122177][ T7587] ? clear_bhb_loop+0x60/0xb0 [ 182.122202][ T7587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.122222][ T7587] RIP: 0033:0x7fc616f8e929 [ 182.122240][ T7587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.122256][ T7587] RSP: 002b:00007fc617df2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 182.122277][ T7587] RAX: ffffffffffffffda RBX: 00007fc6171b5fa0 RCX: 00007fc616f8e929 [ 182.122292][ T7587] RDX: 0000000000048000 RSI: 0000200000000140 RDI: 0000000000000005 [ 182.122305][ T7587] RBP: 00007fc617df2090 R08: 0000000000000000 R09: 0000000000000000 [ 182.122317][ T7587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 182.122329][ T7587] R13: 0000000000000000 R14: 00007fc6171b5fa0 R15: 00007fff7645d118 [ 182.122363][ T7587] [ 182.455472][ T7589] netlink: 26 bytes leftover after parsing attributes in process `syz.0.527'. [ 182.555291][ T7591] netlink: 'syz.3.529': attribute type 10 has an invalid length. [ 182.606096][ T7591] bridge0: left allmulticast mode [ 182.647273][ T7591] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.654815][ T7591] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.663807][ T7591] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.671147][ T7591] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.706763][ T7596] netlink: 'syz.0.530': attribute type 10 has an invalid length. [ 182.855579][ T7605] FAULT_INJECTION: forcing a failure. [ 182.855579][ T7605] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.896726][ T7605] CPU: 1 UID: 0 PID: 7605 Comm: syz.1.531 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 182.896757][ T7605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.896770][ T7605] Call Trace: [ 182.896780][ T7605] [ 182.896791][ T7605] dump_stack_lvl+0x189/0x250 [ 182.896834][ T7605] ? __pfx____ratelimit+0x10/0x10 [ 182.896869][ T7605] ? __pfx_dump_stack_lvl+0x10/0x10 [ 182.896906][ T7605] ? __pfx__printk+0x10/0x10 [ 182.896935][ T7605] ? __might_fault+0xb0/0x130 [ 182.896968][ T7605] ? __might_fault+0xb0/0x130 [ 182.897010][ T7605] should_fail_ex+0x414/0x560 [ 182.897057][ T7605] _copy_from_user+0x2d/0xb0 [ 182.897083][ T7605] __sys_bpf+0x1ed/0x860 [ 182.897124][ T7605] ? __pfx___sys_bpf+0x10/0x10 [ 182.897206][ T7605] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 182.897243][ T7605] ? __pfx_ksys_write+0x10/0x10 [ 182.897260][ T7605] ? rcu_is_watching+0x15/0xb0 [ 182.897319][ T7605] __x64_sys_bpf+0x7c/0x90 [ 182.897351][ T7605] do_syscall_64+0xfa/0x3b0 [ 182.897382][ T7605] ? lockdep_hardirqs_on+0x9c/0x150 [ 182.897412][ T7605] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.897433][ T7605] ? clear_bhb_loop+0x60/0xb0 [ 182.897469][ T7605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.897489][ T7605] RIP: 0033:0x7fc616f8e929 [ 182.897511][ T7605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.897528][ T7605] RSP: 002b:00007fc617df2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 182.897551][ T7605] RAX: ffffffffffffffda RBX: 00007fc6171b5fa0 RCX: 00007fc616f8e929 [ 182.897566][ T7605] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005 [ 182.897579][ T7605] RBP: 00007fc617df2090 R08: 0000000000000000 R09: 0000000000000000 [ 182.897591][ T7605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.897609][ T7605] R13: 0000000000000000 R14: 00007fc6171b5fa0 R15: 00007fff7645d118 [ 182.897677][ T7605] [ 183.128316][ T7591] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 183.172135][ T7596] veth0_vlan: left promiscuous mode [ 183.190451][ T7596] veth0_vlan: entered promiscuous mode [ 183.227097][ T7596] team0: Device veth0_vlan failed to register rx_handler [ 183.509633][ T7626] netlink: 2 bytes leftover after parsing attributes in process `syz.1.534'. [ 184.151130][ T7650] netlink: 26 bytes leftover after parsing attributes in process `syz.4.540'. [ 184.459218][ T7660] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f [ 184.511050][ T7665] netlink: 2 bytes leftover after parsing attributes in process `syz.2.547'. [ 184.525666][ T7663] netlink: 'syz.1.546': attribute type 10 has an invalid length. [ 184.541898][ T7665] batadv_slave_1: entered promiscuous mode [ 184.559694][ T7663] veth0_vlan: left promiscuous mode [ 184.596931][ T7663] veth0_vlan: entered promiscuous mode [ 184.715178][ T7668] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.548'. [ 184.749678][ T7663] team0: Device veth0_vlan failed to register rx_handler [ 185.099901][ T7679] netlink: 26 bytes leftover after parsing attributes in process `syz.4.553'. [ 185.497357][ T7700] netlink: 'syz.3.560': attribute type 10 has an invalid length. [ 185.580924][ T7700] netlink: 'syz.3.560': attribute type 33 has an invalid length. [ 185.591515][ T7700] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.560'. [ 185.881634][ T7713] netlink: 'syz.0.564': attribute type 10 has an invalid length. [ 185.891704][ T7713] veth0_vlan: left promiscuous mode [ 185.941921][ T7713] veth0_vlan: entered promiscuous mode [ 186.005151][ T7713] team0: Device veth0_vlan failed to register rx_handler [ 186.751007][ T7741] __nla_validate_parse: 2 callbacks suppressed [ 186.751029][ T7741] netlink: 2 bytes leftover after parsing attributes in process `syz.1.574'. [ 187.004821][ T7746] netlink: 'syz.2.575': attribute type 10 has an invalid length. [ 187.028691][ T7746] @ÿ: left promiscuous mode [ 187.039630][ T7750] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.576'. [ 187.067994][ T7746] @ÿ: entered promiscuous mode [ 187.165214][ T7746] team0: Device 4@ÿ failed to register rx_handler [ 187.245017][ T7756] netlink: 26 bytes leftover after parsing attributes in process `syz.0.578'. [ 187.655866][ T7762] netlink: 3 bytes leftover after parsing attributes in process `syz.1.577'. [ 188.054491][ T7769] netlink: 'syz.3.581': attribute type 10 has an invalid length. [ 188.074367][ T7769] veth0_vlan: left promiscuous mode [ 188.101008][ T7769] veth0_vlan: entered promiscuous mode [ 188.157512][ T7769] team0: Device veth0_vlan failed to register rx_handler [ 189.771909][ T7791] netlink: 2 bytes leftover after parsing attributes in process `syz.4.587'. [ 189.986328][ T7797] netlink: 17 bytes leftover after parsing attributes in process `syz.3.590'. [ 190.023207][ T7797] netlink: zone id is out of range [ 190.028448][ T7797] netlink: zone id is out of range [ 190.082323][ T7797] netlink: zone id is out of range [ 190.094577][ T7797] netlink: zone id is out of range [ 190.099797][ T7797] netlink: zone id is out of range [ 190.145459][ T7797] netlink: zone id is out of range [ 190.165400][ T7797] netlink: zone id is out of range [ 190.191940][ T7797] netlink: zone id is out of range [ 190.253688][ T7797] netlink: zone id is out of range [ 190.262587][ T7797] netlink: zone id is out of range [ 190.507465][ T7812] netlink: 26 bytes leftover after parsing attributes in process `syz.4.593'. [ 191.206942][ T7834] netlink: 'syz.4.600': attribute type 10 has an invalid length. [ 191.699066][ T7845] netlink: 2 bytes leftover after parsing attributes in process `syz.3.603'. [ 192.230442][ T7847] netlink: 'syz.1.604': attribute type 39 has an invalid length. [ 192.470849][ T7856] netlink: 'syz.0.607': attribute type 16 has an invalid length. [ 192.489788][ T7855] netlink: 26 bytes leftover after parsing attributes in process `syz.3.606'. [ 192.503247][ T7856] netlink: 48 bytes leftover after parsing attributes in process `syz.0.607'. [ 193.070196][ T7867] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.078236][ T7867] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.095501][ T7867] bridge0: entered allmulticast mode [ 193.365722][ T7885] netlink: 2 bytes leftover after parsing attributes in process `syz.3.617'. [ 193.725313][ T7894] netlink: 'syz.4.620': attribute type 16 has an invalid length. [ 193.756794][ T7894] netlink: 48 bytes leftover after parsing attributes in process `syz.4.620'. [ 193.758016][ T7896] netlink: 26 bytes leftover after parsing attributes in process `syz.2.622'. [ 194.349904][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.356463][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.528724][ T7921] netlink: 2 bytes leftover after parsing attributes in process `syz.0.630'. [ 194.891399][ T7933] »»»»»»: renamed from hsr0 (while UP) [ 195.161892][ T7944] netlink: 26 bytes leftover after parsing attributes in process `syz.1.637'. [ 195.266234][ T7943] tap0: tun_chr_ioctl cmd 2147767506 [ 195.926676][ T7964] net_ratelimit: 73 callbacks suppressed [ 195.926696][ T7964] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f [ 196.140185][ T7969] netlink: 'syz.0.648': attribute type 10 has an invalid length. [ 196.144131][ T7974] netlink: 'syz.4.649': attribute type 10 has an invalid length. [ 196.164669][ T7974] netlink: 40 bytes leftover after parsing attributes in process `syz.4.649'. [ 196.167927][ T7969] netlink: 40 bytes leftover after parsing attributes in process `syz.0.648'. [ 196.198539][ T7977] netlink: 'syz.3.651': attribute type 4 has an invalid length. [ 196.223301][ T7977] netlink: 152 bytes leftover after parsing attributes in process `syz.3.651'. [ 196.270734][ T7977] O3ãc¤±: mtu less than device minimum [ 196.455468][ T7981] netlink: 'syz.2.653': attribute type 4 has an invalid length. [ 197.828988][ T8017] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:0603:0000:0023 with DS=0x3f [ 197.921041][ T8020] netlink: 'syz.4.670': attribute type 10 has an invalid length. [ 198.918831][ T8054] netlink: 'syz.2.684': attribute type 1 has an invalid length. [ 198.932318][ T8054] __nla_validate_parse: 1 callbacks suppressed [ 198.932339][ T8054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.684'. [ 199.055210][ T8057] netlink: 'syz.2.684': attribute type 21 has an invalid length. [ 202.797278][ T8123] netlink: 209588 bytes leftover after parsing attributes in process `syz.2.716'. [ 203.022480][ T8134] [ 203.025101][ T8134] ============================= [ 203.030032][ T8134] WARNING: suspicious RCU usage [ 203.035357][ T8134] 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 Not tainted [ 203.042124][ T8134] ----------------------------- [ 203.047278][ T8134] net/core/netclassid_cgroup.c:24 suspicious rcu_dereference_check() usage! [ 203.056318][ T8134] [ 203.056318][ T8134] other info that might help us debug this: [ 203.056318][ T8134] [ 203.066785][ T8134] [ 203.066785][ T8134] rcu_scheduler_active = 2, debug_locks = 1 [ 203.075744][ T8134] 1 lock held by syz.3.720/8134: [ 203.080750][ T8134] #0: ffffffff8e13f000 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x38/0x80 [ 203.091652][ T8134] [ 203.091652][ T8134] stack backtrace: [ 203.097734][ T8134] CPU: 1 UID: 0 PID: 8134 Comm: syz.3.720 Not tainted 6.16.0-rc4-syzkaller-gbf4807c89d8f #0 PREEMPT(full) [ 203.097761][ T8134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 203.097774][ T8134] Call Trace: [ 203.097782][ T8134] [ 203.097791][ T8134] dump_stack_lvl+0x189/0x250 [ 203.097833][ T8134] ? __pfx_dump_stack_lvl+0x10/0x10 [ 203.097867][ T8134] ? __pfx__printk+0x10/0x10 [ 203.097893][ T8134] ? print_lock_name+0xde/0x100 [ 203.097920][ T8134] lockdep_rcu_suspicious+0x140/0x1d0 [ 203.097963][ T8134] task_cls_state+0x1a5/0x1d0 [ 203.097994][ T8134] bpf_get_cgroup_classid_curr+0x18/0x60 [ 203.098028][ T8134] bpf_prog_841aec7193f618b3+0x1b/0x21 [ 203.098048][ T8134] bpf_prog_run_pin_on_cpu+0x67/0x150 [ 203.098078][ T8134] bpf_prog_test_run_syscall+0x312/0x4b0 [ 203.098106][ T8134] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 203.098129][ T8134] ? __fget_files+0x2a/0x420 [ 203.098158][ T8134] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 203.098183][ T8134] bpf_prog_test_run+0x2c4/0x340 [ 203.098217][ T8134] __sys_bpf+0x4a4/0x860 [ 203.098246][ T8134] ? __pfx___sys_bpf+0x10/0x10 [ 203.098290][ T8134] ? __pfx_perf_trace_preemptirq_template+0x10/0x10 [ 203.098320][ T8134] ? rcu_is_watching+0x15/0xb0 [ 203.098359][ T8134] __x64_sys_bpf+0x7c/0x90 [ 203.098384][ T8134] do_syscall_64+0xfa/0x3b0 [ 203.098414][ T8134] ? lockdep_hardirqs_on+0x9c/0x150 [ 203.098443][ T8134] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.098463][ T8134] ? clear_bhb_loop+0x60/0xb0 [ 203.098488][ T8134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.098508][ T8134] RIP: 0033:0x7ff247b8e929 [ 203.098527][ T8134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.098544][ T8134] RSP: 002b:00007ff248a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 203.098566][ T8134] RAX: ffffffffffffffda RBX: 00007ff247db5fa0 RCX: 00007ff247b8e929 [ 203.098581][ T8134] RDX: 0000000000000039 RSI: 0000200000000500 RDI: 000000000000000a [ 203.098594][ T8134] RBP: 00007ff247c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 203.098606][ T8134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.098618][ T8134] R13: 0000000000000000 R14: 00007ff247db5fa0 R15: 00007ffd7d2a7d68 [ 203.098652][ T8134]